Zoek.exe v5.0.0.0 Updated 12-July-2014 Tool run by DAAN on za 12/07/2014 at 10:29:16,95. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\DAAN\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-07-08-142310.log 925 bytes C:\zoek-results2014-07-10-073455.log 30001 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Internet Explorer\SearchScopes\{10B1B30C-53B8-4CBA-B4FA-6453FF91357E} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe C:\Windows\SysWOW64\nlssrv32.exe C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe C:\Users\DAAN\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe C:\Users\DAAN\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Users\DAAN\AppData\Roaming\Spotify\spotify.exe C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\LevelOne WNC-0301\WlanCU.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\DAAN\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@toolbar"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AVG Secure Search not found C:\ProgramData\AVG Secure Search not found C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml deleted C:\Users\DAAN\AppData\Roaming\eIntaller deleted C:\Users\DAAN\AppData\Roaming\Babylon deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Package Cache deleted C:\Users\DAAN\AppData\Local\AVG Secure Search deleted C:\Users\DAAN\AppData\Local\cache deleted C:\Users\DAAN\AppData\Local\SwvUpdater deleted C:\Users\DAAN\Searches deleted C:\Users\DAAN\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\DAAN\Desktop\Continue VuuPC Installation.lnk deleted "C:\Windows\Installer\60d4e.msi" deleted "C:\Users\DAAN\AppData\Local\LumaEmu" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 16361 MB CPU Info: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz CPU Speed: 3405,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Realtek Digital Output(Optical) | Display Adapters: AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Intel(R) 82579V Gigabit Network Connection | Hamachi Network Interface CD / DVD Drives: 1x (D: | ) D: ASUS DRW-24B3ST Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 119,1GB | E: 931,5GB | F: 1863,0GB | G: 55,9GB Hard Disks - Free: C: 22,0GB | E: 539,9GB | F: 255,4GB | G: 11,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 02/05/10 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer INC. SABERTOOTH P67 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Default Browser: Google Chrome 37.0.2062.3 Internet Explorer Version: 10.0.9200.17028 Mozilla Firefox version: 31.0 (x86 en-US) Google Chrome version: 37.0.2062.3 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_25 (32-bit) Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\DAAN\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-07-09 11:06:22 EFFC098B09760FFEEAE1C10533D74017 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 11:06:22 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-07-09 11:06:22 56F0F2AC87F7BB155B0D745FF8B660DD 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-07-09 11:06:22 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-07-09 11:06:22 45E1DA8EF50FB8E5227CE8423EA43055 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2014-07-09 11:06:22 1B91409DA29A30D899D257BCF86FD5B3 357888 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 11:06:21 D97646D8E83B5AA8198182449C7FDCBF 226816 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 11:06:21 D143C6B9624E29E0AA1D682C9A678C95 2863616 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-07-09 11:06:21 6D4A861C832CD598DE1267939CCEB154 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 11:06:21 4A09112A94AC63DA93FF17F1E76DFA68 80896 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 11:06:21 43E4E8F5AFDD1A5E0D269D1DE5C717EB 2051072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-07-09 11:06:21 27631A4D65AB1FA5718EBBFED05B7815 1766400 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-07-09 11:06:20 8795FB612463119D7560EBA9C7F8784D 14368768 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-07-09 11:06:16 61B1C74ED24F2CD5D1B0C20AC51492F6 1141760 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-07-09 11:06:16 5FE1032BC879A8F39EA6F90FDD8DD838 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-07-09 11:06:16 49E69D3C71522F14E88361139C96C4A7 226816 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 11:06:16 1DB8DD378F5851CFC0D699A4B5EBA559 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-07-09 11:06:15 841997B03FC48A0713247837563EF1D6 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 11:06:15 71A5B696671E2CC42376FF1ED9575C37 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-07-09 11:06:15 2ECF28B5EE03B12FAB7DFA680178B0BC 1440768 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 11:06:14 A3FB2F617F15586B66A6E0ACF3A380FE 13732352 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-07-09 11:06:13 26582E103FD52094FC5ECA619BDE93FF 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2014-07-09 11:06:01 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-07-09 11:06:01 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-07-09 11:06:01 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-07-09 11:06:01 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 11:06:01 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 11:06:01 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 11:06:01 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-07-09 11:05:59 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-07-09 11:05:59 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-07-09 11:06:26 980394E1FF94E460C4D71C1B098A0B4F 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-07-09 11:06:26 03282D1ADC4F64D27D697CBB63F972C2 519168 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-07-09 11:06:23 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-07-09 11:06:22 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-07-09 11:06:22 B07200A237E54AC9D453DE3661FF31C4 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-07-09 11:06:22 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe 2014-07-09 11:06:21 E40183B5A2DC1C5761AE51E34312ACA5 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-07-09 11:06:21 27E552632E6394DE0FA555EFDBA29A49 2239488 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-07-09 11:06:21 239293442AE3873D253BFEE72AD01874 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-07-09 11:06:20 9489C3323D2BCFB3AF60475CCDA66B1A 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-07-09 11:06:20 9305A3DDEE11C5579D290F750EEA5B7D 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-07-09 11:06:20 91FC6F95B04FD48DC6EBB99AE218D21B 281600 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-07-09 11:06:20 5A000C8F02B22EF8F99F6D988A7A0444 97792 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-07-09 11:06:19 3A691F30BB012EE0A4CC3E74BAFF1D66 2650624 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-07-09 11:06:18 0DF61F84BC5542FFDA2F64D6697358E1 19277312 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-07-09 11:06:17 FC66C25C9060E0681A4ABCB96EC26A4F 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2014-07-09 11:06:16 CAB7A75725D29A63F464996A9FA2752E 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-07-09 11:06:16 9046B20273767138A1A0CFABD005DFF0 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-07-09 11:06:15 DAF42D53210C8FEC9087AD1E44C67854 255488 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-07-09 11:06:15 CE6BBFFF2FEB9E43C58350AA506EDAB1 1366528 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-07-09 11:06:15 CD2974BD1BB6551260AAB3D4D04BECD5 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-07-09 11:06:15 A6B7A11B37C1BF854D9AC43CFE215A22 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-07-09 11:06:15 74869FE2697E4A881B7C8C9F615F1204 1508864 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-07-09 11:06:15 200E468E3E83481DE4C08CB786DB19FC 197120 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-07-09 11:06:14 B56946EED9F6571EE1DB2A7FF6C0E47C 15369728 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-07-09 11:06:13 F43351A68833FC80135A394A656F4F4B 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2014-07-09 11:06:01 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-07-09 11:06:01 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-07-09 11:06:01 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-07-09 11:06:01 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-07-09 11:06:01 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-07-09 11:06:01 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-07-09 11:06:01 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-07-09 11:05:59 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-07-09 11:06:22 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2014-06-17 14:21:34 5D115BF49AE159D4D7D1EBC640CB138F 235800 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys 2014-06-17 14:06:58 0971913995F5FAFD711B0B2426A175E9 269080 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys 2014-06-17 14:06:24 B0E4A1F342A3F8B75C4A4ADB044761C9 190744 ----a-w- C:\Windows\Sysnative\drivers\avgidsha.sys 2014-06-17 14:06:22 946C038A7274D689A004785E581FAD5F 153368 ----a-w- C:\Windows\Sysnative\drivers\avgdiska.sys 2014-06-17 14:06:22 50E7E80BB5F3E2BB0B48F3F7E17ED6B1 242968 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2014-06-17 14:06:20 D9CED15E158573DE1BB67330C4206763 123672 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys 2014-06-17 14:06:06 C4F9056928B26BCAF15872E46B29184F 31512 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys ====== C:\Windows\Tasks ====== 2014-06-20 12:23:44 B2EDF4D11B8DDED5E847D82DF2900EDA 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-20 12:23:44 8D7F5E7988F091F7898CE51B10922F04 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-07-06 10:34:32 -------- d-----w- C:\PROGRA~2\Trend Micro 2014-06-26 07:29:29 -------- d-----w- C:\PROGRA~2\Ubisoft 2014-06-20 07:49:16 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-06-18 18:33:18 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-06-18 18:33:18 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== 2014-06-30 09:20:02 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Minecraft.exe ====== C:\Users\DAAN\AppData\Roaming ====== 2014-06-26 07:29:31 -------- d-----w- C:\Users\DAAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-26 07:29:31 -------- d-----w- C:\Users\DAAN\AppData\Local\Ubisoft Game Launcher 2014-06-20 07:49:20 -------- d-----w- C:\Users\DAAN\AppData\Local\Mozilla 2014-06-18 18:33:21 -------- d-----w- C:\Users\DAAN\AppData\Local\Skype 2014-06-18 18:33:20 -------- d-----w- C:\Users\DAAN\AppData\Roaming\Skype 2014-06-17 06:17:17 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google ====== C:\Users\DAAN ====== 2014-07-06 15:36:40 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DAAN\Desktop\RSITx64.exe 2014-06-20 17:30:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-20 07:49:16 -------- d-----w- C:\ProgramData\Mozilla 2014-06-18 18:33:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-06-18 18:33:17 -------- d-----w- C:\ProgramData\Skype 2014-06-18 18:17:58 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2014-07-09 11:06:26 B1544CE66FD0135A170F09B66A9E7800 172200 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-07-09 11:06:26 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Windows\SysWOW64\Dism\DismHost.exe 2014-07-09 11:06:26 679A800CFFBB8EA970506887045F2E41 46752 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-07-09 11:06:26 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\System32\Dism\DismHost.exe 2014-07-09 11:06:23 20235ED4653CFDDCDEF721F5126A1C47 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 2014-07-09 11:06:22 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-07-09 11:06:22 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\System32\osk.exe 2014-07-09 11:06:22 89D2706FCD45E33CECFBD46BCBAD7E16 10240 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 2014-07-09 11:06:16 CAB7A75725D29A63F464996A9FA2752E 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-07-09 11:06:15 8597633E306B3793FB353C02DBFBE52F 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-07-09 11:06:14 906DD419A6F121F971602CFF4A27B8BC 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-07-06 15:36:40 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DAAN\Desktop\RSITx64.exe === C: other files == 2014-07-09 11:06:23 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\System32\win32k.sys 2014-07-09 11:06:22 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2014-07-06 10:01:03 99CC504245963E23D336332125142209 693916 ----a-w- C:\ProgramData\AVG2014\IDS\outbox\tmp_a45801f8-3b0f-47d2-b33e-25244254f906.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\DAAN\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "Grid"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe" "SkyDrive"="C:\Users\DAAN\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Spotify"="C:\Users\DAAN\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Google Update"="C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Facebook Update"="C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify Web Helper"="C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\DAAN\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "Grid"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe" "SkyDrive"="C:\Users\DAAN\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Spotify"="C:\Users\DAAN\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Google Update"="C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Facebook Update"="C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify Web Helper"="C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2013-07-24 14:13:41 1737 ----a-w- C:\Users\DAAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk 2013-07-12 22:00:11 1716 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LevelOne WNC-0301 Utility.lnk 2013-12-08 11:04:11 2653 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk 2013-07-12 15:01:06 1888 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless LAN Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core.job --a------ C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe [15/11/2013 19:08] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA.job --a------ C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe [15/11/2013 19:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/06/2014 13:11] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/06/2014 13:11] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core.job --a------ C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe [12/11/2013 20:31] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA.job --a------ C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe [12/11/2013 20:31] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-DAAN-PC-DAAN" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core" [C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA" [C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core" [C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA" [C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\DAAN\AppData\Roaming\Mozilla\Firefox\Profiles\mdp3d98s.default - Facebook Ads Block - %ProfilePath%\extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi - Strict Pop-up Blocker - %ProfilePath%\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi - FirefoxAdKiller - %ProfilePath%\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi ProfilePath: C:\Users\DAAN\AppData\Roaming\Songbird2\Profiles\g2wozt28.default - Artwork Extras - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com - gonzo - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com - Philips addon manager - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com - Pink Martini - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com - Purple Rain - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com - Media Sharing - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com - Songbird.me - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com - Noct - %ProfilePath%\extensions\noct@alittlemurkling.net - Glossy Coat 2 - %ProfilePath%\extensions\{7fea29e4-d5c5-41d1-983f-7c8d2b8a612f} AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\DAAN\AppData\Roaming\Mozilla\Firefox\Profiles\mdp3d98s.default FB5621842FDABF9F8359775573498FBC - C:\Users\DAAN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update FF0D6F82A0EC13952E83B9439100E45D - C:\Users\DAAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx[] Ask Toolbar - DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko Comodo Web Inspector - DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn Comodo Share Page Service - DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Google Docs - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Show the YouTube Channel bar or the name. - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn YouTube - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Last updated at time on date - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Adblock for Youtube - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk Google Search - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf WGT Golf Challenge - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg Photo Zoom for Facebook - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi AdBlock - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom MonoChrome - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlphmmcijokifloflhecnkkhbpdnnk Chromium Wheel Smooth Scroller - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb Google Wallet - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hamachi.en.softonic.com_0.localstorage-journal deleted successfully C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journal deleted successfully C:\Users\DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko deleted successfully C:\Users\DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage deleted successfully C:\Users\DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www2.delta-search.com/?babsrc=HP_ss&mntrId=3AB5F46D04B010F5&affID=122471&tsp=4994" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{10B1B30C-53B8-4CBA-B4FA-6453FF91357E}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{10B1B30C-53B8-4CBA-B4FA-6453FF91357E}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [uTorrent] "C:\Users\DAAN\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" O4 - HKCU\..\Run: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe" O4 - HKCU\..\Run: [SkyDrive] "C:\Users\DAAN\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Spotify] "C:\Users\DAAN\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Google Update] "C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: LevelOne WNC-0301 Utility.lnk = C:\Program Files\LevelOne WNC-0301\WlanCU.exe O4 - Global Startup: vpngui.exe.lnk = ? O4 - Global Startup: Wireless LAN Utility.lnk = C:\Program Files (x86)\LevelOne WNC-0301\WlanCU.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit (mi-raysat_3dsmax2013_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DAAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DAAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHMF34Z will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\DAAN\AppData\Local\Mozilla\Firefox\Profiles\mdp3d98s.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\DAAN\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=964 folders=300 110588763 bytes) ==== Empty Temp Folders ====================== C:\Users\DAAN\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\DAAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\DAAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHMF34Z" not found ==== EOF on za 12/07/2014 at 10:40:26,80 ======================