Zoek scan results assistance

meka129 · 13 Dec 2014

Code:

 
Zoek.exe v5.0.0.0 Updated 23-11-2014
Tool run by user01 on Sat 12/13/2014 at 9:41:16.94.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\user01\Downloads\zoek.exe [Scan all users] [Checkboxes used]
 
==== Older Logs ======================
 
C:\zoek-results2014-10-20-231926.log    21484 bytes
 
==== Installed Programs ======================
 
??? 
???? 
æTorrent 
7-Zip 9.20 (x64 edition) 
7-Zip 9.21 
ACID Music Studio 10.0 
Adguard 
Adobe Photoshop CS6 
Adobe Reader X (10.1.12) MUI 
Akamai NetSession Interface 
AMD Accelerated Video Transcoding 
AMD Catalyst Control Center 
AMD Catalyst Install Manager 
AMD Fuel 
AMD VISION Engine Control Center 
AMD Wireless Display v3.0 
Any Video Converter 5.7.5 
Apple Application Support 
Apple Software Update 
Art of Murder: FBI Confidential 
ASIO4ALL 
ASUS Live Update 
ASUS Power4Gear Hybrid 
ASUS Screen Saver 
ASUS Smart Gesture 
ASUS Splendid Video Enhancement Technology 
ASUS USB Charger Plus 
ASUS WebStorage Sync Agent 
ASUSDVD 
AsusVibe2.0 
ATK Package 
Audacity 2.0.6 
Audio Record Wizard 
Autodesk 3ds Max 2015 
Autodesk 3ds Max 2015 Populate Data 
Autodesk 3ds Max 2015 SDK 
Autodesk 3ds Max 2015 SP2 
Autodesk Application Manager 
Autodesk Backburner 2015 
Autodesk Composite 2014 
Autodesk DirectConnect 2014 64-bit 
Autodesk DirectConnect 2015 64-bit 
Autodesk DirectConnect 2015 64-bit Hotfix1 
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit 
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit 
Autodesk Inventor Server Engine for 3ds Max 2015 
Autodesk MatchMover 2014 
Autodesk Material Library 2014 
Autodesk Material Library 2015 
Autodesk Material Library Base Resolution Image Library 2014 
Autodesk Material Library Base Resolution Image Library 2015 
Autodesk Material Library Medium Resolution Image Library 2014 
Autodesk Material Library Medium Resolution Image Library 2015 
Autodesk Maya 2014 
Autodesk Network License Manager 
Autodesk Revit Interoperability for 3ds Max 2014 
Autodesk Revit Interoperability for 3ds Max 2015 
Autodesk SketchBook 
Azada &reg; 
Azteca 
Bejeweled 3 
Big Fish: Game Manager 
Bitdefender Total Security 2015 
Blender 
Bully Scholarship Edition 
Camtasia Studio 8 
Catalyst Control Center - Branding 
Catalyst Control Center Graphics Previews Common 
Catalyst Control Center InstallProxy 
Catalyst Control Center Localization All 
ccc-utility64 
CCC Help Chinese Standard 
CCC Help Chinese Traditional 
CCC Help Czech 
CCC Help Danish 
CCC Help Dutch 
CCC Help English 
CCC Help Finnish 
CCC Help French 
CCC Help German 
CCC Help Greek 
CCC Help Hungarian 
CCC Help Italian 
CCC Help Japanese 
CCC Help Korean 
CCC Help Norwegian 
CCC Help Polish 
CCC Help Portuguese 
CCC Help Russian 
CCC Help Spanish 
CCC Help Swedish 
CCC Help Thai 
CCC Help Turkish 
Celtx (2.9.7) 
Chocolatier 2: Secret Ingredients 
Cooking Academy: Restaurant Royale 
Cut the Rope 
CyberLink LabelPrint 2.5 
CyberLink Power2Go 
CyberLink PowerDirector 12 
CyberLink WaveEditor 2 
D3DX10 
DAEMON Tools Lite 
Definition Update for Microsoft Office 2013 (KB2910926) 64-Bit Edition 
DreamScape 2.5f R2013 64-bit 
EA Download Manager 
FL Studio 10 
Galer¡a de fotos 
Galerie de photos 
GIMP 2.8.14 
Go-Go Gourmet 
Google Chrome 
Google Talk Plugin 
Gyazo 2.2 
Hidden Expedition &reg;: Amazon 
Hot Dish 
Hoyle Card Games 
Hoyle Puzzle and Board Games 
HP FWUpdateEDO2 
HP Officejet 6700 Basic Device Software 
HP Officejet 6700 Help 
HP Officejet 6700 Product Improvement Study 
HP Update 
I.R.I.S. OCR 
IMVU Avatar Chat Software 
Java 7 Update 51 
Java 8 Update 25 
Java Auto Updater 
join.me 
League of Legends 
LogoMaker 2.0 
Malwarebytes Anti-Malware version 2.0.4.1028 
Mavis Beacon Platinum - 25th Anniv. Ed. 
mental ray renderer for Autodesk Maya 2014 
Microsoft Access MUI (English) 2013 
Microsoft Access Setup Metadata MUI (English) 2013 
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) 
Microsoft Application Error Reporting 
Microsoft DCF MUI (English) 2013 
Microsoft Excel MUI (English) 2013 
Microsoft Groove MUI (English) 2013 
Microsoft InfoPath MUI (English) 2013 
Microsoft Lync MUI (English) 2013 
Microsoft Mouse and Keyboard Center 
Microsoft Office 32-bit Components 2013 
Microsoft Office OSM MUI (English) 2013 
Microsoft Office OSM UX MUI (English) 2013 
Microsoft Office Professional Plus 2013 
Microsoft Office Proofing (English) 2013 
Microsoft Office Proofing Tools 2013 - English 
Microsoft Office Proofing Tools 2013 - Espa¤ol 
Microsoft Office Shared 32-bit MUI (English) 2013 
Microsoft Office Shared MUI (English) 2013 
Microsoft Office Shared Setup Metadata MUI (English) 2013 
Microsoft OneDrive 
Microsoft OneNote MUI (English) 2013 
Microsoft Outlook MUI (English) 2013 
Microsoft PowerPoint MUI (English) 2013 
Microsoft Publisher MUI (English) 2013 
Microsoft SQL Server 2005 Compact Edition [ENU] 
Microsoft Visual C++ 2005 Redistributable 
Microsoft Visual C++ 2005 Redistributable (x64) 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 
Microsoft Word MUI (English) 2013 
Microsoft_VC80_CRT_x86 
Microsoft_VC90_CRT_x86 
Movie Maker 
Mozilla Firefox 32.0.3 (x86 en-US) 
Mozilla Maintenance Service 
MSVCRT 
MSVCRT Redists 
MSVCRT110 
MSVCRT110_amd64 
MyBitCast 2.0 
NewBlue Video Essentials for PowerDirector 
NewBlue Video Essentials II for PowerDirector 
NewBlue Video Essentials III for PowerDirector 
Nielsen 
NVIDIA CUDA Samples 6.5 
NVIDIA CUDA Toolkit 6.5 
NVIDIA CUDA Visual Studio Integration 6.5 
NVIDIA GPU Deployment Kit 340.62 
NVIDIA Install Application 
NVIDIA Nsight Visual Studio Edition 4.1.0.14204 
NVIDIA Tools Extension SDK (NVTX) - 64 bit 
NVIDIA Virtual Audio 1.2.23 
OEM Application Profile 
Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais 
Peggle 
Penguins 
Photo Common 
Photo Gallery 
Qualcomm Atheros Client Installation Program 
QuickTime 7 
RealDownloader 
RealNetworks - Microsoft Visual C++ 2008 Runtime 
RealNetworks - Microsoft Visual C++ 2010 Runtime 
RealPlayer Cloud 
Realtek Ethernet Controller Driver 
Realtek High Definition Audio Driver 
RealUpgrade 1.1 
RuneScape Launcher 1.2.3 
SAMSUNG USB Driver for Mobile Phones 
Screencast-O-Matic 
Security Update for Microsoft Excel 2013 (KB2910929) 64-Bit Edition 
Security Update for Microsoft Office 2013 (KB2726958) 64-Bit Edition 
Security Update for Microsoft Word 2013 (KB2910916) 64-Bit Edition 
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition 
SketchUp 2015 
Snagit 12 
Snagit 9.1.3 
Space Strike 
Tales of Lagoona 
The SimsT Life Stories 
Tradewinds Caravans 
Update for Microsoft Access 2013 (KB2863859) 64-Bit Edition 
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition 
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2889858) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2889938) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2899501) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2899505) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition 
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition 
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition 
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition 
Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition 
Update for Microsoft PowerPoint 2013 (KB2910907) 64-Bit Edition 
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition 
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition 
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition 
Update Installer for WildTangent Games App 
UpdateService 
Video Downloader 
War Thunder Launcher 1.0.1.452 
Westward III: Gold Rush 
WildTangent Games 
Windows Driver Package - ASUS (ATP) Mouse (08/19/2013 1.0.0.185) 
Windows Live 
Windows Live ??? 
Windows Live Communications Platform 
Windows Live Essentials 
Windows Live Installer 
Windows Live Photo Common 
Windows Live PIMT Platform 
Windows Live SOXE 
Windows Live SOXE Definitions 
Windows Live UX Platform 
Windows Live UX Platform Language Pack 
WinFlash 
Wondershare Video Editor(Build 4.7.1)

meka129 · 13 Dec 2014

Code:

==== Running Processes ======================

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
C:\Program Files (x86)\Adguard\AdguardSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AFLICS\AfterFLICS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\ASUS\P4G\InsOnSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\P4G\InsOnWMI.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
C:\Program Files (x86)\Adguard\Adguard.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
C:\Users\user01\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\NielsenNativeHost.exe
C:\Users\user01\Downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 5573 MB
CPU Info: AMD A4-5000 APU with Radeon(TM) HD Graphics
CPU Speed: 1498.1 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: AMD Radeon HD 8330 | AMD Radeon HD 8330
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 2x (E: | F: | ) E: MATSHITADVD-RAM UJ8C2 S  | F: DTSOFT  BDROM
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  279.0GB | D:  398.1GB
Hard Disks - Free: C:  63.0GB | D:  397.9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | _ASUS_ - 1072009
Time Zone: Pacific Standard Time
Motherboard *: ASUSTeK COMPUTER INC. X550EA
Country: United States 
Language: ENU 

==== System Specs (Software) ======================

Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Bitdefender Antispyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Bitdefender Firewall disabled
Default Browser: Google Chrome	37.0.2062.124
Internet Explorer Version: 11.0.9600.17498 
Mozilla Firefox version: 32.0.3 (x86 en-US)
Google Chrome version: 37.0.2062.124
Adobe Reader version: 10.1.12.15
Sun Java version: 1.8.0_25 (32-bit) 
Sun Java version: 1.8.0_25 (64-bit) 

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-11-26 20:49:58	9130CCE19B5DB3D2E31F9F789263FC4A	511328	----a-w-	C:\WINDOWS\capicom.dll
====== C:\Users\user01\AppData\Local\Temp ====
2014-12-03 23:26:10	0CB342F47974F7B2D5C99AD335AE16C4	13279232	----a-w-	C:\Users\user01\AppData\Local\Temp\BlueStacks_njp53ixu.1pf\BlueStacks_HD_AppPlayerSplit_setup_0.9.4.4078_REL.msi
2014-12-03 23:19:46	0CB342F47974F7B2D5C99AD335AE16C4	13279232	----a-w-	C:\Users\user01\AppData\Local\Temp\BlueStacks_vilnxe1p.gum\BlueStacks_HD_AppPlayerSplit_setup_0.9.4.4078_REL.msi
2014-12-03 18:02:52	A09E1804B47D7A739AFA92E37FAB9D4C	149606400	----a-w-	C:\Users\user01\AppData\Local\Temp\sketchup_install\SketchUp2015-x64.msi
2014-12-03 18:02:52	8694439F9183D4B3E9DC11C7B5E10B29	703816	----a-w-	C:\Users\user01\AppData\Local\Temp\sketchup_install\setup.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-12-10 10:08:18	C4FB74C1E96142E0A9E5DE78E3A0B494	28672	----a-w-	C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 10:08:06	98C136EA9D0CA9C010FE49D863D29C6D	1612992	----a-w-	C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 09:56:00	220505B0B3E96C857DD01729AF0CD369	19749376	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 09:55:52	B59E370277EDB6643083B62297175628	12836864	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 09:55:50	5E4E0E43E0A5BF9F089696DFA7A3D677	1888256	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 09:55:49	F728E7E9937117E0F32F39840EB6D737	4299264	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 09:55:49	F34F6DC38A21FCDBB50CDD1EE97B1EA3	1307136	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 09:55:49	01777AB557997E98691E322225314E57	2277888	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 09:55:47	41AFA61E061E98E97272AC02184C8C2C	710144	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 09:55:46	543ADCEA31CF9C2B4EEB900D4AAFD0F9	2052096	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 09:55:46	37F078B5B435AFC6BF316F2AD14B469A	501248	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 09:55:45	D7A98A4CEA2E89F544065A00BF37FC10	688640	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 09:55:44	86181845803967FC51B64119E80FC18C	340992	----a-w-	C:\WINDOWS\SysWOW64\html.iec
2014-12-10 09:55:44	713407DA59A9DBE5BD64A17D7A267DA1	326656	----a-w-	C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 09:55:43	F25284C763E728E4DAC248C211D1FC5B	76288	----a-w-	C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 09:55:43	69AC6FD5B0B4DC963723E1EBDEE10A2C	285696	----a-w-	C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 09:55:43	476900A8699F5C3D954ADD4A35D33F89	230400	----a-w-	C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 09:55:43	0E4D9A13C7C6C8FC3ACCF1C8C28DE200	128000	----a-w-	C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 09:55:42	C6941899E6B0A1893D2D5A89241A43B6	661504	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 09:55:42	98F2784FC4A4A80CE20016C6281834EE	880128	----a-w-	C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 09:55:42	29CED1A4777A43526A4ED8A7B6936883	64000	----a-w-	C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 09:54:49	A9B598B04606F9869C42728FE95CBC7C	1489072	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 09:54:35	CA7A00203E710E56C18D15B72148769F	790528	----a-w-	C:\WINDOWS\SysWOW64\MrmCoreR.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-12-10 10:08:18	83AEDC4636606B145851723AE7385781	34304	----a-w-	C:\WINDOWS\Sysnative\DeviceSetupStatusProvider.dll
2014-12-10 10:08:07	F5BA843DE3475B8D7FD5AFC21857A7C1	1970432	----a-w-	C:\WINDOWS\Sysnative\crypt32.dll
2014-12-10 09:56:01	D478A4CF07FB8ADF72FB16B88E8030B8	25059840	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2014-12-10 09:55:53	556D271F4243B273EDA353512BF3608A	14412800	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2014-12-10 09:55:51	8D64466AD12CA5677CD0099C43C58569	6039552	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2014-12-10 09:55:50	E7A2061ADF0F4D430FECDA1E8D6B7BA6	1548288	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2014-12-10 09:55:50	982B871A25B5078093FAD82D0AB0E3FC	2885120	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2014-12-10 09:55:50	4AF089160FE082E5EA5C4AA72782DCA2	2358272	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2014-12-10 09:55:47	EFBA893429814EA3244C87C2D1256618	800768	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2014-12-10 09:55:46	3FE71E2A5BD3EC652E64FC8BCEFEDD2C	2125312	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2014-12-10 09:55:45	DDE455CF1B9F43775A53A4E577DFDC54	373760	----a-w-	C:\WINDOWS\Sysnative\iedkcs32.dll
2014-12-10 09:55:45	39B512C643812FC2D4843C0D4206C759	718848	----a-w-	C:\WINDOWS\Sysnative\ie4uinit.exe
2014-12-10 09:55:45	284070B045F8B11B4A1FB32F72023038	417280	----a-w-	C:\WINDOWS\Sysnative\html.iec
2014-12-10 09:55:45	1D294810D3A8A8F722E86AA001F54DCC	580096	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2014-12-10 09:55:45	14BA910E7731FC84EB85328BD0F1EE81	800768	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2014-12-10 09:55:44	62CFEE2A516C68540486EBF26F18ED4C	145408	----a-w-	C:\WINDOWS\Sysnative\iepeers.dll
2014-12-10 09:55:43	DB10D681314714E0D4623E4C0CF6654A	92160	----a-w-	C:\WINDOWS\Sysnative\mshtmled.dll
2014-12-10 09:55:43	D248949FCF2B72C1FD4EC15DA92065C0	262144	----a-w-	C:\WINDOWS\Sysnative\webcheck.dll
2014-12-10 09:55:43	17A157A4225CF562202AC71DB8103177	88064	----a-w-	C:\WINDOWS\Sysnative\MshtmlDac.dll
2014-12-10 09:55:43	0AF0AEF0BA9EF6169E61C78504DCAE55	316928	----a-w-	C:\WINDOWS\Sysnative\dxtrans.dll
2014-12-10 09:55:42	A41AC7E8D142FD0ECF6EF7F1BB63D478	812544	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2014-12-10 09:55:42	507DC5EE1363EEB7D986B1026DF4E39D	1032704	----a-w-	C:\WINDOWS\Sysnative\inetcomm.dll
2014-12-10 09:54:49	418B5117F187DFFD96C52325CA0DF153	1762840	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2014-12-10 09:54:40	EE5ED8E6998D7E686F614BA8D876829B	192000	----a-w-	C:\WINDOWS\Sysnative\aepic.dll
2014-12-10 09:54:40	8283D7B0DCB540AB58A864E4BF2451FD	830464	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2014-12-10 09:54:40	222F243A138149E51FEA4769A475A144	1083392	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2014-12-10 09:54:39	FB7F1B20A2C86D55F731E53EB04C9360	740864	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2014-12-10 09:54:39	C4859B1344645E6109DE77F5577CD37F	396288	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2014-12-10 09:54:39	2DD8EC6F8DE5F8556ABC5F223D49EA07	412672	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2014-12-10 09:54:37	C4A550C337ADB0EB4C4D4F388C27B815	227328	----a-w-	C:\WINDOWS\Sysnative\aepdu.dll
2014-12-10 09:54:36	DB7815ACB2D8F7CB03807059969F13B6	1091072	----a-w-	C:\WINDOWS\Sysnative\MrmCoreR.dll
====== C:\WINDOWS\Sysnative\drivers =====
2014-12-10 09:54:13	B02118A776C368F7EE1A8CC81378D265	153920	-c--a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2014-12-10 09:54:13	A770340FC02B999EF0DE6C2A6BC8437C	39744	-c--a-w-	C:\WINDOWS\Sysnative\drivers\intelpep.sys
2014-12-10 09:54:13	7B7C482CF48E6EE33664340D1A78E6FE	238912	-c--a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2014-12-10 09:54:13	24A8DFC07E4BAF29AEA26E383D4CC886	86336	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2014-12-04 00:07:35	3E75A47D2DEFD2683DCA409572FBE8B2	452040	----a-w-	C:\WINDOWS\Sysnative\drivers\trufos.sys
2014-12-04 00:07:35	0A9D58AABD01DA97B1D101473EFA7659	150256	----a-w-	C:\WINDOWS\Sysnative\drivers\gzflt.sys
2014-11-26 20:50:52	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf
2014-11-26 20:50:04	3701D3BF4AC12EAACB1F58847C1D32FC	23568	----a-w-	C:\WINDOWS\Sysnative\drivers\bdelam.sys
2014-11-26 20:50:00	F7F20DFE87C425221D8FCE77C5ED46AC	79192	----a-w-	C:\WINDOWS\Sysnative\drivers\bdvedisk.sys
2014-11-26 20:49:58	B9ECE7FD9F58DAF19450C88338DC5267	82824	----a-w-	C:\WINDOWS\Sysnative\drivers\bdsandbox.sys
2014-11-26 20:49:58	5CE1C5BB9ABAC8871D39E7AEBD127797	98768	----a-w-	C:\WINDOWS\Sysnative\drivers\bdfndisf6.sys
2014-11-26 20:49:37	D0B093DDF5FD05E4D0109159E9153A52	263032	----a-w-	C:\WINDOWS\Sysnative\drivers\avchv.sys
2014-11-26 20:49:37	70CCDD9BCBAA5A918A7D135E28A824E2	1288472	----a-w-	C:\WINDOWS\Sysnative\drivers\avc3.sys
2014-11-26 20:49:37	0956716D5565680DC83992C11BBDB2C2	647752	----a-w-	C:\WINDOWS\Sysnative\drivers\avckf.sys
2014-11-14 01:25:45	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_nnfwdk64_01009.Wdf
====== C:\WINDOWS\Tasks ======
2014-11-14 20:11:02	CE6DB62F93CDAC4F55C05E0028950963	3474	----a-w-	C:\WINDOWS\Sysnative\Tasks\ASUS Live Update1
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-12-03 18:08:24	--------	d-----w-	C:\Program Files\SketchUp
2014-11-26 20:37:40	--------	d-----w-	C:\Program Files\Bitdefender
2014-11-26 20:36:02	--------	d-----w-	C:\Program Files\Common Files\Bitdefender
======= C:\PROGRA~2 =====
2014-12-03 18:04:27	--------	d-----w-	C:\PROGRA~2\Audio Record Wizard
2014-11-29 02:18:44	--------	d-----w-	C:\PROGRA~2\Rockstar Games
2014-11-26 21:46:50	--------	d-----w-	C:\PROGRA~2\COMMON~1\xing shared
2014-11-26 05:13:04	--------	d-----w-	C:\PROGRA~2\Hidden Expedition - Amazon
2014-11-26 05:11:55	--------	d-----w-	C:\PROGRA~2\Space Strike
2014-11-26 05:11:06	--------	d-----w-	C:\PROGRA~2\Azada
2014-11-26 05:05:48	--------	d-----w-	C:\PROGRA~2\Art of Murder - FBI Confidential
2014-11-22 00:53:59	--------	d-----w-	C:\PROGRA~2\DeltaFix
2014-11-18 15:42:38	--------	d-----w-	C:\PROGRA~2\Anvsoft
2014-11-14 01:19:05	--------	d-----w-	C:\PROGRA~2\NetRatingsNetSight
======= C: =====
2014-11-26 21:18:26	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Recovery.txt
2014-11-14 01:25:36	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\extensions.sqlite
====== C:\Users\user01\AppData\Roaming ======
2014-12-11 01:34:29	F2036779AE0D4FF370DE8B619AA4FC15	145710	----a-w-	C:\Users\user01\AppData\Local\recently-used.xbel
2014-12-08 05:46:51	--------	d-----w-	C:\Users\user01\AppData\Roaming\Big Fish Games
2014-12-03 23:19:31	--------	d-----w-	C:\Users\user01\AppData\Local\Bluestacks
2014-12-03 18:17:19	--------	d-----w-	C:\Users\user01\AppData\Roaming\SketchUp
2014-12-03 18:04:34	--------	d-----w-	C:\Users\user01\AppData\Local\arw
2014-11-26 21:48:15	--------	d-----w-	C:\Users\user01\AppData\Roaming\RealNetworks
2014-11-26 20:54:15	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\QuickScan
2014-11-26 20:46:39	--------	d-----w-	C:\Users\user01\AppData\Roaming\Bitdefender
2014-11-26 20:36:58	--------	d-----w-	C:\Users\user01\AppData\Roaming\QuickScan
2014-11-26 05:13:04	--------	d-----w-	C:\Users\user01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2014-11-26 05:11:06	--------	d-----w-	C:\Users\user01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azada
2014-11-24 17:19:35	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2014-11-24 17:14:51	--------	d-sh--w-	C:\Users\user01\AppData\Local\EmieBrowserModeList
2014-11-24 17:14:44	--------	d-sh--w-	C:\Users\user01\AppData\Locallow\EmieBrowserModeList
2014-11-23 08:19:51	--------	d-----w-	C:\Users\user01\AppData\Roaming\LolClient
2014-11-22 06:45:44	--------	d-----w-	C:\Users\user01\AppData\Roaming\Riot Games
2014-11-18 15:43:18	--------	d-----w-	C:\Users\user01\AppData\Roaming\Anvsoft
2014-11-17 18:49:18	--------	d-----w-	C:\Users\Guest\AppData\Local\AMD
2014-11-17 18:49:03	--------	d-----w-	C:\Users\Guest\AppData\Roaming\Autodesk
2014-11-17 18:49:03	--------	d-----w-	C:\Users\Guest\AppData\Local\Autodesk
2014-11-17 18:49:02	--------	d-----w-	C:\Users\Guest\AppData\Local\Wondershare
2014-11-17 18:48:57	--------	d-----w-	C:\Users\Guest\AppData\Roaming\Real
2014-11-17 18:48:56	--------	d-----w-	C:\Users\Guest\AppData\Roaming\ATI
2014-11-17 18:48:56	--------	d-----w-	C:\Users\Guest\AppData\Local\ATI
2014-11-17 18:48:01	--------	d-----w-	C:\Users\Guest\AppData\Roaming\Identities
====== C:\Users\user01 ======
2014-12-03 23:25:18	3B77916FB8788BB5293117ED991F0075	13444288	----a-w-	C:\Users\user01\Downloads\BlueStacks-SplitInstaller_native_b.exe
2014-12-03 23:24:41	C596B59985EF34EB709E3BE05A62FF5C	32549	----a-w-	C:\ProgramData\1417649058.10132.bin
2014-12-03 23:24:24	4923BBCAAC42AF61B987F2FEB6D741FB	3187	----a-w-	C:\ProgramData\1417649058.5732.bin
2014-12-03 23:24:24	13574404E9931666FAE842295C9FCAE0	933	----a-w-	C:\ProgramData\1417649058.12276.bin
2014-12-03 23:24:18	D722AB7B22320799C459199AA5DA18B0	113563	----a-w-	C:\ProgramData\1417649058.12728.bin
2014-12-03 23:19:04	3B77916FB8788BB5293117ED991F0075	13444288	----a-w-	C:\Users\user01\Downloads\BlueStacks-SplitInstaller_native.exe
2014-12-03 18:17:20	--------	d---a-w-	C:\ProgramData\Reprise
2014-12-03 18:09:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2014-12-03 18:08:24	--------	d-----w-	C:\ProgramData\SketchUp
2014-12-03 18:04:29	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard
2014-12-03 18:04:12	0D90A6F6F3C4EB0573BB8B62E82925C7	4645120	----a-w-	C:\Users\user01\Downloads\arw7cnet.exe
2014-12-03 18:01:32	A7D0C40ED60146241413A732D01E2FD9	114218816	----a-w-	C:\Users\user01\Downloads\SketchUpPro-en-x64.exe
2014-11-29 02:26:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-26 21:47:56	--------	d-----w-	C:\ProgramData\RealNetworks
2014-11-26 20:50:52	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-11-26 20:37:45	--------	d-----w-	C:\ProgramData\Bitdefender
2014-11-26 05:13:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2014-11-26 05:11:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Space Strike
2014-11-26 05:11:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azada
2014-11-26 05:05:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art of Murder - FBI Confidential
2014-11-22 06:48:26	--------	d-----w-	C:\ProgramData\Riot Games
2014-11-22 06:46:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-11-22 00:52:49	--------	d-----w-	C:\ProgramData\1898640059318790545
2014-11-22 00:51:14	--------	d-----w-	C:\ProgramData\jabcaimkaimililedebkgioincgjlkjf
2014-11-18 15:43:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2014-11-17 18:47:42	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Guest\ntuser.ini
2014-11-14 05:16:29	--------	d-----r-	C:\WINDOWS\SysNative\config\systemprofile\Searches

====== C: exe-files ==
=== C: other files ==

meka129 · 13 Dec 2014

Code:

 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-21-1578426742-284494171-321257044-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
"HP Officejet 6700 (NET)"="C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe -deviceID CN3CODSKK705RQ:NW -scfn HP Officejet 6700 (NET) -AutoStart 1"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
"AVG-Secure-Search-Update_0414c"="C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe /PROMPT /CMPID=0414c "
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Adguard"="C:\Program Files (x86)\Adguard\Adguard.exe"
"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"ADSKAppManager"="C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe -showminimized -checkautorun"
"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"NielsenOnline"="C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot"
"RealDownloader"="C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
"HP Officejet 6700 (NET)"="C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe -deviceID CN3CODSKK705RQ:NW -scfn HP Officejet 6700 (NET) -AutoStart 1"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
"AVG-Secure-Search-Update_0414c"="C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe /PROMPT /CMPID=0414c "
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Adguard"="C:\Program Files (x86)\Adguard\Adguard.exe"
"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"
 
==== Startup Registry Disabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""
"hkey"="HKLM"
"item"="Adobe Reader Speed Launcher"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSPRP]
"command"="\"C:\\Program Files (x86)\\ASUS\\APRP\\APRP.EXE\""
"hkey"="HKLM"
"item"="ASUSPRP"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"command"="C:\\Program Files (x86)\\ASUS\\WebStorage Sync Agent\\1.1.18.159\\AsusWSPanel.exe /S"
"hkey"="HKLM"
"item"="ASUSWebStorage"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DisableS3S4]
"command"="c:\\windows\\temp\\DisableS3S464\\sethigh.cmd"
"hkey"="HKLM"
"item"="DisableS3S4"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10]
"command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD10\\PDVD10Serv.exe\""
"hkey"="HKLM"
"item"="RemoteControl10"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]
"command"="\"C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe\" /MAXX4"
"hkey"="HKLM"
"item"="RtHDVBg"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"="\"C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe\" -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
 
 
==== Startup Folders ======================
 
2014-04-12 02:19:38    1910    ----a-w-    C:\Users\user01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk
2014-10-22 14:21:02    1274    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
2014-11-21 23:40:28    1161    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk
 
==== Task Scheduler Jobs ======================
 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001Core.job --a-------- C:\Users\user01\AppData\LoC:al\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001UA.job --a-------- C:\C:\Users\user01\AppData\Local\Google\Update\GoogleUpdate.exe []
 
==== Other Scheduled Tasks ======================
 
"C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files\ASUS\P4G\InsOnCfg.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Patch for Touch Panel" [C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"]
"C:\WINDOWS\SysNative\tasks\FFMPEGUpd" [C:\PROGRA~2\FFMPEG\FFMPEG~1.EXE]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001Core" [C:\Users\user01\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001UA" [C:\Users\user01\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GyazoUpdateTaskMachine" ["C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Officejet 6700" ["C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe"]
"C:\WINDOWS\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1578426742-284494171-321257044-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1578426742-284494171-321257044-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1578426742-284494171-321257044-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\WINDOWS\SysNative\tasks\TechSmith Updater" [C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{81EF49F1-331F-406F-8C14-8D6CC9797E24}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{338950EA-82DB-44C1-930D-0C28E023C9F0}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [11/26/2014 01:47 PM]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\user01\AppData\Roaming\Greyfirst\Celtx\Profiles\jggpay52.default
- Timezone Definitions for Mozilla Calendar - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org
- Default Shot Palette - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com
- DOM Inspector - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\9ol9ki3s.default
252949179FE1C491B7D16A9AA376B29B    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll -    RealPlayer Video Downloader for HTML5 (32-bit)
5CB01CF141E021DAAE96991A5BA57944    - C:\Users\user01\AppData\Roaming\Mozilla\plugins\npo1d.dll -    Google Talk Plugin Video Renderer
3BB46C18F67297B670D3037595F46707    - C:\Users\user01\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -    Google Talk Plugin
 
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
amebgbgmoldiehbbbjcaoceilcfnniop - No path found[]
fabcmochhfpldjekobfaaggijgohadih - No path found[]

meka129 · 13 Dec 2014

Code:

Nielsen - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\amebgbgmoldiehbbbjcaoceilcfnniop
Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Graffiti Creator - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgmlohhjedlnljheklbjepdfikchfaoe
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
BIODIGITAL HUMAN - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak
Duolingo Web - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl
Nielsen - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\amebgbgmoldiehbbbjcaoceilcfnniop
Google Docs - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Voice Search Hotword (Beta) - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Bible - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljbeanmjklkbfnppfedajbgeongccb
Daum Equation Editor - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe
Logarithms Table - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekflgjlkhleiegpledpmjcpaoblbaong
Bitdefender Wallet - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih
Elite Unzip - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn
Fairway Solitaire - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkpbdfapchjogkmfpcmnfjdimgijhdho
What do your dreams mean - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpmambngimkfaddbeebieghlkbdifaje
World of Solitaire - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn
LDS Scriptures - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijknidpjhcgbeliijjdmlonlcaobfldf
Quran - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\iklmggidaneooheckcalppihpgfidbpe
Scripture Search Box - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdcbicpakmmccpedfnigbcancemekbm
Google Wallet - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.com/",
"startup_urls": [ "https://www.google.com/" ],


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Lasaoren  Url="http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_mdaffmarmar_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtBtA0F0CtAtCyCtBtD0FtN0D0Tzu0SzyzzzytN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0A0FyB0B0A0CtGtA0FtAyEtG0A0DyByCtG0F0A0AyBtGyC0FzzyE0A0D0A0A0Bzz0FyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtDtD0EtDyE0AtG0FtBzy0BtGyEtAyE0FtG0BzztCyCtGyByEyBzyyBtDyE0ByB0A0AyB2Q&cr=402937785&ir="

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
O4 - HKCU\..\Run: [HP Officejet 6700 (NET)] "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN3CODSKK705RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0414c] "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c 
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Adguard] C:\Program Files (x86)\Adguard\Adguard.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
O4 - Startup: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk = ?
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O4 - Global Startup: Snagit 12.lnk = C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adguard Service - Insoft LLC - C:\Program Files (x86)\Adguard\AdguardSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: AfterFLICS v3 - Unknown owner - C:\Program Files (x86)\AFLICS\AfterFLICS.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2015 64-bit (mi-raysat_3dsmax2015_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=938 folders=278 131458800 bytes)

==== EOF on Sat 12/13/2014 at 10:19:47.91 ======================

cottonball · 14 Dec 2014

meka129,

What kind of problem are you having for which you decided to run and post a Zoek report with what appears as every option checked?

meka129 · 19 Dec 2014

I'm having adware issues... specifically BuynSave adware... i uninstalled it and deleted from my extensions but it still shows up every time i restart my browser which is google chrome

maxie · 19 Dec 2014

You are in very capable hands with Cottonball .. In his absence you could try the Link below and follow the Instructions ...

Remove BuyNSave Ads (Virus Removal Guide)

cottonball · 19 Dec 2014

meka129,

On the Desktop, double-click zoek.exe to start the program. (Give it a few seconds to appear.)

If your AntiVirus warns you about the program, either allow Zoek to run, or temporarily disable your AV program.
Info > How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides

Next, copy/paste the entire script inside the code box below to the input field of Zoek:

Code:

createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b

Now...
Close any open Browsers.

Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed log is opened after the reboot.

Please attach the zoek-results.log in your reply.
(The initial report posted in pieces is very hard for this old dog to read!)

BTW, this thread should be here: System Security - Windows 8 Forums

meka129 · 21 Dec 2014

I am trying it now but how can i post the whole results in one reply? There is a word limit. Please advise. Thank you.

maxie · 21 Dec 2014

Click on Management Attachments and upload the Notepad log ...

Zoek scan results assistance

Zoek scan results assistance

My Zoek-Results.log Part 2

My Zoek-Results.log Part 3

My Zoek-Results.log Part 4 (Last)

Zoek Results