Zoek.exe v5.0.0.0 Updated 23-09-2014 Tool run by Gebruiker on wo 24/09/2014 at 14:22:02,50. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\Zoek\zoek.scr [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-05-18-071108.log 63312 bytes C:\zoek-results2014-05-19-194920.log 45945 bytes C:\zoek-results2014-05-21-131054.log 9858 bytes C:\zoek-results2014-09-22-171346.log 16309 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\AVG C:\PROGRA~2\ESET C:\PROGRA~3\AVG C:\PROGRA~3\AVG2014 C:\PROGRA~3\McAfee C:\PROGRA~3\NortonInstaller C:\PROGRA~3\TuneUp Software ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ???? ???? ????? ???? Windows Live ????? Windows Live ?????? ??????? ???????? ?????????? Windows Live ?????????? ?????????? (????????????? ??????) ??????????? æTorrent Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer Registration Acer ScreenSaver Acer Updater Adobe AIR Adobe Flash Player 13 ActiveX Adobe Flash Player 14 Plugin Adobe Reader X (10.1.12) MUI Agatha Christie - Death on the Nile Akamai NetSession Interface AMD APP SDK Runtime AMD Catalyst Install Manager Apple Application Support Apple Mobile Device Support Apple Software Update Backup Manager V3 Battlefield 4T Battlefield Heroes Battlefield Play4Free Battlelog Web Plugins Bejeweled 2 Deluxe Bonjour Camtasia Studio 8 Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chuzzle Deluxe clear.fi clear.fi Client Crazy Chicken Kart 2 D3DX10 DCS World Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dolby Advanced Audio v2 ESN Sonar Evernote v. 4.5.1 Facebook Video Calling 3.1.0.521 FATE Final Drive: Nitro Fooz Kids Platform Fotogal‚ria Fotogalerie Fotogalerija Fotogalleri Fotogalleriet Fotograf Galerisi Fot¢t r Fraps (remove only) Galeria de Fotografias Galeria de Fotos Galer¡a de fotos Galeria fotogr…fica Galeria fotografii Galerie de photos Galerie foto Galerija fotografija Google Chrome Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper HyperCam 2 Identity Card Insaniquarium Deluxe Intel(R) Display Audio Driver Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) Turbo Boost Technology Monitor 2.0 iTunes Java 7 Update 60 Java Auto Updater Java(TM) 7 (64-bit) Jewel Match 3 Jewel Quest Solitaire John Deere Drive Green Junk Mail filter update Launch Manager League of Legends Loadout Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Expression Encoder 4 Microsoft Expression Encoder 4 Screen Capture Codec Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Movie Maker MSVCRT MSVCRT Redists MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Mystery of Mortlake Mansion MyWinLocker MyWinLocker 4 MyWinLocker Suite Nexon Game Manager Nikon Message Center 2 Nikon Movie Editor Norton Identity Safe Norton Internet Security Paint.NET v3.5.11 Pando Media Booster PDFCreator Penguins Photo Common Photo Gallery Plants vs. Zombies - Game of the Year Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Bowler Posta Windows Live PX Profile Update Raccolta foto Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Renesas Electronics USB 3.0 Host Controller Driver S?????? f?t???af??? Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shredder Skype Click to Call SkypeT 6.14 Slingo Deluxe SmartSound Common Data SmartSound Quicktracks 5 Sony Vegas Pro Pre-Cracked By Exæs 11.0 Spotify Steam Synaptics Pointing Device Driver Team Fortress 2 TeamSpeak 3 Client TeamViewer 9 Torchlight TornTV Trust GXT Gaming Headset Unity Web Player Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition Update Installer for WildTangent Games App Valokuvavalikoima Vegas Pro 12.0 (64-bit) Vegas Pro 13.0 (64-bit) Virtual Villagers 4 - The Tree of Life VirtualDJ 8 VirtualDJ Home FREE Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Warface Launcher (Beta) Wedding Dash Welcome Center Windows Live ??? Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalleri Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven peruspaketti Windows Liven s„hk”posti Windows Media Encoder 9 Series WinRAR 5.00 (64-bit) ZD Soft Screen Recorder Zuma Deluxe ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "zvbwjvrw"=- ==== Deleting Files \ Folders ====================== C:\Users\Gebruiker\AppData\Roaming\TornTV.com not found "c:\users\gebruiker\appdata\local\zvbwjvrw.exe" not found "C:\Windows\Installer\5dcc31.msi" not found C:\monitor.exe deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8044 MB CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz CPU Speed: 2476,8 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Atheros AR5B97 Wireless Network Adapter | Microsoft Virtual WiFi Miniport Adapter CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8B0AW Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 449,7GB | D: 465,8GB Hard Disks - Free: C: 35,8GB | D: 183,3GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 12/30/11 | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer JE70_HR Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Norton Internet Security disabled Default Browser: Google Chrome 32.0.1700.107 Internet Explorer Version: 11.0.9600.17280 Google Chrome version: 32.0.1700.107 Adobe Reader version: 10.1.12.15 Sun Java version: 1.7.0_67 (32-bit) Sun Java version: 1.7.0 (64-bit) Flash Player version: 14.0.0.125 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-09-20 06:26:48 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\clear.fiClient\cabarc.exe 2014-09-19 20:11:51 CF95932C00190451115C782E139DE582 264488 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll 2014-09-19 20:11:50 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-09-19 20:11:50 87AA773F15D90973090D4DF76F8E60EF 565808 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll 2014-09-19 20:11:50 2AA753368BF68871962D2E99B8692985 153760 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll 2014-09-19 20:11:50 14E9947D26B0A418AA02F87741E4B40B 769736 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-09-18 16:44:33 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-09-18 16:44:27 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-09-18 16:44:27 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-09-18 16:44:27 0F70F4DAF2BC5613EE75C9B2585CE67E 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-09-10 18:50:00 297EF1AB73B8FCE76BCA1365C2E49AFC 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-09-10 18:49:59 E3D7B3F64C30994409BDF8E48048A854 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-09-10 18:49:59 84E96F4AF8A7748A3DE7C3EBBC6768E5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-09-10 18:49:59 6DD476318F524D2DCB73AFEB2EE27B4A 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-10 18:49:59 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-10 18:49:59 010DFAF3EF93994B805BAA1493D47973 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-09-10 18:49:58 D603AC77E17E5B9583E382F2EE0381A7 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-09-10 18:49:58 CC8F34B345DA638D77BB48C035DA628D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-09-10 18:49:58 AA595171932ACC79DA9851067DCBDABF 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-09-10 18:49:58 8D4FCAB2643DFEF68040B70F1EDCCBC5 327872 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-09-10 18:49:58 7C3D593AB1E2F5E5687D97772EF99AC7 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-09-10 18:49:58 4F2EDC301EC63F803C0FDB6CC87EDA24 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-09-10 18:49:58 13C2C87C35E52AAB1B439FB2E26DF2DE 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-09-10 18:49:58 074646C5A979DE79133DE4A8530A9C5D 603136 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-09-10 18:49:57 77F79126444896B5867E6761490735B8 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-10 18:49:57 5074835337862817DB3726558D0908DE 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-10 18:49:57 2E2E40E5D92EEA979548E307C5781038 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-09-10 18:49:57 1D8C086A39B9794D7131384586811B25 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-09-10 18:49:56 88EBB8526981D03C5777AB0A4AEBA8B4 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-10 18:49:55 FD96C05DE700F5FD26273D6DDB6495A7 2185728 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-09-10 18:49:54 D58988722C72D265B51A54103DFC2C6F 1812992 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-09-10 18:49:54 77B7DDF91F3ED2CDB6CF60224EE13433 4232704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-09-10 18:49:54 6A3A809CA7A8F40C89E6F1D301898A66 2014208 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-09-10 18:49:54 41010A88B70A2168F801DC19EBD4CB4F 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-09-10 18:49:53 7BF1CE9240CB9DD27C3E30733176EB8E 17455104 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-09-10 18:49:52 A3560FAFC1686D5EE9830B33B5C74B66 11769856 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-09-10 18:29:30 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-09-10 18:50:00 9EFF09364ABDC86770FA0B1BCC9CA3C3 596480 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-09-10 18:50:00 1BE1D1942825BE2146941DA274D2B92F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-09-10 18:49:59 EF79F0B9E0F277F5797C475DF4248B97 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-09-10 18:49:59 EE6B22396FA99639A163B1B7E9736669 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-09-10 18:49:59 A0600300428AB73664050659E738F11F 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-09-10 18:49:59 786ECD92C9D77F571134283E0FABAF1A 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-09-10 18:49:59 4CF33E458BAEDA917CAE9F2E8338479C 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-09-10 18:49:59 305D5395A65D00C74A94AEA40E9909E9 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-09-10 18:49:59 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-09-10 18:49:59 0113777A28BEC88A50C2566F346E4B58 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-09-10 18:49:58 E76C23C71345ACBC65ED8F6E87AD01D1 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-09-10 18:49:58 C07D636B0237172345E68AE8B70A2984 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-09-10 18:49:58 C067D863FCD53B91A5BF78AE1CE88E54 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-09-10 18:49:58 A1BB4CFB25F7CE1D4F67DD71111823AA 374968 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-09-10 18:49:58 68B0077C0D09D1B669A260F2921FD6B9 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-09-10 18:49:58 641068C626DE3AD348871D0D7931A3FA 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-09-10 18:49:58 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-09-10 18:49:58 2AEFBA4339A34C8EF021B49D23D1F1DF 727040 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-09-10 18:49:57 920BD93A0B64657A20CA66C2EBB167EA 23591424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-09-10 18:49:56 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-09-10 18:49:56 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-09-10 18:49:56 4C8838D7C13E9080AF4B548CA791896B 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-09-10 18:49:56 227303FC6E95547EA274F4337BBC7278 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-09-10 18:49:56 1439630B47D717960D59423958754394 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-09-10 18:49:55 75498A52C2AE248DEE5BDF5209768963 2793984 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-09-10 18:49:55 39EBB9708453036A74C30C9A294023FF 2310656 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-09-10 18:49:54 FECA80905D551074E1A9298BD98103B7 1447424 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-09-10 18:49:54 F6304AACC5744016770C8C797CAA2AF7 5833728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-09-10 18:49:53 97752927B6E2401011A96E0D6082E403 2104832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-09-10 18:49:52 BA56C68CCB912C4C08C97DD32C47AD31 13588480 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-09-10 18:29:30 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll ====== C:\Windows\Sysnative\drivers ===== 2014-09-20 10:30:02 E16E2431516D904CED3946AD3FF8C86B 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2014-09-20 10:30:02 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2014-09-20 10:30:02 7846ED59291A134CC5DD017C6EC7B433 8222 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-09-18 16:44:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-09-06 09:54:27 -------- d-----w- C:\PROGRA~2\uTorrent ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-09-13 15:29:00 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps 2014-09-04 16:32:26 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\BitTorrent ====== C:\Users\Gebruiker ====== 2014-09-23 18:14:50 337166EE06E60A803FAFA29F8189AF63 614792 ----a-w- C:\Users\Gebruiker\Downloads\CreativeCloudSet-Up (1).exe 2014-09-20 10:26:33 CA1DC7625ACF85D3A52AF3A8D4F02451 203862608 ------w- C:\Users\Gebruiker\Downloads\NIS-TW-21.1.0-NL.exe 2014-09-20 10:12:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-09-19 19:36:47 CF8C9FC7A1679A8C278F738166B5BD2A 615304 ----a-w- C:\Users\Gebruiker\Downloads\CreativeCloudSet-Up.exe 2014-09-18 16:42:29 9473F655CAE1A13C311C3FF1134D79DC 918440 ----a-w- C:\Users\Gebruiker\Downloads\chromeinstall-7u67.exe 2014-09-13 06:47:45 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\Gebruiker\Desktop\Minecraft.exe 2014-09-13 06:47:40 3C166BAE84553D4CB27AF8ABDC61712D 675988 ----a-w- C:\Users\Gebruiker\Downloads\Minecraft.exe 2014-09-11 18:15:28 489E06DA1C3594EE45DEAC8A61E30BDD 647430148 ----a-w- C:\Users\Gebruiker\0032.avi 2014-09-11 18:13:26 07452D54C7E46A81C59EC6A10A5A5FAB 496627524 ----a-w- C:\Users\Gebruiker\0031.avi 2014-09-11 17:48:23 A49A62685990D47F3D3EB970ECDF2A32 1618739910 ----a-w- C:\Users\Gebruiker\0030.avi 2014-09-11 17:48:12 0A0C3D84A3A872C7755EB7FCAE752B76 10591006 ----a-w- C:\Users\Gebruiker\0029.avi 2014-09-11 16:21:43 63E53AE246E31819103D10674CDA96E8 10520 ----a-w- C:\Users\Gebruiker\0028.avi.sfk 2014-09-11 16:21:02 F84A4314C97F87FE39F9E80196946D80 81391494 ----a-w- C:\Users\Gebruiker\0028.avi 2014-09-11 16:18:18 BC42B66B339CE0E89A95B0DC5E3E92A7 61684582 ----a-w- C:\Users\Gebruiker\0027.avi 2014-09-11 16:15:54 549F0BEAC03669BEEBF2CA4F63189381 137990998 ----a-w- C:\Users\Gebruiker\0026.avi 2014-09-04 15:50:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends ====== C: exe-files == 2014-09-24 12:20:12 ADF6F6F07BA7DD94F993A88CB717B495 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IOMOP3X.exe 2014-09-24 12:19:54 D51F5780C2CAC6A22F21EF15BB8EDDFE 1290240 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ROMOP3X.exe 2014-09-24 12:18:31 5D300F3F83DB91063ABE85A0ADA88971 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IF7M946.exe 2014-09-24 12:18:24 D51F5780C2CAC6A22F21EF15BB8EDDFE 1290240 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RF7M946.exe 2014-09-23 18:14:50 337166EE06E60A803FAFA29F8189AF63 614792 ----a-w- C:\Users\Gebruiker\Downloads\CreativeCloudSet-Up (1).exe 2014-09-22 17:34:56 2D57A236F64156EF89F2C5E0EC68775B 61024 ----a-w- C:\Users\Gebruiker\Desktop\Bluescreenviewer\BlueScreenView.exe 2014-09-20 10:12:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-09-20 06:26:48 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\clear.fiClient\cabarc.exe 2014-09-19 20:11:50 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-09-19 19:36:47 CF8C9FC7A1679A8C278F738166B5BD2A 615304 ----a-w- C:\Users\Gebruiker\Downloads\CreativeCloudSet-Up.exe 2014-09-18 16:42:39 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe 2014-09-18 16:42:29 9473F655CAE1A13C311C3FF1134D79DC 918440 ----a-w- C:\Users\Gebruiker\Downloads\chromeinstall-7u67.exe === C: other files == 2014-09-24 12:20:09 C1F02C82165F0E81031C04681977EFC5 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IXXVZJV.zip 2014-09-24 12:19:50 06269D1B33BA8C17F307F66BACC820CB 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I50QJW2.com 2014-09-24 12:19:06 27879DB26EA08385F188A80A8B49BCBC 4114148 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RXXVZJV.zip 2014-09-24 12:18:40 29901CFB12D8070A23A046339873777A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I85H3UH.zip 2014-09-24 12:18:24 90641F5394C9762938D8B516CD46B498 1421585 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$R50QJW2.com 2014-09-24 12:17:47 27879DB26EA08385F188A80A8B49BCBC 4114148 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$R85H3UH.zip 2014-09-22 17:36:01 D89DC24BC823BD559A3D6A773A1348A7 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IVBOY2B.zip 2014-09-22 17:35:01 AD0AF05DF4B9AC933F6A44C805CDEE54 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IT09TCN.zip 2014-09-22 17:34:24 C49E4403393707706D2422F61F5F1F92 66913 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RT09TCN.zip 2014-09-22 17:29:37 36B61EF01992B7F17257607C3E455E1C 1573 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RVBOY2B.zip 2014-09-22 17:25:15 0841250AB172A841069C696739506F60 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ILCRVYI.com 2014-09-21 18:24:31 90641F5394C9762938D8B516CD46B498 1421585 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RLCRVYI.com 2014-09-20 13:31:54 5570A74FF9B1EFBC5154DD1E2F05C517 593112 ----a-w- C:\Windows\System32\drivers\NISx64\1505000.013\symnets.sys 2014-09-20 13:31:53 F718A57D946EAC76EFCB351D74E269F4 875736 ----a-w- C:\Windows\System32\drivers\NISx64\1505000.013\srtsp64.sys 2014-09-20 13:31:53 B18CE01B9C09C59422BA7C7064248B35 36952 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\srtspx64.sys 2014-09-20 13:31:53 9F31630D7FC2DD9D5DA1CE359AAD1F46 1148120 ----a-w- C:\Windows\System32\drivers\NISx64\1505000.013\symefa64.sys 2014-09-20 13:31:53 5C9EE2303CA7F267665D75237862B39C 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\symds64.sys 2014-09-20 13:31:53 48C2934683CBD06F662B088EEF49EF6A 264280 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\ironx64.sys 2014-09-20 13:31:53 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\symelam.sys 2014-09-20 13:31:53 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NISx64\1505000.013\ccsetx64.sys 2014-09-20 10:30:02 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2014-09-20 08:59:38 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-w- C:\Windows\System32\drivers\NSTx64\7DE07060.00F\ccsetx64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2239336281-3048674072-2116327964-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "Persistence"="C:\Windows\system32\igfxpers.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Akamai NetSession Interface" "hkey"="HKCU" "command"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Akamai\\netsession_win.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cm108Sound] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Cm108Sound" "hkey"="HKLM" "command"="C:\\Windows\\syswow64\\RunDll32.exe C:\\Windows\\Syswow64\\cm108.dll,CMICtrlWnd" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Advanced Audio v2] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dolby Advanced Audio v2" "hkey"="HKLM" "command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LManager" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nikon Message Center 2" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Google.com.url] "path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Google.com.url" "backup"="C:\\Windows\\pss\\Google.com.url.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Google.com.url" "item"="Google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BBSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CltMngSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DsiWMIService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GamesAppService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMIGuardianSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTI IScheduleSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RealNetworks Downloader Resolver Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer7] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer9] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TuneUp.UtilitiesSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "IntelTBRunOnce"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/06/2014 13:32] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core.job --a------ C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [14/09/2012 19:09] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [14/09/2012 19:09] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/12/2012 17:27] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/12/2012 17:27] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core.job --a------ C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [09/12/2012 17:27] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [09/12/2012 17:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"] "C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"] "C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe"] "C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2239336281-3048674072-2116327964-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2239336281-3048674072-2116327964-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{483FE4A1-9C00-4023-98C5-0DD3A90C818C}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE] "C:\Windows\SysNative\tasks\{5B4C654B-E65F-4F32-A7A5-D2C683D55484}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE] "C:\Windows\SysNative\tasks\{5F517ECA-4697-4A56-91B4-F209F0C2A0DB}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE] "C:\Windows\SysNative\tasks\{90118DB7-F1AB-4F5D-9194-1EB8EB6DED77}" ["c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn" [23/09/2014 19:35] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\Exts\Chrome.crx[31/07/2014 07:47] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx[31/07/2014 07:47] Google Docs - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Norton Identity Protection - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Battlefield Play4Free - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh Gmail - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Battlefield Heroes - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Last updated at time on date - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype Click to Call - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Norton Security Toolbar - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Norton Security Toolbar - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob Battlefield Play4Free - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Norton Identity Protection - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.trovi.com/?gd=&ctid=CT3321544&octid=EB_ORIGINAL_CTID&ISID=M0B4056D9-D3CE-4061-A394-A7BC5993C1D2&SearchSource=55&CUI=&UM=5&UP=SPEC801614-A9AF-44FB-9C58-885856530CC4&SSPV=" "Backup.Old.Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Backup.Old.Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7PRFD_nlBE565" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6EF34C0188ECFA43B48A4BE9C00748E deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully