Zoek.exe v5.0.0.0 Updated 21-09-2014 Tool run by LEON7 on di 23/09/2014 at 17:29:14,58. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\LEON7\Downloads\zoek (2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-09-21-113632.log 75994 bytes C:\zoek-results2014-09-21-120126.log 57864 bytes C:\zoek-results2014-09-22-105625.log 72331 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Browser Extensions Control ActiveX de Windows Live Mesh para conexiones remotas Contr“le ActiveX Windows Live Mesh pour connexions … distance Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas Dropbox Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Image Resizer for Windows Image Resizer for Windows (64 bit) Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave LAME v3.99.3 (for Windows) Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Corporation Microsoft Image Composite Editor Microsoft LifeCam Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Klik-en-Klaar 2010 Microsoft Office Office 64-bit Components 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office SharePoint Designer 2007 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office SharePoint Designer MUI (Dutch) 2007 Microsoft Office Starter 2010 - Nederlands Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MyFreeCodec PDF Viewer for Windows 7 Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live Raccolta foto di Windows Live S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office SharePoint Designer 2007 (KB2596810) 32-Bit Edition Spotify St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?æa???sæ??e? s??d?se?? Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Uzak BaglantÕlar I‡in Windows Live Mesh ActiveX Denetimi Visual Studio C++ 10.0 Runtime Winamp Applicatie Detect Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Fot¢t r Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vez‚rlo t voli kapcsolatokhoz Windows Live Mesh ActiveX control for remote connections Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources YTD Video Downloader 4.8.5 ==== Running Processes ====================== C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe C:\Users\LEON7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Online Games Manager\ogmservice.exe C:\Windows\SysWOW64\IoctlSvc.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\DeviceManager.exe C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\ConnectionManager.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\LEON7\Downloads\zoek (2).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1031391873-2787642463-4142461730-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Slick Savings"=- "Browser Extensions"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Slick Savings"=- "Browser Extensions"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SearchSettings"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1031391873-2787642463-4142461730-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Slick Savings"=- "Browser Extensions"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Slick Savings"=- "Browser Extensions"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Users\LEON7\AppData\Roaming\Slick Savings not found C:\Program Files (x86)\Common Files\Spigot\Search Settings not found ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8159 MB CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz CPU Speed: 3020,9 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: NVIDIA GeForce GT 520 | NVIDIA GeForce GT 520 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Bluetooth-apparaat (Personal Area Network) #2 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-216AB Ports: COM12 | COM11 | COM13 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 1346,2GB | D: 50,0GB | Q: 0,0MB Hard Disks - Free: C: 846,3GB | D: 29,2GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/19/12 | MEDION - 11112011 Time Zone: Romance (standaardtijd) Motherboard *: MEDION MS-7728 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 36.0.1985.143 Internet Explorer Version: 11.0.9600.17280 Google Chrome version: 36.0.1985.143 Adobe Reader version: 11.0.9.29 Sun Java version: 1.7.0_67 (32-bit) Sun Java version: 1.7.0_03 (64-bit) Flash Player version: 15.0.0.152 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\LEON7\AppData\Local\Temp ==== 2014-09-23 07:21:07 795B3078A7EAC416BA8254CAE2428586 21888 ----a-w- C:\Users\LEON7\AppData\Local\Temp\ochelper.exe ====== Java Cache ===== 2014-09-22 11:03:04 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\LEON7\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-11bb8ab7 ====== C:\Windows\SysWOW64 ===== 2014-09-11 14:05:10 E3D7B3F64C30994409BDF8E48048A854 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 14:05:10 6DD476318F524D2DCB73AFEB2EE27B4A 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 14:05:10 297EF1AB73B8FCE76BCA1365C2E49AFC 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-09-11 14:05:09 CC8F34B345DA638D77BB48C035DA628D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-09-11 14:05:09 84E96F4AF8A7748A3DE7C3EBBC6768E5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 14:05:09 4F2EDC301EC63F803C0FDB6CC87EDA24 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-09-11 14:05:09 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 14:05:09 010DFAF3EF93994B805BAA1493D47973 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 14:05:08 D603AC77E17E5B9583E382F2EE0381A7 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 14:05:08 AA595171932ACC79DA9851067DCBDABF 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-09-11 14:05:08 8D4FCAB2643DFEF68040B70F1EDCCBC5 327872 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 14:05:08 7C3D593AB1E2F5E5687D97772EF99AC7 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-09-11 14:05:08 77F79126444896B5867E6761490735B8 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 14:05:08 2E2E40E5D92EEA979548E307C5781038 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 14:05:08 13C2C87C35E52AAB1B439FB2E26DF2DE 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 14:05:08 074646C5A979DE79133DE4A8530A9C5D 603136 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 14:05:07 5074835337862817DB3726558D0908DE 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 14:05:07 1D8C086A39B9794D7131384586811B25 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 14:05:06 88EBB8526981D03C5777AB0A4AEBA8B4 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 14:05:05 FD96C05DE700F5FD26273D6DDB6495A7 2185728 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-09-11 14:05:04 D58988722C72D265B51A54103DFC2C6F 1812992 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-09-11 14:05:04 77B7DDF91F3ED2CDB6CF60224EE13433 4232704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-09-11 14:05:03 6A3A809CA7A8F40C89E6F1D301898A66 2014208 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 14:05:03 41010A88B70A2168F801DC19EBD4CB4F 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-09-11 14:05:02 7BF1CE9240CB9DD27C3E30733176EB8E 17455104 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-09-11 14:05:01 A3560FAFC1686D5EE9830B33B5C74B66 11769856 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-09-11 13:59:19 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-11 13:48:17 A8DDB7ACB122FC36FF0D7C9B3099A380 793600 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-11 13:48:01 79896A78039C9A63C56197843CFBAD0B 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-09-11 13:47:42 1B85FA0D0A93C011B76678733F39DB6C 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-09-11 13:47:39 B094390B6B2D0456821384771020870B 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-09-11 13:47:38 10826DA2FC073702AEAB93AF3D73B066 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-09-11 14:05:11 9EFF09364ABDC86770FA0B1BCC9CA3C3 596480 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-09-11 14:05:10 EF79F0B9E0F277F5797C475DF4248B97 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-09-11 14:05:10 A0600300428AB73664050659E738F11F 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-09-11 14:05:10 1BE1D1942825BE2146941DA274D2B92F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-09-11 14:05:09 EE6B22396FA99639A163B1B7E9736669 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-09-11 14:05:09 E76C23C71345ACBC65ED8F6E87AD01D1 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-09-11 14:05:09 C067D863FCD53B91A5BF78AE1CE88E54 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-09-11 14:05:09 786ECD92C9D77F571134283E0FABAF1A 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-09-11 14:05:09 641068C626DE3AD348871D0D7931A3FA 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-09-11 14:05:09 4CF33E458BAEDA917CAE9F2E8338479C 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-09-11 14:05:09 305D5395A65D00C74A94AEA40E9909E9 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-09-11 14:05:09 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-09-11 14:05:09 0113777A28BEC88A50C2566F346E4B58 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-09-11 14:05:08 C07D636B0237172345E68AE8B70A2984 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-09-11 14:05:08 A1BB4CFB25F7CE1D4F67DD71111823AA 374968 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-09-11 14:05:08 68B0077C0D09D1B669A260F2921FD6B9 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-09-11 14:05:08 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-09-11 14:05:08 2AEFBA4339A34C8EF021B49D23D1F1DF 727040 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-09-11 14:05:07 920BD93A0B64657A20CA66C2EBB167EA 23591424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-09-11 14:05:07 4C8838D7C13E9080AF4B548CA791896B 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-09-11 14:05:07 227303FC6E95547EA274F4337BBC7278 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-09-11 14:05:07 1439630B47D717960D59423958754394 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-09-11 14:05:06 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-09-11 14:05:06 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-09-11 14:05:05 75498A52C2AE248DEE5BDF5209768963 2793984 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-09-11 14:05:05 39EBB9708453036A74C30C9A294023FF 2310656 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-09-11 14:05:04 F6304AACC5744016770C8C797CAA2AF7 5833728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-09-11 14:05:03 FECA80905D551074E1A9298BD98103B7 1447424 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-09-11 14:05:03 97752927B6E2401011A96E0D6082E403 2104832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-09-11 14:05:02 BA56C68CCB912C4C08C97DD32C47AD31 13588480 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-09-11 13:59:19 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll 2014-09-11 13:48:17 EFF3FF9D9E5BFD2A05390D959A1C3AD0 1031168 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll 2014-09-11 13:48:02 224C2EEBAAF39CD93DE5332DBE5E5A95 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-09-11 13:47:42 33EF550DCCC58C93F5B65FD75BAD9832 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-09-11 13:47:41 EE4B105F1DBE1E864AFC72E7F0315432 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-09-11 13:47:32 E2BCB58869598B392D6A78953F61A2D9 578048 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-09-11 13:47:29 88BC88D0BDFB6BBE5765D5ABB233C110 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-08-26 08:20:07 91310683D7B6B292B746D60734B59322 206080 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys 2014-08-26 08:20:07 30710AEFCE721CEEE0F35EB6A01C263C 110336 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-20 10:05:13 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== 2014-09-22 08:24:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag ====== C:\Users\LEON7\AppData\Roaming ====== 2014-09-22 10:50:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp 2014-09-22 10:50:19 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-09-22 10:50:19 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-09-22 10:50:19 -------- d-----w- C:\Users\LEON7\AppData\Local\Temp 2014-09-22 10:50:19 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-09-22 10:50:19 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-08-29 14:08:20 -------- d-----w- C:\Users\LEON7\AppData\Local\Adobe ====== C:\Users\LEON7 ====== 2014-09-23 07:21:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader 2014-09-18 13:30:35 D1FD677582820AB3A60528EAC18FE31C 1243328 ----a-w- C:\Users\LEON7\Downloads\wlsetup-web (2).exe 2014-09-10 14:52:03 814C9475C20FD969D002BE022A57C3CF 6816184 ----a-w- C:\Users\LEON7\Downloads\InstallMyDriveConnect_3_3_0_1756.exe ====== C: exe-files == 2014-09-23 07:21:07 795B3078A7EAC416BA8254CAE2428586 21888 ----a-w- C:\Users\LEON7\AppData\Local\Temp\ochelper.exe 2014-09-23 07:21:07 795B3078A7EAC416BA8254CAE2428586 21888 ----a-w- C:\Users\LEON7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2TEUVC8E\ochelper[1].exe 2014-09-19 08:16:52 B313812BCEE9F4E42E332A06D46499FF 1708904 ----a-w- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe 2014-09-18 13:31:44 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\LEON7\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\nfcpc6te\5qdbhyui.exe 2014-09-18 13:31:44 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\LEON7\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\dfya208p\41y2j1yd.exe 2014-09-18 13:31:44 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\LEON7\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\43bebcit\arhogsoz.exe 2014-09-18 13:31:22 B18FF6F1680E0B2E2F2A63AD2F335AA7 6081224 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d4575df21cfd34404\onedrivesetup.exe 2014-09-18 13:31:18 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d2ad47a11cfd34403\DXSETUP.exe 2014-09-18 13:31:15 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d0be29681cfd34402\DXSETUP.exe 2014-09-18 13:31:12 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe0c96e1cfd34401\DXSETUP.exe 2014-09-18 13:30:35 D1FD677582820AB3A60528EAC18FE31C 1243328 ----a-w- C:\Users\LEON7\Downloads\wlsetup-web (2).exe 2014-09-17 16:10:42 39D11C773B46D3084EF4AAC1F9863146 12304398 ----a-w- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE === C: other files == 2014-09-17 16:10:42 AAE0878136D8C1559FAC69F5C5B895E2 57 ----a-w- C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\manual.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1031391873-2787642463-4142461730-1002\Software\Microsoft\Windows\CurrentVersion\Run] "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" "Facebook Update"="C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Google Update"="C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe /c" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify Web Helper"="C:\Users\LEON7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe" "TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_MX\TrayServer_nl.exe" "LifeCam"="C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" "Facebook Update"="C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Google Update"="C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe /c" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify Web Helper"="C:\Users\LEON7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\LEON7\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "ArcSoft Connection Service"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesAirMessage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesAirMessage" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightScribe Control Panel" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\LEON7\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/09/2014 18:27] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002Core.job --a------ C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe [28/01/2013 17:54] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002UA.job --a------ C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe [28/01/2013 17:54] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16/07/2012 14:22] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16/07/2012 14:22] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002Core.job --a------ C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe [21/02/2013 15:45] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002UA.job --a------ C:\Users\LEON7\AppData\LoC:al\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [07/06/2011 11:11] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ArcSoft Connect Daemon" [C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] "C:\Windows\SysNative\tasks\ASC7_SkipUac_LEON7" ["C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (LEON7)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002Core" [C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002UA" [C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002Core" [C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1031391873-2787642463-4142461730-1002UA" [C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\{00BC58B9-E80D-4788-BBEF-720FB1619752}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22/09/2014 12:10] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/07/2012 10:53] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18/07/2014 18:04] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22] Advanced SystemCare Surfing Protection - LEON7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd YouTube - LEON7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - LEON7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - LEON7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - LEON7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - LEON7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\LEON7\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://search.conduit.com/?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPA772BAC4-4031-4974-AA47-EDF9824CEB1E", "startup_urls": [ "http://google.be/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {567E523C-74BA-4B41-98B2-742D8D9776B2} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_MX\TrayServer_nl.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKCU\..\Run: [Facebook Update] "C:\Users\LEON7\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Google Update] "C:\Users\LEON7\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\LEON7\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\LEON7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\LEON7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\LEON7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1748 folders=637 323190060 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\LEON7\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\LEON7\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 23/09/2014 at 18:15:06,48 ======================