Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by lumon on zo 06/07/2014 at 13:36:30,18. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\lumon\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 6/07/2014 13:40:46 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\AGEIA Technologies deleted successfully C:\Program Files\greAtsaver deleted successfully C:\Program Files\gReatsAveur deleted successfully C:\Program Files\GS-Enabler deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\SiteLookup deleted successfully C:\Program Files\SmartTweak deleted successfully C:\Program Files\SNT deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\Users\lumon\AppData\Roaming\IrfanView deleted successfully C:\Users\lumon\AppData\Roaming\Malwarebytes deleted successfully C:\Users\lumon\AppData\Roaming\SimilarAddon deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2468661837-1990217823-1405067445-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511131190} deleted successfully ==== Installed Programs ====================== Adobe Flash Player 13 Plugin Adobe Flash Player 14 ActiveX Adobe Photoshop CS6 Adobe Reader XI (11.0.07) - Nederlands ANT Drivers 0.1.2.0 ANT Drivers Installer x86 Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Camera Control Pro 2 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition EaseUS Partition Master 9.2.1 Professional Elevated Installer ESET NOD32 Antivirus File Type Assistant Firefox Free Download Packages Free All-In-One Media Player Garmin BaseCamp Garmin Express Garmin Express Tray Garmin MapSource Garmin USB Drivers GeForce Experience NvStream Client Components Geonaute Software Google Chrome Google Update Helper GS-Supporter 1.80 HiJackThis Img2gps v2.57.2 IObit Uninstaller Java 7 Update 51 Java 8 Java Auto Updater JaVaWa GMTK 3.7 MapSource Product Install Math Problem Solver Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 MiniTool Partition Wizard Home Edition 8.1.1 Mozilla Firefox 30.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec NetCrawl Nikon Message Center NVIDIA-configuratiescherm 331.82 NVIDIA 3D Vision stuurprogramma 331.82 NVIDIA GeForce Experience 1.8 NVIDIA Grafisch stuurprogramma 331.82 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 10.10.5 NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.0725 NVIDIA ShadowPlay 10.10.5 NVIDIA Stereoscopic 3D Driver NVIDIA Update 10.10.5 NVIDIA Update Core NVIDIA Virtual Audio 1.2.12 OSM generic routable new(Austria) OSM generic routable(Austria) PDF Settings CS6 PL-2303 USB-to-Serial Renesas Electronics USB 3.0 Host Controller Driver Routeplanner Belux Fiets/Wandelaar Samsung Kies Samsung Story Album Viewer SAMSUNG USB Driver for Mobile Phones ScanWizard 5 Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2767915) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SHIELD Streaming SkypeT 6.16 Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Surfing Protection System Requirements Lab for Intel Topomap Belux Total Commander (Remove or Repair) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition Vinny27 - Adobe Photoshop CS6 32-bit Virtual COM Port Driver Virtual Dj Studio 6.5 VirtualDJ PRO Full VirtualDjv7.4NLx86 VLC media player 2.1.3 WebStorage Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) WinRAR 5.01 (32-bit) WinZip 14.5 ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\Garmin\Express Tray\ExpressTray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\ScanWizard 5\ScannerFinder.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\NetCrawl\updateNetCrawl.exe C:\Program Files\NetCrawl\bin\utilNetCrawl.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\NetCrawl\bin\NetCrawl.PurBrowse.exe C:\Windows\system32\conhost.exe C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\conhost.exe C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe C:\Users\lumon\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe c:\program files\windows defender\MpCmdRun.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util NetCrawl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util NetCrawl deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); ---- FireFox user.js and prefs.js backups ---- user_20140607_1355_.backup prefs_20140607_1355_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\Program Files\File Type Assistant deleted C:\Program Files\MyFree Codec deleted C:\Users\lumon\AppData\Roaming\EZDownloader deleted C:\Users\lumon\AppData\Roaming\Systweak deleted C:\PROGRA~2\gReatsAveur deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\SNT deleted C:\PROGRA~2\InstallMate deleted C:\PROGRA~2\House Of Soft deleted C:\Users\lumon\AppData\Local\FileTypeAssistant deleted C:\Windows\system32\config\systemprofile\AppData\Local\FileTypeAssistant deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\Users\lumon\Searches deleted C:\Users\lumon\AppData\LocalLow\ZenSearch deleted C:\Windows\system32\tasks\Torntv V9.0-firefoxinstaller deleted C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw.sys deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\searchplugins\ZenSearch.xml deleted C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\jetpack deleted "C:\PROGRA~2\9bbe6016cb5f3081\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted "C:\PROGRA~2\9bbe6016cb5f3081\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted "C:\PROGRA~2\9bbe6016cb5f3081\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted "C:\PROGRA~2\9bbe6016cb5f3081\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old" deleted "C:\PROGRA~2\9bbe6016cb5f3081\{CA41BB14-E67B-1653-C57B-5CA99418A866}" deleted "C:\PROGRA~2\9bbe6016cb5f3081\{CA41BB14-E67B-1653-C57B-5CA99418A866}.old" deleted "C:\PROGRA~2\9bbe6016cb5f3081\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted "C:\PROGRA~2\CAM Development\{98C0F020-137F-33D2-5AB1-000048F68BB4}" deleted "C:\Program Files\NetCrawl\updateNetCrawl.exe" deleted "C:\Program Files\NetCrawl\updateNetCrawl.exe" deleted "C:\Program Files\NetCrawl\updateNetCrawl.exe" deleted "C:\Program Files\NetCrawl\bin\NetCrawl.PurBrowse.exe" deleted "C:\Program Files\NetCrawl\bin\utilNetCrawl.exe" deleted "C:\Program Files\NetCrawl\bin\NetCrawl.PurBrowse.exe" deleted "C:\Program Files\NetCrawl\bin\utilNetCrawl.exe" deleted "C:\Program Files\NetCrawl\bin\NetCrawl.PurBrowse.exe" deleted "C:\Program Files\NetCrawl\bin\utilNetCrawl.exe" deleted "C:\PROGRA~2\9bbe6016cb5f3081" deleted "C:\PROGRA~2\CAM Development" deleted "C:\Program Files\NetCrawl" deleted "C:\Program Files\NetCrawl" deleted "C:\PROGRA~2\Package Cache" deleted "C:\Users\lumon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software" deleted "C:\Program Files\NetCrawl" deleted "C:\Program Files\NetCrawl\bin" deleted "C:\Program Files\NetCrawl\bin" deleted "C:\Program Files\NetCrawl\bin" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3254 MB CPU Info: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz CPU Speed: 2405,8 MHz Sound Card: Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | NVIDIA GeForce GT 425M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Bluetooth-apparaat (Personal Area Network) #2 | Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | Atheros AR8131 PCI-E Gigabit Ethernet Controller CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SN-S083C Ports: COM8 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 409,4GB | G: 100,0MB Hard Disks - Free: C: 280,8GB | G: 70,9MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 02/01/10 | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MEDION P6624 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: ESET NOD32 Antivirus 6.0 On-access scanning disabled (Outdated) Anti-Spyware: ESET NOD32 Antivirus 6.0 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 30.0 Internet Explorer Version: 11.0.9600.17126 Mozilla Firefox version: 30.0 (x86 en-US) Google Chrome version: 35.0.1916.153 Adobe Reader version: 11.0.07.79 Sun Java version: 1.8.0 (32-bit) Flash Player version: 13.0.0.214 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-07-05 05:26:26 94845B0D9C6188AB06EF9700FE8C0909 386923 ----a-w- C:\Windows\KMSAct.exe ====== C:\Users\lumon\AppData\Local\Temp ==== 2014-07-06 11:21:49 743E03A4F93ECF5DB5D79F0C4B270871 10278752 ----a-w- C:\Users\lumon\AppData\Local\Temp\HitmanPro.exe 2014-07-06 06:08:06 C76B8E74F900E083712ADC5B597A05C3 339264 ----a-w- C:\Users\lumon\AppData\Local\Temp\4821\taskmgr.dll 2014-07-06 06:08:06 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Users\lumon\AppData\Local\Temp\4821\ProjectOnUninstall.exe 2014-06-30 16:11:48 F23731CD51CC24E9F21215DB20FC6FF3 959488 ----a-w- C:\Users\lumon\AppData\Local\Temp\PidGenX.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-07-06 07:26:04 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2014-07-06 07:14:12 AD8C4B7AFE77AC0F7DB2EEA4F2C10D3E 13218 ----a-w- C:\Windows\System32\.crusader ====== C:\Windows\system32\drivers ===== 2014-06-13 05:03:13 DEE7EDA5AAA96C4C68A1F098F5145799 187840 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-06-13 05:03:13 5579DD18546999F5D0EC39D018726C6B 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2014-07-05 12:54:53 C0273F291543925B13E42235B2BE2CF6 2874 ----a-w- C:\Windows\system32\Tasks\Uninstaller_SkipUac_Administrator 2014-06-26 03:05:28 81AB3C823CD5427C785135DB2CA8E9A7 1044 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf90eb7b756cd9.job 2014-06-26 03:05:28 627DC2838D71B0D16CB84262769C6A17 4040 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1cf90eb7b756cd9 2014-06-26 03:05:26 E49CF5FC16557CE29B260C36D65BDD08 3788 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1cf90eb7a5e305f 2014-06-26 03:05:26 CFFDF2E714ABD7A14C0A29D1E19E4C32 1040 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf90eb7a5e305f.job 2014-06-15 05:51:52 793A6F3DD7B1A3A7A5D5342D8E43D63F 3202 ----a-w- C:\Windows\system32\Tasks\{1FC3A189-BB14-4305-9B96-D1B8DAA4943A} 2014-06-13 07:06:40 77D84BA765EA4F103EB4CC9E6849E9AB 3958 ----a-w- C:\Windows\system32\Tasks\User_Feed_Synchronization-{CEA412A1-3413-4A3D-901A-8BE7F5C121B3} 2014-06-08 17:18:29 70ACAD842473D89714D6B5403DE96F7F 3544 ----a-w- C:\Windows\system32\Tasks\GarminUpdaterTask ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-05 12:54:00 -------- d-----w- C:\Program Files\IObit 2014-06-27 07:17:27 -------- d-----w- C:\Program Files\VideoLAN 2014-06-15 07:27:54 -------- d-----w- C:\Program Files\JaVaWa GMTK ======= C: ===== ====== C:\Users\lumon\AppData\Roaming ====== 2014-07-06 08:20:09 -------- d-----w- C:\Users\lumon\AppData\Local\Adobe 2014-07-06 06:08:49 -------- d-----w- C:\Users\lumon\AppData\Roaming\ProductData 2014-07-05 12:55:11 -------- d-----w- C:\Users\lumon\AppData\Roaming\Apple Computer 2014-07-05 12:54:54 -------- d-----w- C:\Users\lumon\AppData\Locallow\IObit 2014-07-05 12:53:27 -------- d-----w- C:\Users\lumon\AppData\Roaming\IObit 2014-07-05 04:56:12 -------- d-----w- C:\Users\lumon\AppData\Roaming\0F1L1I1PtF1F1C1N 2014-06-27 07:18:21 -------- d-----w- C:\Users\lumon\AppData\Roaming\vlc 2014-06-15 07:34:53 076A825026C8FE39492D201E5F24A377 30 ----a-w- C:\Users\lumon\AppData\Roaming\GMTK.conf 2014-06-15 07:12:32 -------- d-----w- C:\Users\lumon\AppData\Roaming\Pathcz 2014-06-14 17:27:49 -------- d-----w- C:\Users\lumon\AppData\Roaming\HTML Executable 2014-06-14 06:07:08 -------- d-----w- C:\Users\lumon\AppData\Roaming\NVIDIA 2014-06-12 03:20:13 -------- d-----w- C:\Users\Default\AppData\Roaming\Garmin 2014-06-12 03:20:13 -------- d-----w- C:\Users\Default User\AppData\Roaming\Garmin ====== C:\Users\lumon ====== 2014-07-06 07:26:08 FD7BB9C9C6383616CCC6FFE638B38804 14892976 ----a-w- C:\Users\lumon\Downloads\ASUSWebStorageSyncAgent2.1.7.374.exe 2014-07-06 06:56:19 -------- d-----w- C:\ProgramData\HitmanPro 2014-07-05 12:54:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2014-07-05 12:54:29 -------- d-----w- C:\ProgramData\IObit 2014-07-05 04:50:34 310578F044482A93CAA0703841C3339E 29836648 ----a-w- C:\Users\lumon\Downloads\FirefoxSetup.exe 2014-06-30 16:09:10 -------- d-----w- C:\ProgramData\Microsoft Toolkit 2014-06-27 07:18:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-06-27 07:12:30 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\lumon\Downloads\VLCmediaplayerSetup.exe 2014-06-27 07:11:10 CC50EC6701E589B977FDD23C3C8723D6 686936 ----a-w- C:\Users\lumon\Downloads\VLCmediaplayerSetup-15872931.exe 2014-06-15 07:27:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JaVaWa 2014-06-14 17:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MapSource ====== C: exe-files == 2014-07-06 11:21:49 743E03A4F93ECF5DB5D79F0C4B270871 10278752 ----a-w- C:\Users\lumon\AppData\Local\Temp\HitmanPro.exe 2014-07-06 07:26:08 FD7BB9C9C6383616CCC6FFE638B38804 14892976 ----a-w- C:\Users\lumon\Downloads\ASUSWebStorageSyncAgent2.1.7.374.exe 2014-07-06 07:26:04 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2014-07-06 06:54:34 743E03A4F93ECF5DB5D79F0C4B270871 10278752 ----a-w- C:\Users\lumon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3V7KMBXN\hitmanpro.exe 2014-07-06 06:08:06 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Users\lumon\AppData\Local\Temp\4821\ProjectOnUninstall.exe 2014-07-05 12:54:49 F0D13521B4723FD213ED9CDCB5A50F6E 7664928 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe 2014-07-05 12:54:47 5D4ACF36CF6B3E2453C2E39216BD173B 629568 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallDisplay.exe 2014-07-05 12:54:46 C098B4EA64D8C957486ACD736031435C 588608 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Install_PintoStartMenu.exe 2014-07-05 12:54:46 78148DC7BA8C46551929FF7E47FA4133 1114944 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 2014-07-05 12:54:41 497AF28F6231FA74DE734C9628F30FAD 1362240 ----a-w- C:\Program Files\IObit\Surfing Protection\SPUpdate.exe 2014-07-05 12:54:40 F1A522373D76B164ED357FD60314854D 1195808 ----a-w- C:\Program Files\IObit\Surfing Protection\unins000.exe 2014-07-05 12:54:40 747BAE652E61A124AB29A6210015B02D 1256224 ----a-w- C:\Program Files\IObit\Surfing Protection\PluginInstall.exe 2014-07-05 12:54:36 FA149A9A6DDDCC222865077D07DD1C51 2152736 ----a-w- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe 2014-07-05 12:54:36 88B7F951A2DD14BFF31AD74B4E624E98 2130720 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallPromote.exe 2014-07-05 05:26:26 94845B0D9C6188AB06EF9700FE8C0909 386923 ----a-w- C:\Windows\KMSAct.exe 2014-07-05 04:56:12 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\lumon\AppData\Roaming\0F1L1I1PtF1F1C1N\Firefox Free Download Packages\uninstaller.exe 2014-07-05 04:55:49 61AEE3F9C4FA62849A577932B10475D3 34107392 ----a-w- C:\ProgramData\GARMIN\Core Update Service\APP-express-windows-3.2.9.0\GarminExpressInstaller.exe 2014-07-05 04:50:34 310578F044482A93CAA0703841C3339E 29836648 ----a-w- C:\Users\lumon\Downloads\FirefoxSetup.exe 2014-07-05 04:24:31 E41F3AC355DFA8EEC3E81008C383EC1C 386080 ----a-w- C:\Users\lumon\AppData\Local\NVIDIA\NvBackend\Packages\00005cb3\updatus.18662328_RUNASUSER.exe 2014-07-05 04:23:20 E2BC4783B6D06D83D2F806ABE0B88AA3 3708816 ----a-w- C:\Users\lumon\AppData\Local\NVIDIA\NvBackend\Packages\00005cae\DAO.18659624.exe 2014-07-02 03:09:32 25F1DF956ADC402ED0B5FF7312F1BE7D 385688 ----a-w- C:\Users\lumon\AppData\Local\NVIDIA\NvBackend\Packages\00005c99\updatus.18653672_RUNASUSER.exe 2014-07-02 03:08:46 B53984D87924ADA95FB5CD97CA85886B 3708328 ----a-w- C:\Users\lumon\AppData\Local\NVIDIA\NvBackend\Packages\00005c95\DAO.18651267.exe 2014-07-02 02:38:12 B4F10F4977D81AD147166346348A9FFD 472384 ----a-w- C:\Program Files\ASUS\WebStorage\2.1.7.374\InstallAction.exe 2014-07-02 02:38:10 5147C4D4DA502CF807038CF548C981D1 5821760 ----a-w- C:\Program Files\ASUS\WebStorage\2.1.7.374\AsusWSPanel.exe 2014-07-02 02:38:08 B57A28E314A752F4445BCC8D45D2145F 1321280 ----a-w- C:\Program Files\ASUS\WebStorage\2.1.7.374\AsusWSService.exe 2014-07-02 02:37:56 05422FD1D4369C81C5CE8032F25231FF 63296 ----a-w- C:\Program Files\ASUS\WebStorage\2.1.7.374\ASUSWSLoader.exe 2014-07-01 03:08:10 2C2AF87CC2017B6EEB2792174AEE4761 385600 ----a-w- C:\Users\lumon\AppData\Local\NVIDIA\NvBackend\Packages\00005c7c\updatus.18646966_RUNASUSER.exe 2014-06-30 07:32:50 7646870464A0CF13BA930B4027861909 260096 ----a-w- C:\Program Files\ASUS\WebStorage\2.1.7.374\AWS Restorer\ASUSWSDownloader.exe === C: other files == 2014-07-05 12:54:43 032694B0FE8D2AE6EC544B989E1CBF75 341164 ----a-w- C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx 2014-07-05 12:43:45 410BBE0560783BA57038F8A60AE07E0F 37854762 ----a-w- C:\Users\lumon\AppData\Local\Temp\leef.zip 2014-07-05 04:52:08 9BF9F2153342715FF4874BF6364F5F7A 58407 ----a-w- C:\Users\lumon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y16548JN\sitematchersitesrc_7921_1.1[1].xpi 2014-07-05 04:41:00 4CD4F3D7871ADB06C37366745B612053 9351 ----a-w- C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\extensions\{6fcd6092-9615-4f7f-8898-8df53980e5d2}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2468661837-1990217823-1405067445-1000\Software\Microsoft\Windows\CurrentVersion\Run] @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nvtmru"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "NvBackend"="C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart" "NUSB3MON"="C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "WebStorage"="C:\Program Files\ASUS\WebStorage\2.1.1.265\AsusWSPanel.exe /S" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\windows\\system32\\nvinit.dll" ==== Startup Folders ====================== 2014-04-25 08:16:06 1924 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/07/2014 09:24] C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf90eb7a5e305f.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25/04/2014 07:22] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf90eb7b756cd9.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25/04/2014 07:22] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1cf90eb7a5e305f" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1cf90eb7b756cd9" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\KMS Activation for Office" [C:\Windows\KMSAct.exe] "C:\Windows\system32\tasks\Math Problem Solver CPU" [C:\Users\lumon\AppData\Local\Math Problem Solver\cpu\Solve.exe] "C:\Windows\system32\tasks\Math Problem Solver Optimize" ["C:\Users\lumon\AppData\Local\Math Problem Solver\Optimize.exe"] "C:\Windows\system32\tasks\ProgramRefresh-ATFST" [C:\Program Files\File Type Assistant\tsasetup.exe] "C:\Windows\system32\tasks\ProgramUpdateCheck" [C:\Program Files\File Type Assistant\TSAssist.exe] "C:\Windows\system32\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{CEA412A1-3413-4A3D-901A-8BE7F5C121B3}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\system32\tasks\ZenSearch\Updater\ZenSearch updater" [C:\Program Files\ZenSearch Updater\updater.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default - Undetermined - C:\Program Files\IObit Apps Toolbar\FF - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com - Site Matcher - %ProfilePath%\extensions\sitematchersitesrc@sitematchersitesrc.com - Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - NetCrawl - %ProfilePath%\extensions\{6fcd6092-9615-4f7f-8898-8df53980e5d2}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat A6C979CB14F0E0ED8C9387CAF4E2BDD1 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 504314A8D26CEB802751D380577F1E3C - C:\Program Files\Java\jre8\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.0.132 01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AA94DCD79DDE6E6AEBE285CE6A2D85EE - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision 26DF0B58FCB6C7DE6DEF4A6053778120 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION 28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Deleted Firefox Extensions ====================== C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\extensions\{6fcd6092-9615-4f7f-8898-8df53980e5d2}.xpi deleted ==== Chrome Look ====================== greatssaaver - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Administrator\AppData\Local\Torch\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Administrator\AppData\Local\Torch\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Administrator\AppData\Local\Torch\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Administrator\AppData\Local\Torch\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - Gast\AppData\Local\Torch\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - Gast\AppData\Local\Torch\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - Gast\AppData\Local\Torch\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - Gast\AppData\Local\Torch\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - Gast\AppData\Local\Torch\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - Gast\AppData\Local\Torch\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - Gast\AppData\Local\Torch\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk Google Docs - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf ZenSearch - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eapmfjbemiffkmggedbiibolghfomomg Google Wallet - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - lumon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia greatssaaver - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk greatssaaver - lumon\AppData\Local\Torch\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah YTTBoooKMarK - lumon\AppData\Local\Torch\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic YoutubeAdblocker - lumon\AppData\Local\Torch\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb greatsaver - lumon\AppData\Local\Torch\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag SNT - lumon\AppData\Local\Torch\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln gReatsAveur - lumon\AppData\Local\Torch\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb Favorite Doodle - lumon\AppData\Local\Torch\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga SNT - lumon\AppData\Local\Torch\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk ==== Chrome Fix ====================== C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\lpnbfffppnbdjfannmiidgkndeagmkjb deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\ikcnmpgggapojopamgepfgpbaafooblb deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\kdfmpggndlncmelmjgiedmafbfddbmag deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\bfalcflchgkagleoelbafdpipbapgaah deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\dnjfhbikipgimfoeecfholbohccgdiic deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\lhkibfnedbehcpclhfkfoieodcjmmpln deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\lumon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\lumon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully C:\Users\lumon\AppData\Local\Torch\User Data\Default\Extensions\nmjmiojneplpcdfbohobmhedkibkaojk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {EDC2B152-D5D4-4FF6-89A8-E049D53BF4AF} Google Url="http://www.google.com/search?q={searchTerms}" {EDC2B152-D5D4-4FF6-89A8-E049D53BF4AF} Google Url="http://www.google.com/search?q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\2c36d90e-711c-4968-aa22-5127e1964c6f deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{fe885e3d} deleted successfully ==== HijackThis Entries ====================== O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WebStorage] C:\Program Files\ASUS\WebStorage\2.1.1.265\AsusWSPanel.exe /S O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\windows\system32\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lumon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lumon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQLH003J will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\lumon\AppData\Local\Mozilla\Firefox\Profiles\aiaksldp.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\lumon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=641 folders=230 70400477 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\lumon\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\lumon\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\lumon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQLH003J" not found "C:\Users\lumon\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FNRYGSW8\static.issuu.com" not found "C:\Users\lumon\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FNRYGSW8\static.muzu.tv" not found ==== EOF on zo 06/07/2014 at 14:17:55,64 ======================