Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by Patricia on di 29-10-2013 at 19:39:42,35. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Patricia\Desktop\zoek.exe [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-10-2013 19:41:46 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Users\Patricia\AppData\Roaming\Advanced System Protector deleted successfully C:\Users\Patricia\AppData\Roaming\proDAD deleted successfully C:\Users\Patricia\AppData\Roaming\Systweak deleted successfully ==== Creating Sample_29-10-2013_1948.zip ====================== Process chrome.exe killed Copied file C:\ProgramData\MakeMarkerFile.exe to sample\MakeMarkerFile.exe sample\MakeMarkerFile.exe renamed to 3BD6485B8DAAD969B4182AD2CFD20396 C:\Users\Public\Desktop\sample_29-10-2013_1948.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2660177210-3889208743-3922448808-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FA62D03E-48E0-4EF9-9783-B181B8A428E0} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] ==== Deleting Files \ Folders ====================== C:\Users\Patricia\AppData\Roaming\Advanced System Protector not found C:\Users\Patricia\AppData\Roaming\Systweak not found C:\Program Files (x86)\MyPC Backup deleted C:\Program Files (x86)\RegClean Pro deleted C:\Users\Patricia\AppData\Roaming\mysearchdial deleted C:\Users\Patricia\AppData\Roaming\UpdaterEX deleted C:\Users\Patricia\AppData\Roaming\ParetoLogic deleted C:\Users\Patricia\AppData\Roaming\DriverCure deleted C:\ProgramData\boost_interprocess deleted C:\ProgramData\ParetoLogic deleted C:\Users\Patricia\AppData\Local\mysearchdial-speeddial.crx deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\Patricia\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted C:\windows\SysNative\tasks\UpdaterEX deleted C:\WINDOWS\tasks\UpdaterEX.job deleted C:\ProgramData\MakeMarkerFile.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-10-24 20:10:47 81DD33EC695AB90466031CF430CFA1BD 20958 ----a-w- C:\WINDOWS\diagwrn.xml 2013-10-24 20:10:47 81DD33EC695AB90466031CF430CFA1BD 20958 ----a-w- C:\WINDOWS\diagerr.xml 2013-10-24 20:06:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2013-10-02 14:39:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\Graffiti5.2Pin.ini 2013-09-30 04:15:10 C1400519D76A364E974E47BBA62B95B0 2328328 ----a-w- C:\WINDOWS\explorer.exe 2013-09-30 04:02:21 0505315076F50DE128B8256927B94722 35851 ----a-w- C:\WINDOWS\Core.xml ====== C:\Users\Patricia\AppData\Local\Temp ==== 2013-10-27 13:11:42 D7671534039A271690EFFC8FDEAB7FC0 467456 ----a-w- C:\Users\Patricia\AppData\Local\Temp\COMAP.EXE 2013-10-27 12:53:06 B22198403FFEAF57BE49FF5A08DA1EF4 23003252 ----a-w- C:\Users\Patricia\AppData\Local\Temp\vlc-2.0.8-win32.exe 2013-10-27 12:48:30 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\Patricia\AppData\Local\Temp\is266438442\65956474_stp.EXE 2013-10-27 12:42:09 E1CBD15F0CD01171C8B98EB19803B220 298496 ----a-w- C:\Users\Patricia\AppData\Local\Temp\60143uninstall.exe 2013-10-27 12:42:09 5405413FFF79B8D9C747AA900F60F082 599419 ----a-w- C:\Users\Patricia\AppData\Local\Temp\Sqlite3.dll 2013-10-27 12:39:33 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Patricia\AppData\Local\Temp\vcredist_x64.exe 2013-10-27 12:39:23 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\Patricia\AppData\Local\Temp\BackupSetup.exe 2013-10-27 12:36:57 E563A65BAEA25CEF8F49FB0228CB8555 22916830 ----a-w- C:\Users\Patricia\AppData\Local\Temp\is1275519350\65263025_stp.EXE ====== C:\WINDOWS\SysWOW64 ===== 2013-10-24 21:02:39 7F3B6B342DBE8BAC12DF96402694C0D4 11222016 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2013-10-24 21:02:39 5618F48322A38CF7AD6B9838F7FDC7AA 2166272 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2013-10-24 21:02:38 B38ADD349A7D21A4DAC9C1A9B1F2E694 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2013-10-24 21:02:38 52200B557849C26BB97069777F10A125 17143808 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2013-10-24 21:02:16 CC61D6B83933D964E0D7F8C0A25A34EA 1765384 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2013-10-24 21:02:16 C41CE32335881B1EEE7DB937B392B2BA 225792 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-10-24 21:02:16 A3B0DD157E8A8FB1CC5B3D443B2D539A 406400 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2013-10-24 21:02:16 98D63E679812DB001D4F2059FFAA0A32 977408 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-10-24 21:02:16 9509C4F6988AD2814DD3EDDB5E4B3BAA 1765376 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2013-10-24 21:02:16 88F8095C355E6BA4ACCBF2F3E07552E7 1018960 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2013-10-24 21:02:16 63094D0A3FDA1CF74CB45F778522E57F 621056 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-10-24 21:02:16 461CF64C4816DBE66A01EB6A98E17D66 698880 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2013-10-24 20:59:42 2083BD93AE43F9494318B422FF8943D1 102608 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-24 20:59:42 134F0E458D2DBDC297CD785F53F7129F 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2013-10-24 20:59:41 262AD0EF90F757FB715B3EDD6A8E469C 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2013-10-21 17:55:33 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2013-10-21 17:55:33 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\WINDOWS\SysWOW64\XAudio2_7.dll 2013-10-21 17:55:32 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\WINDOWS\SysWOW64\d3dx11_43.dll 2013-10-21 17:55:32 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2013-10-21 17:55:29 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_42.dll 2013-10-21 17:55:26 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_32.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2013-10-24 21:02:39 62BA06EE56362CD0B9AD8E9E51A29AFA 12995072 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2013-10-24 21:02:38 65B7EF044F18ABF281CA494F1C04FE9D 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2013-10-24 21:02:38 3563774C8E27F362741E2BFDC7BD25DB 2763776 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2013-10-24 21:02:38 10E330CBEDE6592AC90227A70A5C9FB9 23213056 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2013-10-24 21:02:16 742473851DE50B94DAACE319EB8B85C7 909312 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2013-10-24 21:02:16 5888DD1FF550D31E42D24425919D4A0A 2144768 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2013-10-24 21:02:16 55503C49C76C87BD929EAEDD109EAE3E 516496 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2013-10-24 21:02:16 4E817C3F1BBF6AD657D28E1422288D92 294400 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Sensors.dll 2013-10-24 21:02:16 363F5325620705EC649FE754EFFA1E32 2140888 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2013-10-24 21:02:16 1C7B3BEDCF1B586831F1A4E3CE9218B8 837120 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2013-10-24 21:02:16 179E2B1F19FD949761EEAB36AD5DAB35 1286552 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2013-10-24 21:02:16 0C1DD5D08EFBC9308BD8CA08E7CBA48D 1217024 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Streaming.dll 2013-10-24 20:59:40 A0E7332DC41BB85FBE8E266B8CDF5AC4 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2013-10-24 20:59:39 E35AD6DAECED1213658E0976A16D6266 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll 2013-10-24 20:59:39 DF290FC4E1116D92F34D8B6410AE544E 124112 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2013-10-24 20:29:55 AD56C640E84C3F8288A8D42411F033A6 22980 ----a-w- C:\WINDOWS\Sysnative\emptyregdb.dat 2013-10-21 17:55:33 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\WINDOWS\Sysnative\XAPOFX1_5.dll 2013-10-21 17:55:33 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_43.dll 2013-10-21 17:55:33 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\WINDOWS\Sysnative\XAudio2_7.dll 2013-10-21 17:55:32 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\WINDOWS\Sysnative\d3dx11_43.dll 2013-10-21 17:55:29 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\WINDOWS\Sysnative\d3dx10_42.dll 2013-10-21 17:55:27 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\WINDOWS\Sysnative\d3dx9_32.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2013-10-24 21:02:16 E6EF19470936A12524B61DBE7CB44B07 382808 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2013-10-24 21:02:16 AEAB1924098DB538784C1D2B268FF0C9 1537880 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2013-10-24 20:06:06 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-24 20:05:59 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01009.Wdf 2013-10-23 17:26:09 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-10-01 17:44:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\Sysnative\drivers\144D_SAMSUNG_na_355V4C_P06A.mrk 2013-09-30 04:15:21 83E1F0983B02A6F8EC764D18E24ECF10 579416 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2013-09-30 04:15:09 E23D32BAF152FBE35F18C6A2AB8EF271 141824 ----a-w- C:\WINDOWS\Sysnative\drivers\ipnat.sys 2013-09-30 04:15:09 CF8B989D89D6807B887690F2CF24EFD9 442368 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2013-09-30 04:15:09 CBD20360AAC0A071444CCCEFF3DCE3A2 136536 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2013-09-30 04:15:09 55FE43112F61836D0581D615C72AA113 97280 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2013-09-30 04:15:09 04951A9A937CBE28A2D3FEEA360B6D1F 83456 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2013-09-30 04:15:08 65EBBB459B66C818E809DD8135DCFFA2 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2013-09-30 04:15:07 06250FF7F8E5F98DAA6F2D6251B1694E 258904 ----a-w- C:\WINDOWS\Sysnative\drivers\rdyboost.sys 2013-09-30 04:15:06 E194BE41AE3C80CFBBEBAC3394160091 151384 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2013-09-30 04:15:06 E170103E68329E9154A5EC383CD253ED 86872 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2013-09-30 04:15:06 C1AE59C0B0817236EC083A91C396005A 675328 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2013-09-30 04:15:06 C0E33820326199CE3CFD3B9F27F81D99 467800 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2013-09-30 04:15:06 ADDECBCC777665BD113BED437E602AB0 101208 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys 2013-09-30 04:15:06 AD9086052A5E5153AF43FE74138A4B27 1119576 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2013-09-30 04:15:06 AAF56E4E84D35411B4E446C445732DFE 207360 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2013-09-30 04:15:06 A2B6215E54075A936E5B424ABCD1323E 39768 ----a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys 2013-09-30 04:15:06 A026EDEAA5EECAE0B08E2748B616D4BD 175960 ----a-w- C:\WINDOWS\Sysnative\drivers\VerifierExt.sys 2013-09-30 04:15:06 77195C32175FC63D6054EBA5A066D727 244224 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2013-09-30 04:15:06 6E0EC0555D22CF81730848DE57EB3D66 19456 ----a-w- C:\WINDOWS\Sysnative\drivers\BtaMPM.sys 2013-09-30 04:15:06 6129EDB793A4255B1E2FB41773AC9D9A 404992 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2013-09-30 04:15:06 59238CA23C6C7E881A2D403FC90A8C3B 2555224 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2013-09-30 04:15:06 2F9A3380B8C0380E5608E29C7AA66899 236376 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2013-09-30 04:15:06 2150AAB8CD16876AE6DBDDDCC9ED740C 371032 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2013-09-30 04:15:06 02307C86CB24769306B0DFA0C751952E 167424 ----a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys 2013-09-30 04:02:01 858776908AF838E3790F3261B799CDA6 27488 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys 2013-09-30 04:02:01 680C1DAE268B6FB67FA21B389A8B79EF 195584 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpdr.sys 2013-09-30 04:01:56 232D185D2337F141311D0CF1983E1431 37216 ----a-w- C:\WINDOWS\Sysnative\drivers\terminpt.sys ====== C:\WINDOWS\Tasks ====== 2013-10-25 18:29:28 020CE7755A100686FDBEFB8F073A9771 3970 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{5F214513-060C-4EF7-983B-4090FE83314D} 2013-10-24 20:06:00 A62EBB7E7341C8713D0608F063F31BFD 264 ----a-w- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-10-14 18:11:12 B9620DEC3B1F5EB62D4DA7736B07B30A 3126 ----a-w- C:\WINDOWS\Sysnative\Tasks\advRecovery 2013-10-01 19:58:17 D538EB500AFCF8A928EE993278E11A55 1078 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-01 19:58:17 6ECE200A708CBB52FE905D8DAC236CF7 4050 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2013-10-01 19:58:15 49AC457A99D4913C507097BB78461A24 3814 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2013-10-01 19:58:14 7E237634BF3DF625F51B7E8E98C51A40 1074 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-01 18:11:20 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\OfficeSoftwareProtectionPlatform 2013-10-01 17:54:09 B7BF20967F7225FD36AA08217D1DD8C4 3598 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2660177210-3889208743-3922448808-1001 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-10-27 18:32:31 -------- d-----w- C:\Program Files\trend micro 2013-10-26 18:25:21 -------- d-----w- C:\Program Files\Common Files\QCA_Bluetooth 2013-10-24 21:00:20 -------- d-----w- C:\Program Files\Reference Assemblies 2013-10-24 21:00:20 -------- d-----w- C:\Program Files\MSBuild 2013-10-24 20:06:11 -------- d-----w- C:\Program Files\Realtek 2013-10-24 20:05:52 -------- d-----w- C:\Program Files\Synaptics 2013-10-07 17:52:25 -------- d-----w- C:\Program Files\Microsoft Silverlight 2013-10-02 14:27:53 -------- d-----w- C:\Program Files\Common Files\Nitro 2013-10-01 18:10:39 -------- d-----w- C:\Program Files\Microsoft Office 2013-09-30 04:02:10 -------- d-----w- C:\Program Files\Windows Journal ======= C:\PROGRA~2 ===== 2013-10-28 18:33:50 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack 2013-10-27 15:25:26 -------- d-----w- C:\PROGRA~2\Emme 2013-10-27 12:49:29 -------- d-----w- C:\PROGRA~2\VideoLAN 2013-10-26 18:25:20 -------- d-----w- C:\PROGRA~2\Bluetooth Suite 2013-10-24 21:00:21 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2013-10-24 21:00:21 -------- d-----w- C:\PROGRA~2\MSBuild 2013-10-14 17:44:05 -------- d-----w- C:\PROGRA~2\UEFI WinFlash 2013-10-07 17:52:25 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2013-10-07 17:30:34 -------- d-----w- C:\PROGRA~2\COMMON~1\ThreeShips Shared 2013-10-02 18:21:43 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2013-10-02 18:21:41 -------- d-----r- C:\PROGRA~2\Skype 2013-10-02 16:02:36 -------- d-----w- C:\PROGRA~2\Browny02 2013-10-02 16:02:31 -------- d-----w- C:\PROGRA~2\ControlCenter4 2013-10-02 16:02:21 -------- d-----w- C:\PROGRA~2\Brother 2013-10-02 14:40:11 -------- d-----w- C:\PROGRA~2\proDAD 2013-10-02 14:37:41 -------- d-----w- C:\PROGRA~2\Boris FX, Inc 2013-10-02 14:31:04 -------- d-----w- C:\PROGRA~2\Pinnacle 2013-10-02 14:27:52 -------- d-----w- C:\PROGRA~2\Nitro 2013-10-02 14:27:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Nitro 2013-10-02 13:05:45 -------- d-----w- C:\PROGRA~2\AVG 2013-10-01 19:58:12 -------- d-----w- C:\PROGRA~2\Google 2013-10-01 18:12:55 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2013-10-01 18:10:36 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services ======= C: ===== ====== C:\Users\Patricia\AppData\Roaming ====== 2013-10-29 18:28:33 -------- d-----r- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-10-28 18:32:50 -------- d-----w- C:\Users\Patricia\AppData\Local\Programs 2013-10-27 14:12:08 -------- d-----w- C:\Users\Patricia\AppData\Roaming\WebApp 2013-10-27 13:02:21 -------- d-----w- C:\Users\Patricia\AppData\Local\Diagnostics 2013-10-27 12:49:54 -------- d-----w- C:\Users\Patricia\AppData\Roaming\vlc 2013-10-26 18:31:07 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Atheros 2013-10-26 09:45:26 -------- d-----w- C:\Users\Patricia\AppData\Roaming\CyberLink 2013-10-26 09:37:11 C97B67B8AA1992ED89A938A62A97D929 7606 ----a-w- C:\Users\Patricia\AppData\Local\resmon.resmoncfg 2013-10-25 18:12:13 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Identities 2013-10-25 18:10:42 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2013-10-24 20:30:02 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2013-10-24 20:30:02 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe 2013-10-24 20:22:00 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2013-10-24 20:21:42 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2013-10-24 20:20:00 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2014 2013-10-24 20:19:36 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2013-10-24 20:15:30 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software 2013-10-24 20:15:30 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2013-10-24 20:15:30 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software 2013-10-24 20:15:30 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2013-10-24 20:10:56 -------- d-s---w- C:\Users\Patricia\AppData\Roaming\Microsoft 2013-10-24 20:10:56 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-24 20:10:56 -------- d-----w- C:\Users\Patricia\AppData\Local\Temp 2013-10-24 20:10:56 -------- d-----w- C:\Users\Patricia\AppData\Local\Microsoft 2013-10-24 20:10:56 -------- d-----r- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-24 20:10:56 -------- d-----r- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-24 20:10:56 -------- d-----r- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 18:32:10 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-10-08 17:26:30 -------- d-----w- C:\Users\Patricia\AppData\Local\Windows Live 2013-10-07 17:43:31 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Easy File Share 2013-10-06 19:17:16 -------- d-----w- C:\Users\Patricia\AppData\Roaming\ClassicShell 2013-10-03 18:20:01 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2013-10-02 18:21:51 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Skype 2013-10-02 18:05:38 -------- d-----w- C:\Users\Patricia\AppData\Roaming\ControlCenter4 2013-10-02 15:17:46 -------- d-----w- C:\Users\Patricia\AppData\Roaming\InstallShield 2013-10-02 14:35:03 -------- d-----w- C:\Users\Patricia\AppData\Local\Downloaded Installations 2013-10-02 14:28:17 -------- d-----w- C:\Users\Patricia\AppData\Roaming\FileOpen 2013-10-02 14:25:51 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Nitro 2013-10-02 14:24:01 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Downloaded Installations 2013-10-02 13:27:34 -------- d-----w- C:\Users\Patricia\AppData\Roaming\BitTorrent 2013-10-02 13:07:25 -------- d-----w- C:\Users\Patricia\AppData\Roaming\AVG2014 2013-10-02 13:06:42 -------- d-----w- C:\Users\Patricia\AppData\Roaming\TuneUp Software 2013-10-02 13:02:48 -------- d-----w- C:\Users\Patricia\AppData\Local\Avg2014 2013-10-01 19:57:36 -------- d-----w- C:\Users\Patricia\AppData\Local\Google 2013-10-01 19:57:08 -------- d-----w- C:\Users\Patricia\AppData\Local\Apps 2013-10-01 19:16:43 -------- d-----w- C:\Users\Patricia\AppData\Local\CrashDumps 2013-10-01 19:14:47 -------- d-----w- C:\Users\Patricia\AppData\Locallow\Adobe 2013-10-01 19:03:20 -------- d-----w- C:\Users\Patricia\AppData\Roaming\No Company Name 2013-10-01 18:09:35 -------- d-----w- C:\Users\Patricia\AppData\Local\Microsoft Help 2013-10-01 18:00:35 -------- d-----w- C:\Users\Patricia\AppData\Local\bitcasa 2013-10-01 17:51:16 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2013-10-01 17:49:09 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2013-10-01 17:48:40 -------- d-----w- C:\Users\Patricia\AppData\Local\Samsung 2013-10-01 17:48:26 -------- d-----w- C:\Users\Patricia\AppData\Roaming\ATI 2013-10-01 17:48:26 -------- d-----w- C:\Users\Patricia\AppData\Local\BMExplorer 2013-10-01 17:48:26 -------- d-----w- C:\Users\Patricia\AppData\Local\ATI 2013-10-01 17:47:24 -------- d-----w- C:\Users\Patricia\AppData\Local\Power2Go8 2013-10-01 17:47:11 -------- d-----w- C:\Users\Patricia\AppData\Local\Adobe 2013-10-01 17:46:04 -------- d-----r- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-01 17:46:04 -------- d-----r- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-01 17:45:45 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Adobe 2013-10-01 17:45:04 -------- d-----w- C:\Users\Patricia\AppData\Roaming\Synaptics 2013-10-01 17:43:50 -------- d-s---w- C:\Users\Patricia\AppData\Locallow\Microsoft 2013-10-01 17:43:50 -------- d-----w- C:\Users\Patricia\AppData\Local\VirtualStore 2013-10-01 17:43:35 -------- d-----w- C:\Users\Patricia\AppData\Local\Packages 2013-09-30 04:21:49 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages ====== C:\Users\Patricia ====== 2013-10-28 18:33:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2013-10-28 18:32:36 D194BFEB07072C617406A996D6477317 27220726 ----a-w- C:\Users\Patricia\Downloads\K-Lite_Codec_Pack_1010_Full.exe 2013-10-28 18:31:47 C21C8EE465ACC42BA91CC3018029B7B4 166576 ----a-w- C:\Users\Patricia\Downloads\FreeMediaPlayerSetup.exe 2013-10-27 19:20:12 F1AEA49278E8EF0EE868BF828366C3A4 6057944 ----a-w- C:\Users\Patricia\Downloads\ThreeshipsPluginSetup (2).exe 2013-10-27 18:31:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Patricia\Downloads\RSITx64.exe 2013-10-27 15:25:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emme 2013-10-27 13:50:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2013-10-27 12:48:42 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\Patricia\Downloads\vlc-media-player [1].exe 2013-10-27 12:47:26 E6DCD7F9B6041E056F5A1251AE67C667 597400 ----a-w- C:\Users\Patricia\Downloads\vlc-media-player.exe 2013-10-27 12:39:12 E563A65BAEA25CEF8F49FB0228CB8555 22916830 ----a-w- C:\Users\Patricia\Downloads\vlc-setup [1].exe 2013-10-27 12:36:32 DE8514A0E94E41C2739481729F6E9257 683016 ----a-w- C:\Users\Patricia\Downloads\vlc-setup.exe 2013-10-26 18:31:14 -------- d-----w- C:\ProgramData\Atheros 2013-10-26 18:25:33 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program 2013-10-26 09:45:25 -------- d-----w- C:\Users\Public\CyberLink 2013-10-25 18:21:13 -------- d---a-r- C:\Users\Patricia\SkyDrive 2013-10-25 18:11:44 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Patricia\ntuser.ini 2013-10-24 20:10:56 -------- d--h--w- C:\Users\Patricia\AppData 2013-10-24 20:10:56 -------- d-----r- C:\Users\Patricia\Favorites 2013-10-24 20:10:56 -------- d-----r- C:\Users\Patricia\Documents 2013-10-24 20:10:56 -------- d-----r- C:\Users\Patricia\Desktop 2013-10-13 19:01:07 -------- d-----w- C:\ProgramData\ClassicShell 2013-10-10 17:47:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-10-07 17:52:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2013-10-02 18:21:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-10-02 18:21:35 -------- d-----w- C:\ProgramData\Skype 2013-10-02 16:03:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2013-10-02 16:02:36 -------- d-----w- C:\ProgramData\ControlCenter4 2013-10-02 15:17:51 -------- d-----w- C:\ProgramData\Brother 2013-10-02 15:17:45 -------- d-----w- C:\ProgramData\InstallShield 2013-10-02 14:40:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD 2013-10-02 14:34:45 -------- d-----w- C:\ProgramData\Pinnacle Studio Ultimate 2013-10-02 14:33:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 12 2013-10-02 14:29:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle 2013-10-02 14:29:32 -------- d-----w- C:\ProgramData\Pinnacle 2013-10-02 14:28:17 -------- d-----w- C:\ProgramData\FileOpen 2013-10-02 14:24:49 -------- d-----w- C:\ProgramData\Nitro 2013-10-02 13:06:04 -------- d-----w- C:\ProgramData\AVG2014 2013-10-02 13:02:48 -------- d--h--w- C:\ProgramData\Common Files 2013-10-01 19:58:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-10-01 18:13:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013-10-01 18:09:16 -------- d-----w- C:\ProgramData\Microsoft Help 2013-10-01 17:46:04 -------- d-----r- C:\Users\Patricia\Searches 2013-10-01 17:44:58 -------- d-----r- C:\Users\Patricia\Contacts 2013-10-01 17:41:16 -------- d-----r- C:\Users\Patricia\Videos 2013-10-01 17:41:16 -------- d-----r- C:\Users\Patricia\Saved Games 2013-10-01 17:41:16 -------- d-----r- C:\Users\Patricia\Pictures 2013-10-01 17:41:16 -------- d-----r- C:\Users\Patricia\Music 2013-10-01 17:41:16 -------- d-----r- C:\Users\Patricia\Links 2013-10-01 17:41:16 -------- d-----r- C:\Users\Patricia\Downloads 2013-10-01 16:33:59 -------- d--h--r- C:\Users\Public\AccountPictures 2013-09-30 04:02:10 -------- d--h--r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC ====== C: exe-files == 2013-10-28 19:34:13 76EFA2CB14492BFE78D4D2BD64C288C6 1031680 ----a-w- C:\Users\Patricia\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Adera\3e1983c53e006890a87eb57f4a9d2fcd\Adera.ni.exe 2013-10-28 18:33:50 8E621B684F94E8B9B7D37970C2BA2963 1332139 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe 2013-10-28 18:32:36 D194BFEB07072C617406A996D6477317 27220726 ----a-w- C:\Users\Patricia\Downloads\K-Lite_Codec_Pack_1010_Full.exe 2013-10-28 18:31:47 C21C8EE465ACC42BA91CC3018029B7B4 166576 ----a-w- C:\Users\Patricia\Downloads\FreeMediaPlayerSetup.exe 2013-10-27 19:20:12 F1AEA49278E8EF0EE868BF828366C3A4 6057944 ----a-w- C:\Users\Patricia\Downloads\ThreeshipsPluginSetup (2).exe 2013-10-27 18:32:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Patricia.exe 2013-10-27 18:31:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Patricia\Downloads\RSITx64.exe 2013-10-27 15:25:26 4DA50B289318AE33127865851BC40DD9 2650555 ----a-w- C:\Program Files (x86)\Emme\DoraWereldavontuur\DoraAdventure.exe 2013-10-27 15:25:26 035DBCC0334395AF728290F513756071 683563 ----a-w- C:\Program Files (x86)\Emme\DoraWereldavontuur\unins000.exe 2013-10-27 13:50:54 6B0C06AD1A07458521B5291F37C2AC69 223622 ----a-w- C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe 2013-10-27 13:11:42 D7671534039A271690EFFC8FDEAB7FC0 467456 ----a-w- C:\Users\Patricia\AppData\Local\Temp\COMAP.EXE 2013-10-27 12:53:06 B22198403FFEAF57BE49FF5A08DA1EF4 23003252 ----a-w- C:\Users\Patricia\AppData\Local\Temp\vlc-2.0.8-win32.exe 2013-10-27 12:48:42 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\Patricia\Downloads\vlc-media-player [1].exe 2013-10-27 12:48:30 06D5E5E952C61923C9D24C83E7FE1F45 22937227 ----a-w- C:\Users\Patricia\AppData\Local\Temp\is266438442\65956474_stp.EXE 2013-10-27 12:47:26 E6DCD7F9B6041E056F5A1251AE67C667 597400 ----a-w- C:\Users\Patricia\Downloads\vlc-media-player.exe 2013-10-27 12:42:09 E1CBD15F0CD01171C8B98EB19803B220 298496 ----a-w- C:\Users\Patricia\AppData\Local\Temp\60143uninstall.exe 2013-10-27 12:41:51 642F850B5D94E08AB6CFF997BE09C688 86816 ----a-w- C:\Windows\BrowserChoice\browserchoice.exe 2013-10-27 12:39:33 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Patricia\AppData\Local\Temp\vcredist_x64.exe 2013-10-27 12:39:23 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\Patricia\AppData\Local\Temp\BackupSetup.exe 2013-10-27 12:39:12 E563A65BAEA25CEF8F49FB0228CB8555 22916830 ----a-w- C:\Users\Patricia\Downloads\vlc-setup [1].exe 2013-10-27 12:36:57 E563A65BAEA25CEF8F49FB0228CB8555 22916830 ----a-w- C:\Users\Patricia\AppData\Local\Temp\is1275519350\65263025_stp.EXE 2013-10-27 12:36:32 DE8514A0E94E41C2739481729F6E9257 683016 ----a-w- C:\Users\Patricia\Downloads\vlc-setup.exe 2013-10-24 20:59:42 134F0E458D2DBDC297CD785F53F7129F 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe 2013-10-24 20:59:40 A0E7332DC41BB85FBE8E266B8CDF5AC4 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe === C: other files == 2013-10-29 18:48:21 D3C751689668A033E07586C54949BE54 867219 ----a-w- C:\Users\Public\Desktop\sample_29-10-2013_1948.zip 2013-10-24 21:02:16 E6EF19470936A12524B61DBE7CB44B07 382808 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-10-24 21:02:16 AEAB1924098DB538784C1D2B268FF0C9 1537880 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2660177210-3889208743-3922448808-1001\Software\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="C:\Users\Patricia\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "Quick Starter"="C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="C:\Users\Patricia\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "Quick Starter"="C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Bitcasa"="C:\Program Files\Bitcasa\Bitcasa.exe /startup" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- \C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-10-2013 20:58] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [16-10-2012 12:01] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\advRecovery" ["C:\Program Files\Samsung\Recovery\WCScheduler.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\SAgent" ["%ProgramFiles%\Samsung\S Agent\CommonAgent.exe"] "C:\WINDOWS\SysNative\tasks\Settings" ["C:\Program Files (x86)\Samsung\Settings\sSettings.exe"] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5F214513-060C-4EF7-983B-4090FE83314D}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pflphaooapbgpeakohlggbpidpppgdff - C:\Users\Patricia\AppData\Local\mysearchdial-speeddial.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pflphaooapbgpeakohlggbpidpppgdff - C:\Users\Patricia\AppData\Local\mysearchdial-speeddial.crx[] Vivienne Westwood - Patricia - Default\Extensions\ahhehaklopgggapefjdijagkgbgeapkb Google Docs - Patricia - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Patricia - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Patricia - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Patricia - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Chrome In-App Payments service - Patricia - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Patricia - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage deleted successfully C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyB0BtA0CtDyBzyyBtD0EtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=1396744080&ir=" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyB0BtA0CtDyBzyyBtD0EtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=1396744080&ir=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyB0BtA0CtDyBzyyBtD0EtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=1396744080&ir=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyB0BtA0CtDyBzyyBtD0EtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=1396744080&ir=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{FA62D03E-48E0-4EF9-9783-B181B8A428E0}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FA62D03E-48E0-4EF9-9783-B181B8A428E0}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {7896D089-ED9A-A7F0-A1F4-191C5670A346} Unknown Url="Not_Found" ==== Reset Google Chrome ====================== C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2660177210-3889208743-3922448808-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7896D089-ED9A-A7F0-A1F4-191C5670A346} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Patricia\Desktop\BitTorrent.lnk - C:\Users\Patricia\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Patricia\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Patricia\Desktop\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Patricia\Desktop\Toshiba HDD (E) - Snelkoppeling.lnk - E:\ ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AllShare Play.lnk - C:\windows\Installer\{CE1836A8-3F2B-49BD-8395-93DD414068D2}\_1D242327D514C581C4AA2F.exe C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Users\Public\Desktop\Brother Utilities.lnk - C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe C:\Users\Public\Desktop\Dora de Ontdekkingsreiziger. Wereldavontuur....lnk - C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Help Desk.lnk - C:\Program Files (x86)\Samsung\Help Desk\HelpDesk.exe C:\Users\Public\Desktop\Nitro Pro 8.lnk - C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe C:\Users\Public\Desktop\Quick Starter.lnk - C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe C:\Users\Public\Desktop\Recovery.lnk - C:\Program Files\Samsung\Recovery\Manager1.exe C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Public\Desktop\Support Center.lnk - C:\Program Files (x86)\Samsung\Support Center\GuaranaMain.exe C:\Users\Public\Desktop\SW Update.lnk - C:\Program Files (x86)\Samsung\SW Update\sManager.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\Patricia\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk - C:\Program Files (x86)\Samsung\S Agent\CommonAgent.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk - C:\windows\Installer\{47B42E7A-57E9-407B-8DBB-017B86D7B13F}\Professional.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\Brother Utilities.lnk - C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emme\Dora de Ontdekkingsreiziger. Wereldavontuur....lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emme\Dora de Ontdekkingsreiziger. Wereldavontuur....lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Digitaal certificaat voor VBA-projecten.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Mediagalerie.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Office 2010 Upload Center.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Office Picture Manager.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Office Anytime Upgrade.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\promo.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Taalvoorkeuren voor Microsoft Office 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games\Plants vs. Zombies\Uninstall Plants vs. Zombies.lnk - C:\Program Files (x86)\PopCap Games\Plants vs. Zombies\PopUninstall.exe "C:\Program Files (x86)\PopCap Games\Plants vs. Zombies\Install.log" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Help Desk.lnk - C:\Program Files (x86)\Samsung\Help Desk\HelpDesk.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Quick Starter.lnk - C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Recovery.lnk - C:\Program Files\Samsung\Recovery\Manager1.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Support Center.lnk - C:\Program Files (x86)\Samsung\Support Center\GuaranaMain.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\SW Update.lnk - C:\Program Files (x86)\Samsung\SW Update\sManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype voor bureaublad.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Patricia\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Patricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\User Guide.lnk - C:\Program Files (x86)\Samsung\User Guide\RunManual.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files (x86)\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Patricia\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Quick Starter] C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patricia\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Patricia\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Patricia\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 29-10-2013 at 19:59:01,84 ======================