Ga naar inhoud

Michiel1982

Lid
  • Items

    34
  • Registratiedatum

  • Laatst bezocht

Michiel1982's prestaties

  1. Beste kape, Ik heb daarnaast ook het probleemrapport van internet toegevoegd, misschien staat daar waardevolle informatie in. (ik zie bijv verschillende kanalen, waarop ze fungeren, klopt dat wel?) (of ligt het miss aan de ip-adressen van de extender t.o.v. de router?) Zomaar wat eigen hersenspinsels. Ik hoor graag van je. Michiel Windows Netwerkcontrole rapport.docx
  2. Beste Kape, Allereerst bedankt voor je hulp. Ik heb je stappen opgevolgd, bijgaand de logfile. Ik zie graag je reactie tegemoet. Michiel zoek-resultslogfil08-10-2015.txt
  3. Beste Kape, Bedankt voor je reactie, zie bijgaand mijn logfile. Ik hoor graag van je. logHiJkTh.txt
  4. Beste medeleden, Hopelijk kan iemand mij helpen want ik zit aardig in de penarie. Ik woon bij iemand in huis, in hun gastenverblijf. Zij hebben een wireless router, welke ik kan ontvangen met een heel slecht bereik. Nu heb ik bij mij een TP-Link wireless range extender (150mbps) bij mij neergezet. De laptop (en computer) geven aan dat deze een goed ontvangst geeft, echter krijg ik steeds de bovengenoemde foutmelding: Wifi heeft geen geldige ip-configuratie Wat kan ik hier aan doen? Ik hoor graag van jullie bedankt voor alle moeite. Michiel
  5. Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Eigenaar on zo 30-11-2014 at 14:10:32,31. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Desktop\zoek(1).exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-05-182355.log 46512 bytes C:\zoek-results2014-08-06-183634.log 20956 bytes C:\zoek-results2014-08-09-113359.log 7390 bytes C:\zoek-results2014-08-26-171145.log 7083 bytes ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Users\Eigenaar\AppData\Local\Adobe deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1134C186-516F-476C-8399-EC78ACA8607C} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1371174B-39C1-4252-9642-10FE7C63E05C} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15F83B50-710B-43D4-BD9B-C8319F829AC9} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EC25D0-1FFA-47F5-8AB7-939F6A4EABDD} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1712D6D1-6DDD-4ADA-9DBB-5246E2D7A329} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17155B67-C84B-4FEF-B5FD-61B57582090} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18f56603-5913-45f7-b783-f4b606b7e520} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ADB044E-6BD6-4F86-BF91-DCFB981EABEA} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C52B3D3-5E1E-4C7B-8DA3-62E0EE9FD770} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C845800-1E0-400A-87D0-55B8BE8CA8B} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{285B05F8-E020-4077-BE9C-4B71313EC823} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a8065da-3aed-4e4f-8346-39615c959060} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C38E22F-CC77-4FAF-8BCA-A91CC7AA5D93} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{406B360E-8F2D-4D91-A8C5-1BB0B8F6F370} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43C14020-6FB4-40A1-A975-A041366F25BA} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4486613F-13F6-4084-B8B-3E5825DD411D} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{498D61F4-85AB-4906-9E39-5E7A34EB175} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A7BAF3A-6A81-4376-848B-16CB5B4949F1} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50FCB28E-31B2-4283-A5D2-12285B95FED6} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51FE13F-BCEC-43CA-9CDF-B94431586A58} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57DF0994-C5E9-4131-9B64-FC4DEAF05BFF} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6860AFCD-2B1A-429C-B0FC-BA3B2C1F4E3} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69C6D1B3-112F-468B-8613-F69C3E19C7C} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69F3B73-E404-4BF0-A9EA-DB3FFCEAEFB} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{721B0F22-9A19-42D4-82A3-A1BC7895ABEC} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{736111A3-B79C-408A-A4D4-4A63AC0F67} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74175A14-BBD4-4E9E-8DD-914DE1C0D6C1} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CD80FB7-488D-4E0F-BB6B-E34D1947325A} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{804243EF-78ED-4E1C-961F-6DE5ADAEB96} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81F39502-1EDE-4D4C-985D-8AEF4743D0FA} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{828D5D6F-CCC-43E2-914F-9F4D5E47FED6} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86D0C7A7-4263-404D-BEFC-5C7AA31D4A74} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87D7CE7F-8584-44C7-A536-9896F662ED1} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ABECD45-66F3-4E5C-9D43-8C16A446F6A7} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8afc8502-225c-43b9-bdfc-936bb14ecc85} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B07DAE3-45DB-42DA-9CDD-61E01230A325} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F2FEE28-AD32-4B7F-951E-F24065CB3DAC} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{904ABD5F-F8F-411F-B96B-FD52C2C25F59} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9421D398-2655-4C84-A7EF-F51EE27F20C4} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9487424B-365-43D3-A0AC-2281609F8CB} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99208985-F656-4C5B-A0B2-94B7384F562E} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99B2C460-9865-4D41-9124-E892A1CB3B25} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E85E545-A561-43EB-9A3B-48555B519F2} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0A734FC-2E06-4D8D-886F-DB3F97CDE99} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1FCF292-A4F3-421F-9111-B224A6749084} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3018CE-D7C2-46E8-9762-EABFF665E5E7} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3A8A71C-A8B4-46E9-87E2-3F40F351DCE} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A47299AE-77F4-4157-BA10-3FB21211BD84} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7125FB1-2964-40E8-8844-AC699E91FCB} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC099A54-6887-4C4A-BE22-32C82070E1E3} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEAFB825-18CA-449E-BAB8-C22A87BBE9D1} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0B6918C-8032-4C0D-B918-E38FBFB156F} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1EA7F0-6E67-4DE0-9AA3-C6BC39B126A6} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B40700E4-979C-43C6-832B-C886517F9D9B} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5948234-19F2-4E69-AF44-5F19AD44BB7} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD9F4DC6-DF0A-4EEE-B2E1-F89336D7D6AB} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF8BC2BD-4F28-40B1-BAC7-438C9FE44D33} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0F5374F-E720-4A97-A9C0-4E6ED14291BD} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1C4A04F-8035-4A43-8661-353307AEE20} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C55694FE-234B-4E7E-80EE-B6B73F41CAE} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8D1BC2B-740F-4DCE-BA8F-F43BB533449} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB998D0-E173-46A9-9282-CFA336C9241} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCA86DD7-96A9-4BE9-AA9D-B9D5A6F6A1F} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE96522E-7230-4F19-A95B-698AC19117EC} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEEF2474-5BF0-44DC-BE4C-80BF47761CD0} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2B22821-1D74-4689-BC9C-E5E125423368} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D75C6C47-6817-4B1A-B06D-16C840797375} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD9E7F11-B8C6-4E00-A61D-5C5097C4ECF0} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E26D990-824A-42E0-AA1B-AE2ABD816337} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6A19309-E7B6-47F3-B4B2-2CAB2A264A54} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1F84E77-A097-4E2A-9348-3D229639582} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f3b866e0-7b22-4044-9a0e-7ace81e0a683} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F477E61C-C98E-444F-B43F-5E8FA25385CB} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB3DB1E9-2BAE-4C2F-8DFA-ABC39F2B176} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEAA21D7-1356-4ACA-9EBC-7C9D7160439A} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF850A20-FC38-499F-A938-54C213E5D7B0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611331111} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611331111} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18f56603-5913-45f7-b783-f4b606b7e520} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2a8065da-3aed-4e4f-8346-39615c959060} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8afc8502-225c-43b9-bdfc-936bb14ecc85} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f3b866e0-7b22-4044-9a0e-7ace81e0a683} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin AVG 2015 Battlefield Play4Free Browser Champion EverestPoker.com EXPERTool v8.9 Google Chrome Google Update Helper HiJackThis Intel® Graphics Media Accelerator Driver Intel® Network Connections Drivers Microsoft .NET Framework 4.5.1 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Monitor Integrated Webcam Driver (1.00.13.0608) Mozilla Firefox 33.1 (x86 nl) Mozilla Maintenance Service NVIDIA-configuratiescherm 331.82 NVIDIA 3D Vision controllerstuurprogramma 331.82 NVIDIA 3D Vision stuurprogramma 331.82 NVIDIA GeForce Experience 2.0.1 NVIDIA Grafisch stuurprogramma 331.82 NVIDIA HD Audio-stuurprogramma 1.3.26.4 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.0725 NVIDIA ShadowPlay 12.4.67 NVIDIA Stereoscopic 3D Driver NVIDIA Update 12.4.67 NVIDIA Update Core NVIDIA Virtual Audio 1.2.23 PokerStars.eu Price Met‚r (remove only) Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) SHIELD Streaming Skype Click to Call SkypeT 6.20 TornPlusTV_version1.11 TornTV Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.1.3 WindowsMangerProtect20.0.0.1277 WinZip 17.5 Zoom ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\EXPERTool\TBPanel.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\OEM03Mon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Bench\BService\1.1\bservice.exe C:\Program Files (x86)\Bench\Wd\wd.exe C:\Program Files (x86)\Bench\Proxy\pwdg.exe C:\Program Files (x86)\Bench\Proxy\proc.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\ProgramData\IePluginServices\PluginService.exe C:\Program Files (x86)\SupTab\HpUI.exe C:\Program Files (x86)\SupTab\Loader32.exe C:\Users\Eigenaar\Desktop\zoek(1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\trntv deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default user.js not found ---- Lines aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311 removed from prefs.js ---- user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.InstallationThankYouPage", false); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.InstallationTime", 1417278425); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.comaa338c5448f user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.comaa338c5448f user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.comasyncdb_dbW user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.comasyncdb_dbW user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.comasyncintern user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.comasyncintern user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.active", true); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.addressbar", "NA"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.addressbarenhanced", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.asyncdb.was_copied", "true"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.asyncinternaldb.was_copied", "true"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.backgroundver", 2); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.certdomaininstaller", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.changeprevious", false); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 G user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.InstallationTime.value", "%221417278425%22"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GM user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001823%2 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.au.value", "%222014-11-30%22"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.cnt.value", "%22NL%22"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.first_run.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.first_run.value", "%221%22"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.install.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100") user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.install.value", "%222014-11-30%22"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.testingGaq.expiration", "Fri Feb 01 2030 00:00:00 GMT+010 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.cookie.testingGaq.value", "%22http%3A//extclickmedia-maynemyltf. user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.description", "The must-have App extensions for Television fans user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.domain", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.enablesearch", false); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.homepage", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.iframe", false); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22% user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:0 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%220018 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%2 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 0 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installe user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00: user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_appVer.value", "71"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 0 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_lastVersion.value", "1"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_nextCheck.expiration", "Sun Nov 30 2014 17: user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:0 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00: user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.__defualt_browser__.value", "%22ff%22"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+ user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealpl user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledWithHash.value", "null"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_regBundledWithSoftware.expiration user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_regBundledWithSoftware.value", "% user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.lastDailyReport", "1417342079984"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.lastUpdate", "1417342079691"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.manifesturl", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.name", "TornPlusTV_version1.11"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.newtab", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.opensearch", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.pluginsurl", "http://js.newstaticclientstack.com/plugin/apps/633 user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.pluginsversion", 66); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.publisher", "Qwerty"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.searchstatus", 0); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.setnewtab", false); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.thankyou", ""); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.updateinterval", 360); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.ver", 71); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.apps", "63311"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.bic", "14a002ba19b11df487df6851e98f2933"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.cid", 63311); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.firstrun", false); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.hadappinstalled", true); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.installationdate", 1417342067); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.modetype", "production"); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.reportInstall", true); user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.statsDailyCounter", 1); ---- Lines mystart removed from prefs.js ---- user_pref("browser.search.defaultenginename", "mystartsearch"); user_pref("browser.search.selectedEngine", "mystartsearch"); user_pref("browser.startup.homepage", "http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092"); ---- Lines quick_start removed from prefs.js ---- user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "14a002ba19b11df487df6851e98f2933"); ---- FireFox user.js and prefs.js backups ---- prefs_30-11-2014_1424_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TornTv Downloader"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command] @="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BService"=- "BService64"=- "Wd"=- "Bench Communicator Watcher"=- "Bench Settings Cleaner"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "Browser Champion-repairJob"=- "Browser Champion"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Browser Champion deleted C:\Users\Eigenaar\AppData\Roaming\TornTV.com deleted C:\Program Files (x86)\TornPlusTV_version1.11 deleted C:\ProgramData\WindowsMangerProtect deleted C:\Program Files (x86)\globalUpdate deleted C:\Program Files (x86)\AVG\31e53fe9-0470-40ad-97d1-acdb7e8879c5.dll deleted C:\Program Files (x86)\AVG\a559dcbb-8f54-41d2-b875-f8a62a7d8f83.dll deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\mystartsearch.xml deleted C:\PROGRA~2\a559dcbb-8f54-41d2-b875-f8a62a7d8f83 deleted C:\Users\Eigenaar\AppData\Roaming\WB.CFG deleted C:\PROGRA~3\IePluginServices deleted C:\Users\Eigenaar\AppData\Local\globalUpdate deleted C:\Users\Eigenaar\AppData\Local\BenchUpdater deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-1.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-11.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-2.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-3.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-4.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-5.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-5_user.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-6.job deleted C:\Windows\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-7.job deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-1 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-11 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-2 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-3 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-4 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-5 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-5_user deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-6 deleted C:\windows\SysNative\Tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-7 deleted C:\Users\Eigenaar\AppData\LocalLow\Protect deleted C:\Users\Eigenaar\AppData\LocalLow\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} deleted C:\Windows\tasks\NRDLYB.job deleted C:\windows\SysNative\tasks\NRDLYB deleted C:\Windows\tasks\VNSZSSU.job deleted C:\windows\SysNative\tasks\VNSZSSU deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted C:\windows\SysNative\tasks\bench-S-1-5-21-1652827376-3884501160-2142600066-1000 deleted C:\windows\SysNative\tasks\bench-sys deleted C:\Windows\tasks\bench-S-1-5-21-1652827376-3884501160-2142600066-1000.job deleted C:\Windows\tasks\bench-sys.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Eigenaar\Desktop\Torntv Downloader.lnk deleted C:\Users\Eigenaar\AppData\Roaming\NRDLYB.exe deleted C:\Users\Eigenaar\AppData\Roaming\VNSZSSU.exe deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\{5709EAA3-B7BB-C64D-CD88-62DB4590AE1D} deleted "C:\Users\Eigenaar\AppData\Roaming\NRDLYB" deleted "C:\Users\Eigenaar\AppData\Roaming\VNSZSSU" deleted "C:\Program Files (x86)\SupTab\Loader32.exe" deleted "C:\Program Files (x86)\SupTab\Loader64.exe" deleted "C:\Program Files (x86)\SupTab\msvcp110.dll" deleted "C:\Program Files (x86)\SupTab\msvcr110.dll" not deleted "C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll" deleted "C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll" not deleted "C:\PROGRA~2\SupTab\Loader32.exe" deleted "C:\PROGRA~2\SupTab\Loader64.exe" deleted "C:\PROGRA~2\SupTab\msvcp110.dll" deleted "C:\PROGRA~2\SupTab\msvcr110.dll" not deleted "C:\PROGRA~2\SupTab\WindowsSupportDll32.dll" deleted "C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not deleted "C:\Program Files (x86)\Bench\Proxy\proc.exe" deleted "C:\Program Files (x86)\Bench\Proxy\pwdg.exe" deleted "C:\Program Files (x86)\Bench\Wd\wd.exe" deleted "C:\Program Files (x86)\Bench\BService\1.1\bhelper.dll" deleted "C:\Program Files (x86)\Bench\BService\1.1\bhelper64.dll" deleted "C:\Program Files (x86)\Bench\BService\1.1\bservice.exe" deleted "C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe" deleted "C:\PROGRA~2\Bench\Proxy\proc.exe" deleted "C:\PROGRA~2\Bench\Proxy\pwdg.exe" deleted "C:\PROGRA~2\Bench\Wd\wd.exe" deleted "C:\PROGRA~2\Bench\BService\1.1\bhelper.dll" deleted "C:\PROGRA~2\Bench\BService\1.1\bhelper64.dll" deleted "C:\PROGRA~2\Bench\BService\1.1\bservice.exe" deleted "C:\PROGRA~2\Bench\BService\1.1\bservice64.exe" deleted "C:\Program Files (x86)\Bench" not deleted "C:\Program Files (x86)\SupTab" not deleted "C:\Users\Eigenaar\AppData\Local\Browser Champion" deleted "C:\PROGRA~2\Bench" not deleted "C:\PROGRA~2\SupTab" not deleted "C:\Program Files (x86)\Bench\BService" not deleted "C:\Program Files (x86)\Bench\Proxy" deleted "C:\Program Files (x86)\Bench\Wd" deleted "C:\Program Files (x86)\Bench\BService\1.1" not deleted "C:\PROGRA~2\Bench\BService" not deleted "C:\PROGRA~2\Bench\Proxy" deleted "C:\PROGRA~2\Bench\Wd" deleted "C:\PROGRA~2\Bench\BService\1.1" not deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3966 MB CPU Info: Intel® Core2 Duo CPU E8400 @ 3.00GHz CPU Speed: 2952,7 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: NVIDIA GeForce GT 610 | NVIDIA GeForce GT 610 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Intel® 82567LM-3 Gigabit Network Connection CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GH50N Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 232,5GB Hard Disks - Free: C: 64,9GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 01/21/11 | DELL - 15 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0200DY Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG Internet Security 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG Internet Security 2015 disabled (Outdated) Firewall: AVG Internet Security 2015 disabled Default Browser: Firefox 33.1 Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 33.1 (x86 nl) Google Chrome version: 39.0.2171.71 Flash Player version: 15.0.0.239 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Eigenaar\AppData\Local\Temp ==== 2014-11-29 16:27:10 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\psmachine.dll 2014-11-29 16:27:10 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdateHelper.msi 2014-11-29 16:27:10 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdateBroker.exe 2014-11-29 16:27:10 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdate.exe 2014-11-29 16:27:10 C728CB84FF667F8D1C7A92B324A105A0 761856 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\goopdate.dll 2014-11-29 16:27:10 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\psuser.dll 2014-11-29 16:27:10 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdateOnDemand.exe 2014-11-29 16:27:10 2314C60631E36693D2328A0A42216A0E 220672 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\npGoogleUpdate4.dll 2014-11-29 16:27:10 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleCrashHandler.exe 2014-11-27 20:15:44 DCDF13FF2F04324EAAEC67FD7A9538B6 431280 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\ttv.exe 2014-11-26 19:13:30 FFF502B10BC4B91D8357A243F709B8AD 484352 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\t7145FFC5-EF2C-4750-9CC6-B934D573F69Bmp\tmp\wpm_v20.0.0.1277.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-19 20:08:28 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-11-19 20:08:28 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-19 20:08:28 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-11-19 20:08:28 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-11 22:36:41 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-11-29 16:29:11 -------- d-----w- C:\PROGRA~2\SupTab 2014-11-29 16:28:11 -------- d-----w- C:\PROGRA~2\Bench ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2014-11-29 16:28:17 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Champion ====== C:\Users\Eigenaar ====== 2014-11-30 11:00:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64(2).exe 2014-11-29 16:28:16 31B7E6595041DE5A0F131343FF876272 860 --sha-r- C:\ProgramData\ntuser.pol 2014-11-29 16:27:31 1425ED66AB875496E5F4E4B5AE951FFC 480176 ----a-w- C:\Users\Eigenaar\Downloads\Fury.2014.DVDSCR.X264.exe 2014-11-29 16:24:15 1425ED66AB875496E5F4E4B5AE951FFC 480176 ----a-w- C:\Users\Eigenaar\Downloads\YourDownload.exe 2014-11-27 17:29:06 -------- d-----w- C:\Users\Eigenaar\Tel o.a. Porto ====== C: exe-files == 2014-11-30 11:00:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64(2).exe 2014-11-29 16:27:31 1425ED66AB875496E5F4E4B5AE951FFC 480176 ----a-w- C:\Users\Eigenaar\Downloads\Fury.2014.DVDSCR.X264.exe 2014-11-29 16:27:10 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdateBroker.exe 2014-11-29 16:27:10 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdate.exe 2014-11-29 16:27:10 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleUpdateOnDemand.exe 2014-11-29 16:27:10 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.372519\GoogleCrashHandler.exe 2014-11-29 16:24:15 1425ED66AB875496E5F4E4B5AE951FFC 480176 ----a-w- C:\Users\Eigenaar\Downloads\YourDownload.exe 2014-11-27 20:15:44 DCDF13FF2F04324EAAEC67FD7A9538B6 431280 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\ttv.exe 2014-11-26 19:13:30 FFF502B10BC4B91D8357A243F709B8AD 484352 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\t7145FFC5-EF2C-4750-9CC6-B934D573F69Bmp\tmp\wpm_v20.0.0.1277.exe 2014-11-26 03:40:47 9D83E2859AC027E8C505CB4D1931AF47 1117264 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.71\39.0.2171.71_39.0.2171.65_chrome_updater.exe 2014-11-25 17:15:11 3C7B90403C3016F3209B705B9668633B 4438240 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\000068ea\DAO.19085104.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "OEM03Mon.exe"="C:\Windows\OEM03Mon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25-11-2014 21:22] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-05-2014 08:59] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-05-2014 08:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\EXPERTool" [C:\Program Files (x86)\EXPERTool\TBPanel.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\faststartff@gmail.com" [29-11-2014 17:28] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default - Undetermined - battlefieldplay4free@ea.com - Undetermined - faststartff@gmail.com - Undetermined - a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com - Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com - Fast Start - %ProfilePath%\extensions\faststartff@gmail.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default 8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash 136D0978787B9523FD57E12729CBBFF2 - C:\Users\Eigenaar\AppData\Roaming\Zoom\bin\npzoomplugin.dll - Zoom Launcher 045DCEC5BBF3C9F4A0788FDF90B1DEDE - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater ==== Deleted Firefox Extensions ====================== C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\faststartff@gmail.com deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 17:22] Browser Champion - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhajokkdlhllmgenmniigcnlefjakobn Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092", "startup_urls": [ "http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== shortcuts on Users Desktops ====================== C:\Users\Eigenaar\Desktop\EverestPoker.com.lnk - C:\Poker\EverestPoker.com\casino.exe C:\Users\Eigenaar\Desktop\HiJackThis.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Eigenaar\Desktop\Play Battlefield 3 Multi-player.lnk - C:\Users\Eigenaar\Desktop\Games\Battlefield 3 nosTEAM\LauncherClient.exe C:\Users\Eigenaar\Desktop\Play Battlefield 3 Single-Player.lnk - C:\Users\Eigenaar\Desktop\Games\Battlefield 3 nosTEAM\Zbf3.exe C:\Users\Eigenaar\Desktop\Zoom.lnk - C:\Users\Eigenaar\AppData\Roaming\Zoom\bin\Zoom.exe C:\Users\Eigenaar\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe mystartsearch C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\Windows\System32\browserchoice.exe /launch C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe mystartsearch C:\Users\Public\Desktop\PokerStars.eu.lnk - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Users Start Menu ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe mystartsearch C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe mystartsearch C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Champion\Browser Champion.lnk - C:\Program Files (x86)\Bench\Proxy\pwdg.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Champion\Uninstall.lnk - C:\Users\Eigenaar\AppData\Local\Browser Champion\uninstall.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Start Zoom.lnk - C:\Users\Eigenaar\AppData\Roaming\Zoom\bin\Zoom.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk - C:\Users\Eigenaar\AppData\Roaming\Zoom\uninstall\Installer.exe /uninstall ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe mystartsearch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe mystartsearch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe mystartsearch C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe mystartsearch C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.eu.lnk - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe mystartsearch C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe mystartsearch C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:3128" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Met‚r deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y4PS3DW will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BX5CWJCR will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S19RB90G will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU78S7MT will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\3i60jn16.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2019 folders=520 408913387 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\SupTab\msvcr110.dll" not found "C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll" not found "C:\PROGRA~2\SupTab\msvcr110.dll" not found "C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" not found "C:\Program Files (x86)\Bench" not found "C:\Program Files (x86)\SupTab" not found "C:\PROGRA~2\Bench" not found "C:\PROGRA~2\SupTab" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y4PS3DW" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BX5CWJCR" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S19RB90G" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU78S7MT" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 30-11-2014 at 14:33:11,74 ======================
  6. Logfile of random's system information tool 1.10 (written by random/random) Run by Eigenaar at 2014-11-30 12:06:50 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 65 GB (27%) free of 238 GB Total RAM: 3966 MB (12% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:06:52, on 30-11-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17420) Boot mode: Normal Running processes: C:\Program Files (x86)\EXPERTool\TBPanel.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\OEM03Mon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Bench\BService\1.1\bservice.exe C:\Program Files (x86)\Bench\Wd\wd.exe C:\Program Files (x86)\Bench\Proxy\pwdg.exe C:\Program Files (x86)\Bench\Proxy\proc.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\SupTab\HpUI.exe C:\Program Files (x86)\SupTab\Loader32.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Eigenaar.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 54.235.90.58 fhajokkdlhllmgenmniigcnlefjakobn O2 - BHO: 9ab333d0052b01323ffd0f6cdde3bdb00063311 - {11111111-1111-1111-1111-110611331111} - C:\Program Files (x86)\TornPlusTV_version1.11\TornPlusTV_version1.11-bho.dll O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Browser Champion BHO - {FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} - C:\Program Files (x86)\Browser Champion\FrameworkBHO.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKLM\..\Run: [bService] C:\Program Files (x86)\Bench\BService\1.1\bservice.exe O4 - HKLM\..\Run: [bService64] C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe O4 - HKLM\..\Run: [Wd] C:\Program Files (x86)\Bench\Wd\wd.exe O4 - HKLM\..\Run: [bench Communicator Watcher] C:\Program Files (x86)\Bench\Proxy\pwdg.exe O4 - HKLM\..\Run: [bench Settings Cleaner] C:\Program Files (x86)\Bench\Proxy\cl.exe O4 - HKLM\..\RunOnce: [browser Champion-repairJob] wscript.exe "C:\Users\Eigenaar\AppData\Local\Browser Champion\repair.js" "Browser Champion-repairJob" O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [TornTv Downloader] C:\Users\Eigenaar\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: TornTvDownloader.lnk = Eigenaar\AppData\Roaming\TornTV.com\TornTV Downloader.exe O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Torntv Downloader (trntv) - Cool Mirage - C:\Users\Eigenaar\AppData\Roaming\TornTV.com\TornTVSvc.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11324 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "taskhost.exe" "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service taskeng.exe {D497F752-7616-4DBC-88C7-F0559C009DA9} "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" C:\Windows\Explorer.EXE "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b0630416-a401-4387-a21e-8345b9eeed06 1 \??\C:\Windows\system32\conhost.exe "-2126370525-1779484458203964720012173378512513689-2095337346-343991197591016049 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "934718013-12243191211515473221-950936202887371265-591216332-1677435625-823476880 "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY "C:\Windows\OEM03Mon.exe" C:\Windows\system32\SearchIndexer.exe /Embedding ctfmon.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\Eigenaar\AppData\Roaming\TornTV.com\TornTVSvc.exe "C:\Program Files (x86)\Bench\BService\1.1\bservice.exe" "C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe" "C:\Program Files (x86)\Bench\Wd\wd.exe" "C:\Program Files (x86)\Bench\Proxy\pwdg.exe" "C:\Program Files (x86)\Bench\Proxy\proc.exe" "C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe" C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service C:\ProgramData\IePluginServices\PluginService.exe -service "C:\Program Files (x86)\SupTab\HpUI.exe" -run "C:\Program Files (x86)\SupTab\Loader64.exe" "C:\Program Files (x86)\SupTab\Loader32.exe" C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding "C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-64.exe" /rawdata=E6rdnO9feLf4zmfm5l6GBUSuE3hFO5QuYnYF573H/enHJv+5EgvKjftx/RYjVhLdoklZ+6Ls0xRvAoZv8zAWwUejEoPwTqWnYzevas8Ne1eyPHyHhHI/LeeWVz9X92yRQx7nDSzG8t+aByRpn+3XfbBUeoWi2aY38QH8wHWMiGs9AKxdlTKz/uDxQP4YzMLHey8x1ztJX/eD6NTDjUQKIDV9eyor4m2XCjBSPnvbvN2RXQ4yWJfdj+qLpiWceFt1ExW+taZlPpAnrNNq11txkNIRPjqnUUqghhJvXNBYy7ya3Jv2wUMdJr+W3JzLPMZqDZbS7dT78QfiJvvg5CdSnhrNQpFtwmAm6Juhl+tE2DOR/IoR9Ch3Q/jpZfmq4m/1Aut3/ZZ5Mb2yIjwC/byAZF+l4vl8HJiGor6BBsD8dZyugBHmDi0pCslZpPNl0Jre+radCJykhQS2+PhxKiNDChCupnKTmhOaWy64ndyQFCnEMchyILIp6KJn88jsYIp8gOJCMlSHhRNQTD2ZUz1v6MDjW0BygwSom0FG2Q9CIaucqisGYOz2AB6+Pk5KzuyMeZjjDMZGPt3z9sLAEjnXe++Aar2dxzqCJPNgw8wijrSjgA6yN/focbo4ntED5lDO3JatJbC4QJQrnw4rGAwGTULLzIrmbMdma2SGgBwxobB80etOiYruyhmwTErLEpWnMdFomeXVh5M0eaysQPwnzctFRIEWV+eFENJuoq/wA9R09HOKe/82oIxYw4+fwijfeiioW/0cmbmTysKKOphsanlDzTPMRxlIE0TBMtXvH8G/+N4/7LTbcl3EDhnuHaAZLrFAWmazFJxMx8NcJWifwVARUYMZurd1EAZjELSe+lRc8UvrR2TzZzIzRwqw656JQ4rr5TqiHHf9VPaA4BxJQVhJGXD8jDzUF9vybx3GkbU25L5dNBSKJ992qrP64VsyCfIS0PW+rZFjYOdvtpyO1A4d2XDI8dyMXFD17aZFVJIRl/1M/Wl+bagHMnH/vaa3LQm04qQ9jXk0l3TkjqnIXsul+lumKIuA8kZDLYst6INxgOPrUIbdgAnFIxH5FSdFmjqy/EEUeeG9TC/wK0yLmSe3sMBRaSit11we2TCBigSvyLPrUcLKZO16um45sy3rcI6/V50NHItgvMq96OE+LoOHD439EDp9IT85RAgIdas8cbF2V35XH5bT0/P9FekJYJ7RQ6EF9nr1RKZgtXf3+gpS71umwf7+ANMdE/B00lMZO22UR3BTr1p4TdVx3mcZE172ohNbQ5Nxqq2ieUuET7WbbuGt0N/mX2ASV8bGjQdmUxNBnZVjSzavv7OmqVzwxC6etg6ch3wD8x0rlLQQA2IPe6OqYaCBFvPCSg32NQWIpHHJVOaPnwamXeSbIdhEmg1RNb/6w/kgFwaVRieHq3K8iMGQljvh0vw4JK67cI6tuJl6kWk0qZddS8GURB3hUnNB3lBVNUDXiel/d9chvOAPm01H1dB+guVtDOYNj3w/jz/AFA14275qgFp4LQsmWsL29QRW4fqTubGpDotDhYjE9SHdxfBTSojZm4LK2b1FHiiH/MEpb4g1g+0aPoZsF8NCGdDwjs2JUFX7d0VPzxnXJnoUxdIGCOEG2LxgsxAQMb5Fld7bbPBvX7XmlYBPbitRf4OIz7S7Ze7uJO+PMkoFWvKnsjCCbbx5zDWvgSqYEzUsMDZGrX+otKHmMZeLWUDibg+tZue7o7uLXy1ZUs5Tbx3IaGXoovQ8zMF5SNxovmuLIVhGXGSaIxK/NG0dMbhgrG7uq9XI+4oxNDGhom2zKrGG0NN1ZjEgj9DHl7yBA40Iu4WFMQPc1rCU9wAZWLbOIqnwglwUrZ5vMaTQ4wTPy+UIQ8W3A6Dto1M6F0EUIP6TikfiB7wFEd6amPavn+c/xM+8KK+OG+A099zo3nR4bu/7tNoUAdPTMxaUCTTPPCBhd1p5qsF1cnVh+IUE4NEB/VoR8Ext0MGqu3YFceGbiDFoMq6s4lMkV+6CS07QGr6CnLf+YI4w28WZPkUAZFyPKRgxad4zgr5q2VP1Ohwm1nOx/RjTzawrc33RgeKsbfJxqebzwaqrmcd2X4oEu9o+2Grv/j/hgxSFuzVwIquN4fLh+fR7FfYtZFFeVVUzFGQdRsJmZgbs97D53Ly6M/4tRu8kJxuACTVmVV3dszXdAI/EUuYAc4SKrcLSHGg= "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" mystartsearch "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --incognito "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1744.0.1774926132\1129488041" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x104a --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3182 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.2.670987332\2094022215" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.5.1165213679\1320599569" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1744.6.253991742\1759815081" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.10.1216165625\307927809" /prefetch:673131151 "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5260.1422faa0.1192488155 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5260 "\\.\pipe\gecko-crash-server-pipe.5260" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe" --proxy-stub-channel=Flash476.66D4E980.11349 --host-broker-channel=Flash476.66D4E980.5776 --host-pid=476 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe" --channel=372.0021F2A8.552429302 --proxy-stub-channel=Flash476.66D4E980.11349 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll" --host-npapi-version=27 --type=renderer "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.12.1732007589\902789785" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.14.2115877962\146983717" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.19.33954789\673991710" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.26.785585814\1435285810" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A4_Stable_R8/PasswordGeneration/Disabled/Prefetch/ExperimentYes/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1744.30.867390288\350097180" /prefetch:673131151 "C:\Users\Eigenaar\Downloads\RSITx64(2).exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\bench-S-1-5-21-1652827376-3884501160-2142600066-1000.job - C:\Program Files (x86)\Bench\Updater\updater.exe -runmode=checkupdate C:\Windows\tasks\bench-sys.job - C:\Program Files (x86)\Bench\Updater\updater.exe -runmode=checkupdate C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-1.job - C:\Program Files (x86)\TornPlusTV_version1.11\TornPlusTV_version1.11-codedownloader.exe /rawdata=lEKj+2cpXJvxFrpU551nLUc/ebEHDA926IRuihnky4VBkS9CMykKWKr1aucWF/bDYN0R7YmoXm+6W7TewMx45acrnQrEKk0cfZ6Sh0Uz54kZVBeLpRJIv3OVbC/Bbv09jdgQtHiQB243k6keQj6wPoatdH84JUln0aLtcIuKC3Z5S+wLzvruLmC9nI+Yd2BLuggvG/FvOcPIG28SkyIzo6xHO8Mex27Kgblgh3tQZ+xromRYJI87UNHGr4p/J7dFFc1LHwErxCydNTYdrYqW+LHgWXTuwD4A+W+NPe9pgM/8jsHYYCzdXRwFpcI8F0VmrHaw/iz4RXqIFa8q8fMRR7XItawgNCI8j1ADp50/1Z4X49EomrdFI6TzLWvTrGsxPrSPyTK/c7lFOThUB5U/6GKMiZJY2ojpuT770HCh7MyA08H5uQTr/fWMUyebndPVH30KvhJwZ5KPPT1zqRksyA3RdCYy9t2tbL6h9vvAMP43OdD97kf26y2qfWxA7vcXCLrirIF3HFausrBmyWeDPcU+hP0WkkkvGlaRzEGLptYZE7pA0C/qvZpMXdSFAS7mDcg63/JkCUvorXtSOk3l8N7OW5ioMo6gzJesRO/gnF70T5a9b2xVgf+UStBfwP2n6eSnPrv+zb0SqhVTqAupV4VG5c3R8VyhSucKVkipHR2jI6FXtmwmyIZko863Cc1LekU/XgxFpVXw3S845H/X0vwnrMZyMGjclxEHvw0192n25U66sAOLlfVZOiTSkdID0D5RssOj5N//UjMUi3ar4fGHFWV0k04FHh1Vzb0hJefSzMGve5lNnX+CRta19aZzToJleU1KMZF08sjg4ikKmRuv4wEI+M8lCs+ax/smyMzEY6zRtMvXleWUB31s0PVjfBYeghgYOoqUeIhv2c813O2/zQ0YHXZeiHyUgfdUh0SSXPSCFsqC8AVb0cVmgMAilCVRNIXwnDvNETYhqI3OPAhgtdxQqBq0pBEQhpCReGI515i/kjd/QFTlp9wn3WnDo3bQTGcPJ6aaPPjW4E6kWiccRWMTMqQPLG21hyc0qTHZy6LC2C/PLIk1b7U7M3z++jwjlfaVPykBBz42pFAhpJ+ee4L8wSDqVaAxFnUMck8qPc8nHSCJhlH2VHg+EXUOjrkKhJSmwpONqEWUk1NX4+N0RZXMnzaoHrUSwKTaL2EAf5sPJX2k1jWziGw9fDwKMw1LweDfJfo9a+2F+sT4HG55zsV2ZcH9MlIFnGSbkWYSnMypeCR1W7anncv11r837sJ0GB94BqOjGFtp0SYcMbv5BDPkbOS+EaAqz+YLimNZ3/7/VyRQPLTS2ih3q/SQ/ODP1ahUdTXu6/8dX9j+TiRtseNFCvN4FcTB76LLKt7NTITjYpjC+arlhndxYU7JRv18hDabPdKrQg/eudSNAGiZ7IdKqjqdUqPSTZ+sp4I2J3fSr6QL+epKlktTYBSDvwL2AbUCGhTERmUu5A1F8k8jW0y8MdRz/X4mKDvJHWnBl77VNrvM9+mFyduRRrCW C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-11.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-11.exe /rawdata=PfYWIb/xxUmkSXB8XuzqXtXVEdve3ytPqAJTVz/g8tb88PY51wSkTx2DLd4LunmHSHwrmwJvofGAdkhLPs5242+s3wtl1Fu1u6OaW8lQXN9M5gAByRQPGDhfuzN2D90eMrRoFX05JI04UTJjHi7q6lOi61WcaRJZeUK3dQzy9HVPVaJ5o9PCcQYSa4zW+rZJXOMuBY31we9KjsN3B7lgu2k+A8oHulBX96Nq0H4oTXECcNQGIGuSqtvPs1FDeU797DfhKmJJZVt8EhbpY3CEiej5EfBB8R0ptg51zWtdpOFK70eh3xZYBa0W/RtFflBjFdyJu7WM64pZYahOpC3QL1hn/miC4TaJAXfrIg4uBou6ilZBgeA483BB/uY+zQebEEvKatsiX0gZ1pUNBtZ4zcfyiYZC6wovQDHo87eNDYRd/KBmLMebqVN4qo3fYw05Vf/qIjpnMghzrGBN0mB2S4rSvGX5nPeT6mOU1colnhqDQepQocuQVmxT+r3XoFAzUtxys2mZ5JXtyPVsfj20X7nyZfBass2HkiTLf+NrTuftyP9kNLeV3YVUYShm17/RkxpDfLI2bLGW3TueUT+WlPcUIVWr8Go1XfQmsgA3hwCX727qxbFZ7RWZVj3/MiKo+GsSjfP1QMPR03/7doFzkRg/eA0Ayw5w79dBTRGzykB9uYB3oG73jLWba7rNW/uPFcXJvhhtffnIVdW5hxn2OgwfDwWWYxtnf92t0105r80GPpPEPobQsVXPwEjXYrcNKY13KLB+muMj0kCp9n0pyavAFlnJfiwraVheHXSE7nJOgg9uokZ9QY7vjjMUju4U7jlhkMKl9XCW0tM6B0onCpqrIhDEfs/ogEP/+tswZRN2hwrwkzaED8lb16eavRZCMkHeyc28ZaA+ld7LvJW3hOFtjBjSRNDjvUBQJxS0upvu7fQr94QwoLkyQw14xz7l4ZkRPQO9Oxwf2Q/mSHRHlk9UK6mAd+CQw2S9RH1CTdMRRSa9JdlYhLxdcuxa6szYTr1toshRT81cLIktmgI8mhgvMyhodgDcO7nDhCxhQsiE+GojWN12v1KJ6YZc+vXnPpKkgvuwVKZA2f6bIXiSSlGeFTDQ57+wWyYcR4iiAfKvj34ceR0Sf8/1BIK0kI71RsHTJKwYLCi9I5FOvYeTvGE7qDo3F8OPQjhzvvGRcHGDJDgZfpnz8f9uqn3yYlzdJiDM671K12+kojEiWyA/AVfx5OdQYn8b2Bqe9FoeIuUXBmJhdSh+sBTdWVNyPQi8i2JhPLuJoT8v7VBetw6+dIhCQ8nsjO8FfmXrFbjuv8nI/ypKjrPw1jfTn14AyR638+KmlI+GZJWgBz2pA39oQkxQqW2MKZ5spvXjx6RUNXYRxORMKv2/IrfL1nkcoAyTg4RoMUOb6Pwi+8RL1cSSvUXViI3qIDOZlxcGtKW2t/cwQOyuGb8HDx5nOcNeIqLdGFuHLIo/sx0X/sxr2oPbwVltZIQV5Z9qS0x6v3b0nMNrY9mkGYlcGKw2zhPPa522Hw4RTcuQRQVvwxg+GMLnovmR9h/5d1wWo7niOL/EW8VPbOk9nyBL3062Grir62KKBXaENip3Go7DeysyAR9hXOqMUKyhlk0hhGYky6mtqbK2UHBTKgfAmVcNy6DDdcmvpBSmUhrdCeuFukLv0t1yCBQiGeKXgDz2l5VksnBLOUuATL0hft/fa3TX2qQNBGZ3is7QKcq4+mvrFtak7hU7+0ayrFK5Ejdy4rHqkjDuErPPCjSVVHr5c7cLQHkr3HeIBoAxHcwTEGmRRffEEuQaqap6IvoLM+W5rZewAWR+v0PT5WMsyIZ4wKXPROpTf5rKGuK7qPLtOgS0K8fIyQumKWW4qpQzeYt5i3tsbd5Bg3ymnUnzck028AfSYMcggXLkhR3fTyqUgnhDv7Pyn9cjf4leiII3E5lM5TT/whGHDeG76iKPBzCLoat6jBIqFRjPkq6owBPItYO0uVFiolW9ttJ6JGY9EwZlllJG+zYDRqAm0fi4y3fVWZ5Jw2Qzo9kMp4acoZmXq6he8kVNzzWoXQDKyv6WtmioV/gtH4u6gu3Vu7t2j9x63WERsXShc1++zD8Dy7Ali4hbC0wCyEfBlrMyf8rZXd5oyp97AE7vlBPzxpFWxDsIdAFn9R+Oiiz+ZrZLAaz2GSWsgxNIxy3ZZBeF2NC4thEYoA/vm1TXBGRS62rXm9tPmBlxepMJQMm6RV+f9SyDhU4RpOfXj3sEn7wdqqdsOxG4vbtq4I2sl8GoqzwE8fOj4t1pl/9wlrFebtJqBL7D295MKpdT5yXyV2tD7Q8FM8GRd7txiamaYE96m/Av4BlXjGz0m/6bxkz3dSIrnYJcbmfPyiO1c7/xxg== C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-2.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-2.exe /rawdata=TZdmUN/7aoMQxqVTiPtFsfKzkXj66uuoHU4EBhmt9iVAquU3zM3dV9+uigH0IEvLSgH3GN5wBS80AZKaDpuYhS0syU+djnnLbnIU/hujcbnGTQJFeW6OLG1UvUCQorU9kpd5T10GV/xksSmrOTLhJOSqRD2D7HUqv3l9iKw9o7m8z71jsPZkNxNzJyRcOt67O/gxBOwYnWPFlnyDRipa0lnoaApyYli7Z2gXub8PXpzjydW54l7Rlu31RRkmPLKC+ZwzEvf6FY5K9IzFsWDIjLDmoyBUsvYU0tT44w11of8xi0hETrwF4DoE9Jkkt5WIZRTnIxrHErj64AY5FQn10BNi04ra666GGFadwZY0BPFhVMfM6I0oZ2TdAwqAGyH6qBsJqgTHTkroOTCmnCC1FwMhUrBfcTYu+zNcC8QpveA9Zyh/ZGTWoOZAA2d/DcehqM3jFva3/iPubgC9bkKWmAq8dfY9n0h4l3gs0I+MYx3I7437uXkRi5aItfLIDY9UthMWMakrpeubPZrG8p+F7Q8lm3z/hH+qiAoSDEYACxVX2HDMHvz+SzIiW7+vpF72xVjr85Bd6eFpU4RKmbPdEBTVVS4UTCqImFmOjpNekgduBJTneZPJH/CUqykgNx/eC+elgSK7d1CJJJcDkGvOkQeu5h5qfNDRt0ZmiU//e3y/WQVIIm5OD667yn06oZW65OND6268Dx61i/Y/FPqBd1Tme6bT0jnqRgOr0dvWOHR1FBDvaLfbGDuGe/LSFMxwI0GLisKF9Kn8RHh/311srovnL1UEC/AxY0AOQtB4t1vaYKt9sCKYmHvwb83GiJzsWeNXF4CkHAf4G9LjWfMVoQ== C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-3.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-3.exe /rawdata=JY6dDMnDvVqVNGIyvBP5ZATo7zMT2hR+Nn4HvQN4uuy3C9RlbWInAqcUkFkITtE8kvIne+3jBrZckMc0PTcDdlsJxkU5nsd+/aDrZn0rYOVNXa3xzS/u3SaaEKld7j79MX3IKrwRlCNZfNIotAcKpZmS+KrtK1DdQY5NRsua76KHqRR9df0DmmZAmJvbBp3jxPh+Q32V3UvY8qmDCTk1HMXCDBLkZM8u0Ke0WYA0V8F8gAg/eR1p2/E15vtD3jg1rWGePAGnLsiSWkWkqXJ7KR/Nvm7atZNWYDuCvU4Zf0lj8JHwui4fch1jTSS6MvFBn+YRh5/h2ywbpJnaQr1KUA3aNLeGLkWivbfMx9/gMgCuLvWGLzfEzGPYJUC1Hfm3NlGPdO0kn23PxCWMJT2q2hBA5S7cQjbl2lNMdANc552CQIyBENAolrUdbq0yoMMxlnKhGUtAP4xCYb7T1nQpkF7Ytb6QrwqsZuiC1xDysOETJ9x3dC9QDcpKmYU5ONJ1qdUtY2dl+VuoCYcH9ZEDDIvR3+XILBu83D/O54PdH7BywZx8K7c3d/AVWDN21FPnW578aVL2bF9xIs8BTKAmQ2pVl9bsVkHaOaxuaaqqEY3zXHV2zyxNjKGS4RW61TpiFVLxqqAeD3QJVeKS/hzKKrx1MvuQD0k5KytG0mOCTysBfyvRH+c6/z2+q3zuDyCJUi8dIDLg0zcYQsoeM5/j1f/53p9P22C8VrN2+RnB+kU3u2DeD4u/F8vUGuvjKEQn3DxkvNvZRG0GXI27U7wfr2eYlKqfhesngl7PUSH7M7Y8bspyslI6LYJgvPuIavKiJNYwzKioJkZ4vgg748SzzZpHvDlp3w5oUAJhjYDeczP5Nux5IlNCbriUY3g+NZx30meZzTVP7JPyqle6fxQSNL+aY3g5GLZSphPFwtr0//EwyjA1lpdMQxoF/+ETMiD51HrR6ez6GIBl6dxcfjPkQHGMtZMKRXCiY2zOnRiCDqWC31wB52ibR1udOb8OlZE7bazlVQINlp/3V8jDQ1hntwhswfN+88Q6d8yoMrPHmqlicYbpUEYPNBjnP3yO23w9TgR1ybBeNNApp7mP6pySnmJNh0hP3ekOrIYSZXaCyl5Li6yC6QFFCkEr/r9OJ6sp03/2+LbmDwCSiCMHJ2VQwdzaZn390GnVka5PoZZvcGYEbSD5h3OQC7z7BxjGtGp78no28EWcmfQEv6M+ZJ+QbEufoJdqLe8n3OCPO9WO23la2Ly/ENoUrZWI/ECJIL7yMBIU+lO/sDY8jlxayt4PBL8nnVcdtD7mmd+AMASGO92VXnoZbvRlcs2q7kz0BTIMwgTwW50SUoLvLIW8jnKhM1pE30cC7FUDMSEDwRAHNHJ7GFIzZy0yBkRNsFKN9Q+bVcPcYe1jMtRktP3dtqkkTW9fSJu+wxoaS2tOo80cTPuljmbTHjVPUcgGqWytPPwwa1IN8diaF/wpB5fZXEh7nIFI+qeQiCJuqcZ4SB26qduPFiwdaL8gZsYUyDgGT4SvbyBXnkHmqh8Hw0ys4gHOtoCbRlQ/hCgqzNgesdlAeNvrDzRsa0YcZO03R/eWu0QFp5M6LS4oI1G0Vwo9OmyozmpwfOHO5L73+2+YyMJ7STlqBuCw0O6aGFqFLXwhuDvlFFi5R0EUrivQZTCuW/dNAYDw19dR/vY4DHuo/7oqo18= C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-4.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-4.exe /rawdata=vUDCIkPG/JW340gkfoSJuHCcyQm5/dOtjyEGO9Ge2ihYvckHDIUbNYJOrcT5irIMPwSfkyX4tIrCx1xIhJ8brzazEKwl1aZFqxWneIdi26Elet15gWExGpQkSP0S+WRCQMChZcJ3vfatImJwRcaayO9cjvL1gXlzHdkPVnx5KZle/7xAPw3AbeXV/G93y8QeC3Ru6GauqL6Db29XKrG9W1ovG/GFlCMmzM+2eAWTfdBJiCCOUWT92XfGR911NsrTiqwKawuKYMMT2MP/fdWcKVm7ST6IYHT5PnCwesVGTT7fBB2MhpKqwuwk2U+TXPtfR445l5hi35gCSu+QUFBaBD0ArF2VMrP+4PFA/hjMwsd7LzHXO0lf94Po1MONRAogNX17KivibZcKMFI+e9u83ZFdDjJYl92P6oumJZx4W3UTFb61pmU+kCes02rXW3GQ0hE+OqdRSqCGEm9c0FjLvJrcm/bBQx0mv5bcnMs8xmoNltLt1PvxB+Im++DkJ1KeGs1CkW3CYCbom6GX60TYM5H8ihH0KHdD+Oll+arib/UC63f9lnkxvbIiPAL9vIBkX6Xi+XwcmIaivoEGwPx1nK6AEeYOLSkKyVmk82XQmt76tp0InKSFBLb4+HEqI0MKEK6mcpOaE5pbLrid3JAUKcQxyHIgsinoomfzyOxginycX03X7TbPUWyNWytMGqnpDzEZkzihACyaOitx01GU1M0WbRvw6f2EZ3R3YnFygQa28eTRt41V9jUjqtgK92ZNh0o+UafNGQhgKqIbCqvkWCUYWdXxr8OVPUrrmRdH+WSI6vYXb+cbG5onel2j6MGuf3fsqIja4F2rPMdOSos/dCGXvZeTf2Wn+4qegxjGx9ciM6mdrfSZxqJeKYNYoD54MhjfMzSUYV9pJJxGdrjSTI4UnUXVpD85eEesxrkEWEERBaEtRCKmtL5vniWKaIeqGj7l+Yq72cL/ONVD9yYxEEem5DUaHnsE5K35Gfwv9GXJ7YO398t4lvttHlXMxYlIMirAoc5RH34UgrLVcZNLg2F7dM5MGWLRS73v4AS8ChxmHz+MunbLNhfig2tO78bneWLATXjWenQZ7F2wb+mdlV1HlS1bbsk60t3iwk511CeTigoi6ZL2PgMapk5cQ0ls3JQ2iaxD2MSMqBHYft+PVanj5Pkes/BUg/H2sc63g/Ua07jVYc6iNtWA02HmuZGMxE/4EbJZDr/+/2BwSLHjG4LP6HEeEN99dNUvaa3zeU16K/39PkN+3v7adGbdWDy67kLclHq0bvPbj4StQV/jgUS3aKWU62+Wy04MMga8vkNOZk59TpxTSP8n8ljsn8MjkzFae7qyMAireqlAMfqcsY5ltOzmkJ50y860l9gATIAxjmZFWH287FH0vSKOCAVNVojrECoPGjTpSbnC9OOeAgbPveAc+wGsXpliGobMFsxx/DcTXVYkOtWDtjo122Z4OwzgXQWrzI1va7nggJp5tmfChuUpJ3gg0b6zI7sTF4CyhzQz1qlq4/DyqWws+194oEyxZICfJx/u4GYoXGGoO8nQejjJXVPmohrYUQVvYmO6ANqGRmxuEXVC5d0FH8wIDwFUlkQDMD8SL91P9L8odqRaA1A1ylrAvGG/SWT7CSmWTLCTSIyg7Mb2izCSJ/P0CJ5roHsz1N0OmkXtOW/iJaDI4rC0erp9Ry0T7wWRkoEFdYFXhvtu6WYDRlr351oirWZPwSLc4hFtVA46qzcXrjtCt7Xr2Ze1pGKs5h7mkxWR9WUJfanMfTLunP4/GyTlURjHffIlh8uvUDlTRdru5ENh4mBo8+XPJ0Gb3iFdCXA2pEQ8bJHt/U5U5jLTnWawgcDefBBg6pcpGmVlm+lj70qs4RvadRo/0Pef5radMYRKWa3Sgpwg5aUdDBTsQxLUvtc4/2blJD3LYDWqDftqVZlsIkSqYmBccBLCEgZqR8mlHtLDh932OIRRya2IjSGVuN4PIrmeM5g5ExMBhbmxWPGI7U0REbfPPvqVusJSajrk5dTv+uhU0iWwsp1hXhfjQPm/8V2jcgYrCsCjN1+KYe1xsHEf+yZC4wyHsdnOsd7MsjpDEtSGx4QSguaYGTQMhZrGxC+3+UMtXXXIrGy7yRj8z38vDJ96tV8MKZ+kpSvNGArGwbDjBmvSPxUrcjkmk4HXiQi1JYGMukblNqoN0iWeREUtCmHPVOHxzZmM+sI= C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-5.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-5.exe /rawdata=nw1TA26/TMa8Ct6VTWaHVzKvJCrE+OCstlzaQKikj5wTbrq9KMVd25UnD4EWeGvbzkGtXnX4wx99dBBC9lSUaJoXGYoi9v7V45s0m7ihOjPlYtZyd2KBBuMRWrf9def5aDfp7xBIwYRatdBNSVnb2//qImN4DTGBzm55gJGB88hFunPRVNMIgLFXPwCufUBn2tUoO9Yo8YZBNz8e9BMGPj5cVw+1yTxKvaS21DlwDuVHnPwQKqAjjzq9dyPPOKcOqQwDzDvVWMbxOGeB7A4dgfCvSTW/KFTwNa+TcOnTFb8raqOyK+pCiieHCoPTDy6jqHP6TnRc1n0tJiXjDnyu5y7NDY9i0vvMAyOVCmb+fxuzxgoHEq8Wzssa77Tmt7/yauRbYp4mRWqARHgGhRFXFDoeLYCsZ8NpuuZANa3r12xf/MR6e8Z4SnwIQqvuE536v/7PdgHVwAyO8ZXXBdu0uQJbp26ewQVNrSVUuVyEdIkgtDjuSkkpjfw9XdSnHJohhV3ZDi7SKR2kr1ubulf/d8PAQ+d/1BJnqeWS6qJHvG7Uz8UwlP6rcvZwrhFg1d5yGpJZClSr5B3P3uld2/e1VWeXD0AizaZB+XvvAvMUEKAZMgGzcipWZgKw/9mo3PJMNkQcjlV2sDwRbInfskRVIBcBDe/jJJr4y0KWHCOxOL8tKy4Ogla/hoF86RE3TXE0F7f2IXysjh8uUWTzBiPoy7bwqHU6ygPTlLZYOZyH+k69cAjwtAHIKPR+kcI326xUYgU/fjOUmW5IWh4kBRX68WlQ5k76hE5tLribmLd1TuCzIq2cpTQ/34sMKLyCFpSmCJbGpwFXvQaoluFEyaixy6nOrqdBnNBJ1qQST0IHqqG1nHzmU2PyjTCFNj3SoOMazNmSWC+cIpLOnYW6dfaRz8i7jAlHlwLVs+PqIlYt8dCGXY5v1WDdyeU/KsrPILePG225muvjekVIKRpBXhvTlIr9CJxRZMlNRK97/VFh94QSnnOoWUk/KrTzQOl9OQ64 C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-5_user.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-5.exe /rawdata=nw1TA26/TMa8Ct6VTWaHVzKvJCrE+OCstlzaQKikj5wTbrq9KMVd25UnD4EWeGvbzkGtXnX4wx99dBBC9lSUaJoXGYoi9v7V45s0m7ihOjPlYtZyd2KBBuMRWrf9def5aDfp7xBIwYRatdBNSVnb2//qImN4DTGBzm55gJGB88hFunPRVNMIgLFXPwCufUBn2tUoO9Yo8YZBNz8e9BMGPj5cVw+1yTxKvaS21DlwDuVHnPwQKqAjjzq9dyPPOKcOqQwDzDvVWMbxOGeB7A4dgfCvSTW/KFTwNa+TcOnTFb8raqOyK+pCiieHCoPTDy6jqHP6TnRc1n0tJiXjDnyu5y7NDY9i0vvMAyOVCmb+fxuzxgoHEq8Wzssa77Tmt7/yauRbYp4mRWqARHgGhRFXFDoeLYCsZ8NpuuZANa3r12xf/MR6e8Z4SnwIQqvuE536v/7PdgHVwAyO8ZXXBdu0uQJbp26ewQVNrSVUuVyEdIkgtDjuSkkpjfw9XdSnHJohhV3ZDi7SKR2kr1ubulf/d8PAQ+d/1BJnqeWS6qJHvG7Uz8UwlP6rcvZwrhFg1d5yGpJZClSr5B3P3uld2/e1VWeXD0AizaZB+XvvAvMUEKAZMgGzcipWZgKw/9mo3PJMNkQcjlV2sDwRbInfskRVIBcBDe/jJJr4y0KWHCOxOL8tKy4Ogla/hoF86RE3TXE0F7f2IXysjh8uUWTzBiPoy7bwqHU6ygPTlLZYOZyH+k69cAjwtAHIKPR+kcI326xUYgU/fjOUmW5IWh4kBRX68WlQ5k76hE5tLribmLd1TuCzIq2cpTQ/34sMKLyCFpSmCJbGpwFXvQaoluFEyaixyygJx1BNJQcMV6MZk8drlv1GYsOWQ/aSrtjBr3LzGvDmYhfD56qo+hadMpkjqp8jqZIfxDm7Qtxo+MVgwjL7gLCNGZ2eMKNjN+9y5tlHXs2l8k8P3xg8bWgl8i9edIhuc/biZHtXYAaLq9aOcpabwG1BtnkcPHxSddGvY8CK0YMk C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-6.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-6.exe /rawdata=E6rdnO9feLf4zmfm5l6GBUSuE3hFO5QuYnYF573H/enHJv+5EgvKjftx/RYjVhLdoklZ+6Ls0xRvAoZv8zAWwUejEoPwTqWnYzevas8Ne1eyPHyHhHI/LeeWVz9X92yRQx7nDSzG8t+aByRpn+3XfbBUeoWi2aY38QH8wHWMiGs9AKxdlTKz/uDxQP4YzMLHey8x1ztJX/eD6NTDjUQKIDV9eyor4m2XCjBSPnvbvN2RXQ4yWJfdj+qLpiWceFt1ExW+taZlPpAnrNNq11txkNIRPjqnUUqghhJvXNBYy7ya3Jv2wUMdJr+W3JzLPMZqDZbS7dT78QfiJvvg5CdSnhrNQpFtwmAm6Juhl+tE2DOR/IoR9Ch3Q/jpZfmq4m/1Aut3/ZZ5Mb2yIjwC/byAZF+l4vl8HJiGor6BBsD8dZyugBHmDi0pCslZpPNl0Jre+radCJykhQS2+PhxKiNDChCupnKTmhOaWy64ndyQFCnEMchyILIp6KJn88jsYIp8gOJCMlSHhRNQTD2ZUz1v6MDjW0BygwSom0FG2Q9CIaucqisGYOz2AB6+Pk5KzuyMeZjjDMZGPt3z9sLAEjnXe++Aar2dxzqCJPNgw8wijrSjgA6yN/focbo4ntED5lDO3JatJbC4QJQrnw4rGAwGTULLzIrmbMdma2SGgBwxobB80etOiYruyhmwTErLEpWnMdFomeXVh5M0eaysQPwnzctFRIEWV+eFENJuoq/wA9R09HOKe/82oIxYw4+fwijfeiioW/0cmbmTysKKOphsanlDzTPMRxlIE0TBMtXvH8G/+N4/7LTbcl3EDhnuHaAZLrFAWmazFJxMx8NcJWifwVARUYMZurd1EAZjELSe+lRc8UvrR2TzZzIzRwqw656JQ4rr5TqiHHf9VPaA4BxJQVhJGXD8jDzUF9vybx3GkbU25L5dNBSKJ992qrP64VsyCfIS0PW+rZFjYOdvtpyO1A4d2XDI8dyMXFD17aZFVJIRl/1M/Wl+bagHMnH/vaa3LQm04qQ9jXk0l3TkjqnIXsul+lumKIuA8kZDLYst6INxgOPrUIbdgAnFIxH5FSdFmjqy/EEUeeG9TC/wK0yLmSe3sMBRaSit11we2TCBigSvyLPrUcLKZO16um45sy3rcI6/V50NHItgvMq96OE+LoOHD439EDp9IT85RAgIdas8cbF2V35XH5bT0/P9FekJYJ7RQ6EF9nr1RKZgtXf3+gpS71umwf7+ANMdE/B00lMZO22UR3BTr1p4TdVx3mcZE172ohNbQ5Nxqq2ieUuET7WbbuGt0N/mX2ASV8bGjQdmUxNBnZVjSzavv7OmqVzwxC6etg6ch3wD8x0rlLQQA2IPe6OqYaCBFvPCSg32NQWIpHHJVOaPnwamXeSbIdhEmg1RNb/6w/kgFwaVRieHq3K8iMGQljvh0vw4JK67cI6tuJl6kWk0qZddS8GURB3hUnNB3lBVNUDXiel/d9chvOAPm01H1dB+guVtDOYNj3w/jz/AFA14275qgFp4LQsmWsL29QRW4fqTubGpDotDhYjE9SHdxfBTSojZm4LK2b1FHiiH/MEpb4g1g+0aPoZsF8NCGdDwjs2JUFX7d0VPzxnXJnoUxdIGCOEG2LxgsxAQMb5Fld7bbPBvX7XmlYBPbitRf4OIz7S7Ze7uJO+PMkoFWvKnsjCCbbx5zDWvgSqYEzUsMDZGrX+otKHmMZeLWUDibg+tZue7o7uLXy1ZUs5Tbx3IaGXoovQ8zMF5SNxovmuLIVhGXGSaIxK/NG0dMbhgrG7uq9XI+4oxNDGhom2zKrGG0NN1ZjEgj9DHl7yBA40Iu4WFMQPc1rCU9wAZWLbOIqnwglwUrZ5vMaTQ4wTPy+UIQ8W3A6Dto1M6F0EUIP6TikfiB7wFEd6amPavn+c/xM+8KK+OG+A099zo3nR4bu/7tNoUAdPTMxaUCTTPPCBhd1p5qsF1cnVh+IUE4NEB/VoR8Ext0MGqu3YFceGbiDFoMq6s4lMkV+6CS07QGr6CnLf+YI4w28WZPkUAWGK217RVlJuzXKpWjlJLkMWVqOEcpslIwUC7B5Npg0kGGqw8EZaWllx2Fb73kHce9q8NA1aeeN8db4Qdxzwr/TVC0n/rPNzVsR/WDMu+Uatwce/oGTNrqumws89g2Ira81ART3utBoBxtWOpMB5h2IThe1jVTO1tVXBFktonpBJisGsXd+c9hCX2l2XuPR2iKmjxdGd4TbyQZIF6h6dVbKxfbfRHTVmEGvKQJ0JNTGxgLgY/E7jmXLTsgS8SESmVOm4h7pDKAax5WjjtmtSAMWtl1Tjlm9BcakaatL9f1sDT7WrzSj6h0KI6qrNIM5Fe3mzJOVdpMOr+AHmXXZBBqKUZm6V9gJ8/sZ5jrXOdysIJ3cPSxQbS56O/oOOoau31RLL880NXURhO5A4EjigZz7BgePBx272287RCpIPINvLisaRpgP9pTCcCh/X44aZzdHtqY1i1tl6PoUH+CjHgMQy81E8mWTO5WCgyaVSMbSgSR9zN+Jvt0VpsggaC1pSk C:\Windows\tasks\bfd1933f-440f-465c-983b-c6eca9b86fc9-7.job - C:\Program Files (x86)\TornPlusTV_version1.11\bfd1933f-440f-465c-983b-c6eca9b86fc9-7.exe /rawdata=JzfwMJNTK9yVKNVEXF1fDxPujquX6mci/jqxq47OBCatuwg48Y1bOlP8KYx390cOjVIcoOhB4HBNGTaZTQ7p/C1EK91BVtA/qCAilRzhujSrZx2yriMyrWz5N8lEpTasOcnCtW7AflTQpfNG3yU7GBcYL/+NgnB9gQGiujO9KHhJIOuUXPqZ5adaDs+BwDsKzE5aCL2bNnyIgxGSj+CDI8wKYOjvhBcqrW/hhiwtDpOH7GYYNWpZtJJxCEjWOZ3RNMn5VQjeI6ZtJY0rUpPrDdrZorg5CYo/aYxAZVb8tF0dY8nETMha9QxWRalzZ4J64hOPsqEH8DlxzcN6TYwzMh5i+E81+8XUCKGAQUPvuj3PCp5IqK3i3AfQRnDPjvB/2LXYS/ZzGuh5TvYTuGDcNElQZBiR1aB8PeKirW7xmLtd8PjaYINFP1W+EIEewwTEO/mGFwuqkwcOn225HibcRyRdESzemCI+EWwf3iPPlSoa7Gvh/dthRCNLhfeS3AvIwgkc4xkIZmY5vB0lHAsw0IrZLBKrej/YET+Cym/vWCWFCuzcTMRjjidIubUdNmlrcG14TO0XvYWbOWabf0qZCeKCFA4sl6ljKgzc9/X4Dk1r+FhdQPVqfhEmkeniwIX1tfcXiaMHUFq6y1mauq4LE4I236Y+PYfw2Yjksv4NP0M4exZ2qB30ANek4QK6KELEEN2UZU72tqyPh+uYPQVBJNNnIZHwTD17O5quGwCPRUrybzemXgTOUW7iwPkWGvz1eTuvb3E7ma5+qE55LWeo/fbuBeQmDPQKqCGyy73le1T+qIK7X8ROnBff7atf1aGbBgx7svNuZs0+FUfK27Q8Fni4BgJoRTtAndMFlvpOWCjMaR3s2SmV4zRO6iqnLBO3ev9C4+wLDBIIWtcEfIdLdni9zr/xDjJmW9ymbTZ68slhcmvMXOmyECXaaboRV5C/Smjosqy+GU4LgzTeifvYHo7qgTMKSLVqPVwZ0behDfjNPw/DIFHWUsGj1mEAwgQZrSBkOrWuH1xFGES/Z+C3LV6pTj7iJq8yULddghg1eixNNEQIvz94YtlCpIhgDgyG38YUuoiHHn8oabj0M/G+SoqKlhcQMh5hAo7AMRzLs+YGisRpCXnI7FIHQW44QxOufHmSR1wNfnbIU0xn0fMS4LCHlof+v/V9yxqefMbM6NoluXIkZWPNMgDgz/yJihYS6r6aW/pMK7+s10EGIu70iURCX9CgGNn3dEyenywP2hi5ltU4aTvWi5DhxCqgCgBn53a1HvxIw0gv/iXVNi0uUQxgGm5TgVSmYKJUXZC37lL7IdlYKftdyQpUQlSp2e75YC27TKNicC9+IwCl5YUTMJ1hI99opXdgNA/111exnPenEtYQlL1G7fztP3SMFyRA3/VgNnBvo7k+7+AvkyiUPWIw+Tc/kDmQmHDxlOV3uJgKYojScbjXF46VSaMc4l/xWvVTahr5aCvLik/QwZTVqfwKV0USROxyXfTbGwBjKyUYXN8bCVf8mDVdVZdJnJYoc6G7ilPx+xxaot1XHXl2XoWgYP6jDiaf2L95iYFajjd/I5BrhqEcibACi2elBdXGZynwpdOqRg1Da7dFioOkijRGmvpLRNi5zJ24ZPlcgETakjwW3VzCbUucvyXPnjoaemaZEc7px4rI5pXetc+T9WaZo9wOECzuryZWpf3WzrG/F6mOjFMRLGRnLxHyKqdq/vA1nVkgS5Lh4QEYCMotTXkN1jHM695PLI0ljgutGXflxQmO9z93hzzjj3hK2O6jGy7o+FWIjBRVaDrU0LJG6kHHpy0AtDJvFs7E3aPan62XtCEujU/saagfXLyJ7KqUVzb4tBWihxqMTBFSGiduVC6jKo6eDdFByp0iBhzH8qnoKBnOZVkjYQQ1x20qnRFaB2f3/y96nMz7X3Kh+s9q+xDSAuFlrvfHk2d2zWpW+c2llKI8KvPSsNPM8PdN1TKPmdk01k5dIW2ii9lurqN3C4YiSdPEZe4Hbq6wu1XwJVGqKENYDw4hMWQYWc4QfhiBt7dJK2rspDX/5D31fz8ine/V98V891dddjzS6jfJNXQcKRD+tM5dAxP8eXi78wfjA2AGpv55t5D7DLeK0JpeB4H757PzQVBIxlEmWThHZUm3J5YV1T37umTPmpdg2OtrjtlT9uS7/bz2a3nqbaWpapPDGPBZKx1/18D4boTZsPsL9nDjiiWV3KWWrOXXtRZILVIE5G1flHX4PupFsw3NxK5a8F+ORIo/0GPyETqPxjSa6bu3rDjjeEpfUnbepWo+51Rs8UbW7p/Z4U1W4QlyWw4uoIlE1iXDRjV2upboaIZeR58BJC0ov4aYlvUJInTmG6//zEq+svX8lF6xByhlfQ== C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\NRDLYB.job - C:\Users\Eigenaar\AppData\Roaming\NRDLYB.exe /infocmdline=aSUlLc2456IsYzFoS0ASQ7dlibx0xx3CVMzdrvLBeYd+xn7pNyt++m5wkNkIOyZlVDQDGffFFNoibp4CG1HDQJief2o1MuAfSEme1i73bAbClyRhss0PG3sgAh4Byes2Ar+qOFmrwuEkQKALgc0RLdoFexplAq2097HwzNj0pIVRT+U89SzsIqLWCJXdSkkwPT8ofb96kMOGif4qxOoIN7IMGuWlsrfD5nD5uZmD5TloeAbAvDuXfTcOmyMjLm4mCgAtR6lVAy0MKAlqj6z5TWa8dq1z9Mb+F6VWiI90kSBSiazT3mwy7Gkc9JpRewvKOt2X17+JCFvwrbC8WW+HMz2PnDNFhKYSOPYRha2i2VmGo8EzSaQaVUt8vQRQyNTdx6PnmaxwSebYluCbmw/8cCN7p4HvzY3lcSUl9TCHxMl1N8A8GktTEib9q5i5PfZKezkNK85jvFeWDzzRKBFTlvGGP75Sy/Y0o4IriLDL8QfsrI6DkjvQQZOi7YvTsGlv C:\Windows\tasks\VNSZSSU.job - C:\Users\Eigenaar\AppData\Roaming\VNSZSSU.exe /infocmdline=bL7O2vWDdrHos2ID5nIHhKSjeo/DfH56yukMUergEDd7trDXetTYlrCnmUBD3YySJ3AV+GLhz8l/i6HEscvmwZEOXI6jnCIIAbA/stkXc6hNaGilHpCV9Va/7r7Nd0att09elmDIiC9ZYXITvML45C94KxLlHIIPazPyFUSg7+FFxcuiUNlnstr9nexvswjOiUKMmCQLighUpb6O3qOvdN6oO+U4STFndaN8yI2UyshN9iiG0DiZUkxM0DnJ1g/Dirg6BMGQiVq3t2kJZmw0N7in4FE0DW5FgDaLWt569JGABtdAeqvZ8wmE2IvWgtoLYhN3jo1aKs+ao2U1frt3/nNbGNXEcb5jzsRBlfNIqvHbz+5ZzZ3eWaIvt9EGtjtu/2E222mtZv47xc7OQkmXgBFqA2K99ekjQdJOShZ0FJuM0+wvrDlMBLND6GgScdtecNm0UsgdoKEpicmkbrRi2x059OYTAFahoRwAA07XNjjjNyxSwVuXkzKA+YCuO69U =========Mozilla firefox========= ProfilePath - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default prefs.js - "browser.startup.homepage" - "http://www.mystartsearch.com/?type=hp&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.239 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10] "Description"=globalUpdate Update "Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4] "Description"=globalUpdate Update "Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 15.0.0.239 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\ a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com battlefieldplay4free@ea.com faststartff@gmail.com {5709EAA3-B7BB-C64D-CD88-62DB4590AE1D} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}] TornPlusTV_version1.11 - C:\Program Files (x86)\TornPlusTV_version1.11\TornPlusTV_version1.11-bho64.dll [2014-11-29 846296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}] Browser Champion BHO - C:\Program Files (x86)\Browser Champion\FrameworkBHO64.dll [2014-11-29 577072] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}] TornPlusTV_version1.11 - C:\Program Files (x86)\TornPlusTV_version1.11\TornPlusTV_version1.11-bho.dll [2014-11-29 756184] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-11-29 515464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}] Browser Champion BHO - C:\Program Files (x86)\Browser Champion\FrameworkBHO.dll [2014-11-29 355432] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-17 163384] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-17 387640] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-17 418360] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"=C:\Program Files (x86)\EXPERTool\TBPanel.exe [2013-11-08 2173224] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22067296] "TornTv Downloader"=C:\Users\Eigenaar\AppData\Roaming\TornTV.com\Torntv Downloader.exe [2014-11-18 280576] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136] "OEM03Mon.exe"=C:\Windows\OEM03Mon.exe [2007-05-19 36864] "BService"=C:\Program Files (x86)\Bench\BService\1.1\bservice.exe [2014-09-29 52736] "BService64"=C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe [2014-09-29 110592] "Wd"=C:\Program Files (x86)\Bench\Wd\wd.exe [2014-09-29 92672] "Bench Communicator Watcher"=C:\Program Files (x86)\Bench\Proxy\pwdg.exe [2014-11-12 123392] "Bench Settings Cleaner"=C:\Program Files (x86)\Bench\Proxy\cl.exe [2014-11-06 62464] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "Browser Champion-repairJob"=wscript.exe C:\Users\Eigenaar\AppData\Local\Browser Champion\repair.js Browser Champion-repairJob [] "Browser Champion"= [] C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup TornTvDownloader.lnk - C:\Users\Eigenaar\AppData\Roaming\TornTV.com\TornTV Downloader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-11-15 272384] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-11-29 17:29:16 ----D---- C:\ProgramData\IePluginServices 2014-11-29 17:29:12 ----D---- C:\ProgramData\WindowsMangerProtect 2014-11-29 17:29:11 ----D---- C:\Program Files (x86)\SupTab 2014-11-29 17:28:11 ----D---- C:\Program Files (x86)\Bench 2014-11-29 17:28:10 ----D---- C:\Program Files (x86)\Browser Champion 2014-11-29 17:27:46 ----A---- C:\Users\Eigenaar\AppData\Roaming\VNSZSSU.exe 2014-11-29 17:27:21 ----D---- C:\Program Files (x86)\a559dcbb-8f54-41d2-b875-f8a62a7d8f83 2014-11-29 17:27:14 ----A---- C:\Users\Eigenaar\AppData\Roaming\NRDLYB.exe 2014-11-29 17:27:10 ----D---- C:\Program Files (x86)\TornPlusTV_version1.11 2014-11-29 17:27:10 ----D---- C:\Program Files (x86)\globalUpdate 2014-11-29 17:26:21 ----D---- C:\Users\Eigenaar\AppData\Roaming\TornTV.com 2014-11-19 21:08:28 ----A---- C:\Windows\SYSWOW64\pku2u.dll 2014-11-19 21:08:28 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-11-19 21:08:28 ----A---- C:\Windows\system32\pku2u.dll 2014-11-19 21:08:28 ----A---- C:\Windows\system32\kerberos.dll 2014-11-13 23:59:39 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-11-11 23:36:44 ----A---- C:\Windows\system32\generaltel.dll 2014-11-11 23:36:44 ----A---- C:\Windows\system32\aepdu.dll 2014-11-11 23:36:43 ----A---- C:\Windows\system32\aeinv.dll 2014-11-11 23:36:41 ----A---- C:\Windows\system32\termsrv.dll 2014-11-11 23:36:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2014-11-11 23:36:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-11-11 23:36:40 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-11-11 23:36:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2014-11-11 23:36:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2014-11-11 23:36:40 ----A---- C:\Windows\system32\msaudite.dll 2014-11-11 23:36:40 ----A---- C:\Windows\system32\lsasrv.dll 2014-11-11 23:36:40 ----A---- C:\Windows\system32\adtschema.dll 2014-11-11 23:36:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-11-11 23:36:31 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-11-11 23:36:31 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-11-11 23:36:31 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-11-11 23:36:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-11-11 23:36:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-11-11 23:36:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-11-11 23:36:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-11 23:36:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-11-11 23:36:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-11-11 23:36:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-11 23:36:30 ----A---- C:\Windows\system32\iernonce.dll 2014-11-11 23:36:30 ----A---- C:\Windows\system32\ie4uinit.exe 2014-11-11 23:36:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-11-11 23:36:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-11-11 23:36:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-11-11 23:36:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-11-11 23:36:28 ----A---- C:\Windows\system32\urlmon.dll 2014-11-11 23:36:28 ----A---- C:\Windows\system32\iedkcs32.dll 2014-11-11 23:36:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-11-11 23:36:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-11-11 23:36:27 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-11-11 23:36:27 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-11-11 23:36:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-11-11 23:36:27 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-11 23:36:27 ----A---- C:\Windows\system32\msfeeds.dll 2014-11-11 23:36:27 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-11-11 23:36:27 ----A---- C:\Windows\system32\dxtrans.dll 2014-11-11 23:36:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-11-11 23:36:26 ----A---- C:\Windows\system32\iesetup.dll 2014-11-11 23:36:26 ----A---- C:\Windows\system32\ieapfltr.dll 2014-11-11 23:36:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-11-11 23:36:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-11-11 23:36:25 ----A---- C:\Windows\system32\iertutil.dll 2014-11-11 23:36:24 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-11-11 23:36:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-11-11 23:36:24 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-11-11 23:36:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-11-11 23:36:24 ----A---- C:\Windows\system32\jsproxy.dll 2014-11-11 23:36:24 ----A---- C:\Windows\system32\ieUnatt.exe 2014-11-11 23:36:24 ----A---- C:\Windows\system32\ieui.dll 2014-11-11 23:36:24 ----A---- C:\Windows\system32\dxtmsft.dll 2014-11-11 23:36:23 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-11-11 23:36:23 ----A---- C:\Windows\system32\mshtmled.dll 2014-11-11 23:36:23 ----A---- C:\Windows\system32\jscript9diag.dll 2014-11-11 23:36:23 ----A---- C:\Windows\system32\jscript9.dll 2014-11-11 23:36:23 ----A---- C:\Windows\system32\ieframe.dll 2014-11-11 23:36:22 ----A---- C:\Windows\system32\wininet.dll 2014-11-11 23:36:22 ----A---- C:\Windows\system32\vbscript.dll 2014-11-11 23:36:22 ----A---- C:\Windows\system32\msrating.dll 2014-11-11 23:36:22 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-11-11 23:36:21 ----A---- C:\Windows\system32\mshtml.dll 2014-11-11 23:34:25 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-11-11 23:34:25 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-11-11 23:34:25 ----A---- C:\Windows\system32\msxml3r.dll 2014-11-11 23:34:25 ----A---- C:\Windows\system32\msxml3.dll 2014-11-11 23:34:24 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL 2014-11-11 23:34:24 ----A---- C:\Windows\system32\IMJP10K.DLL 2014-11-11 23:34:21 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-11-11 23:34:21 ----A---- C:\Windows\system32\EncDump.dll 2014-11-11 23:34:21 ----A---- C:\Windows\system32\audiosrv.dll 2014-11-11 23:34:21 ----A---- C:\Windows\system32\AudioSes.dll 2014-11-11 23:34:21 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-11-11 23:34:21 ----A---- C:\Windows\system32\AudioEng.dll 2014-11-11 23:34:20 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-11-11 23:34:20 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-11-11 23:34:14 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-11-11 23:34:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-11-11 23:34:14 ----A---- C:\Windows\system32\schannel.dll 2014-11-11 23:34:14 ----A---- C:\Windows\system32\ncrypt.dll 2014-11-11 23:34:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-11-11 23:34:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-11-11 23:34:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-11-11 23:34:13 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-11-11 23:34:13 ----A---- C:\Windows\system32\wdigest.dll 2014-11-11 23:34:13 ----A---- C:\Windows\system32\TSpkg.dll 2014-11-11 23:34:13 ----A---- C:\Windows\system32\msv1_0.dll 2014-11-11 23:34:13 ----A---- C:\Windows\system32\credssp.dll 2014-11-11 23:34:05 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-11-11 23:34:05 ----A---- C:\Windows\system32\win32k.sys 2014-11-11 23:34:05 ----A---- C:\Windows\system32\packager.dll 2014-11-11 23:34:01 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-11-11 23:34:01 ----A---- C:\Windows\system32\msi.dll 2014-11-11 23:33:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2014-11-11 23:33:57 ----A---- C:\Windows\system32\oleaut32.dll 2014-11-03 21:38:07 ----A---- C:\Windows\ntbtlog.txt 2014-10-29 22:40:48 ----D---- C:\Users\Eigenaar\AppData\Roaming\AVG2015 2014-10-29 22:34:30 ----D---- C:\ProgramData\AVG2015 2014-10-29 21:35:16 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys 2014-10-16 19:24:33 ----D---- C:\Windows\Minidump 2014-10-16 17:06:57 ----A---- C:\Windows\SYSWOW64\mscorier.dll 2014-10-16 17:06:57 ----A---- C:\Windows\SYSWOW64\dfshim.dll 2014-10-16 17:06:57 ----A---- C:\Windows\system32\mscories.dll 2014-10-16 17:06:57 ----A---- C:\Windows\system32\mscorier.dll 2014-10-16 17:06:57 ----A---- C:\Windows\system32\dfshim.dll 2014-10-16 17:06:56 ----A---- C:\Windows\SYSWOW64\mscories.dll 2014-10-16 17:06:26 ----A---- C:\Windows\SYSWOW64\rastls.dll 2014-10-16 17:06:26 ----A---- C:\Windows\system32\rastls.dll 2014-10-16 17:06:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-10-16 17:06:16 ----A---- C:\Windows\system32\mstscax.dll 2014-10-16 17:06:15 ----A---- C:\Windows\system32\mstsc.exe 2014-10-16 17:06:14 ----A---- C:\Windows\SYSWOW64\winsta.dll 2014-10-16 17:06:14 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-10-16 17:06:14 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2014-10-16 17:06:14 ----A---- C:\Windows\system32\winsta.dll 2014-10-16 17:06:14 ----A---- C:\Windows\system32\winlogon.exe 2014-10-16 17:06:14 ----A---- C:\Windows\system32\rdpcorekmts.dll 2014-10-16 17:06:14 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2014-10-16 17:06:13 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2014-10-10 15:14:32 ----A---- C:\Windows\system32\drivers\avgtdia.sys 2014-10-05 21:41:40 ----A---- C:\Windows\system32\drivers\avgmfx64.sys 2014-09-30 18:06:57 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2014-09-30 18:06:57 ----A---- C:\Windows\system32\qdvd.dll 2014-09-24 09:39:02 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-09-24 09:39:02 ----A---- C:\Windows\system32\tzres.dll 2014-09-12 17:00:52 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll 2014-09-12 17:00:52 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 16:48:42 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll 2014-09-11 16:48:42 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-09-11 16:48:33 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-09-11 16:48:33 ----A---- C:\Windows\system32\d3d10warp.dll 2014-09-07 14:45:13 ----D---- C:\Users\Eigenaar\AppData\Roaming\Zoom ======List of files/folders modified in the last 3 months====== 2014-11-30 12:06:51 ----D---- C:\Program Files\trend micro 2014-11-30 12:05:37 ----D---- C:\Users\Eigenaar\AppData\Roaming\uTorrent 2014-11-30 12:05:10 ----D---- C:\Users\Eigenaar\AppData\Roaming\Skype 2014-11-30 11:17:16 ----D---- C:\Windows\system32\config 2014-11-30 11:08:09 ----D---- C:\ProgramData\MFAData 2014-11-30 11:07:36 ----D---- C:\Users\Eigenaar\AppData\Roaming\vlc 2014-11-30 01:34:14 ----D---- C:\Windows\Temp 2014-11-29 17:29:27 ----D---- C:\Windows\Prefetch 2014-11-29 17:29:16 ----HD---- C:\ProgramData 2014-11-29 17:29:11 ----RD---- C:\Program Files (x86) 2014-11-29 17:28:15 ----HD---- C:\Windows\system32\GroupPolicy 2014-11-29 17:28:15 ----D---- C:\Windows\SYSWOW64\GroupPolicy 2014-11-29 17:28:13 ----D---- C:\Windows\Tasks 2014-11-29 17:28:13 ----D---- C:\Windows\system32\Tasks 2014-11-29 17:27:27 ----D---- C:\Program Files (x86)\AVG 2014-11-29 17:27:20 ----SHD---- C:\Windows\Installer 2014-11-29 15:36:35 ----D---- C:\ProgramData\NVIDIA 2014-11-28 18:45:44 ----D---- C:\Windows\system32\catroot2 2014-11-27 20:01:26 ----SHD---- C:\System Volume Information 2014-11-25 21:22:07 ----D---- C:\Windows\SysWOW64 2014-11-25 21:22:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-11-21 17:37:34 ----D---- C:\Windows\winsxs 2014-11-21 17:37:13 ----D---- C:\Windows\System32 2014-11-19 21:07:40 ----D---- C:\Windows\system32\catroot 2014-11-16 18:37:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-13 18:48:20 ----D---- C:\Windows\rescache 2014-11-13 18:18:21 ----D---- C:\Windows\system32\drivers 2014-11-13 18:18:00 ----D---- C:\Windows\Microsoft.NET 2014-11-13 18:17:19 ----RSD---- C:\Windows\assembly 2014-11-12 22:17:18 ----D---- C:\Windows\inf 2014-11-12 22:17:18 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-12 22:06:11 ----SD---- C:\Windows\system32\CompatTel 2014-11-12 22:06:10 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-11-12 22:06:10 ----D---- C:\Windows\system32\nl-NL 2014-11-12 22:06:09 ----D---- C:\Windows\SYSWOW64\en-US 2014-11-12 22:06:09 ----D---- C:\Program Files\Internet Explorer 2014-11-12 22:06:08 ----D---- C:\Windows\system32\en-US 2014-11-12 22:06:07 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-12 17:57:45 ----D---- C:\Windows\system32\MRT 2014-11-12 17:54:44 ----A---- C:\Windows\system32\MRT.exe 2014-11-11 20:55:16 ----HD---- C:\$AVG 2014-11-06 20:19:55 ----D---- C:\Windows 2014-11-03 21:30:58 ----D---- C:\ProgramData\Skype 2014-10-30 00:20:59 ----D---- C:\AdwCleaner 2014-10-29 22:36:14 ----D---- C:\Windows\system32\DriverStore 2014-10-12 14:09:19 ----D---- C:\Windows\system32\wdi 2014-10-09 17:52:47 ----D---- C:\Windows\LiveKernelReports 2014-10-03 18:30:43 ----RD---- C:\Program Files (x86)\Skype 2014-10-03 18:30:43 ----D---- C:\Program Files (x86)\Common Files 2014-09-14 12:24:59 ----SD---- C:\Users\Eigenaar\AppData\Roaming\Microsoft 2014-09-12 17:04:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-12-18 633192] R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-12-18 28008] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 e1kexpress;Intel® Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-12-24 196384] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 19744] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392] R3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.; \??\C:\Windows\system32\Drivers\OEM03Afx.sys [2007-06-08 212864] R3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM03Vfx.sys [2007-03-05 12288] R3 OEM03Vid;Creative Camera OEM003 Driver; C:\Windows\system32\DRIVERS\OEM03Vid.sys [2007-04-25 266944] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-15 10629408] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-05-23 59160] S3 LUsbFilt;Logicool SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2013-05-23 40728] S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-11-29 715656] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1618888] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21009352] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-28 76888] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496] R2 trntv;Torntv Downloader; C:\Users\Eigenaar\AppData\Roaming\TornTV.com\TornTVSvc.exe [2014-11-18 19456] R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-11-29 484352] S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664] S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-29 68608] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25 267440] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-29 68608] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-13 114288] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-28 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  7. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:37:20, on 30-11-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17420) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\OEM03Mon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mystartsearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1417278528&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mystartsearch R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 54.235.90.58 fhajokkdlhllmgenmniigcnlefjakobn O2 - BHO: 9ab333d0052b01323ffd0f6cdde3bdb00063311 - {11111111-1111-1111-1111-110611331111} - C:\Program Files (x86)\TornPlusTV_version1.11\TornPlusTV_version1.11-bho.dll O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Browser Champion BHO - {FD6EF0F0-B46B-4CB2-839C-BBE569FAA859} - C:\Program Files (x86)\Browser Champion\FrameworkBHO.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKLM\..\Run: [bService] C:\Program Files (x86)\Bench\BService\1.1\bservice.exe O4 - HKLM\..\Run: [bService64] C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe O4 - HKLM\..\Run: [Wd] C:\Program Files (x86)\Bench\Wd\wd.exe O4 - HKLM\..\Run: [bench Communicator Watcher] C:\Program Files (x86)\Bench\Proxy\pwdg.exe O4 - HKLM\..\Run: [bench Settings Cleaner] C:\Program Files (x86)\Bench\Proxy\cl.exe O4 - HKLM\..\RunOnce: [browser Champion-repairJob] wscript.exe "C:\Users\Eigenaar\AppData\Local\Browser Champion\repair.js" "Browser Champion-repairJob" O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [TornTv Downloader] C:\Users\Eigenaar\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup O4 - Startup: TornTvDownloader.lnk = Eigenaar\AppData\Roaming\TornTV.com\TornTV Downloader.exe O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Torntv Downloader (trntv) - Cool Mirage - C:\Users\Eigenaar\AppData\Roaming\TornTV.com\TornTVSvc.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10449 bytes
  8. Beste Kape, Zie onderstaand. Zoek.exe v5.0.0.0 Updated 04-August-2014 Tool run by Eigenaar on za 09-08-2014 at 13:23:15,22. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-08-05-182355.log 46512 bytes C:\zoek-results2014-08-06-183634.log 20956 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611111177} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611111177} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611111177} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611111177} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "faststartff@gmail.com"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\WebSpades not found C:\Program Files (x86)\TheTorntv V10 deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default - Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash 045DCEC5BBF3C9F4A0788FDF90B1DEDE - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] Skype Click to Call - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chromium Startpages ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092", "startup_urls": [ "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5PXABH1 will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFXCRA83 will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNGAZ6AH will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MT2X8I18 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\3i60jn16.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1338 folders=338 380764659 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5PXABH1" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFXCRA83" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNGAZ6AH" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MT2X8I18" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on za 09-08-2014 at 13:33:59,43 ====================== Alvast bedankt.
  9. Zo weer een filetje. Hoe ziet het eruit? Alvast bedankt Zoek.exe v5.0.0.0 Updated 04-August-2014 Tool run by Eigenaar on wo 06-08-2014 at 20:22:07,79. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [scan all users] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-05-182355.log 46512 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\EXPERTool\TBPanel.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\OEM03Mon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Eigenaar\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3966 MB CPU Info: Intel® Core2 Duo CPU E8400 @ 3.00GHz CPU Speed: 2965,8 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: NVIDIA GeForce GT 610 | NVIDIA GeForce GT 610 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Intel® 82567LM-3 Gigabit Network Connection CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GH50N Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 232,5GB Hard Disks - Free: C: 106,0GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 01/21/11 | DELL - 15 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0200DY Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG Internet Security 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG Internet Security 2014 disabled (Outdated) Firewall: AVG Internet Security 2014 disabled Default Browser: Firefox 31.0 Internet Explorer Version: 11.0.9600.17207 Mozilla Firefox version: 31.0 (x86 nl) Google Chrome version: 36.0.1985.125 Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Eigenaar\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-07-10 15:54:34 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-07-13 18:54:44 -------- d-----w- C:\PROGRA~2\TheTorntv V10 ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2014-08-05 18:22:17 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-08-05 18:22:17 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Temp 2014-08-05 18:22:17 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-08-05 18:22:17 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\Eigenaar ====== 2014-08-04 20:28:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64(1).exe ====== C: exe-files == 2014-08-05 17:49:12 A7213CB4EEA27D4BDC06611E0F8DB05E 3810992 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00005fca\DAO.18755938.exe 2014-08-04 20:28:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64(1).exe 2014-08-02 19:18:49 57CC12F075C4825E18107FF94C499B42 30160144 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.1.1.0.exe 2014-08-02 19:18:28 BCD96FCA162B3F89A92E55927F8AC870 3807928 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00005e6f\DAO.18746566.exe 2014-08-02 19:18:19 B313836AFC4A0CA4483E029D4ACD87FE 394152 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00005e5e\updatus.18742786_RUNASUSER.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "PriceMeterW"="C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "OEM03Mon.exe"="C:\Windows\OEM03Mon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "PriceMeterW"="C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~1.DLL" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~2.DLL" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-07-2014 19:22] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-05-2014 09:59] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-05-2014 09:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\EXPERTool" [C:\Program Files (x86)\EXPERTool\TBPanel.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\faststartff@gmail.com" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default - Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash 045DCEC5BBF3C9F4A0788FDF90B1DEDE - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092", "startup_urls": [ "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: CrossriderApp0061177 - {11111111-1111-1111-1111-110611111177} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2C3C8TYA will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OSLFV93 will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9B71O92D will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZ98H33Y will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\3i60jn16.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1314 folders=337 368287649 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2C3C8TYA" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OSLFV93" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9B71O92D" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZ98H33Y" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on wo 06-08-2014 at 20:36:34,81 ======================
  10. Beste Kape, Bedankt voor je altijd snelle hulp. Ik begrijp je gedachte en probeer hier zo goed mogelijk op te letten. Toch gebeurt het me inderdaad dat ik wat verkeerds binnenhaal, meestal als ik meer wil begrijpen en leren door een verkeerd programma. Ik zal hier dan nog beter op letten. Bijgaand mijn logfile. Zoek.exe v5.0.0.0 Updated 04-August-2014 Tool run by Eigenaar on di 05-08-2014 at 20:05:07,73. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [scan all users] [Checkboxes used] ==== System Restore Info ====================== 5-8-2014 20:06:07 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} deleted successfully HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\ProgramData\IePluginServices\PluginService.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe C:\Program Files (x86)\EXPERTool\TBPanel.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\OEM03Mon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe C:\Program Files (x86)\WebSpades\updateWebSpades.exe C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BackupStack deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BackupStack deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update WebSpades deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update WebSpades deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default user.js not found ---- Lines omiga removed from prefs.js ---- user_pref("browser.search.defaultenginename", "omiga-plus"); user_pref("browser.search.selectedEngine", "omiga-plus"); user_pref("browser.startup.homepage", "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092") ---- FireFox user.js and prefs.js backups ---- prefs_05-08-2014_2015_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PRICEM~1 deleted C:\PROGRA~2\TornTV.com deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\omiga-plus.xml deleted C:\PROGRA~2\Speedial deleted C:\PROGRA~2\RegClean Pro deleted C:\PROGRA~2\SupTab deleted C:\PROGRA~2\globalUpdate deleted C:\Users\Eigenaar\AppData\Roaming\Speedial deleted C:\PROGRA~3\Systweak deleted C:\PROGRA~3\IePluginServices deleted C:\PROGRA~3\WindowsMangerProtect deleted C:\Users\Eigenaar\AppData\Local\globalUpdate deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\pricemeterdownloader deleted C:\windows\SysNative\Tasks\pricemetertask deleted C:\windows\SysNative\Tasks\pricemeterwatcher deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-1.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-11.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-2.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-4.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-5.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-5_user.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-6.job deleted C:\Windows\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-7.job deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-1 deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-11 deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-2 deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-4 deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-5 deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-5_user deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-6 deleted C:\windows\SysNative\Tasks\4cddac96-129d-46be-bf23-05c07268a4b3-7 deleted C:\Windows\SysNative\sasnative64.exe deleted C:\Users\Eigenaar\Searches deleted C:\Users\Eigenaar\Downloads\SoftonicDownloader_for_hijackthis.exe deleted C:\Users\Eigenaar\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted C:\Users\Eigenaar\Downloads\SoftonicDownloader_voor_winzip.exe deleted C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted C:\Windows\tasks\Speedial.job deleted C:\windows\SysNative\tasks\Speedial deleted C:\windows\SysNative\tasks\RegClean Pro deleted C:\windows\SysNative\tasks\RegClean Pro_DEFAULT deleted C:\windows\SysNative\tasks\RegClean Pro_UPDATES deleted C:\Windows\tasks\RegClean Pro_DEFAULT.job deleted C:\Windows\tasks\RegClean Pro_UPDATES.job deleted C:\windows\SysNative\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\Advanced System Protector.lnk deleted C:\Users\Eigenaar\Desktop\Sync Folder.lnk deleted C:\Users\Eigenaar\Desktop\MyPC Backup.lnk deleted C:\Users\Eigenaar\Desktop\TornTV.lnk deleted C:\Users\Eigenaar\Desktop\Schoon uw register gratis op!.lnk deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\IMNVDH20251862@MBUBXUJ104005176.com deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52} deleted "C:\PROGRA~2\WebSpades\updateWebSpades.exe" deleted "C:\PROGRA~2\Advanced System Protector\AdvancedSystemProtector.exe" deleted "C:\PROGRA~2\Advanced System Protector\aspsys.dll" deleted "C:\PROGRA~2\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\PROGRA~2\Advanced System Protector\System.Data.SQLite.dll" deleted "C:\PROGRA~2\Advanced System Protector\unrar.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.Compression.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.FileSystem.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.Zip.dll" deleted "C:\PROGRA~2\MyPC Backup\AWSSDK.dll" deleted "C:\PROGRA~2\MyPC Backup\GetText.dll" deleted "C:\PROGRA~2\MyPC Backup\MPCBClient.dll" deleted "C:\PROGRA~2\MyPC Backup\MyPC Backup.exe" deleted "C:\PROGRA~2\MyPC Backup\ObjectListView.dll" deleted "C:\PROGRA~2\MyPC Backup\Shared Stack.dll" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\cef.pak" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\devtools_resources.pak" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\icudt.dll" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\libcef.dll" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" deleted "C:\PROGRA~2\WebSpades\updateWebSpades.exe" deleted "C:\PROGRA~2\WebSpades\bin\utilWebSpades.exe" deleted "C:\PROGRA~2\WebSpades\bin\WebSpades.BrowserAdapter.exe" deleted "C:\PROGRA~2\WebSpades\bin\WebSpades.PurBrowse64.exe" deleted "C:\PROGRA~2\WebSpades\bin\{ed7eb956-75ed-460d-8f69-29a93b07afd1}.dll" deleted "C:\PROGRA~2\MyPC Backup\x64\System.Data.SQLite.dll" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\locales\en-US.pak" deleted "C:\PROGRA~2\WebSpades\bin\utilWebSpades.exe" deleted "C:\PROGRA~2\WebSpades\bin\WebSpades.BrowserAdapter.exe" deleted "C:\PROGRA~2\WebSpades\bin\WebSpades.PurBrowse64.exe" deleted "C:\PROGRA~2\WebSpades\bin\{ed7eb956-75ed-460d-8f69-29a93b07afd1}.dll" deleted "C:\PROGRA~2\WebSpades" not deleted "C:\PROGRA~2\Advanced System Protector" not deleted "C:\PROGRA~2\MyPC Backup" not deleted "C:\Users\Eigenaar\AppData\Roaming\Systweak" deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter" deleted "C:\PROGRA~2\WebSpades" not deleted "C:\PROGRA~2\WebSpades\bin" not deleted "C:\PROGRA~2\MyPC Backup\Database" not deleted "C:\PROGRA~2\MyPC Backup\x64" not deleted "C:\Users\Eigenaar\AppData\Local\PriceMeter\locales" deleted "C:\PROGRA~2\WebSpades\bin" not deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3966 MB CPU Info: Intel® Core2 Duo CPU E8400 @ 3.00GHz CPU Speed: 2967,5 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: NVIDIA GeForce GT 610 | NVIDIA GeForce GT 610 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Intel® 82567LM-3 Gigabit Network Connection CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GH50N Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 232,5GB Hard Disks - Free: C: 102,2GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 01/21/11 | DELL - 15 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0200DY Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG Internet Security 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG Internet Security 2014 disabled (Outdated) Firewall: AVG Internet Security 2014 disabled Default Browser: Firefox 31.0 Internet Explorer Version: 11.0.9600.17207 Mozilla Firefox version: 31.0 (x86 nl) Google Chrome version: 36.0.1985.125 Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Eigenaar\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-07-10 15:54:34 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-07-13 18:56:37 -------- d-----w- C:\PROGRA~2\MyPC Backup 2014-07-13 18:55:44 -------- d-----w- C:\PROGRA~2\WebSpades 2014-07-13 18:54:44 -------- d-----w- C:\PROGRA~2\TheTorntv V10 ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== ====== C:\Users\Eigenaar ====== 2014-08-04 20:28:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64(1).exe ====== C: exe-files == 2014-08-05 18:16:46 B9E58D784D18D6E49B05DEB70EFA9FA7 96544 ----a-w- C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe 2014-08-05 17:49:12 A7213CB4EEA27D4BDC06611E0F8DB05E 3810992 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00005fca\DAO.18755938.exe 2014-08-04 20:28:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64(1).exe 2014-08-02 19:18:49 57CC12F075C4825E18107FF94C499B42 30160144 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.1.1.0.exe 2014-08-02 19:18:28 BCD96FCA162B3F89A92E55927F8AC870 3807928 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00005e6f\DAO.18746566.exe 2014-08-02 19:18:19 B313836AFC4A0CA4483E029D4ACD87FE 394152 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00005e5e\updatus.18742786_RUNASUSER.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1652827376-3884501160-2142600066-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "PriceMeterW"="C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "OEM03Mon.exe"="C:\Windows\OEM03Mon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"="C:\Program Files (x86)\EXPERTool\TBPanel.exe /A" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "PriceMeterW"="C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~1.DLL" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~2.DLL" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-07-2014 19:22] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-05-2014 09:59] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-05-2014 09:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\EXPERTool" [C:\Program Files (x86)\EXPERTool\TBPanel.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\faststartff@gmail.com" [15-07-2014 20:05] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default - Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com - Fast Start - %ProfilePath%\extensions\faststartff@gmail.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash 045DCEC5BBF3C9F4A0788FDF90B1DEDE - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater ==== Deleted Firefox Extensions ====================== C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\faststartff@gmail.com deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bakijjialdiiboeaknfpmflphhmljfkd - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bakijjialdiiboeaknfpmflphhmljfkd - No path found[] Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Speedial - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Select City - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092", "startup_urls": [ "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" ], ==== Chrome Fix ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" "Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" "Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" "Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Eigenaar\Desktop\EverestPoker.com.lnk - C:\Poker\EverestPoker.com\casino.exe C:\Users\Eigenaar\Desktop\HiJackThis.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Eigenaar\Desktop\Play Battlefield 3 Multi-player.lnk - C:\Users\Eigenaar\Desktop\Games\Battlefield 3 nosTEAM\LauncherClient.exe C:\Users\Eigenaar\Desktop\Play Battlefield 3 Single-Player.lnk - C:\Users\Eigenaar\Desktop\Games\Battlefield 3 nosTEAM\Zbf3.exe C:\Users\Eigenaar\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe OMIGA PLUS C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\Windows\System32\browserchoice.exe /launch C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe OMIGA PLUS C:\Users\Public\Desktop\PokerStars.eu.lnk - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Users Start Menu ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverestPoker.com.lnk - C:\Poker\EverestPoker.com\casino.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe OMIGA PLUS C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe OMIGA PLUS C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe OMIGA PLUS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Monitor Integrated Webcam\DELL Webcam Console.lnk - C:\Windows\SysWOW64\rundll32.exe OEM03Cvw.dll,ctCVWConsoleRunDLL32EP C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe OMIGA PLUS ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe OMIGA PLUS C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe OMIGA PLUS C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.eu.lnk - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EverestPoker.com.lnk - C:\Poker\EverestPoker.com\casino.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe OMIGA PLUS C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe OMIGA PLUS C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\RegClean Pro.lnk - C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Speedial deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: CrossriderApp0061177 - {11111111-1111-1111-1111-110611111177} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8HH3UE8 will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PX44OTHT will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNDBGD76 will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XTIQ5EKH will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\3i60jn16.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1313 folders=334 368287649 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\WebSpades" not found "C:\PROGRA~2\Advanced System Protector" not found "C:\PROGRA~2\MyPC Backup" not found "C:\PROGRA~2\WebSpades" not found "C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8HH3UE8" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PX44OTHT" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNDBGD76" not found "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XTIQ5EKH" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 05-08-2014 at 20:23:55,88 ======================
  11. Logfile of random's system information tool 1.10 (written by random/random) Run by Eigenaar at 2014-08-04 22:29:05 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 103 GB (43%) free of 238 GB Total RAM: 3966 MB (37% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:29:06, on 4-8-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17207) Boot mode: Normal Running processes: C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe C:\Program Files (x86)\EXPERTool\TBPanel.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\OEM03Mon.exe C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Program Files\trend micro\Eigenaar.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = OMIGA PLUS R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = OMIGA PLUS R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = OMIGA PLUS R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = OMIGA PLUS R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: CrossriderApp0061177 - {11111111-1111-1111-1111-110611111177} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\updateWebSpades.exe O23 - Service: Util WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10281 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe winlogon.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\ProgramData\IePluginServices\PluginService.exe -service "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "taskhost.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" taskeng.exe {0EC70744-523A-4C04-AEEB-BB6598B7564C} "C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" "C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Windows\OEM03Mon.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe" -rem ctfmon.exe "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\WebSpades\updateWebSpades.exe" "C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b0630416-a401-4387-a21e-8345b9eeed06 1 \??\C:\Windows\system32\conhost.exe "-2146575021760096950-1545979829-590854696-506818109780401797-402216843402807755 "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "-224301450-265726362-2117329497691810081-11840552641582321122-3741263461323419524 C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8d8e4302-b717-4b77-bfd4-08aa4508388d -SystemEventPortName:HostProcess-1044439d-84b3-47a2-9b9a-9b457f1d10c1 -IoCancelEventPortName:HostProcess-706e8578-58fd-4e65-8d9d-cc408e6f25a3 -NonStateChangingEventPortName:HostProcess-0b4d5df0-8fb7-47a5-b8c0-830d975f7d0e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:94030232-fdb4-49a9-941f-1838e237f328 -DeviceGroupId:WpdFsGroup C:\Windows\System32\svchost.exe -k LocalServicePeerNet /c 0ddc3ac5-f675-4db6-bd58-a14d79e60b56 /i d12734a7-eb26-4167-b578-01c38b66af20 /f ce87f99d-697c-454a-9e77-b9856ade6b18 /s /z "n=WebSpades&is=fmxqtnl&dpt=21" "C:\Program Files (x86)\WebSpades\bin\WebSpades.PurBrowse64.exe" /l false /s false /c "WebSpades" /t "C:\Program Files (x86)\WebSpades\bin\TEMP" /i "http://apiwebspadesinfo-a.akamaihd.net/gsrs?is=fmxqtnl&bp=PB&g=00000000-0000-0000-0000-000000000000" /d {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64 /p ce87f99d-697c-454a-9e77-b9856ade6b18:firefox /p 0ddc3ac5-f675-4db6-bd58-a14d79e60b56:chrome /p d12734a7-eb26-4167-b578-01c38b66af20:iexplore \??\C:\Windows\system32\conhost.exe "1434343526-487478027-1611541363161241596-116501715779664761233974164-1502769480 C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5212.0.1872877649\800240150" /prefetch:673131151 "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --no-sandbox --lang=en-US --channel="5212.1.487474021\2007198407" --lang=en-US --log-severity=disable /prefetch:-390060480 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" OMIGA PLUS "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2208.17670bf0.247332729 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2208 "\\.\pipe\gecko-crash-server-pipe.2208" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash6076.5ECC0D80.16770 --host-broker-channel=Flash6076.5ECC0D80.10051 --host-pid=6076 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=2312.0036F84C.1222441034 --proxy-stub-channel=Flash6076.5ECC0D80.16770 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer "C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe" "C:\Windows\notepad.exe" C:\Users\Eigenaar\Desktop\hijackthis1 "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5212.99.1717834040\1650397490" /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Eigenaar\Downloads\RSITx64(1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-1.job - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-codedownloader.exe /JrMHmCLe /kxdea=task /qknkRP='TheTorntv V10' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /Uvjpy=1.34.7.1 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /wQRYfElck=http://cr.install-daddy.com /jWNLYYmf=ff /wpHND='TheTorntv V10' /EcFNKFtaH=http://cr.install-daddy.com /QAMwO /fBcCZgf='{"asw":[1, 67108869, 1024]}' /NxKAx='http://update.geninfocloud.com/ie_code_agent_updates/{CAMP_ID}/update.json' /kxdea='task' /QapshBcz='' C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-11.job - C:\Program Files (x86)\TheTorntv V10\4cddac96-129d-46be-bf23-05c07268a4b3-11.exe /nqBBa=mn4OxSzF2edvqYFhEMSKB1fRim5XpLpTafyL71+4CBSdS8c0oKZoOfqqc7WjJTENS8SNS3BoMJXxFgZDhvRzpG3DCzroNyLnepDaDkGs1r4G0zSZyG+jFd/9zzuEFjkvJQPTNhflz+QX5X2CK1X16P1PHVFip4AYWH8wduysX9KrM4jSdorylthag4w47laHozfQzqX3RbVW/RLgZ2X5FFwAuhaeM9/X185g+HiG4kwQxHPcF8rhxrWdJROo7s+MVt+g9KllQZnpRa/x9qfm1IegySyoos7pBJltbKjtkGdc8TAA34Hx4dGVUqMkN9pUjPHbUyQrel6oscEGaaET1USrpI9pK3vJEWarOrI4riSViqLZ74/dYhSbRWmAEVGP7bvbOmOL7zD3YO5cHRyS6mn+ZhRNcLxK6VAqNT3e2MV7GrgOWIdab2jsTmdMcBNav0ZOREjrs8Vam3cHmiUNH/S0***Yj/pmWfF5d9YgNzyGQa2FRfKg7dNGA1kGOfoPIq2dro59mfEGbGQYHPoHqRXR/CnMDNqaAxgYNBk0qoMUJTcbHigqWfMBCIdLoAsOMMe5oXd6sFwDinwMdpfdTAN6QvgdIGC6vFwgp181jGn0xB15zTIjXp4XUmXlCXIaermlD8iiE5O458iKlCv9OXz+Jd50PpKfUjdBTke1kbckQP8EkJaoUl1kaBE8C3sQ/Cjuu7iNyL3nJUeuplRqbMYQCw0myTDMYPjiCciEifUCSWnEHC0mYbglwrkpW0UfW9szQWecBeOpEy0Sz/nhlkDKeztfet8s6cpUR3f2nvrROfsFEF+GDDwiPr9ok+B5WvjkrLAYNz/T0UKZ40KAE6RX1QtRkmQLw/j3pDlnwfpEXSa+qD7JzFNGEc1iEH0Bp3cBn/0jE3P7iqTaoJhc3Tm2mYOrqgcfTl6bI5q4saK9xmAj8jIwJ5ZoJwNmIDm4lejeprhVCU3/37rc2F7AIF19lDy3R5tsh1GGz8qL8uG9J38vw3lHWVU+sRJg7czIaOM4mrvSZDpUgWCGMRaapMOz73AJJ1oYiE1ojpnt+fxhL20NFMgS+KWmVik5ED4V3dtESvq9sIlNsQ1X/7fZVjFZMKjfq+9oPuvOKXs6LdRBfAZhD/Pvc9MYHMCbrSsm+O6mN7xdzgs3FtuAo1F+8Bunw7PoOFE5HSrDM0nPR1V8EotnoKZxagK8qeNb2dhwhm88VZhh4Q49U6iXu3kDhdmrZUZ6DcA0/NQTlxUenwChY20c9XTUKbHkNKXpgTz57sNZAHLUQYgdBQ/ctP4f8q6m9ljcjlyk0of/8/zjqXDUkQtAYxeBl/KojGtdOf0BHZ6cJTSWS4NK+D+8z/y3fw279wMfOxVyWgbMPU7JGuzyow3OWHQhaRsLBd43436XOO4mJfL1tAr6Cwuo4sp0ygJ5JnJpL+kgHfpNEaGXd37XMz+UEE168/AmCdlCkfZk7nNpj5W24eA/Iaayt1zR9r5UaUP9ITGhg7MsEK69L10uqTKxEZ3iITnrRKnLsvdXmLQY3EPXROxshlfL4SqE99Es10Lwi3/2QyPQPpGxhCoZIzuC0G+8ypVMDbNb9GbgdnblBBx+1tgCVI4pEH1D+7m6h4P61fnpQZXxZRNAboZQWLJlUI3jcOGhMtgODiQL4n6PlB0do0BIcVE4dlejIVPRyfQdLH+9xzaD3h4SfRw= C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-2.job - C:\Program Files (x86)\TheTorntv V10\4cddac96-129d-46be-bf23-05c07268a4b3-2.exe /nxAVzPbV /qknkRP='TheTorntv V10' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /nBdXWxry=11111111-1111-1111-1111-110611111177 /jWNLYYmf=ff /QAMwO /NxKAx='http://update.geninfocloud.com/ie_enable_agent_updates/{CAMP_ID}/update.json' /kxdea='task' /QapshBcz='' C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-4.job - C:\Program Files (x86)\TheTorntv V10\4cddac96-129d-46be-bf23-05c07268a4b3-4.exe /zwliwGBKL /qknkRP='TheTorntv V10' /GKGXyE='C:\Program Files (x86)\TheTorntv V10\61177.xpi' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /Uvjpy=1.34.7.1 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /dupaecWbr=300 /yYuCigYq=IMNVDH20251862@MBUBXUJ104005176.com /vLHXeJrjx=0.95 /OnntwSj=aIMNVDH20251862MBUBXUJ104005176com61177 /tPjYU=https://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/61177.rdf /NOVePo='TheTorntv V10' /RSSJEbk='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /eXTyY='esc' /jWNLYYmf=ff /fBcCZgf='{"asw":[1, 67108869, 1024]}' /QAMwO /EzWwoHMuT /BpstWLnjl /NxKAx='http://update.geninfocloud.com/ff_agent_updates/{CAMP_ID}/update.json' /kxdea='task' /QapshBcz='' C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-5.job - C:\Program Files (x86)\TheTorntv V10\4cddac96-129d-46be-bf23-05c07268a4b3-5.exe /wvPGdVc /qknkRP='TheTorntv V10' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /TmdNP=http://ipgeoapi.com/ /NtTlkR=http://update.geninfocloud.com /vtRPnQDC=2 /rdGbriG=http://logs.geninfocloud.com /NxKAx='http://update.geninfocloud.com/updater_agent_updates/{CAMP_ID}/update.json' /kxdea='task' /QapshBcz='' C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-5_user.job - C:\Program Files (x86)\TheTorntv V10\4cddac96-129d-46be-bf23-05c07268a4b3-5.exe /wvPGdVc /qknkRP='TheTorntv V10' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /TmdNP=http://ipgeoapi.com/ /NtTlkR=http://update.geninfocloud.com /vtRPnQDC=2 /rdGbriG=http://logs.geninfocloud.com /NxKAx='http://update.geninfocloud.com/updater_agent_updates/{CAMP_ID}/update.json' /wQAwtqzYW /kxdea='task' /QapshBcz='' C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-6.job - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-novainstaller.exe /IWLfcGe /qknkRP='TheTorntv V10' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /Uvjpy=1.34.7.1 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /wQRYfElck=http://cr.install-daddy.com /jWNLYYmf=ff /vwofKetqe /wpHND=TheTorntv V10 /iLgrzn='nova' /EcFNKFtaH=http://cr.install-daddy.com /fBcCZgf='{"asw":[1, 67108869, 1024]}' /kxdea=task /NxKAx='http://update.geninfocloud.com/novacode/{CAMP_ID}/update.json' /kxdea='task' /QapshBcz='' C:\Windows\tasks\4cddac96-129d-46be-bf23-05c07268a4b3-7.job - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-nova.exe /qknkRP='TheTorntv V10' /eXkVUKr=61177 /PnMPuhLry='001823' /UiVOjqrKD='0' /hyhjegJmN='0' /TMeZLtHO=66E16E051FC041A691B3C321C1FA6AC0IE /GHqgDLgAm=848ceefdaba5403cdd41c6d0e63b714c /lxepBGrDx=1_34_07_01 /Uvjpy=1.34.7.1 /UXAIdGXEV=1405277679 /jbDsL=http://stats.geninfocloud.com /yLUfgoDu=http://errors.geninfocloud.com /wQRYfElck=http://cr.install-daddy.com /jWNLYYmf=ff /vwofKetqe /wpHND=TheTorntv V10 /iLgrzn='nova' /EcFNKFtaH=http://cr.install-daddy.com /fBcCZgf='{"asw":[1, 67108869, 1024]}' /NxKAx='http://update.geninfocloud.com/novarun/{CAMP_ID}/update.json' /kxdea='task' /QapshBcz='' C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\RegClean Pro_DEFAULT.job - C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe -default C:\Windows\tasks\RegClean Pro_UPDATES.job - C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe -updatecheck C:\Windows\tasks\Speedial.job - C:\Users\Eigenaar\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE /Check =========Mozilla firefox========= ProfilePath - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default prefs.js - "browser.startup.homepage" - "http://isearch.omiga-plus.com/?type=hp&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.145 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10] "Description"=globalUpdate Update "Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4] "Description"=globalUpdate Update "Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 14.0.0.145 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\extensions\ battlefieldplay4free@ea.com faststartff@gmail.com IMNVDH20251862@MBUBXUJ104005176.com {fa95f577-07cb-4470-ac90-e843f5f83c52} C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3i60jn16.default\searchplugins\ Speedial.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611111177}] TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll [2014-07-13 820136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611111177}] TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll [2014-07-13 606632] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-07-13 515464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-17 163384] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-17 387640] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-17 418360] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TBPanel"=C:\Program Files (x86)\EXPERTool\TBPanel.exe [2013-11-08 2173224] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224] "PriceMeterW"=C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe [2014-05-12 287232] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-05-13 5181456] "OEM03Mon.exe"=C:\Windows\OEM03Mon.exe [2007-05-19 36864] C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SupTab\SEARCH~2.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-11-15 272384] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-08-03 11:49:03 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-07-13 21:57:13 ----A---- C:\Windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys 2014-07-13 20:56:37 ----D---- C:\Program Files (x86)\MyPC Backup 2014-07-13 20:56:34 ----D---- C:\ProgramData\IePluginServices 2014-07-13 20:56:30 ----D---- C:\Program Files (x86)\SupTab 2014-07-13 20:56:25 ----D---- C:\ProgramData\WindowsMangerProtect 2014-07-13 20:55:44 ----D---- C:\Program Files (x86)\WebSpades 2014-07-13 20:54:45 ----D---- C:\Program Files (x86)\globalUpdate 2014-07-13 20:54:44 ----D---- C:\Program Files (x86)\TheTorntv V10 2014-07-13 20:54:35 ----D---- C:\Program Files (x86)\TornTV.com 2014-07-10 19:22:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2014-07-10 17:54:40 ----A---- C:\Windows\system32\aepdu.dll 2014-07-10 17:54:39 ----A---- C:\Windows\system32\aeinv.dll 2014-07-10 17:54:36 ----A---- C:\Windows\system32\win32k.sys 2014-07-10 17:54:35 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-07-10 17:54:35 ----A---- C:\Windows\SYSWOW64\osk.exe 2014-07-10 17:54:35 ----A---- C:\Windows\system32\qedit.dll 2014-07-10 17:54:35 ----A---- C:\Windows\system32\osk.exe 2014-07-10 17:54:34 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-07-10 17:54:31 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\wdigest.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\TSpkg.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\schannel.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\ncrypt.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\msv1_0.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\kerberos.dll 2014-07-10 17:54:31 ----A---- C:\Windows\system32\credssp.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-07-10 17:54:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-07-10 17:54:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 17:54:28 ----A---- C:\Windows\system32\iernonce.dll 2014-07-10 17:54:28 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-07-10 17:54:28 ----A---- C:\Windows\system32\iedkcs32.dll 2014-07-10 17:54:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-07-10 17:54:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-07-10 17:54:27 ----A---- C:\Windows\system32\urlmon.dll 2014-07-10 17:54:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-07-10 17:54:26 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-07-10 17:54:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-07-10 17:54:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-07-10 17:54:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-07-10 17:54:26 ----A---- C:\Windows\system32\msfeeds.dll 2014-07-10 17:54:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 17:54:26 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-07-10 17:54:26 ----A---- C:\Windows\system32\ie4uinit.exe 2014-07-10 17:54:26 ----A---- C:\Windows\system32\dxtmsft.dll 2014-07-10 17:54:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-07-10 17:54:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-07-10 17:54:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-07-10 17:54:25 ----A---- C:\Windows\system32\iesetup.dll 2014-07-10 17:54:25 ----A---- C:\Windows\system32\iertutil.dll 2014-07-10 17:54:24 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-07-10 17:54:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-07-10 17:54:24 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-07-10 17:54:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-07-10 17:54:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-07-10 17:54:24 ----A---- C:\Windows\system32\jsproxy.dll 2014-07-10 17:54:24 ----A---- C:\Windows\system32\ieui.dll 2014-07-10 17:54:24 ----A---- C:\Windows\system32\ieframe.dll 2014-07-10 17:54:24 ----A---- C:\Windows\system32\dxtrans.dll 2014-07-10 17:54:23 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-07-10 17:54:23 ----A---- C:\Windows\system32\mshtmled.dll 2014-07-10 17:54:23 ----A---- C:\Windows\system32\jscript9diag.dll 2014-07-10 17:54:23 ----A---- C:\Windows\system32\jscript9.dll 2014-07-10 17:54:23 ----A---- C:\Windows\system32\ieUnatt.exe 2014-07-10 17:54:22 ----A---- C:\Windows\system32\wininet.dll 2014-07-10 17:54:22 ----A---- C:\Windows\system32\vbscript.dll 2014-07-10 17:54:22 ----A---- C:\Windows\system32\msrating.dll 2014-07-10 17:54:22 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-07-10 17:54:22 ----A---- C:\Windows\system32\ieapfltr.dll 2014-07-10 17:54:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 17:54:21 ----A---- C:\Windows\system32\mshtml.dll 2014-07-10 17:54:16 ----A---- C:\Windows\system32\lsasrv.dll 2014-07-10 17:54:15 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-07-10 17:54:15 ----A---- C:\Windows\SYSWOW64\secur32.dll ======List of files/folders modified in the last 1 month====== 2014-08-04 22:29:06 ----D---- C:\Windows\Prefetch 2014-08-04 22:29:05 ----D---- C:\Program Files\trend micro 2014-08-04 22:28:50 ----D---- C:\Users\Eigenaar\AppData\Roaming\vlc 2014-08-04 22:28:00 ----D---- C:\Users\Eigenaar\AppData\Roaming\uTorrent 2014-08-04 22:22:31 ----D---- C:\Users\Eigenaar\AppData\Roaming\Skype 2014-08-04 20:59:00 ----D---- C:\Windows\Temp 2014-08-04 20:36:09 ----D---- C:\Windows\system32\config 2014-08-04 20:24:44 ----SHD---- C:\System Volume Information 2014-08-04 19:53:45 ----D---- C:\ProgramData\MFAData 2014-08-04 19:51:18 ----D---- C:\Windows\system32\Tasks 2014-08-04 19:48:41 ----A---- C:\Windows\win.ini 2014-08-04 19:47:59 ----D---- C:\ProgramData\NVIDIA 2014-08-03 17:26:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-03 17:26:48 ----RD---- C:\Program Files (x86) 2014-08-02 21:18:47 ----SHD---- C:\Windows\Installer 2014-08-02 21:18:27 ----RD---- C:\Program Files (x86)\Skype 2014-07-18 11:31:44 ----D---- C:\Windows\System32 2014-07-18 11:31:44 ----D---- C:\Windows\inf 2014-07-18 11:31:44 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-07-16 18:28:33 ----D---- C:\Windows\system32\wdi 2014-07-13 21:57:13 ----D---- C:\Windows\system32\drivers 2014-07-13 20:57:02 ----D---- C:\Windows\winsxs 2014-07-13 20:56:37 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-07-13 20:56:34 ----HD---- C:\ProgramData 2014-07-13 20:55:28 ----D---- C:\Windows\Tasks 2014-07-11 03:58:34 ----D---- C:\Windows\rescache 2014-07-11 03:19:54 ----SD---- C:\Windows\system32\CompatTel 2014-07-11 03:19:54 ----D---- C:\Windows\SYSWOW64\Dism 2014-07-11 03:19:54 ----D---- C:\Windows\system32\Dism 2014-07-11 03:19:54 ----D---- C:\Program Files\Windows Journal 2014-07-11 03:19:53 ----D---- C:\Windows\SYSWOW64\en-US 2014-07-11 03:19:53 ----D---- C:\Windows\SysWOW64 2014-07-11 03:19:53 ----D---- C:\Windows\system32\nl-NL 2014-07-11 03:19:53 ----D---- C:\Windows\ehome 2014-07-11 03:19:53 ----D---- C:\Program Files\Internet Explorer 2014-07-11 03:19:52 ----D---- C:\Windows\system32\en-US 2014-07-11 03:19:52 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-11 03:03:44 ----D---- C:\Windows\system32\MRT 2014-07-11 03:02:32 ----A---- C:\Windows\system32\MRT.exe 2014-07-10 19:22:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-07-10 17:54:09 ----D---- C:\Windows\system32\catroot2 2014-07-10 17:54:09 ----D---- C:\Windows\system32\catroot ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-05-13 191768] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-05-13 323352] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-05-13 130328] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-05-13 31512] R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-12-18 633192] R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-12-18 28008] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64; C:\Windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [2014-07-13 61120] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-05-13 152344] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-05-13 236312] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-05-13 235800] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-05-13 273176] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 e1kexpress;Intel® Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-12-24 196384] R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 19744] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392] R3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.; \??\C:\Windows\system32\Drivers\OEM03Afx.sys [2007-06-08 212864] R3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM03Vfx.sys [2007-03-05 12288] R3 OEM03Vid;Creative Camera OEM003 Driver; C:\Windows\system32\DRIVERS\OEM03Vid.sys [2007-04-25 266944] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-15 10629408] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 76568] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-05-23 59160] S3 LUsbFilt;Logicool SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2013-05-23 40728] S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-05-13 292424] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-07-13 759688] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1618888] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21009352] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-28 76888] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496] R2 Update WebSpades;Update WebSpades; C:\Program Files (x86)\WebSpades\updateWebSpades.exe [2014-08-02 323360] R2 Util WebSpades;Util WebSpades; C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe [2014-08-02 323360] R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-07-13 535936] S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-05-13 1473792] S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-05-13 3644432] S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-06-18 36424] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-13 68608] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10 262320] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-13 68608] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-18 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-03 119408] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-28 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  12. Beste heren, Zoals wel vaker staat er weer veel troep. Hierbij alvast mijn Hijacklogfile. Ik hoor graag wat ik verder eraan kan doen. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:38:08, on 4-8-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17207) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Windows\OEM03Mon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeter.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = OMIGA PLUS R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = OMIGA PLUS R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = OMIGA PLUS R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1405277761&from=ild&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2F122009220092&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = OMIGA PLUS R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: CrossriderApp0061177 - {11111111-1111-1111-1111-110611111177} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [OEM03Mon.exe] C:\Windows\OEM03Mon.exe O4 - HKCU\..\Run: [TBPanel] "C:\Program Files (x86)\EXPERTool\TBPanel.exe" /A O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\Eigenaar\AppData\Local\PriceMeter\pricemeterw.exe" O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\updateWebSpades.exe O23 - Service: Util WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9666 bytes Alvast bedankt. Michiel
  13. Beste lezers, Ik heb een gerefurbished computer gekocht. (alles top) Behalve werken mijn boxen niet bij filmpjes. Wel de windowsgeluiden worden weergegeven. Ik hoop dat iemand mij kan helpen. michiel
  14. Beste Kape , [ATTACH]31868[/ATTACH] Bedankt voor al je hulp. Bijgaand mijn log JRT1.txt
  15. [ATTACH]31745[/ATTACH] Beste Kape, Bijgaand mijn logfile. AdwCleaner[S8].txt
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.