PC Help Forum
Niet ingelogd [inloggen - Registreer]
Ga naar beneden

» Handige Downloads

» Sponsors

» Zoeken
[ Geavanceerd Zoeken ]

» Praktische Zaken

» Nieuws en Info sites
Printbare versie  
Auteur: onderwerp: pc blue screen en startpagina wijzigt steeds
stekun
Lid





Posts: 377
Registreerde: 6-12-2004
lid Is Offline

Stemming: Geen stemming

[*] Gepost op 27-9-2013 op 20:17
pc blue screen en startpagina wijzigt steeds


Hoi

Mijn startpagina wijzigt telkens en mijn pc loopt vaak vast. een blauw scherm met driver not less equall. nou kan dit ook met mijn hardware te maken hebben maar ik heb een vermoeden dat er meer aan de hand is. vandaar mijn post
ik heb alle stappen doorlopen en zal de 3 logjes plaatsen
ik hoop dat jullie me kunnen helpen

# AdwCleaner v3.005 - Report created 27/09/2013 at 18:57:46
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)


# Option : Clean

***** [ Services ] *****

Service Deleted : WsysSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Users\Stekun\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_whatsapp_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_whatsapp_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\eSafeSecControl

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ File : C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Stekun\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6151 octets] - [27/09/2013 18:57:04]
AdwCleaner[S0].txt - [4356 octets] - [27/09/2013 18:57:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4416 octets] ##########


Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Databaseversie: v2013.09.27.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686


27-Sep-13 19:02:47
mbam-log-2013-09-27 (19-02-47).txt

Scan type: Volledige scan (C:\|D:\|E:\|G:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 422731
Verstreken tijd: 57 minuut/minuten, 55 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 2
C:\AdwCleaner\Quarantine\C\ProgramData\eSafe\eGdpSvc.exe.vir (PUP.Optional.DProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\Vuze\.install4j\user\mism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)


Logfile of random's system information tool 1.09 (written by random/random)
Run by Stekun at 2013-09-27 20:11:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (18%) free of 187 GB
Total RAM: 4087 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:33, on 27-Sep-13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Stekun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} (SlimClient Class) - https://enter.ing.net/SNX/CSHELL/extender.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash....
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.c...
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEn...
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

--
End of file - 12725 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
taskeng.exe {B16C2CFE-645C-427B-AC44-B7FCCEC35F23}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe"
"C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe" -SCMStartup
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
WLIDSvcM.exe 2344
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
"C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe" -SCMStartup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\WINDOWS\System32\Ctxfihlp.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Internet Explorer\iexplore.exe" http://start.qone8.com/?type=sc&ts=1380281288&from=air&...
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1500 CREDAT:267521 /prefetch:2
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1500 CREDAT:2037049 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1500 CREDAT:398623 /prefetch:2
"C:\Users\Stekun\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\svchost.exe -k SDRSVC

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SpeedyPC Pro.job
C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
C:\Windows\tasks\SpeedyPC Update Version3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-21 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Doctor]
C:\Program Files (x86)\Device Doctor\DDLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore]
C:\Program Files\Logitech Gaming Software\LCore.exe [2013-04-25 7477016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-12-05 247768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View]
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2012-09-19 5236664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2012-11-26 520296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Stekun\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-12-05 24242056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]
C:\PROGRA~1\LOGITE~1\EReg\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-12 56088]
"CTxfiHlp"=CTXFIHLP.EXE []
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"=C:\Windows\SMINST\VistaLauncher.exe [2008-09-12 46416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-27 20:11:20 ----D---- C:\rsit
2013-09-27 18:57:01 ----D---- C:\AdwCleaner
2013-09-27 15:39:15 ----D---- C:\ProgramData\SpeedyPC Software
2013-09-27 15:39:15 ----D---- C:\Program Files (x86)\SpeedyPC Software
2013-09-27 14:32:04 ----A---- C:\Windows\SYSWOW64\xRaidSetup.exe
2013-09-27 14:32:04 ----A---- C:\Windows\SYSWOW64\xRaidAPI.dll
2013-09-27 14:31:52 ----D---- C:\Windows\RaidTool
2013-09-27 14:31:22 ----A---- C:\Windows\system32\drivers\jraid.sys
2013-09-27 14:02:19 ----D---- C:\Users\Stekun\AppData\Roaming\Intel Corporation
2013-09-27 13:54:02 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-09-27 13:54:02 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-09-27 13:54:02 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-09-27 13:53:59 ----D---- C:\Program Files (x86)\Realtek
2013-09-27 13:43:35 ----N---- C:\Windows\difxapi.dll
2013-09-27 13:43:35 ----D---- C:\Program Files (x86)\VIA
2013-09-27 13:37:58 ----A---- C:\Windows\system32\drivers\iaStorF.sys
2013-09-27 13:37:58 ----A---- C:\Windows\system32\drivers\iaStorA.sys
2013-09-27 13:37:54 ----D---- C:\Users\Stekun\AppData\Roaming\InstallShield
2013-09-27 13:34:12 ----D---- C:\HP_LaserJet_Enterprise_700_color_MFP_M775
2013-09-27 13:29:58 ----A---- C:\Windows\Language_trs.ini
2013-09-27 13:29:41 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2013-09-27 12:56:00 ----D---- C:\ProgramData\Uniblue
2013-09-27 10:09:41 ----D---- C:\Program Files\Speccy
2013-09-23 19:48:46 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-09-23 19:48:42 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-09-19 14:24:54 ----A---- C:\Windows\system32\MMCEDT6.exe
2013-09-19 14:24:54 ----A---- C:\Windows\system32\drivers\VirtualizerDDK.sys
2013-09-19 14:24:54 ----A---- C:\Windows\system32\drivers\ArcCtrl.sys
2013-09-19 14:23:56 ----D---- C:\Program Files (x86)\ArcSoft
2013-09-16 13:10:30 ----D---- C:\Program Files\Creative
2013-09-16 13:09:19 ----A---- C:\Windows\SYSWOW64\INRESDUT.DLL
2013-09-16 13:09:19 ----A---- C:\Windows\SYSWOW64\CTXFIDUT.DLL
2013-09-16 13:09:19 ----A---- C:\Windows\system32\CTXFIDUT.DLL
2013-09-16 13:09:18 ----A---- C:\Windows\system32\INRESDUT.DLL
2013-09-16 11:30:51 ----D---- C:\Users\Stekun\AppData\Roaming\Creative
2013-09-11 10:08:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-11 10:08:02 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 10:08:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-11 10:08:01 ----A---- C:\Windows\system32\iesetup.dll
2013-09-11 10:08:01 ----A---- C:\Windows\system32\iernonce.dll
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-11 10:08:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:08:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-11 10:08:00 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-11 10:07:59 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 10:07:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-11 10:07:58 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 10:07:58 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 10:07:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-11 10:07:57 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 10:07:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-11 10:07:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-11 10:07:56 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 10:07:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-11 10:07:55 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 10:07:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-11 10:07:54 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 10:07:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-11 10:07:52 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 10:07:51 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 10:07:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-11 09:30:34 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 09:30:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-11 09:30:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-11 09:30:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-11 09:30:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-11 09:30:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\wow64.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\smss.exe
2013-09-11 09:30:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-11 09:30:31 ----A---- C:\Windows\system32\ntdll.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:30:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-11 09:30:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\wow64win.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-11 09:30:29 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-11 09:30:25 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 09:30:24 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 09:30:23 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-11 09:30:22 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-11 09:30:22 ----A---- C:\Windows\system32\shdocvw.dll
2013-08-30 18:27:27 ----D---- C:\ProgramData\Western Digital
2013-08-30 18:27:27 ----D---- C:\Program Files\Western Digital
2013-08-30 18:27:27 ----D---- C:\Program Files (x86)\Western Digital

======List of files/folders modified in the last 1 month======

2013-09-27 20:11:23 ----D---- C:\Windows\Temp
2013-09-27 20:11:22 ----D---- C:\Program Files\trend micro
2013-09-27 20:06:41 ----D---- C:\Windows\system32\config
2013-09-27 18:57:49 ----HD---- C:\ProgramData
2013-09-27 17:58:42 ----D---- C:\Windows\system32\Tasks
2013-09-27 15:40:49 ----AD---- C:\ProgramData\TEMP
2013-09-27 15:40:39 ----D---- C:\Program Files (x86)\SpywareBlaster
2013-09-27 15:39:25 ----D---- C:\Windows\Tasks
2013-09-27 15:39:19 ----D---- C:\Program Files (x86)\Common Files
2013-09-27 15:39:15 ----RD---- C:\Program Files (x86)
2013-09-27 15:31:25 ----D---- C:\Windows\Minidump
2013-09-27 15:31:22 ----D---- C:\WINDOWS
2013-09-27 14:41:36 ----SHD---- C:\Windows\Installer
2013-09-27 14:41:36 ----SHD---- C:\Config.Msi
2013-09-27 14:41:03 ----SHD---- C:\System Volume Information
2013-09-27 14:40:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-27 14:32:05 ----D---- C:\Windows\SysWOW64
2013-09-27 14:31:59 ----D---- C:\Windows\system32\drivers
2013-09-27 14:31:59 ----D---- C:\Windows\inf
2013-09-27 14:31:58 ----D---- C:\Windows\system32\catroot
2013-09-27 14:31:57 ----D---- C:\Windows\system32\DriverStore
2013-09-27 14:03:15 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-09-27 13:56:02 ----D---- C:\Windows\System32
2013-09-27 13:54:28 ----D---- C:\Windows\system32\catroot2
2013-09-27 13:49:13 ----HD---- C:\Program Files (x86)\Creative Installation Information
2013-09-27 13:48:53 ----D---- C:\Program Files (x86)\Creative
2013-09-27 13:47:40 ----A---- C:\Windows\system32\wrap_oal.dll
2013-09-27 13:47:39 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2013-09-27 13:47:39 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-09-27 13:47:39 ----A---- C:\Windows\system32\OpenAL32.dll
2013-09-27 13:47:24 ----D---- C:\Windows\system32\Data
2013-09-27 13:39:04 ----RSD---- C:\Windows\assembly
2013-09-27 13:38:10 ----D---- C:\Program Files (x86)\Intel
2013-09-27 13:28:16 ----D---- C:\Windows\Prefetch
2013-09-27 12:28:36 ----D---- C:\Users\Stekun\AppData\Roaming\Azureus
2013-09-27 10:09:41 ----RD---- C:\Program Files
2013-09-27 05:47:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-27 05:40:06 ----D---- C:\Program Files\Internet Explorer
2013-09-27 05:36:34 ----D---- C:\Windows\tmp
2013-09-27 05:36:34 ----D---- C:\Windows\pss
2013-09-27 05:36:34 ----D---- C:\Windows\Downloaded Program Files
2013-09-27 05:35:35 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-09-27 05:35:34 ----D---- C:\Windows\winsxs
2013-09-27 05:35:34 ----D---- C:\Windows\system32\nl-NL
2013-09-27 05:35:34 ----D---- C:\Windows\ShellNew
2013-09-27 05:35:34 ----D---- C:\Windows\AppPatch
2013-09-27 05:35:34 ----D---- C:\Program Files\Windows Journal
2013-09-27 05:35:34 ----D---- C:\Program Files\Windows Defender
2013-09-27 05:35:34 ----D---- C:\Program Files (x86)\Windows Defender
2013-09-27 05:35:16 ----D---- C:\Windows\SYSWOW64\Macromed
2013-09-27 05:35:16 ----D---- C:\Windows\SYSWOW64\Data
2013-09-27 05:35:16 ----D---- C:\Windows\system32\wfp
2013-09-27 05:35:16 ----D---- C:\Windows\system32\wbem
2013-09-27 05:35:15 ----D---- C:\Windows\system32\NDF
2013-09-27 05:35:15 ----D---- C:\Windows\system32\Macromed
2013-09-27 05:35:15 ----D---- C:\Windows\system32\drivers\UMDF
2013-09-27 05:35:14 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-27 05:35:13 ----D---- C:\Windows\servicing
2013-09-27 05:35:13 ----D---- C:\Windows\rescache
2013-09-27 05:34:50 ----D---- C:\Windows\AppCompat
2013-09-27 05:34:41 ----D---- C:\Users\Stekun\AppData\Roaming\vlc
2013-09-27 05:34:40 ----D---- C:\Users\Stekun\AppData\Roaming\Juniper Networks
2013-09-27 05:34:40 ----D---- C:\Users\Stekun\AppData\Roaming\DAEMON Tools Lite
2013-09-27 05:34:27 ----D---- C:\ProgramData\Microsoft Help
2013-09-27 05:34:26 ----D---- C:\ProgramData\Licenses
2013-09-27 05:34:26 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-09-27 05:34:26 ----D---- C:\ProgramData\ArcSoft
2013-09-27 05:34:26 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 05:34:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-09-27 05:34:24 ----D---- C:\Program Files\Logitech Gaming Software
2013-09-27 05:34:24 ----D---- C:\Program Files\iTunes
2013-09-27 05:34:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-27 05:34:19 ----D---- C:\Program Files (x86)\Vuze
2013-09-27 05:34:19 ----D---- C:\Program Files (x86)\OpenAL
2013-09-27 05:34:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-09-27 05:34:18 ----D---- C:\Program Files (x86)\Kobo
2013-09-27 05:34:17 ----D---- C:\Program Files (x86)\iTunes
2013-09-27 05:33:28 ----D---- C:\Windows\registration
2013-09-27 05:29:54 ----D---- C:\Windows\Microsoft.NET
2013-09-27 05:26:30 ----D---- C:\Users\Stekun\AppData\Roaming\Skype
2013-09-27 05:26:24 ----D---- C:\Users\Stekun\AppData\Roaming\ArcSoft
2013-09-27 05:24:34 ----D---- C:\ProgramData\LogiShrd
2013-09-27 05:24:32 ----D---- C:\ProgramData\Creative
2013-09-27 05:24:19 ----D---- C:\Program Files\VMware
2013-09-27 05:24:07 ----D---- C:\Program Files\Logitech
2013-09-27 05:24:01 ----D---- C:\Program Files\iPod
2013-09-27 05:23:59 ----D---- C:\Program Files\Common Files\Logishrd
2013-09-27 05:23:59 ----D---- C:\Program Files\Common Files
2013-09-27 05:23:05 ----D---- C:\Program Files (x86)\Ubisoft
2013-09-27 05:22:47 ----D---- C:\Program Files (x86)\Juniper Networks
2013-09-27 05:19:33 ----D---- C:\Windows\system32\LogFiles
2013-09-27 05:15:41 ----SHD---- C:\Boot
2013-09-26 11:07:43 ----D---- C:\Users\Stekun\AppData\Roaming\VMware
2013-09-21 18:04:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-19 14:24:54 ----D---- C:\Windows\SYSWOW64\drivers
2013-09-19 10:06:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-11 10:07:48 ----D---- C:\Windows\system32\MRT
2013-09-11 10:06:28 ----A---- C:\Windows\system32\MRT.exe
2013-08-30 09:47:14 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-03-12 627992]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-03-12 24344]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ArcCtrl;ArcCtrl; C:\Windows\system32\drivers\ArcCtrl.sys [2013-03-19 604192]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-14 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2009-08-26 71040]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2009-01-08 129280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-29 52376]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2011-05-20 202840]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2011-05-20 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2011-05-20 687192]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2011-05-20 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2011-05-20 94808]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2011-05-20 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2011-05-20 213080]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [2013-01-28 32768]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2011-05-20 118360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2011-05-20 1561688]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-10-10 15416]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2011-05-20 179288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-27 883928]
R3 VNA;Check Point Virtual Network Adapter; C:\Windows\system32\DRIVERS\vna.sys [2010-12-01 161256]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2012-09-19 14464]
S1 ArcSec;ArcSec; C:\Windows\system32\drivers\ArcSec.sys []
S3 akshasp;Aladdin HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2006-12-04 90240]
S3 aksusb;Aladdin USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2006-12-04 18688]
S3 cpuz136;cpuz136; \??\C:\Users\Stekun\AppData\Local\Temp\cpuz136\cpuz136_x64.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2011-05-20 202840]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2011-05-20 1417304]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2011-05-20 94808]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-03-30 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-03-30 27176]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187B.sys [2010-03-31 450048]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-29 37680]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-08-11 154296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-07-08 44064]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 cpextender;Check Point SSL Network Extender; C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe [2010-12-01 357904]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe [2013-01-28 684136]
R2 hasplms;HASP License Manager; C:\Windows\system32\hasplms.exe [2009-04-21 2869760]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-12 7168]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-10-13 935208]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-23 76888]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-05 92632]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-29 918168]
R2 vmware-view-usbd;VMware View USB; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2012-09-05 2433024]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-09-19 1157056]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-19 248248]
R2 WDRulesService;WD Rules; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-09-19 1177536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-09-16 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-09-27 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-819
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts
Alex
Super Administrator



Avatar


Posts: 25149
Registreerde: 18-9-2003
Locatie: Leeuwarden
lid Is Offline

Stemming: When nothing goes right............ GO LEFT.........

[*] Gepost op 27-9-2013 op 20:22


Download de junkware_removal_tool.png - 1kB Junkware Removal Tool by Thisisu naar je bureaublad
  • Het is aanbevolen om beveiligingssoftware tijdelijk uit te schakelen, deze kan namelijk conflicteren met JRT.exe
  • Windows XP: Start de tool doormiddel van dubbelklik.
  • Windows Vista/7/8: Rechtsklik JRT.exe en kies voor "Uitvoeren als administrator".
  • De tool zal daarna je systeem scannen.
  • De scan kan afhankelijk van je systeemspecificaties soms vrij lang duren, wacht geduldig af.
  • Als de scan voltooid is zal een logje (JRT.txt) op je bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van deze log in je volgende bericht.


Plaats ook nogmaals een vers RSIT log :yess:yess:yess








Moet een bericht om wat voor reden weer open.... stuur ff een u2u naar één van de admins
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts Deze gebruiker heeft MSN Messenger
stekun
Lid





Posts: 377
Registreerde: 6-12-2004
lid Is Offline

Stemming: Geen stemming

[*] Gepost op 27-9-2013 op 21:11


ok hier de log van junkware

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-69488228-1148530310-3245201560-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Users\Stekun\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\speedypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\speedypc software"
Successfully deleted: [Folder] "C:\Users\Stekun\AppData\Roaming\microsoft\windows\start menu\programs\speedypc software"
Successfully deleted: [Empty Folder] C:\Users\Stekun\appdata\local\{5DA6E6BB-054C-4325-90FB-D5900AC859B8}
Successfully deleted: [Empty Folder] C:\Users\Stekun\appdata\local\{972C7B32-D762-467A-84B1-1351FBB3D168}
Successfully deleted: [Empty Folder] C:\Users\Stekun\appdata\local\{BA6A7410-5C7D-4B56-AD74-8D4DB82C5412}
Successfully deleted: [Empty Folder] C:\Users\Stekun\appdata\local\{BD02D45E-363D-4C94-BDFF-E67BF67CAD2E}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27-Sep-13 at 21:08:54.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


en de rsit log

Logfile of random's system information tool 1.09 (written by random/random)

Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (17%) free of 187 GB
Total RAM: 4087 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:07, on 27-Sep-13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Stekun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} (SlimClient Class) - https://enter.ing.net/SNX/CSHELL/extender.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash....
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.c...
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEn...
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

--
End of file - 12721 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe"
"C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe" -SCMStartup
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
WLIDSvcM.exe 2344
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
"C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe" -SCMStartup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\WINDOWS\System32\Ctxfihlp.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\CTXFISPI.EXE" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" "D:\downloads\tv series\orphans black\Orphan.Black.S01E05.1080p.WEB-DL.AAC.2.0.H.264-ECI [PublicHD]\Orphan.Black.S01E05.1080p.WEB-DL.AAC.2.0.H.264-ECI.mkv"
ctfmon.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Internet Explorer\iexplore.exe" http://start.qone8.com/?type=sc&ts=1380281288&from=air&...
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3560 CREDAT:209921 /prefetch:2
"C:\Users\Stekun\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SpeedyPC Pro.job
C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
C:\Windows\tasks\SpeedyPC Update Version3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-21 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Doctor]
C:\Program Files (x86)\Device Doctor\DDLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore]
C:\Program Files\Logitech Gaming Software\LCore.exe [2013-04-25 7477016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-12-05 247768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View]
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2012-09-19 5236664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2012-11-26 520296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Stekun\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-12-05 24242056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]
C:\PROGRA~1\LOGITE~1\EReg\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-12 56088]
"CTxfiHlp"=CTXFIHLP.EXE []
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"=C:\Windows\SMINST\VistaLauncher.exe [2008-09-12 46416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-27 21:04:01 ----D---- C:\Windows\ERUNT
2013-09-27 20:11:20 ----D---- C:\rsit
2013-09-27 18:57:01 ----D---- C:\AdwCleaner
2013-09-27 14:32:04 ----A---- C:\Windows\SYSWOW64\xRaidSetup.exe
2013-09-27 14:32:04 ----A---- C:\Windows\SYSWOW64\xRaidAPI.dll
2013-09-27 14:31:52 ----D---- C:\Windows\RaidTool
2013-09-27 14:31:22 ----A---- C:\Windows\system32\drivers\jraid.sys
2013-09-27 14:02:19 ----D---- C:\Users\Stekun\AppData\Roaming\Intel Corporation
2013-09-27 13:54:02 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-09-27 13:54:02 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-09-27 13:54:02 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-09-27 13:53:59 ----D---- C:\Program Files (x86)\Realtek
2013-09-27 13:43:35 ----N---- C:\Windows\difxapi.dll
2013-09-27 13:43:35 ----D---- C:\Program Files (x86)\VIA
2013-09-27 13:37:58 ----A---- C:\Windows\system32\drivers\iaStorF.sys
2013-09-27 13:37:58 ----A---- C:\Windows\system32\drivers\iaStorA.sys
2013-09-27 13:37:54 ----D---- C:\Users\Stekun\AppData\Roaming\InstallShield
2013-09-27 13:34:12 ----D---- C:\HP_LaserJet_Enterprise_700_color_MFP_M775
2013-09-27 13:29:58 ----A---- C:\Windows\Language_trs.ini
2013-09-27 13:29:41 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2013-09-27 12:56:00 ----D---- C:\ProgramData\Uniblue
2013-09-27 10:09:41 ----D---- C:\Program Files\Speccy
2013-09-23 19:48:46 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-09-23 19:48:42 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-09-19 14:24:54 ----A---- C:\Windows\system32\MMCEDT6.exe
2013-09-19 14:24:54 ----A---- C:\Windows\system32\drivers\VirtualizerDDK.sys
2013-09-19 14:24:54 ----A---- C:\Windows\system32\drivers\ArcCtrl.sys
2013-09-19 14:23:56 ----D---- C:\Program Files (x86)\ArcSoft
2013-09-16 13:10:30 ----D---- C:\Program Files\Creative
2013-09-16 13:09:19 ----A---- C:\Windows\SYSWOW64\INRESDUT.DLL
2013-09-16 13:09:19 ----A---- C:\Windows\SYSWOW64\CTXFIDUT.DLL
2013-09-16 13:09:19 ----A---- C:\Windows\system32\CTXFIDUT.DLL
2013-09-16 13:09:18 ----A---- C:\Windows\system32\INRESDUT.DLL
2013-09-16 11:30:51 ----D---- C:\Users\Stekun\AppData\Roaming\Creative
2013-09-11 10:08:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-11 10:08:02 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 10:08:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-11 10:08:01 ----A---- C:\Windows\system32\iesetup.dll
2013-09-11 10:08:01 ----A---- C:\Windows\system32\iernonce.dll
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-11 10:08:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-11 10:08:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:08:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-11 10:08:00 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-11 10:07:59 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 10:07:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-11 10:07:58 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 10:07:58 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 10:07:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-11 10:07:57 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 10:07:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-11 10:07:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-11 10:07:56 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 10:07:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-11 10:07:55 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 10:07:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-11 10:07:54 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 10:07:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-11 10:07:52 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 10:07:51 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 10:07:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-11 09:30:34 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 09:30:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-11 09:30:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-11 09:30:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-11 09:30:31 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-11 09:30:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\wow64.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\smss.exe
2013-09-11 09:30:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-11 09:30:31 ----A---- C:\Windows\system32\ntdll.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 09:30:31 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:30:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:30:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-11 09:30:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\wow64win.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-11 09:30:30 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:30:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-11 09:30:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-11 09:30:29 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-11 09:30:25 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 09:30:24 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 09:30:23 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-11 09:30:22 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-11 09:30:22 ----A---- C:\Windows\system32\shdocvw.dll
2013-08-30 18:27:27 ----D---- C:\ProgramData\Western Digital
2013-08-30 18:27:27 ----D---- C:\Program Files\Western Digital
2013-08-30 18:27:27 ----D---- C:\Program Files (x86)\Western Digital

======List of files/folders modified in the last 1 month======

2013-09-27 21:10:59 ----D---- C:\Windows\Temp
2013-09-27 21:10:59 ----D---- C:\Program Files\trend micro
2013-09-27 21:05:50 ----RD---- C:\Program Files (x86)
2013-09-27 21:05:50 ----D---- C:\Program Files (x86)\Common Files
2013-09-27 21:05:45 ----HD---- C:\ProgramData
2013-09-27 21:04:01 ----D---- C:\WINDOWS
2013-09-27 20:19:50 ----D---- C:\Windows\system32\config
2013-09-27 17:58:42 ----D---- C:\Windows\system32\Tasks
2013-09-27 15:40:49 ----AD---- C:\ProgramData\TEMP
2013-09-27 15:40:39 ----D---- C:\Program Files (x86)\SpywareBlaster
2013-09-27 15:39:25 ----D---- C:\Windows\Tasks
2013-09-27 15:31:25 ----D---- C:\Windows\Minidump
2013-09-27 14:41:36 ----SHD---- C:\Windows\Installer
2013-09-27 14:41:36 ----SHD---- C:\Config.Msi
2013-09-27 14:41:03 ----SHD---- C:\System Volume Information
2013-09-27 14:40:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-27 14:32:05 ----D---- C:\Windows\SysWOW64
2013-09-27 14:31:59 ----D---- C:\Windows\system32\drivers
2013-09-27 14:31:59 ----D---- C:\Windows\inf
2013-09-27 14:31:58 ----D---- C:\Windows\system32\catroot
2013-09-27 14:31:57 ----D---- C:\Windows\system32\DriverStore
2013-09-27 14:03:15 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-09-27 13:56:02 ----D---- C:\Windows\System32
2013-09-27 13:54:28 ----D---- C:\Windows\system32\catroot2
2013-09-27 13:49:13 ----HD---- C:\Program Files (x86)\Creative Installation Information
2013-09-27 13:48:53 ----D---- C:\Program Files (x86)\Creative
2013-09-27 13:47:40 ----A---- C:\Windows\system32\wrap_oal.dll
2013-09-27 13:47:39 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2013-09-27 13:47:39 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2013-09-27 13:47:39 ----A---- C:\Windows\system32\OpenAL32.dll
2013-09-27 13:47:24 ----D---- C:\Windows\system32\Data
2013-09-27 13:39:04 ----RSD---- C:\Windows\assembly
2013-09-27 13:38:10 ----D---- C:\Program Files (x86)\Intel
2013-09-27 13:28:16 ----D---- C:\Windows\Prefetch
2013-09-27 12:28:36 ----D---- C:\Users\Stekun\AppData\Roaming\Azureus
2013-09-27 10:09:41 ----RD---- C:\Program Files
2013-09-27 05:47:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-27 05:40:06 ----D---- C:\Program Files\Internet Explorer
2013-09-27 05:36:34 ----D---- C:\Windows\tmp
2013-09-27 05:36:34 ----D---- C:\Windows\pss
2013-09-27 05:36:34 ----D---- C:\Windows\Downloaded Program Files
2013-09-27 05:35:35 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-09-27 05:35:34 ----D---- C:\Windows\winsxs
2013-09-27 05:35:34 ----D---- C:\Windows\system32\nl-NL
2013-09-27 05:35:34 ----D---- C:\Windows\ShellNew
2013-09-27 05:35:34 ----D---- C:\Windows\AppPatch
2013-09-27 05:35:34 ----D---- C:\Program Files\Windows Journal
2013-09-27 05:35:34 ----D---- C:\Program Files\Windows Defender
2013-09-27 05:35:34 ----D---- C:\Program Files (x86)\Windows Defender
2013-09-27 05:35:16 ----D---- C:\Windows\SYSWOW64\Macromed
2013-09-27 05:35:16 ----D---- C:\Windows\SYSWOW64\Data
2013-09-27 05:35:16 ----D---- C:\Windows\system32\wfp
2013-09-27 05:35:16 ----D---- C:\Windows\system32\wbem
2013-09-27 05:35:15 ----D---- C:\Windows\system32\NDF
2013-09-27 05:35:15 ----D---- C:\Windows\system32\Macromed
2013-09-27 05:35:15 ----D---- C:\Windows\system32\drivers\UMDF
2013-09-27 05:35:14 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-27 05:35:13 ----D---- C:\Windows\servicing
2013-09-27 05:35:13 ----D---- C:\Windows\rescache
2013-09-27 05:34:50 ----D---- C:\Windows\AppCompat
2013-09-27 05:34:41 ----D---- C:\Users\Stekun\AppData\Roaming\vlc
2013-09-27 05:34:40 ----D---- C:\Users\Stekun\AppData\Roaming\Juniper Networks
2013-09-27 05:34:40 ----D---- C:\Users\Stekun\AppData\Roaming\DAEMON Tools Lite
2013-09-27 05:34:27 ----D---- C:\ProgramData\Microsoft Help
2013-09-27 05:34:26 ----D---- C:\ProgramData\Licenses
2013-09-27 05:34:26 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-09-27 05:34:26 ----D---- C:\ProgramData\ArcSoft
2013-09-27 05:34:26 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 05:34:26 ----D---- C:\Program Files\Microsoft Silverlight
2013-09-27 05:34:24 ----D---- C:\Program Files\Logitech Gaming Software
2013-09-27 05:34:24 ----D---- C:\Program Files\iTunes
2013-09-27 05:34:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-27 05:34:19 ----D---- C:\Program Files (x86)\Vuze
2013-09-27 05:34:19 ----D---- C:\Program Files (x86)\OpenAL
2013-09-27 05:34:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-09-27 05:34:18 ----D---- C:\Program Files (x86)\Kobo
2013-09-27 05:34:17 ----D---- C:\Program Files (x86)\iTunes
2013-09-27 05:33:28 ----D---- C:\Windows\registration
2013-09-27 05:29:54 ----D---- C:\Windows\Microsoft.NET
2013-09-27 05:26:30 ----D---- C:\Users\Stekun\AppData\Roaming\Skype
2013-09-27 05:26:24 ----D---- C:\Users\Stekun\AppData\Roaming\ArcSoft
2013-09-27 05:24:34 ----D---- C:\ProgramData\LogiShrd
2013-09-27 05:24:32 ----D---- C:\ProgramData\Creative
2013-09-27 05:24:19 ----D---- C:\Program Files\VMware
2013-09-27 05:24:07 ----D---- C:\Program Files\Logitech
2013-09-27 05:24:01 ----D---- C:\Program Files\iPod
2013-09-27 05:23:59 ----D---- C:\Program Files\Common Files\Logishrd
2013-09-27 05:23:59 ----D---- C:\Program Files\Common Files
2013-09-27 05:23:05 ----D---- C:\Program Files (x86)\Ubisoft
2013-09-27 05:22:47 ----D---- C:\Program Files (x86)\Juniper Networks
2013-09-27 05:19:33 ----D---- C:\Windows\system32\LogFiles
2013-09-27 05:15:41 ----SHD---- C:\Boot
2013-09-26 11:07:43 ----D---- C:\Users\Stekun\AppData\Roaming\VMware
2013-09-21 18:04:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-19 14:24:54 ----D---- C:\Windows\SYSWOW64\drivers
2013-09-19 10:06:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-11 10:07:48 ----D---- C:\Windows\system32\MRT
2013-09-11 10:06:28 ----A---- C:\Windows\system32\MRT.exe
2013-08-30 09:47:14 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 438808]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-03-12 627992]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-03-12 24344]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ArcCtrl;ArcCtrl; C:\Windows\system32\drivers\ArcCtrl.sys [2013-03-19 604192]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-14 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2009-08-26 71040]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2009-01-08 129280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-08-29 52376]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2011-05-20 202840]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2011-05-20 580696]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2011-05-20 687192]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2011-05-20 1417304]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2011-05-20 94808]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2011-05-20 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2011-05-20 213080]
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [2013-01-28 32768]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2011-05-20 118360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2011-05-20 1561688]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-10-10 15416]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2011-05-20 179288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-27 883928]
R3 VNA;Check Point Virtual Network Adapter; C:\Windows\system32\DRIVERS\vna.sys [2010-12-01 161256]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2012-09-19 14464]
S1 ArcSec;ArcSec; C:\Windows\system32\drivers\ArcSec.sys []
S3 akshasp;Aladdin HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2006-12-04 90240]
S3 aksusb;Aladdin USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2006-12-04 18688]
S3 cpuz136;cpuz136; \??\C:\Users\Stekun\AppData\Local\Temp\cpuz136\cpuz136_x64.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2011-05-20 202840]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2011-05-20 1417304]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2011-05-20 94808]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-03-30 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-03-30 27176]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187B.sys [2010-03-31 450048]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-08-29 37680]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-08-11 154296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-07-08 44064]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 cpextender;Check Point SSL Network Extender; C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe [2010-12-01 357904]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe [2013-01-28 684136]
R2 hasplms;HASP License Manager; C:\Windows\system32\hasplms.exe [2009-04-21 2869760]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-12 7168]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-10-13 935208]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-23 76888]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-05 92632]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-08-29 918168]
R2 vmware-view-usbd;VMware View USB; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2012-09-05 2433024]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-09-19 1157056]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-19 248248]
R2 WDRulesService;WD Rules; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-09-19 1177536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-09-16 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-09-27 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

bij opstarten van internet had ik net wel weer een andere startpagina
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts
Alex
Super Administrator



Avatar


Posts: 25149
Registreerde: 18-9-2003
Locatie: Leeuwarden
lid Is Offline

Stemming: When nothing goes right............ GO LEFT.........

[*] Gepost op 27-9-2013 op 21:23


    Download 51a612a8b27e2-Zoek.png - 691B Zoek.zip naar het bureaublad.


    1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.



  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

    Code:


    standardsearch;



  • Klik op de knop "Options" en vink nu de onderstaande opties aan.


    • Recently Created
    • Firefox Look
    • Chrome Look
    • Firefox Defaults
    • Reset Chrome
    • Reset IE proxy
    • IE Defaults
    • Reset Hosts
    • Auto Clean


  • Klik daarna op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.











Moet een bericht om wat voor reden weer open.... stuur ff een u2u naar één van de admins
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts Deze gebruiker heeft MSN Messenger
stekun
Lid





Posts: 377
Registreerde: 6-12-2004
lid Is Offline

Stemming: Geen stemming

[*] Gepost op 27-9-2013 op 22:11


hoi Alex

ok hier is de log van zoek.zip. de startpagina was weer zoals hij was. Was dit het of moet ik nog wat dingen doen?


Zoek.exe Version 4.0.0.4 Updated 27-September-2013
Tool run by Stekun on 27-Sep-13 at 21:50:42.37.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Stekun\AppData\Local\Temp\Rar$EXa0.204\zoek.exe [Script inserted] [Checkboxes used]

==== System Restore Info ======================

27-Sep-13 21:53:01 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Users\Stekun\AppData\Local\Temp\Rar$EXa0.204\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js:

Added to C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

"C:\Users\Stekun\AppData\Roaming\Textures" deleted
"C:\Users\Stekun\AppData\Roaming\Themes" deleted
"C:\Users\Stekun\AppData\Roaming\Track Settings" deleted
"C:\Users\Stekun\AppData\Roaming\Utilities" deleted
"C:\ProgramData\Analog Pad" deleted
"C:\ProgramData\Transportation" deleted
"C:\ProgramData\Treble Reduction" deleted
"C:\ProgramData\Widgets" deleted
"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted
"C:\Windows\tasks\SpeedyPC Pro.job" deleted
"C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job" deleted
"C:\Windows\tasks\SpeedyPC Update Version3.job" deleted
"C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftdownloader4@ftdownloader.com.xpi" deleted
"C:\Users\Stekun\AppData\Roaming\VMware" deleted
"C:\Windows\syswow64\appdata" deleted
"C:\Windows\SysWow64\searchplugins" deleted
"C:\Windows\SysWow64\Extensions" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4088 MB
CPU Info: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
CPU Speed: 2849.0 MHz
Sound Card: AMD HDMI Output (AMD High Defin |
SPDIF Out (Creative SB X-Fi) |
Luidsprekers (Creative SB X-Fi) |
Display Adapters: ATI Radeon HD 5800 Series | ATI Radeon HD 5800 Series | ATI Radeon HD 5800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Check Point Virtual Network Adapter For SSL Network Extender | Juniper Network Connect Virtual Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 2x (F: | G: | ) F: Optiarc DVD RW AD-7240S | G: DTSOFT BDROM
Ports: COM1 LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 182.8GB | D: 731.5GB | E: 17.2GB | H: 931.5GB
Hard Disks - Free: C: 31.8GB | D: 100.2GB | E: 9.2GB | H: 622.5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 12/07/09 | 120709 - 20091207
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer INC. P7P55D
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Internet Explorer Version: 10.0.9200.16686
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_25
Country: United States
Language: ENU

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-09-27 11:43:35 0E21133A8CD4C1220961DD9ABD3CDF91 414632 ------w- C:\Windows\difxapi.dll
2013-09-27 11:29:58 718FECF22BF4BD4FC05B79AA4BEC75D0 1769 ----a-w- C:\Windows\Language_trs.ini
====== C:\Users\Stekun\AppData\Local\Temp ====
2013-09-27 19:03:57 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-09-27 16:09:01 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\SmiProvider.dll
2013-09-27 16:09:01 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\WimProvider.dll
2013-09-27 16:09:01 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\UnattendProvider.dll
2013-09-27 16:09:01 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\wdscore.dll
2013-09-27 16:09:01 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\TransmogProvider.dll
2013-09-27 16:09:00 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\OSProvider.dll
2013-09-27 16:08:58 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\DmiProvider.dll
2013-09-27 16:08:58 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\FolderProvider.dll
2013-09-27 16:08:58 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\IntlProvider.dll
2013-09-27 16:08:58 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\DismHost.exe
2013-09-27 16:08:58 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\DismProv.dll
2013-09-27 16:08:58 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\DismCorePS.dll
2013-09-27 16:08:58 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\MsiProvider.dll
2013-09-27 16:08:57 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\DismCore.dll
2013-09-27 16:08:57 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\CbsProvider.dll
2013-09-27 16:08:57 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\CompatProvider.dll ====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-09-27 12:32:05 070C5B9D3006602A07757179D9B56F5D 315904 ----a-w- C:\Windows\SysWOW64\Difxd59.rra
2013-09-27 12:32:04 7EDCC04B291C6A16DC00F9A86400B0AA 162392 ----a-w- C:\Windows\SysWOW64\xRaidAPI.dll
2013-09-27 12:32:04 65B605E4D50E1DA3F7A1C819336CC824 1976920 ----a-w- C:\Windows\SysWOW64\xRaidSetup.exe
2013-09-23 17:48:46 1A27D44564368F780E72A532BF995E77 282512 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-23 17:48:42 3A2E85F7D90D15460C337CE80C2E3B29 76888 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-16 11:09:19 E09A45C344C7CEA5F86783A9AC274A26 3072 ----a-w- C:\Windows\SysWOW64\CTXFIDUT.DLL
2013-09-16 11:09:19 4B1E91C827293E898B5E0EEA283298D7 24576 ----a-w- C:\Windows\SysWOW64\INRESDUT.DLL
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-09-27 11:54:02 C2DFEB39F6D77BFCB7002D89B8EE1E8E 74456 ----a-w- C:\Windows\Sysnative\RtNicProp64.dll
2013-09-27 11:54:02 98C7EE3DF39A9EFC8B5D16B0BE5062D6 108760 ----a-w- C:\Windows\Sysnative\RTNUninst64.dll
2013-09-19 12:24:54 95EECDBFE62D9276B32F92672EF67054 80488 ----a-w- C:\Windows\Sysnative\MMCEDT6.exe
2013-09-16 11:09:19 E09A45C344C7CEA5F86783A9AC274A26 3072 ----a-w- C:\Windows\Sysnative\CTXFIDUT.DLL
2013-09-16 11:09:18 4B1E91C827293E898B5E0EEA283298D7 24576 ----a-w- C:\Windows\Sysnative\INRESDUT.DLL
====== C:\Windows\Sysnative\drivers =====
2013-09-27 12:31:22 73A968D4A85BB2552DDCF72CB15F06D2 123704 ----a-w- C:\Windows\Sysnative\drivers\jraid.sys
2013-09-27 11:54:02 EF91E0806C01806C3CF62AF006901127 883928 ----a-w- C:\Windows\Sysnative\drivers\Rt64win7.sys
2013-09-27 11:37:58 64E37C2957C3C36B43216088507969F7 24344 ----a-w- C:\Windows\Sysnative\drivers\iaStorF.sys
2013-09-27 11:37:58 5F301A161C49159C1D15B91B2B346CF9 627992 ----a-w- C:\Windows\Sysnative\drivers\iaStorA.sys
2013-09-27 11:29:41 19B006B181E3875FD254F7B67ACF1E7C 15416 ----a-w- C:\Windows\Sysnative\drivers\ASACPI.sys
2013-09-19 12:24:54 B3D56B1816821CC45B36F874184B643C 4096 ----a-w- C:\Windows\Sysnative\drivers\VirtualizerDDK.sys
2013-09-19 12:24:54 5DF3F73D9142772938CC76E26DC9C84E 604192 ----a-w- C:\Windows\Sysnative\drivers\ArcCtrl.sys
2013-09-11 07:30:34 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
====== C:\Windows\Tasks ======
2013-09-11 07:24:27 F8852199E2819EC3B2924B2223ABFBA3 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2013-09-11 07:24:27 D67E521AA684C20153E8B54CA822939A 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-09-27 08:09:41 -------- d-----w- C:\Program Files\Speccy
2013-09-16 11:10:30 -------- d-----w- C:\Program Files\Creative
2013-08-30 16:27:27 -------- d-----w- C:\Program Files\Western Digital
======= C:\Program Files (x86) =====
2013-09-27 12:03:16 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2013-09-27 11:53:59 -------- d-----w- C:\Program Files (x86)\Realtek
2013-09-27 11:43:35 -------- d-----w- C:\Program Files (x86)\VIA
2013-09-19 12:23:56 -------- d-----w- C:\Program Files (x86)\ArcSoft
2013-09-16 11:10:45 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2013-09-16 11:10:40 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2013-08-30 16:27:27 -------- d-----w- C:\Program Files (x86)\Western Digital
======= C: =====
====== C:\Users\Stekun\AppData\Roaming ======
2013-09-27 13:33:45 84CB1353DDD037BA5F5092C8C54A6AC4 8388608 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-S-1-5-21-69488228-11485303 10-3245201560-1000.dat
2013-09-27 12:02:19 -------- d-----w- C:\Users\Stekun\AppData\Roaming\Intel Corporation
2013-09-27 11:37:54 -------- d-----w- C:\Users\Stekun\AppData\Roaming\InstallShield
2013-09-26 13:47:26 0E86A83DE162011DE486FC980EA700AE 582100 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-System.dat
2013-09-23 17:48:39 -------- d-----w- C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-09-19 12:31:14 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\ArcSoft
2013-09-16 09:30:51 -------- d-----w- C:\Users\Stekun\AppData\Roaming\Creative
2013-09-01 07:02:45 3A4DA1A9259DAA1B391EC545D09976B2 8388608 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache-S-1-5-18.dat
====== C:\Users\Stekun ======
2013-09-27 19:03:08 C08E905F710AF6CEB20ED4BEFCA2B1CE 1030305 ----a-w- C:\Users\Stekun\Desktop\JRT.exe
2013-09-27 18:10:54 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Stekun\Desktop\RSITx64.exe
2013-09-27 16:05:00 17C8BF490CA207D06EF2A0EC84F47191 1042066 ----a-w- C:\Users\Stekun\Desktop\adwcleaner.exe
2013-09-27 11:39:05 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2013-09-27 10:56:00 -------- d-----w- C:\ProgramData\Uniblue
2013-09-27 08:09:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2013-09-19 12:24:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre 6
2013-09-16 11:10:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2013-08-30 16:28:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2013-08-30 16:27:27 -------- d-----w- C:\ProgramData\Western Digital

====== C: exe-files ==
2013-09-27 19:03:57 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-09-27 19:03:08 C08E905F710AF6CEB20ED4BEFCA2B1CE 1030305 ----a-w- C:\Users\Stekun\Desktop\JRT.exe
2013-09-27 18:10:54 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Stekun\Desktop\RSITx64.exe
2013-09-27 16:08:58 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\Stekun\AppData\Local\Temp\B17E4AA4-4F7C-4F0F-8052-1807E23C083D\DismHost.exe
2013-09-27 16:05:00 17C8BF490CA207D06EF2A0EC84F47191 1042066 ----a-w- C:\Users\Stekun\Desktop\adwcleaner.exe
2013-09-27 12:32:05 BEF1E6A9B97045EC3F2B9CF34ACB6810 121064 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe
2013-09-27 12:32:04 65B605E4D50E1DA3F7A1C819336CC824 1976920 ----a-w- C:\WINDOWS\SysWOW64\xRaidSetup.exe
2013-09-27 12:31:53 FC77F245431D4DA5A9E2A53F3A14B162 43608 ----a-w- C:\WINDOWS\RaidTool\xInsIDE.exe
2013-09-27 12:31:53 CF427131B6F53C0988C3844F6F5B9605 39512 ----a-w- C:\WINDOWS\RaidTool\IDEDrvSetup.exe
2013-09-27 12:31:53 3B1A6574B480504849FF22D92BCC4F07 10840 ----a-w- C:\WINDOWS\RaidTool\xIDE64Setup.exe
2013-09-27 12:31:52 99706B951D612BC5567C6A40E095EB90 21080 ----a-w- C:\WINDOWS\RaidTool\xLink.exe
2013-09-27 11:54:02 1DD071EF86CC8E5C020A484F852F2245 187024 ----a-w- C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE
2013-09-27 11:53:59 2ADA4E02C77DEABBE99DFA7CB4E09B23 401112 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe
2013-09-27 11:48:59 DFDD3E2A3FEA756E569EB992E942491C 45056 ------w- C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\AudELSvc\ScsInstall.exe
2013-09-27 11:48:59 C0EAD9F8AB83D41FF07303C75589C2B8 79360 ----a-w- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
2013-09-27 11:48:58 CAFB55AA463C6DF8802122838D50D2BB 116880 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe
2013-09-27 11:48:53 C49FF6BE0F26FB71F8B9D742B8C3EFDC 282624 ------w- C:\Program Files (x86)\Creative\AudioCS\CTAudCS.exe
2013-09-27 11:48:53 07BA6D17E66879018B30B6C3F976EBED 307200 ------w- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
2013-09-27 11:37:55 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{40FEF622-6E0F-46B6-824B-A40C178FD4CD}\setup.exe
2013-09-23 17:54:39 6A7880F79B804A3E289D7BD72BE5602F 2002744 ----a-w- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayService.exe
2013-09-23 17:53:12 B78EAB9A5B044CDAF37990808D083105 2100536 ----a-w- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher64.exe
2013-09-23 17:48:46 1A27D44564368F780E72A532BF995E77 282512 ----a-w- C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-09-23 17:48:42 3A2E85F7D90D15460C337CE80C2E3B29 76888 ----a-w- C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-09-23 17:38:29 3BA2238A7D46D92187FFC4DC6A99A935 812624 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe
=== C: other files ==
2013-09-27 19:03:57 FDB9CF820305FE44231763042642F7A6 12733 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\searchlnk.bat
2013-09-27 19:03:57 E0589EF14B8B620FE8754D61C1538F9D 152206 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\firefox.bat
2013-09-27 19:03:57 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\modules.bat
2013-09-27 19:03:57 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\FWPolicy.bat
2013-09-27 19:03:57 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\ask.bat
2013-09-27 19:03:57 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\ev_clear.bat
2013-09-27 19:03:57 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\delorphans.bat
2013-09-27 19:03:57 603595734D290C73FA40EDA1ACADF265 14973 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\chrome.bat
2013-09-27 19:03:57 59EE78AB2B1AE27D2309CC5DF5C0ACEB 146747 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\misc.bat
2013-09-27 19:03:57 596572356D2F45DFEB6CD4822325FED2 8679 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\runvalues.bat
2013-09-27 19:03:57 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\prelim.bat
2013-09-27 19:03:57 23D467FCD1813A6023E20CBC1E50FB20 10261 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\JRT.bat
2013-09-27 19:03:57 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\TDL4.bat
2013-09-27 19:03:57 15F3D55F152EFE40E5C1ADC7A1001D5F 16063 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\get.bat
2013-09-27 19:03:57 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\medfos.bat
2013-09-27 19:03:57 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\delfolders.bat
2013-09-27 19:03:57 05B282816F9DB49C325A5D88ECF0D9A1 29932 ----a-w- C:\Users\Stekun\AppData\Local\Temp\jrt\iexplore.bat
2013-09-27 12:40:28 FDD46DADC8BC1E05EADEC2C1CACADA3F 2712 ------w- C:\Program Files (x86)\VIA\Setup\VIAPCI.SYS
2013-09-27 12:31:22 73A968D4A85BB2552DDCF72CB15F06D2 123704 ----a-w- C:\WINDOWS\System32\drivers\jraid.sys
2013-09-27 11:54:02 EF91E0806C01806C3CF62AF006901127 883928 ----a-w- C:\WINDOWS\System32\drivers\Rt64win7.sys
2013-09-27 11:54:02 EF91E0806C01806C3CF62AF006901127 883928 ----a-w- C:\Program Files (x86)\Realtek\NICDRV_8169\WIN7\rt64win7.sys
2013-09-27 11:37:58 64E37C2957C3C36B43216088507969F7 24344 ----a-w- C:\WINDOWS\System32\drivers\iaStorF.sys
2013-09-27 11:37:58 5F301A161C49159C1D15B91B2B346CF9 627992 ----a-w- C:\WINDOWS\System32\drivers\iaStorA.sys
2013-09-27 11:34:15 D03D10F7DED688FECF50F8FBF1EA9B8A 49920 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\Win2000\HPZid412.sys
2013-09-27 11:34:15 B76FDD8EC7120474E7BC9CAD400DAC6C 187392 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\AMD64\winxp\HPZid412.sys
2013-09-27 11:34:15 B19A7590062683F02AA0593C65971726 50424 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\Win2000\HPZs2k12.sys
2013-09-27 11:34:15 AFBDCE5DED406D095E9081DE7CA8E9B8 29696 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\AMD64\winxp\HPZisc12.sys
2013-09-27 11:34:15 ABCB05CCDBF03000354B9553820E39F8 21568 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\Win2000\HPZius12.sys
2013-09-27 11:34:15 9B28887500DB96A433C9C9DED8FDC886 48640 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\AMD64\winxp\HPZipr12.sys
2013-09-27 11:34:15 89F41658929393487B6B7D13C8528CE3 16496 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\Win2000\HPZipr12.sys
2013-09-27 11:34:15 50FE01D0C502F3962843E9E70294C4D7 9712 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\Win2000\HPZisc12.sys
2013-09-27 11:34:15 0A57B5876530FEBB4EBF6AD501864F96 16800 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\WinXP\hppaufd0.sys
2013-09-27 11:34:15 0013DD74CD20EBFB8C816D9DF7413D91 50688 ----a-w- C:\HP_LaserJet_Enterprise_700_color_MFP_M775\Drivers\Dot4\AMD64\winxp\HPZius12.sys
2013-09-27 11:29:41 19B006B181E3875FD254F7B67ACF1E7C 15416 ----a-w- C:\WINDOWS\System32\drivers\ASACPI.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"CTxfiHlp"="CTXFIHLP.EXE"
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ST Recovery Launcher"="%WINDIR%\SMINST\VistaLauncher.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Device Doctor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Device Doctor"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Device Doctor\\DDLauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EvtMgr6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EvtMgr6"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\SetPointP\\SetPoint.exe /launchGaming"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesAirMessage]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesAirMessage"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesHelper"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesHelper.exe /s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPDLR"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Launch LCore]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Launch LCore"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech Gaming Software\\LCore.exe /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Download Assistant]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Logitech Download Assistant"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\System32\\LogiLDA.dll,LogiFetch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileDocuments]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MobileDocuments"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ubd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Nikon Message Center 2"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony Ericsson PC Companion]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sony Ericsson PC Companion"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Sony Ericsson\\Sony Ericsson PC Companion\\PCCompanion.exe\" /Background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WD Quick View]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WD Quick View"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Western Digital\\WD Quick View\\WDDMStatus.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TotalMedia Server.lnk"
"backup"="C:\\Windows\\pss\\TotalMedia Server.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\ArcSoft\\TOTALM~1\\TOTALM~1\\TMSERV~1.EXE "
"item"="TotalMedia Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Stekun\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Stekun\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe "
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
"path"="C:\\Users\\Stekun\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech . Product Registration.lnk"
"backup"="C:\\Windows\\pss\\Logitech . Product Registration.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\COMMON~1\\LogiShrd\\eReg\\SetPoint\\eReg.exe /remind /language=ENU /_WFM=\".\""
"item"="Logitech . Product Registration"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Stekun^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]
"path"="C:\\Users\\Stekun\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech . Productregistratie.lnk"
"backup"="C:\\Windows\\pss\\Logitech . Productregistratie.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\LOGITE~1\\EReg\\eReg.exe /remind /language=NLD /_WFM=\".\""
"item"="Logitech . Productregistratie"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-Sep-13 18:04]

==== Firefox Extensions ======================

ExtDir: C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi

==== Firefox Plugins ======================


==== Deleting Files \ Folders ======================

"C:\Users\Stekun\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bebnnlollpcjnfpkafhoclljaojgnfok - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]
edaibbiobngpbmeonadpbfafbkimjbdd - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx[21-Feb-13 03:59]

YouTube - Stekun - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Stekun - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast WebRep - Stekun - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Gmail - Stekun - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
"Search Page"="http://www.bing.com/search?q={searchTerms}"
"Search Bar"="http://www.bing.com/search?q={searchTerms}"
"Default_Page_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.bing.com/search?q={searchTerms}"
"SearchAssistant"="http://www.bing.com/search?q={searchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.google.nl/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={star tIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Stekun\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Stekun\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Stekun\Desktop\downloads - Snelkoppeling.lnk - D:\downloads
C:\Users\Stekun\Desktop\EasyCleaner.lnk - C:\Program Files (x86)\ToniArts\EasyCleaner\EasyClea.exe
C:\Users\Stekun\Desktop\farcry3 - Snelkoppeling.lnk - D:\downloads\Far.Cry.3-RELOADED\bin\farcry3.exe
C:\Users\Stekun\Desktop\TomTom HOME 2.lnk - C:\Windows\Installer\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe
C:\Users\Stekun\Desktop\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Kobo.lnk - C:\Program Files (x86)\Kobo\Kobo.exe --affiliate kobodesktop
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe
C:\Users\Public\Desktop\SpywareBlaster.lnk - C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk - C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
C:\Users\Public\Desktop\TotalMedia Theatre 6.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\uLaunchTMT6.exe -Metro
C:\Users\Public\Desktop\ViewNX 2.lnk - C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\ViewNX2.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1380281288&from=air&...
C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1380281288&from=air&...
C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre 6\TotalMedia Server.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre 6\TotalMedia Theatre 6.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\uLaunchTMT6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative Audio Control Panel.lnk - C:\Program Files (x86)\Creative\AudioCS\CTAudCS.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative Software AutoUpdate.lnk - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Productregistratie.lnk - C:\Program Files (x86)\Creative\Productregistratie\Dutch\InetReg.exe /PreProcess=RegFlash.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\ALchemy\Creative ALchemy.lnk - C:\Program Files (x86)\Creative\ALchemy\ALchemy.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative MediaSource 5\Creative MediaSource 5 Audioconversie.lnk - C:\Program Files (x86)\Creative\MediaSource5\AudCvtu.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative MediaSource 5\Creative MediaSource 5 Organizer.lnk - C:\Program Files (x86)\Creative\MediaSource5\CTCMSu.exe /Organizer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\Creative MediaSource 5\Creative MediaSource 5 Player.lnk - C:\Program Files (x86)\Creative\MediaSource5\CTCMSu.exe /Player
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Far Cry 3.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMicron Technology Corp\JMB36X Raid Configurer.lnk - C:\WINDOWS\SysWOW64\xRaidSetup.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Uninstall Speccy.lnk - C:\Program Files\Speccy\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\Uninstall WD SmartWare.lnk - C:\WINDOWS\System32\msiexec.exe /x {6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\WDSmartWare.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk - C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1380281288&from=air&...
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1380281288&from=air&...
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Stekun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} (SlimClient Class) - https://enter.ing.net/SNX/CSHELL/extender.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash....
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.c...
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEn...
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = lan,europe.intranet
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Stekun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Stekun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Stekun\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Stekun\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Stekun\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied


==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 27-Sep-13 at 22:07:39.83 ======================


en nog een log van rsit

Logfile of random's system information tool 1.09 (written by random/random)

Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (18%) free of 187 GB
Total RAM: 4087 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:26, on 27-Sep-13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\notepad.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Stekun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts
stekun
Lid





Posts: 377
Registreerde: 6-12-2004
lid Is Offline

Stemming: Geen stemming

[*] Gepost op 27-9-2013 op 22:44


Alex, nog een vraag. Ik zag dat een van de malware dingen "vuze installer" betreft. Die is nu verwijderd. Ik gebruik het programma vuze echter wel. Kan ik deze nu gewoon opstarten of kan ik beter het hele programma verwiijderen en opnieuw installeren?
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts
Alex
Super Administrator



Avatar


Posts: 25149
Registreerde: 18-9-2003
Locatie: Leeuwarden
lid Is Offline

Stemming: When nothing goes right............ GO LEFT.........

[*] Gepost op 28-9-2013 op 09:06


Probeer het zou ik zeggen.
Ik heb geen ervaring met het progje vuze :nee:nee

Download "Delfix by Xplode"
delfix.jpg - 2kB
Start de tool middels dubbelklik.
Zet nu vinkjes voor de volgende items:

  • Activate UAC
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Ben je alle gebruikte tools ook weer kwijt :b::b::b::b::b:








Moet een bericht om wat voor reden weer open.... stuur ff een u2u naar één van de admins
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts Deze gebruiker heeft MSN Messenger
stekun
Lid





Posts: 377
Registreerde: 6-12-2004
lid Is Offline

Stemming: Geen stemming

[*] Gepost op 28-9-2013 op 09:12


ok ook gedaan.
vuze staat gewoon weer aan. lijkt in orde.
zijn we er nu?

in ieder geval super bedankt weer :respect
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts
Alex
Super Administrator



Avatar


Posts: 25149
Registreerde: 18-9-2003
Locatie: Leeuwarden
lid Is Offline

Stemming: When nothing goes right............ GO LEFT.........

[*] Gepost op 28-9-2013 op 09:15


Als jij weer tevreden bent dan zijn we er :b::b::b::b::b:







Moet een bericht om wat voor reden weer open.... stuur ff een u2u naar één van de admins
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts Deze gebruiker heeft MSN Messenger
stekun
Lid





Posts: 377
Registreerde: 6-12-2004
lid Is Offline

Stemming: Geen stemming

[*] Gepost op 28-9-2013 op 09:21


ik denk het wel, maar anders meld ik me zeker weer.

Bedankt voor al jullie hulp. Ga zo door!

Ik maak al iets van 10 jaar gebruik van jullie diensten.
:respect
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts
Alex
Super Administrator



Avatar


Posts: 25149
Registreerde: 18-9-2003
Locatie: Leeuwarden
lid Is Offline

Stemming: When nothing goes right............ GO LEFT.........

[*] Gepost op 28-9-2013 op 10:07


Heel mooi :yay:yay:yay:yay
Gaat hier een :slotje:slotje op








Moet een bericht om wat voor reden weer open.... stuur ff een u2u naar één van de admins
Bekijkt gebruikers profiel Bekijk deze gebruiker zijn posts Deze gebruiker heeft MSN Messenger

  Ga naar boven


Wondernews

Powered by XMB 1.9.11
XMB Forum Software © 2001-2012 De XMB Group