Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Vince on do 08/05/2014 at 9:06:22,83. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Vince\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-10-19-005529.log 30440 bytes C:\zoek-results2013-10-19-235847.log 1004 bytes C:\zoek-results2013-12-08-184442.log 18164 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\Nalpeiron deleted successfully C:\Users\Vince\AppData\Roaming\QuickScan deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1102839779-575584742-649675085-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5633FB49-11BB-467D-8F55-A94501504A9A} deleted successfully HKEY_USERS\S-1-5-21-1102839779-575584742-649675085-1001\Software\Microsoft\Internet Explorer\SearchScopes\{58731A48-457E-47BC-8B3F-ACD2340BEE2F} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SearchProtection"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~3\Package Cache deleted C:\Users\Vince\Downloads\SoftonicDownloader_voor_inssider.exe deleted "C:\Users\Vince\AppData\Roaming\Search Protection\SearchProtection.exe" deleted "C:\Users\Vince\AppData\Roaming\Search Protection\SearchProtection.exe" deleted "C:\Users\Vince\AppData\Roaming\Search Protection" deleted "C:\Users\Vince\AppData\Roaming\Search Protection" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-04-11 18:51:28 9130CCE19B5DB3D2E31F9F789263FC4A 511328 ----a-w- C:\WINDOWS\capicom.dll 2014-04-10 18:14:10 81394C91B7B5A7C799E249AE82491F13 2373784 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Vince\AppData\Local\Temp ==== 2014-05-07 08:21:13 CC40FDD59A832E27F146A62A67FDE75E 41984 ----a-w- C:\Users\Vince\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpak8maq.dll 2014-04-29 20:20:35 4C6C24FF4BB842D35B1A14C909D9D091 10588160 ----a-w- C:\Users\Vince\AppData\Local\Temp\SkypeToolbars.msi 2014-04-29 20:19:54 28E25F4A41FF7F65F57435ABD858C7BA 25624576 ----a-w- C:\Users\Vince\AppData\Local\Temp\Skype.msi 2014-04-28 21:14:23 B83D2774CDAF5016CD8765A630FA1150 107392 ----a-w- C:\Users\Vince\AppData\Local\Temp\{0B981A46-96ED-4E8F-AD55-AEA499180A97}\ISBEW64.exe 2014-04-28 21:12:10 8C55DC079572791E2974BE3C5C19E254 6552288 ----a-w- C:\Users\Vince\AppData\Local\Temp\{15493865-FC78-48B1-96C4-1B0AB53FAE32}\{340b0957-35ca-1324-bbc9-ba5db9082dad}\vcredist_x86.exe 2014-04-28 21:11:40 5C82BE7AD1775B67916EE19C15B99331 2723264 ----a-w- C:\Users\Vince\AppData\Local\Temp\{15493865-FC78-48B1-96C4-1B0AB53FAE32}\{02CFE32D-EB61-4A0A-AE14-45F2EA250A10}\vcredist_x86.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-05-02 14:48:48 5869FBC754578A59C8C8635B99DB79DE 17384448 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-02 14:45:48 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-05-02 14:48:49 A98DA2EC1E56CF52C682D072F77D9874 23547904 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-05-02 14:45:44 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2014-04-28 21:13:54 BC260745D3709703F943980B41E20632 57856 ----a-w- C:\WINDOWS\Sysnative\nmwcdclsX64.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-05-07 20:35:25 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2014-05-07 20:35:08 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-05-07 20:35:08 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2014-05-07 20:35:08 3FFFB7F54CD7A792099C10402FCF8F56 63192 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2014-04-29 06:31:26 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-04-11 18:52:08 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf 2014-04-11 18:51:33 3701D3BF4AC12EAACB1F58847C1D32FC 23568 ----a-w- C:\WINDOWS\Sysnative\drivers\bdelam.sys 2014-04-11 18:51:32 F7F20DFE87C425221D8FCE77C5ED46AC 79192 ----a-w- C:\WINDOWS\Sysnative\drivers\bdvedisk.sys 2014-04-11 18:51:28 B9ECE7FD9F58DAF19450C88338DC5267 82824 ----a-w- C:\WINDOWS\Sysnative\drivers\bdsandbox.sys 2014-04-11 18:51:28 78612E1E8D62AA1FDD56FAAE6A7C1BD6 98768 ----a-w- C:\WINDOWS\Sysnative\drivers\bdfndisf6.sys 2014-04-11 18:51:20 636B15879AE62E47444F99C60C900AA6 893440 ----a-w- C:\WINDOWS\Sysnative\drivers\avc3.sys 2014-04-11 18:51:20 3B9549FEF98AB1768A1D6A919F355B70 261056 ----a-w- C:\WINDOWS\Sysnative\drivers\avchv.sys 2014-04-11 18:51:20 14023A39BC91AC5A2077766D28EBA7C5 635392 ----a-w- C:\WINDOWS\Sysnative\drivers\avckf.sys 2014-04-11 18:44:24 0A9D58AABD01DA97B1D101473EFA7659 150256 ----a-w- C:\WINDOWS\Sysnative\drivers\gzflt.sys 2014-04-11 18:44:22 325A512F98BEB97B1FFBE88927B8090D 389240 ----a-w- C:\WINDOWS\Sysnative\drivers\trufos.sys 2014-04-10 18:14:11 FEEFE783D87C9063CDAC6DBDCF95F533 2519384 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-04-10 18:14:09 C7D252742946DD395670649742FBD73D 1557848 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-04-10 18:14:07 1C80517BE6836A812F6A9B99B8321351 2013016 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-04-10 18:14:01 E62EAEF0BAC9DD61BF22D4A7F2F18571 679424 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-04-10 18:13:57 C997E6A37BA8915224B3FB5024A34F69 402944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-04-10 18:13:56 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\WINDOWS\Sysnative\drivers\wof.sys 2014-04-10 18:13:56 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-04-10 18:13:54 4627C1FBF2802425A408A2D2AF28CF85 565536 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2014-04-10 18:13:53 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2014-04-10 18:13:52 466BDC0006103F2547D308DD3CD64398 245760 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-04-10 18:13:51 AC408FA243471C25CDE435C3B83536A9 337752 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-04-10 18:13:49 647C7652FA19F98CADF2BFDA2164BFEC 443392 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-04-10 18:13:47 CFC52C49BEFE4D70D87FFA900EAB9777 467800 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-04-10 18:13:45 F88CC88F4A6D8476F1664E805CA18CC2 180056 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2014-04-10 18:13:43 C48CDFD48A43E4AEC8170E1E50A3FACD 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-04-10 18:13:43 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2014-04-10 18:13:43 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2014-04-10 18:13:42 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidusb.sys 2014-04-10 18:13:41 ABB7341766902F5AAB45E15F34D19E15 111616 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2014-04-10 18:13:41 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpipreg.sys 2014-04-10 18:13:40 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2014-04-10 18:13:39 FD9C9E9E3F0ED51502C7E8C066BE26B9 79360 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-04-10 18:13:38 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2014-04-10 18:05:29 3595FBDF25F8BA6256072D103937D7D6 311640 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-04-10 18:04:45 F21B77B4D74092A543807D3CEB711A88 1118552 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-04-10 18:04:41 9539F7917B4B6D92C90F0FAA6B86C605 539992 -c--a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2014-04-10 18:04:27 B2BD017231836DA9F63F41E3A075D73E 590168 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2014-04-10 18:04:05 A26AEC49F318FEE141DDDB2C5F99B3E6 249688 ----a-w- C:\WINDOWS\Sysnative\drivers\rdyboost.sys 2014-04-10 18:04:01 233A4C961703D6B3EBA4EC1A3E85AACE 298496 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-04-10 18:03:56 275AFE3FA35E8D78BE97695DF49817C6 280920 -c--a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2014-04-10 18:03:53 87765EF43C33BE342F4ACB0E3FBF89A6 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-04-10 18:03:51 8685379B82AC81187813225905531D1E 272896 -c--a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2014-04-10 18:03:49 EA23453240137F6773174E0D93F61A69 148824 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2014-04-10 18:03:48 46D1DF775FFF14585218BBE16E5B2C9A 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2014-04-10 18:03:31 8F39AFEB255487932DFF14D9E0E0FC24 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2014-04-10 18:03:28 52E483A3701A5A61A75A06993720347D 551256 -c--a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2014-04-10 18:03:13 FDEC5799BA499D18AFA3A540538866E7 236888 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2014-04-10 18:03:06 48430B0313FC1CFE3D2400553F1A93CD 325464 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2014-04-10 18:03:04 DDEE191AB32DFC22C6465002ECDF5EE4 124416 ----a-w- C:\WINDOWS\Sysnative\drivers\luafv.sys 2014-04-10 18:03:03 0ECEE590F2E2EF969FB74A6FC583A1E6 663040 ----a-w- C:\WINDOWS\Sysnative\drivers\PEAuth.sys 2014-04-10 18:02:54 02836172141D3AFA35B07679E253E503 151384 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2014-04-10 18:02:39 EF3AE7773394DF49CE74AF78A1C8D23D 146776 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys 2014-04-10 18:02:38 BCFD8B149B3ADF92D0DB1E909CAF0265 79192 ----a-w- C:\WINDOWS\Sysnative\drivers\fileinfo.sys 2014-04-10 18:02:36 E515A287C8FAE901EB8FB42F168E14F2 924504 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2014-04-10 18:02:35 38A82F4EE8C416A6744B6D30381ED768 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\BasicRender.sys 2014-04-10 18:02:33 0B1E929D11A8E358106955603FAC65E8 79192 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2014-04-10 18:02:23 61A1C2641321A6B89A2B41C5D481EF48 71888 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpfve.sys 2014-04-10 18:02:20 C1F564F324685C088ECAB1933576CF91 54816 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2014-04-10 18:02:16 B034A41891A36457B994307DFA772293 189784 -c--a-w- C:\WINDOWS\Sysnative\drivers\UCX01000.SYS 2014-04-10 18:02:13 9DDCA7F18983C5410DEFF79F819DF93C 994136 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2014-04-10 18:01:46 9CC0003FB8ED3763B977B43F1012FF63 54272 ----a-w- C:\WINDOWS\Sysnative\drivers\watchdog.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-04-11 18:44:22 -------- d-----w- C:\Program Files\Bitdefender 2014-04-11 18:42:12 -------- d-----w- C:\Program Files\Common Files\Bitdefender ======= C:\PROGRA~2 ===== 2014-04-29 20:20:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-04-29 20:20:20 -------- d-----r- C:\PROGRA~2\Skype 2014-04-28 21:13:54 -------- d-----w- C:\PROGRA~2\Nokia 2014-04-28 21:13:35 -------- d-----w- C:\PROGRA~2\COMMON~1\Nokia 2014-04-24 13:17:06 -------- d-----w- C:\PROGRA~2\MetaGeek 2014-04-11 18:42:10 -------- d-----w- C:\PROGRA~2\COMMON~1\Bitdefender ======= C: ===== ====== C:\Users\Vince\AppData\Roaming ====== 2014-05-07 20:34:47 -------- d-----w- C:\Users\Vince\AppData\Local\Programs 2014-05-06 21:36:33 -------- d-----w- C:\Users\Vince\AppData\Local\ElevatedDiagnostics 2014-05-06 21:35:52 -------- d-----w- C:\Users\Vince\AppData\Local\Diagnostics 2014-04-29 20:20:51 -------- d-----w- C:\Users\Vince\AppData\Local\Skype 2014-04-29 20:20:36 -------- d-----w- C:\Users\Vince\AppData\Roaming\Skype 2014-04-28 21:23:46 -------- d-----w- C:\Users\Vince\AppData\Local\Nokia 2014-04-24 13:20:18 -------- d-----w- C:\Users\Vince\AppData\Local\MetaGeek,_LLC 2014-04-24 13:17:06 -------- d-----w- C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek 2014-04-16 20:07:16 -------- d-sh--w- C:\Users\Vince\AppData\Locallow\EmieUserList 2014-04-15 19:37:58 -------- d-----w- C:\Users\Vince\AppData\Roaming\DropboxMaster 2014-04-15 19:37:15 -------- d-----w- C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-04-15 19:33:37 -------- d-----w- C:\Users\Vince\AppData\Roaming\Dropbox 2014-04-14 11:00:59 -------- d-sh--w- C:\Users\Vince\AppData\Local\EmieUserList 2014-04-14 11:00:59 -------- d-sh--w- C:\Users\Vince\AppData\Local\EmieSiteList 2014-04-14 11:00:22 -------- d-sh--w- C:\Users\Vince\AppData\Locallow\EmieSiteList 2014-04-12 00:09:14 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Bitdefender 2014-04-11 18:53:23 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-04-11 18:50:21 -------- d-----w- C:\Users\Vince\AppData\Roaming\Bitdefender 2014-04-11 18:50:10 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Locallow\Microsoft ====== C:\Users\Vince ====== 2014-05-07 22:11:48 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vince\Downloads\RSITx64 (4).exe 2014-05-07 21:55:54 6FA4ABCFA26522C2A9DC17C12EB99109 22747797 ----a-w- C:\Users\Vince\Downloads\DVDStyler-2.7.2-win32.exe 2014-05-07 20:34:28 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Vince\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-29 20:20:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-04-29 20:20:14 -------- d-----w- C:\ProgramData\Skype 2014-04-29 20:19:38 EA5134AB3B6E787EEEAE9DFD38DF259B 1678496 ----a-w- C:\Users\Vince\Downloads\SkypeSetup.exe 2014-04-28 21:21:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia 2014-04-28 21:21:47 -------- d-----w- C:\ProgramData\Nokia 2014-04-28 21:10:11 C6F61A6667AA712C4CC32B93DF16359E 40015381 ----a-w- C:\Users\Vince\Downloads\NokiaSoftwareRecoveryToolInstaller.exe 2014-04-15 19:40:31 -------- d-----r- C:\Users\Vince\Dropbox 2014-04-11 18:55:19 8C3A96AF77880E6A3DB607AB9511A25E 656821 ----a-w- C:\ProgramData\1397241738.bdinstall.bin 2014-04-11 18:52:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2014-04-11 18:44:24 -------- d-----w- C:\ProgramData\Bitdefender ====== C: exe-files == 2014-05-07 22:11:48 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vince\Downloads\RSITx64 (4).exe 2014-05-07 21:55:54 6FA4ABCFA26522C2A9DC17C12EB99109 22747797 ----a-w- C:\Users\Vince\Downloads\DVDStyler-2.7.2-win32.exe 2014-05-07 20:34:28 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Vince\Downloads\mbam-setup-2.0.1.1004.exe === C: other files == 2014-05-07 20:35:25 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-05-07 20:35:08 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-05-07 20:35:08 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-05-07 20:35:08 3FFFB7F54CD7A792099C10402FCF8F56 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_USERS\S-1-5-21-1102839779-575584742-649675085-1001\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIOE.EXE /EPT EPLTarget\P0000000000000000 /M XP-30 33 Series" "GoogleChromeAutoLaunch_D35B1BF4BD75BF2165A72410A77FFBF1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "Facebook Update"="C:\Users\Vince\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify"="C:\Users\Vince\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Vince\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "WD Quick View"="C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIOE.EXE /EPT EPLTarget\P0000000000000000 /M XP-30 33 Series" "GoogleChromeAutoLaunch_D35B1BF4BD75BF2165A72410A77FFBF1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "Facebook Update"="C:\Users\Vince\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify"="C:\Users\Vince\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Vince\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe" ==== Startup Folders ====================== 2014-04-15 19:38:40 1100 ----a-w- C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1102839779-575584742-649675085-1001Core.job --a-------- C:\Users\Vince\AppData\Local\Facebook\Update\FacebookUpdate.exe [27/01/2014 23:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/07/2013 18:11] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/07/2013 18:11] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe] "C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{567484D0-5414-444D-875E-0600031F7214}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Vince" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe] "C:\WINDOWS\SysNative\tasks\Vince DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\WINDOWS\SysNative\tasks\Vince Merge" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe"] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [27/03/2014 11:22] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[03/03/2014 13:59] Google Docs - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_editorial.nl.softonic.com_0.localstorage deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_editorial.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_inssider.nl.softonic.com_0.localstorage deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_inssider.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_microsoft-office-2010-professional.nl.softonic.com_0.localstorage deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_microsoft-office-2010-professional.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_microsoft-office-2010.nl.softonic.com_0.localstorage deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_microsoft-office-2010.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_microsoft-word-2010.nl.softonic.com_0.localstorage deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_microsoft-word-2010.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://asus13.msn.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{58731A48-457E-47BC-8B3F-ACD2340BEE2F}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{58731A48-457E-47BC-8B3F-ACD2340BEE2F}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://asus13.msn.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Vince\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Vince\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=325 folders=195 31008808 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Vince\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Vince\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 08/05/2014 at 11:59:15,05 ======================