Zoek.exe v5.0.0.0 Updated 13-July-2014 Tool run by Frank on ma 14/07/2014 at 12:20:27,26. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Frank\Desktop\Zoek\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-07-14-073642.log 69927 bytes C:\zoek-results2014-07-14-101330.log 46900 bytes ==== Empty Folders Check ====================== C:\PROGRA~3\CanonIJPLM deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== A-PDF Merger Acer Arcade Deluxe Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer GameZone Console Acer GridVista Acer Registration Acer ScreenSaver Acrobat.com Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Asset Services CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Recommended Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Extra Settings CS4 Adobe Color Video Profiles CS CS4 Adobe Contribute CS4 Adobe Creative Suite 4 Master Collection Adobe Creative Suite 4 Web Standard Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Dreamweaver CS4 Adobe Drive CS4 Adobe Drive CS4 x64 Adobe Dynamiclink Support Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Fireworks CS4 Adobe Flash CS4 Adobe Flash CS4 Extension - Flash Lite STI en Adobe Flash CS4 STI-en Adobe Flash Player 14 ActiveX Adobe Flash Player 14 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Importer Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe PDistiller Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Reader 9.5.5 MUI Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe Version Cue CS4 Server Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Alice Greenfingers Amazonia Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver AVS Video Converter 6 Belgium e-ID middleware 4.0.7 (build 7453) Bonjour Canon MP Navigator 3.1 Canon MP140 series Canon Utilities Easy-PhotoPrint CCleaner Chicken Invaders 2 Compatibiliteitspakket voor het 2007 Microsoft Office system Competitie Planner Squash Connect D3DX10 Dairy Dash DeltaWalker 1.9.9.6 Dream Day First Home Driver Whiz Dropbox eSobi v2 Facebook Video Calling 2.0.0.447 Farm Frenzy 2 Feature Update Service (YFD) Filzip 3.06 First Class Flurry Garmin BaseCamp Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin TOPO France v3 Pro Garmin USB Drivers Gebruikersregistratie voor Canon MP140 series Google Chrome Google Desktop Google Drive Google Earth Plug-in Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Google+ Auto Backup Granny In Paradise HeidiSQL 5.1 Heroes of Hellas iCloud Identity Card Incomedia WebSite X5 v8 - Evolution Intel(R) Graphics Media Accelerator Driver Intel© Matrix Storage Manager iTunes Java 7 Update 60 Junk Mail filter update kuler Launch Manager Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4.5.1 Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Office File Validation Add-In Microsoft Office Outlook Connector Microsoft Office Professional Editie 2003 Microsoft Office Suite Activation Assistant Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox 27.0.1 (x86 nl) Mozilla Firefox 30.0 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird (3.1.20) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker Network_Me NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 OstroSoft Winsock Component Paint.NET v3.5.10 PDF Settings CS4 Photoshop Camera Raw Photoshop Camera Raw_x64 Picasa 3 Pixel Bender Toolkit PIXMA Extended Survey Program QuickTime Realtek USB Card Reader ScanSoft OmniPage SE 4 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Skype Click to Call SkypeT 6.16 Spotify Squash Toernooi Planner Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Suite Shared Configuration CS4 Synaptics Pointing Device Driver SyncBack TeamViewer 9 Unity Web Player USB Disk Win98 Driver VideoConverter Vodafone Mobile Connect Lite Webshots Wallpaper & Screensaver version 1.0.0.439 Website Indexer Welcome Center Windows 7 Upgrade Advisor Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 5.01 (32-bit) Xenu's Link Sleuth ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Users\Frank\AppData\Local\Network_Me_07131858\Network_Me_07131858.exe C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\UMStor\Res.exe C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Frank\Desktop\Zoek\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\be0fb33b deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\be0fb33b deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\16d7f1t8.default ---- Lines {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} modified from prefs.js ---- user_pref("extensions.enabledItems", "firebug@software.joehewitt.com:1.6.2,{a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10,{c45c406e-ab73-11d8-be73-000a ---- Lines {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} modified from prefs.js ---- user_pref("extensions.enabledItems", "firebug@software.joehewitt.com:1.6.2,{a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10,{c45c406e-ab73-11d8-be73-000a ---- Lines {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} modified from prefs.js ---- user_pref("extensions.enabledItems", "firebug@software.joehewitt.com:1.6.2,{a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10,{c45c406e-ab73-11d8-be73-000a ---- FireFox user.js and prefs.js backups ---- user_20141407_1235_.backup prefs_20141407_1235_.backup ProfilePath: C:\Users\Frank\AppData\Roaming\Thunderbird\Profiles\02acraee.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141407_1235_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBFFC741-489A-A128-1BCF-01DA0DAB303F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBFFC741-489A-A128-1BCF-01DA0DAB303F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\cosstminn not found C:\Program Files (x86)\Yontoo Layers Runtime not found C:\PROGRA~2\SearchProtect not found C:\Program Files (x86)\Supporter not found C:\Program Files (x86)\SearchProtect not found C:\ProgramData\cosstminn not found C:\Users\Frank\AppData\Roaming\YourFileDownloader not found C:\Program Files (x86)\YourFileDownloader not found C:\Program Files (x86)\YourFileDownloader Updater deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3002 MB CPU Info: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz CPU Speed: 402.5 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; ACER AL1916W | Generic PnP Monitor | Screen Resolution: 1280 X 720 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR5B93 Wireless Network Adapter | Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ890AS Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 220.8GB Hard Disks - Free: C: 125.8GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 11/11/09 | ACRSYS - 1 Time Zone: Romance (standaardtijd) Motherboard *: Acer Aspire 7715Z Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Firefox 27.0.1 Internet Explorer Version: 11.0.9600.17207 Mozilla Firefox version: 27.0.1 (x86 nl) Google Chrome version: 35.0.1916.153 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_60 (32-bit) Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Frank\AppData\Local\Temp ==== 2014-07-14 10:14:00 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Frank\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptxpqfq.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-07-14 09:36:03 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-07-14 09:35:55 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-07-14 09:35:55 8C7C6D494D86307CDCF63E0478767C16 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-14 09:35:55 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-07-11 05:32:53 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-07-11 05:32:46 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-07-11 05:32:40 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-07-11 05:32:39 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-07-11 05:32:39 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-07-11 05:32:38 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-07-11 05:32:38 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-07-11 05:32:37 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-07-11 05:32:37 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-07-11 05:31:57 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-07-11 05:31:57 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-07-11 05:31:57 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-11 05:31:56 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-07-11 05:31:56 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-11 05:31:56 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-07-11 05:31:56 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-07-11 05:31:56 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-07-11 05:31:55 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-07-11 05:31:55 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-07-11 05:31:54 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-07-11 05:31:53 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-07-11 05:31:53 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-07-11 05:31:52 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-07-11 05:31:52 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-07-11 05:31:52 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-07-11 05:31:51 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-07-11 05:31:51 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-07-11 05:31:49 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-11 05:31:49 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-07-11 05:31:48 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-07-11 05:31:48 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-07-11 05:31:47 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-07-11 05:31:46 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-07-11 05:31:45 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-07-11 05:31:45 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-11 05:31:24 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-07-11 05:31:24 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-07-11 05:33:15 03282D1ADC4F64D27D697CBB63F972C2 519168 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-07-11 05:33:14 980394E1FF94E460C4D71C1B098A0B4F 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-07-11 05:32:54 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-07-11 05:32:52 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe 2014-07-11 05:32:46 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-07-11 05:32:40 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-07-11 05:32:39 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-07-11 05:32:39 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-07-11 05:32:38 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-07-11 05:32:38 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-07-11 05:32:38 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-07-11 05:32:37 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-07-11 05:31:57 FC50DF22550C565DD096ACFAF18A37ED 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-07-11 05:31:56 DA5BAC4C5BDB22BBC6771534EA95AD33 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-07-11 05:31:56 C2F62DF01E3552DB0571FEF4D514675B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-07-11 05:31:56 C0F9F52C36E584C0339406ABF6DA1FBA 266424 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-07-11 05:31:56 5E646AD50848A409291418B5759595B9 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-07-11 05:31:53 73C7D1FCF6F58F3BF077FB42B0214BC0 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-07-11 05:31:52 7176CB0FFAAC3E54ABB2014E821120F9 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-07-11 05:31:52 391D68668CFC061F26BE593A61F745E0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-07-11 05:31:52 2E40D5E11BCC597352EE0314AF629A0F 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-07-11 05:31:51 D8E6706AECD7AA50764E126CE3F36555 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-07-11 05:31:50 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-07-11 05:31:50 7469D4E046BD7D155CAC2697BD28B58B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-07-11 05:31:50 1685AA234852657C4A6D253CCBBE84E0 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-07-11 05:31:49 A21C6231459F4CAC212676A9367A1A68 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-07-11 05:31:46 8B2ADE09864BF3F7AA6D395DAFEC41B5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-07-11 05:31:44 854C5F171F5CEE272232AC0286F3B3B9 598016 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-07-11 05:31:44 415DF2B045167D6D85223CFFF00FCFC7 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-07-11 05:31:44 366FA6D38406DC8BED62825C196144D1 13527040 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-07-11 05:31:43 CD76B3D60D28634A67B0AD7CB2E45929 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-07-11 05:31:43 945FA19B388FCF0FEA6124B5FD71C72F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-07-11 05:31:43 1FD6C2F6AC489C271565730F6E9E1A05 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-07-11 05:31:42 BDD4A74421B023C81DA63168BD10C01B 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-07-11 05:31:42 50FF2DD806CC6CF3B3F98F9A1A711603 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-07-11 05:31:42 4EC7738394D2BC7BCB5F7A3657F57252 5721088 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-07-11 05:31:42 00401347C3BC466E5F2516387EBBCA7D 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-07-11 05:31:41 2EE102DF0EDD8A1EDD3D1E9B99A91BEC 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-07-11 05:31:40 F876957CA193B20A21D52F91418657D7 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-07-11 05:31:40 89A53CDE0DA5680AF48A181D82C752CA 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-07-11 05:31:38 FEC19C351EF1B2C998A85D1BFD765675 23464448 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-07-11 05:31:38 52012C83F7E9AF65D13F04415F0508F5 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-07-11 05:31:26 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-07-13 18:58:32 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_webinstr_01009.Wdf 2014-07-11 05:32:44 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== 2014-07-11 09:15:42 A12E39FD9D297911A79EAF0B1E7FF981 3124 ----a-w- C:\Windows\Sysnative\Tasks\{798EE4F7-87E6-4F76-9508-3DA9725D4B68} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-14 06:22:05 -------- d-----w- C:\Program Files\trend micro 2014-07-11 09:12:52 -------- d-----w- C:\Program Files\Ghostgum ======= C:\PROGRA~2 ===== 2014-07-13 12:42:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-07-11 12:02:30 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-07-11 09:00:11 -------- d-----w- C:\PROGRA~2\Ghostgum ======= C: ===== ====== C:\Users\Frank\AppData\Roaming ====== 2014-07-14 10:10:47 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-07-14 10:10:47 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-07-14 10:10:46 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp 2014-07-14 10:10:46 -------- d-----w- C:\Users\Frank\AppData\Local\Temp 2014-07-14 10:10:46 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-07-14 10:10:46 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-07-14 10:10:46 -------- d-----w- C:\Users\Administrator\AppData\Local\Temp 2014-07-13 19:10:29 -------- d-----w- C:\Users\Frank\AppData\Local\HitsBlender 2014-07-13 18:58:48 -------- d-----w- C:\Users\Frank\AppData\Local\Packages 2014-07-13 18:58:43 -------- d-----w- C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-13 18:58:42 -------- d-----w- C:\Users\Frank\AppData\Local\Chromatic Browser 2014-07-13 18:58:41 -------- d-----w- C:\Users\Gast\AppData\Local\Torch 2014-07-13 18:58:41 -------- d-----w- C:\Users\Frank\AppData\Local\Torch 2014-07-13 18:58:41 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-13 18:58:40 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch 2014-07-13 18:58:39 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-07-13 18:58:39 -------- d-----w- C:\Users\Frank\AppData\Local\Comodo 2014-07-13 18:58:38 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-07-13 18:58:38 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-07-13 18:58:29 -------- d-----w- C:\Users\Frank\AppData\Local\Network_Me_07131858 2014-07-11 12:02:38 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Google 2014-07-11 09:03:21 -------- d-----w- C:\Users\Frank\AppData\Local\Apps 2014-07-11 06:23:06 -------- d-----w- C:\Users\Frank\AppData\Local\TechSmith 2014-06-16 06:41:56 -------- d-----w- C:\Users\Frank\AppData\Local\Adobe ====== C:\Users\Frank ====== 2014-07-14 09:35:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-14 09:25:52 B8D51D13AA9516ECB78AB0EB9217CB2E 918952 ----a-w- C:\Users\Frank\Downloads\jxpiinstall.exe 2014-07-14 06:21:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Frank\Downloads\RSITx64.exe 2014-07-13 19:10:22 -------- d-----w- C:\ProgramData\HitsBlender 2014-07-13 19:06:49 6BBCFDBB6D2D2B1599E5D28403258396 692440 ----a-w- C:\Users\Frank\Downloads\play_interval_shuttle_run_test_mp3.exe 2014-07-13 18:58:38 -------- d-----w- C:\Users\Gast\AppData 2014-07-13 18:58:24 8D169D7D8D6CABD7BE728ECB34847873 536 --sha-r- C:\ProgramData\ntuser.pol 2014-07-13 18:57:01 AFCD92D0A213CA0B68ED44CF82299DCD 7194808 ----a-w- C:\Users\Frank\Downloads\interval_shuttle_run_test_mp3_downloader.exe 2014-07-11 12:03:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-07-11 09:20:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostgum 2014-07-11 09:12:56 6E28C58BDE139A3B7A7912024F84B7FE 1539 ----a-w- C:\Users\Frank\gsview64.ini 2014-07-11 09:00:16 06AD8F35012962E60866F116BB252A5F 1441 ----a-w- C:\Users\Frank\gsview32.ini ====== C: exe-files == 2014-07-14 09:36:03 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-07-14 09:35:55 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-07-14 09:35:55 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-07-14 09:35:31 E0FE8B7BE802F8C4A71317AC35E44B00 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-07-14 09:35:31 C7C5FF4B0E83702EFBC0C886D87E9743 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-07-14 09:35:31 B5C9699AA60F74F144DB5A566F6E58F8 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-07-14 09:35:31 84FB0EC0581C996F445433BD2379A5CC 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-07-14 09:35:31 3427C247AFEC295CD4A20B53EE445F23 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-07-14 09:35:31 0595B07F96E4F48784A4B772B887AD68 49576 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-07-14 09:35:30 F9DE7324BDF83F5AFE174354F47C2AE0 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-07-14 09:35:30 E2C8F178A57D011518785CF75044CD69 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-07-14 09:35:30 AEA4E94FC2A2F88FA5EC7FB6BC349E1B 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-07-14 09:35:30 8140DCC3064BA8ADC407D956BE19D764 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-07-14 09:35:30 62CA7ABA57A4FCDB3844F73A156BAE26 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-07-14 09:35:30 3002E7E937FCB8985320AA807E762845 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-07-14 09:35:30 235A2E87C34995F1837283FE76CD2E46 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-07-14 09:35:29 E87885A59FDC241B6575943A75E495D9 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-07-14 09:35:29 1EFC992CA271E6D40034FBE7BCEDB724 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-07-14 09:35:28 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-07-14 09:35:28 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-07-14 09:35:27 96777405AB93AF8FCF6C9B6F5C3F1E51 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-07-14 09:35:27 82517DE5984F3EA3A49E0B5C8825DA63 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-07-14 09:35:27 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-07-14 09:35:27 07643C3AF27179144C9800AF0819DE75 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-07-14 09:34:52 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Frank\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-07-14 09:25:52 B8D51D13AA9516ECB78AB0EB9217CB2E 918952 ----a-w- C:\Users\Frank\Downloads\jxpiinstall.exe 2014-07-14 06:22:05 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Frank.exe 2014-07-14 06:21:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Frank\Downloads\RSITx64.exe 2014-07-13 19:06:49 6BBCFDBB6D2D2B1599E5D28403258396 692440 ----a-w- C:\Users\Frank\Downloads\play_interval_shuttle_run_test_mp3.exe 2014-07-13 18:58:29 A25A8426A9728E95BA76979814243C64 2142208 ----a-w- C:\Users\Frank\AppData\Local\Network_Me_07131858\Network_Me_07131858.exe 2014-07-13 18:57:01 AFCD92D0A213CA0B68ED44CF82299DCD 7194808 ----a-w- C:\Users\Frank\Downloads\interval_shuttle_run_test_mp3_downloader.exe 2014-07-13 18:34:18 A7CC8855FF33A1571CE29DED54548A1F 264704 ----a-w- C:\Users\Frank\Downloads\TheBeepTest\BEEPTEST.EXE 2014-07-11 09:12:55 04BEAA578F97C5D1DFA3150A88934125 111616 ----a-w- C:\Program Files\Ghostgum\gsview\uninstgs.exe 2014-07-11 09:00:15 1D2A3CC81273038BE758208792590318 89600 ----a-w- C:\Program Files (x86)\Ghostgum\gsview\uninstgs.exe 2014-07-11 05:33:15 B1544CE66FD0135A170F09B66A9E7800 172200 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-07-11 05:33:15 679A800CFFBB8EA970506887045F2E41 46752 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-07-11 05:33:05 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Windows\SysWOW64\Dism\DismHost.exe 2014-07-11 05:33:04 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\System32\Dism\DismHost.exe 2014-07-11 05:32:54 20235ED4653CFDDCDEF721F5126A1C47 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe 2014-07-11 05:32:53 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-07-11 05:32:52 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\System32\osk.exe 2014-07-11 05:32:52 89D2706FCD45E33CECFBD46BCBAD7E16 10240 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 2014-07-11 05:31:56 61FF1A9683EDD471797FE0F56057FD09 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-07-11 05:31:56 24868C9D422EDB5B249C0C81B01A0C19 810160 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-07-11 05:31:54 CD900EFB4F8946A2BB1950D9F45915C2 812216 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-07-11 05:31:54 65D0ECD485C8605B07C8338708224818 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-07-11 05:31:54 2168067C03FADB690B77633104A2E64B 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-07-11 05:31:52 7176CB0FFAAC3E54ABB2014E821120F9 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-07-11 05:31:50 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-07-11 05:31:50 8395829B1CE9E11C6441753257DC7591 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-07-11 05:31:49 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-07-11 05:31:43 CD76B3D60D28634A67B0AD7CB2E45929 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-07-11 05:31:38 52012C83F7E9AF65D13F04415F0508F5 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe === C: other files == 2014-07-14 09:35:33 8E29BBCCC8D802D36701633A7842FE74 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2014-07-13 18:33:53 429FF984946120A8CD44B714B410A1A3 145411 ----a-w- C:\Users\Frank\Downloads\TheBeepTest.zip 2014-07-11 12:01:53 C1F1650DA495D8957E83608F8BE613A5 61312 ----a-w- C:\drivers\SPR3322K.sys 2014-07-11 12:01:53 B871A8F6396ECC620766F20E3A120857 57984 ----a-w- C:\drivers\SCR3XX2K.sys 2014-07-11 12:01:53 B2FB0404BFA484BFA5D9A2BE7C0C809C 172544 ----a-w- C:\drivers\cxbu0x64.sys 2014-07-11 12:01:53 2DD63DBA58D76D3B500EEC1EF77B97EC 43392 ----a-w- C:\drivers\apg8201z.sys 2014-07-11 12:01:53 2825E0E294686A26506690059E1F437A 29184 ----a-w- C:\drivers\usbccid.sys 2014-07-11 12:01:53 258D95A50AC8EF725E114C92FA3A38AA 71680 ----a-w- C:\drivers\S332x64.sys 2014-07-11 12:01:53 1BAACB69DC6C99FA6B249EF27D4642ED 68608 ----a-w- C:\drivers\S3XXx64.sys 2014-07-11 12:01:53 0F39961D10D4DE80C95BE441E42D9C23 50688 ----a-w- C:\drivers\apg8201zx64.sys 2014-07-11 12:01:53 0284C94FC495D8D08DF24C18994C1662 114304 ----a-w- C:\drivers\cxbu0wdm.sys 2014-07-11 12:01:52 888DFE4137F626CEA9CCE3BD47941B64 44672 ----a-w- C:\drivers\a38usbx64.sys 2014-07-11 12:01:52 8378A77DFAF832A7ACBE90F59066FF9A 14080 ----a-w- C:\drivers\acr38svr.sys 2014-07-11 12:01:52 5F92E1E98EC2F4E6FE13D19AA3E24AD7 37632 ----a-w- C:\drivers\a38usb.sys 2014-07-11 12:01:52 0FA03F53C0A635513F34B3D85BA1D361 17674 ----a-w- C:\drivers\a38usb98.sys 2014-07-11 05:32:54 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\System32\win32k.sys 2014-07-11 05:32:44 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\System32\drivers\afd.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1916705536-2991991799-1650460490-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "Facebook Update"="C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "network_me_07131858"="c:\users\frank\appdata\local\network_me_07131858\network_me_07131858.exe /r" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB Storage Toolbox"="C:\Windows\UMStor\Res.EXE" "SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "OpwareSE4"="C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "Facebook Update"="C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "network_me_07131858"="c:\users\frank\appdata\local\network_me_07131858\network_me_07131858.exe /r" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll C:\\PROGRA~2\\SUPPOR~1\\SUPPOR~2.DLL" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer ePower Management] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acer ePower Management" "hkey"="HKLM" "command"="C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 8.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS4ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS4ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe_ID0ENQBO] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe_ID0ENQBO" "hkey"="HKLM" "command"="C:\\PROGRA~2\\COMMON~1\\Adobe\\ADOBEV~1\\Server\\bin\\VERSIO~2.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcadeDeluxeAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecLiveUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecLiveUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec Egis Software Update\\EgisUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Desktop Search" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleDriveSync" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IAAnotif" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LManager" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileConnect] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MobileConnect" "hkey"="HKLM" "command"="%programfiles%\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe /silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSC" "hkey"="HKLM" "command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mwlDaemon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PlayMovie" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PLFSetI" "hkey"="HKLM" "command"="C:\\Windows\\PLFSetI.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Frank\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Frank\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Webshots Wallpaper & Screensaver.lnk] "path"="C:\\Users\\Frank\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Webshots Wallpaper & Screensaver.lnk" "backup"="C:\\Windows\\pss\\Webshots Wallpaper & Screensaver.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\Webshots\\WALLPA~1\\WALLSC~1.EXE " "item"="Webshots Wallpaper & Screensaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Adobe Version Cue CS4] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ePowerSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service 64] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GoogleDesktopManager-051210-111108] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Greg_Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IAANTMON] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTIBackupSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTISchedulerSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Updater Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VMCService] ==== Startup Folders ====================== 2012-06-07 20:15:37 1053 ----a-w- C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-07-13 18:58:40 1214 ----a-w- C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\network_me_07131858.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/07/2014 08:30] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000Core.job --a------ C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/11/2013 22:19] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000UA.job --a------ C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/11/2013 22:19] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000Core.job --a------ C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000UA.job --a------ C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000Core" [C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000UA" [C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000Core" [C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1916705536-2991991799-1650460490-1000UA" [C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{25105CAC-B50D-448C-9E81-09D28A1D740C}" [C:\Program Files (x86)\Skype\Phone\Skype.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\16d7f1t8.default - Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi - View Source Chart - %ProfilePath%\extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}.xpi - FireFTP - %ProfilePath%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi - Easy YouTube Video Downloader - %ProfilePath%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi - Web Developer - %ProfilePath%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi ProfilePath: C:\Users\Frank\AppData\Roaming\Thunderbird\Profiles\02acraee.default - Provider for Google Calendar - %ProfilePath%\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc} - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\16d7f1t8.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash 5CB01CF141E021DAAE96991A5BA57944 - C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\Frank\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Frank\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 09B4E13D25623D879D35286E2D29FF13 - C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/10/2011 11:09] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\Frank\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[08/05/2013 20:14] Google Drive - Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Skype Click to Call - Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlBE366" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=5QQaJWw-QS3yF2xuvVV56g96XJs?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Windows\UMStor\Res.EXE O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [network_me_07131858] "c:\users\frank\appdata\local\network_me_07131858\network_me_07131858.exe" /r O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: network_me_07131858.lnk = Frank\AppData\Local\Network_Me_07131858\Network_Me_07131858.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} (RtspVaPgCtrlNew2 Class) - http://192.168.1.20/RtspVaPgDecNew2.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Frank\AppData\Local\Mozilla\Firefox\Profiles\16d7f1t8.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=236 folders=90 59556528 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Frank\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Frank\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 14/07/2014 at 12:48:33,83 ======================