Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Glowing Starter on ma 05-01-2015 at 11:55:26,29. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Glowing Starter\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 5-1-2015 11:58:09 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\1ClickDownload deleted successfully C:\Program Files\SEGA deleted successfully C:\PROGRA~2\Babylon deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\Users\Glowing Starter\AppData\Roaming\DiskDefrag deleted successfully C:\Users\Glowing Starter\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Glowing Starter\AppData\Roaming\Real deleted successfully C:\Users\Glowing Starter\AppData\Local\Conduit deleted successfully C:\Users\Glowing Starter\AppData\Local\FSP deleted successfully C:\Users\Glowing Starter\AppData\Local\GGEmpire deleted successfully C:\Users\Glowing Starter\AppData\Local\OpenCandy deleted successfully C:\Users\Glowing Starter\AppData\Local\PackageAware deleted successfully C:\Users\Glowing Starter\AppData\Local\Sparta deleted successfully C:\Users\Glowing Starter\AppData\Local\SPSS deleted successfully C:\Users\Glowing Starter\AppData\Local\StormFall deleted successfully C:\Users\Glowing Starter\AppData\Local\Zylom Games deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2532841A-7DE4-0A7C-F27A-5FB3A238AFDE} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4093FC2D-AD4B-4B2E-928D-7651646B142D} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151154} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151154} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151154} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2013 Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.0 Apple Software Update BisonCam CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module D3DX10 Dll-Files Fixer Dropbox EasyWorship 2009 EViews 7 Student Version Feedback Tool Filternet Finger Sensing Pad Driver Glary Utilities 4.10 Google Chrome Google Update Helper Hotkey 3.0021 HP LaserJet Professional P1100-P1560-P1600 Series Intel(R) Graphics Media Accelerator Driver Intel(R) TV Wizard Itibiti RTC Java 7 Update 71 Java Auto Updater JMicron JMB38X Flash Media Controller Junk Mail filter update Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Movie Maker MSVCRT MSVCRT110 Nero 7 Essentials Nokia Connectivity Cable Driver Octoshape add-in for Adobe Flash Player OGA Notifier 2.0.0048.0 Photo Common Photo Gallery Photo Transport Realtek High Definition Audio Driver REALTEK Wireless LAN Driver RonyaSoft Poster Printer (ProPoster) 3.01 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition SkypeT 6.11 Softonic Assistant SweetIM for Messenger 3.6 SweetIM Toolbar for Internet Explorer 4.2 swMSM Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VideoCam Suite Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR Yontoo 1.10.02 ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\ProgramData\IePluginServices\PluginService.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\HPSIsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Hotkey\PowerBiosServer.exe C:\Program Files\FSP\FspUip.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\BisonCam\DeLay.exe C:\Program Files\BisonCam\BisonHK.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Hotkey\Hotkey.exe C:\Program Files\SupTab\HpUI.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\SupTab\Loader32.exe C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Users\Glowing Starter\Downloads\msert.exe C:\Windows\system32\taskhost.exe C:\Program Files\Glary Utilities 4\Integrator.exe C:\Program Files\Glary Utilities 4\MemfilesService.exe C:\Users\Glowing Starter\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\0 ---- FireFox user.js and prefs.js backups ---- user_05-01-2015_1227_.backup prefs_05-01-2015_1227_.backup ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_05-01-2015_1227_.backup ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Thunderbird\Profiles\8o93blng.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_05-01-2015_1227_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151154}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.3DSDQ2XVF5SN2SLOIOS33XEU44\shell\open\command] @="C:\\Users\\Glowing Starter\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe" ==== Deleting Files \ Folders ====================== C:\Program Files\a2zLyrics-1 not found C:\PROGRA~1\WI3C8A~1 not found C:\Program Files\a2zLyrics-1 not found C:\Program Files\Yontoo not found C:\Program Files\Delta not found C:\Users\Glowing Starter\AppData\Roaming\Delta deleted C:\ProgramData\WindowsMangerProtect deleted C:\Program Files\SweetIM\Toolbars deleted C:\Program Files\Dll-Files.com Fixer deleted C:\PROGRA~2\1803528019 deleted C:\PROGRA~2\DivX deleted C:\PROGRA~2\Premium deleted C:\PROGRA~2\SetApp deleted C:\Program Files\Conduit deleted C:\Program Files\MyPC Backup deleted C:\extensions deleted C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk deleted C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sparta.lnk deleted C:\Users\Glowing Starter\AppData\Roaming\sparta111 deleted C:\Users\Glowing Starter\AppData\Roaming\dlg deleted C:\Users\Glowing Starter\AppData\Roaming\StormFall deleted C:\Users\Glowing Starter\AppData\Roaming\dll-files.com deleted C:\Users\Glowing Starter\AppData\Roaming\webssearches deleted C:\Users\Glowing Starter\AppData\Roaming\LimeWirePlus deleted C:\Users\Glowing Starter\AppData\Roaming\Funmoods deleted C:\Users\Glowing Starter\AppData\Roaming\BabSolution deleted C:\Users\Glowing Starter\AppData\Roaming\Babylon deleted C:\Users\Glowing Starter\AppData\Roaming\YoudaGames deleted C:\Users\Glowing Starter\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\Ask deleted C:\PROGRA~2\AlawarWrapper deleted C:\PROGRA~2\IePluginServices deleted C:\PROGRA~2\SweetIM deleted C:\PROGRA~2\Tarma Installer deleted C:\Users\Glowing Starter\AppData\Local\Ilivid Player deleted C:\Users\Glowing Starter\AppData\Local\CRE deleted C:\Users\Glowing Starter\AppData\Local\SoftonicAssistant deleted C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker deleted C:\Users\Glowing Starter\AppData\Local\avgchrome deleted C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall deleted C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker deleted C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Users\Glowing Starter\Downloads\SoftonicDownloader_voor_glary-utilities.exe deleted C:\Users\Glowing Starter\AppData\LocalLow\ShoppingReport2 deleted C:\Users\Glowing Starter\AppData\LocalLow\AskToolbar deleted C:\Users\Glowing Starter\AppData\LocalLow\BitTorrentBar deleted C:\Users\Glowing Starter\AppData\LocalLow\PriceGong deleted C:\Users\Glowing Starter\AppData\LocalLow\Conduit deleted C:\Windows\system32\tasks\Funmoods deleted C:\Windows\system32\tasks\a2zLyrics-1-chromeinstaller deleted C:\Windows\system32\tasks\a2zLyrics-1-codedownloader deleted C:\Windows\system32\tasks\a2zLyrics-1-enabler deleted C:\Windows\system32\tasks\a2zLyrics-1-firefoxinstaller deleted C:\Windows\system32\tasks\a2zLyrics-1-updater deleted C:\Windows\tasks\a2zLyrics-1-chromeinstaller.job deleted C:\Windows\tasks\a2zLyrics-1-codedownloader.job deleted C:\Windows\tasks\a2zLyrics-1-enabler.job deleted C:\Windows\tasks\a2zLyrics-1-firefoxinstaller.job deleted C:\Windows\tasks\a2zLyrics-1-updater.job deleted C:\Windows\tasks\DLL-Files FixerASKUSER.job deleted C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job deleted C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job deleted C:\Windows\system32\tasks\DLL-Files FixerASKUSER deleted C:\Windows\system32\tasks\DLL-Files.Com Fixer_MONTHLY deleted C:\Windows\system32\tasks\DLL-Files.Com Fixer_Updates deleted C:\Windows\system32\tasks\RDReminder deleted C:\END deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\roboot.exe deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\SearchProtect deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi deleted C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\plugin@yontoo.com deleted "C:\Windows\Installer\15c96b.msi" deleted "C:\Windows\Installer\1c9c1b.msi" deleted "C:\Windows\Installer\1c9c21.msi" deleted "C:\Users\Glowing Starter\AppData\Local\{245F2171-8159-4588-86BC-7F90991DE7B5}" deleted "C:\Users\Glowing Starter\AppData\Local\{6AF1875E-800D-4DCC-A21D-0C637D2114C1}" deleted "C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted "C:\Program Files\SupTab\Loader32.exe" deleted "C:\Program Files\SupTab\msvcp110.dll" deleted "C:\Program Files\SupTab\msvcr110.dll" not deleted "C:\Program Files\SupTab\WindowsSupportDll32.dll" deleted "C:\Program Files\SupTab\Loader32.exe" deleted "C:\Program Files\SupTab\msvcp110.dll" deleted "C:\Program Files\SupTab\msvcr110.dll" not deleted "C:\Program Files\SupTab\WindowsSupportDll32.dll" deleted "C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\Program Files\SweetIM\Messenger\mgcommon.dll" deleted "C:\Program Files\SweetIM\Messenger\mgcommunication.dll" deleted "C:\Program Files\SweetIM\Messenger\mgconfig.dll" deleted "C:\Program Files\SweetIM\Messenger\mghooking.dll" deleted "C:\Program Files\SweetIM\Messenger\mgsimcommon.dll" deleted "C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\Program Files\SweetIM\Messenger\msvcp71.dll" deleted "C:\Program Files\SweetIM\Messenger\msvcr71.dll" deleted "C:\Program Files\SweetIM\Messenger\SweetIM.exe" deleted "C:\Program Files\SupTab" not deleted "C:\Program Files\SupTab" not deleted "C:\Program Files\SweetIM" not deleted "C:\Users\Glowing Starter\AppData\Roaming\SearchProtect" deleted "C:\PROGRA~2\InstallMate" deleted "C:\Windows\system32\config\systemprofile\AppData\Local\ICSharpCode.net" deleted "C:\Users\Glowing Starter\AppData\LocalLow\ConduitEngine" deleted "C:\Program Files\SweetIM\Messenger" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3005 MB CPU Info: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz CPU Speed: 1840,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | JMicron PCI Express Fast Ethernet Adapter CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A3S Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Wheel Mouse Present Hard Disks: C: 185,5GB | D: 112,4GB Hard Disks - Free: C: 135,3GB | D: 106,4GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 10/30/09 | PTLTD - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: CLEVO Co. W760T/M740T/M760T Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Virus: Norman Security Suite On-access scanning disabled (Outdated) Anti-Spyware: Norman Security Suite disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 39.0.2171.95 Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 39.0.2171.95 Adobe Reader version: 11.0.10.32 Sun Java version: 1.7.0_71 (32-bit) Flash Player version: 15.0.0.246 Shockwave Player version: 12.0.7r148 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-27 13:06:06 06099D69CF089CFD46E7ECC2624860AE 297123687 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\GLOWIN~1\AppData\Local\Temp ==== 2015-01-04 17:33:03 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Glowing Starter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnyn9uj.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-01-04 19:52:10 837624823BC23BD08FFA0C81C5105D18 101664 ----a-w- C:\Windows\System32\BootDefrag.exe ====== C:\Windows\system32\drivers ===== 2015-01-04 19:52:10 F8ADE2053957E8E5F2ED2A1203C79589 16064 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys 2014-12-09 19:11:53 7FE680A3DFA421C4A8E4879AE4C5AAB0 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys ====== C:\Windows\Tasks ====== 2015-01-04 19:52:13 B3979006BC89C5F09EEA7C1BE76A416A 2992 ----a-w- C:\Windows\system32\Tasks\GU4SkipUAC 2015-01-04 19:52:12 BB1968B135AE42CC6CB69E66F42A082C 330 ----a-w- C:\Windows\Tasks\GlaryInitialize 4.job 2015-01-04 19:52:12 4A7F3D492E98787318D9C2CFF18F3934 2658 ----a-w- C:\Windows\system32\Tasks\GlaryInitialize 4 2014-12-25 13:09:57 F64A2D5E9C1762DEAFBEB4978044D22B 3874 ----a-w- C:\Windows\system32\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-04 19:51:50 -------- d-----w- C:\Program Files\Glary Utilities 4 2015-01-04 19:28:28 -------- d-----w- C:\Program Files\trend micro 2014-12-24 10:27:01 -------- d--h--r- C:\Program Files\rnamfler 2014-12-24 10:24:20 -------- d-----w- C:\Program Files\SupTab ======= C: ===== ====== C:\Users\Glowing Starter\AppData\Roaming ====== 2015-01-04 19:52:11 -------- d-----w- C:\Users\Glowing Starter\AppData\Roaming\GlarySoft 2014-12-24 10:24:43 -------- d-----w- C:\Users\Glowing Starter\AppData\Local\Programs ====== C:\Users\Glowing Starter ====== 2015-01-04 19:57:34 -------- d-----w- C:\ProgramData\GlarySoft 2015-01-04 19:52:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4 2015-01-04 19:47:04 C29D49E23AD9388691DEEC9A1BECB6FC 123105520 ----a-w- C:\Users\Glowing Starter\Downloads\msert.exe 2015-01-04 19:33:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer 2015-01-04 19:31:50 6D8F844BCA315C75D2686D101CCC7B39 5344984 ----a-w- C:\Users\Glowing Starter\Downloads\dffsetup-msvcr110.exe 2015-01-04 19:27:35 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Glowing Starter\Downloads\RSIT.exe ====== C: exe-files == 2015-01-04 19:52:17 0EDC7F6AEC8557F7BB3D594E8A697B38 188768 ----a-w- C:\Program Files\Glary Utilities 4\uninst.exe 2015-01-04 19:52:10 837624823BC23BD08FFA0C81C5105D18 101664 ----a-w- C:\Windows\System32\BootDefrag.exe 2015-01-04 19:47:04 C29D49E23AD9388691DEEC9A1BECB6FC 123105520 ----a-w- C:\Users\Glowing Starter\Downloads\msert.exe 2015-01-04 19:31:50 6D8F844BCA315C75D2686D101CCC7B39 5344984 ----a-w- C:\Users\Glowing Starter\Downloads\dffsetup-msvcr110.exe 2015-01-04 19:28:28 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Glowing Starter.exe 2015-01-04 19:27:35 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Glowing Starter\Downloads\RSIT.exe === C: other files == 2015-01-04 19:52:10 F8ADE2053957E8E5F2ED2A1203C79589 16064 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "Google Update"="C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GoogleChromeAutoLaunch_705E96E934D3E2453ADF928937B734B5"="C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "SDP"="C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto " "SoftonicAssistant"="C:\Users\Glowing Starter\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "fspuip"="C:\Program Files\FSP\fspuip.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "DeLay"="C:\Program Files\BisonCam\DeLay.exe" "BisonHK"="C:\Program Files\BisonCam\BisonHK.exe" "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "Google Update"="C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GoogleChromeAutoLaunch_705E96E934D3E2453ADF928937B734B5"="C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "SDP"="C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto " "SoftonicAssistant"="C:\Users\Glowing Starter\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norman ZANDA] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norman ZANDA" "hkey"="HKLM" "command"="C:\\Norman\\Nvc\\BIN\\ZLH.EXE /LOAD /SPLASH" ==== Startup Folders ====================== 2012-05-09 18:28:40 1171 ----a-w- C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2010-06-13 12:57:52 1276 ----a-w- C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2010-06-01 12:53:53 835 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2014 11:18] C:\Windows\tasks\GlaryInitialize 4.job --a------ C:\Program Files\Glary Utilities 4\Initialize.exe [14-04-2014 09:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-12-2012 00:06] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000Core.job --a------ C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe [21-10-2014 14:44] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000UA.job --a------ C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe [21-10-2014 14:44] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GlaryInitialize 4" [C:\Program Files\Glary Utilities 4\Initialize.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000Core" [C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000UA" [C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GU4SkipUAC" [C:\Program Files\Glary Utilities 4\Integrator.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{06D8D0D2-842C-4493-A0E6-25CA9B956F73}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Thunderbird\Profiles\8o93blng.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ExtDir: C:\Users\Glowing Starter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\Glowing Starter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Glowing Starter\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files\TornTV.com\torn11.crx[] jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files\1ClickDownload\1click12.crx[] kdfbddbdpnahdahmamlolacimfdbeckk - C:\Users\Glowing Starter\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx[] nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Glowing Starter\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Users\GLOWIN~1\AppData\Local\Temp\YontooLayers.crx[] pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files\Gophoto.it\gophotoit14.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\GLOWIN~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[] cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Glowing Starter\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] kdfbddbdpnahdahmamlolacimfdbeckk - C:\Users\Glowing Starter\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx[] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Glowing Starter\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Glowing Starter\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx[] pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] selector is not a valid CSS selector - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Gradient - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipehkhefmnpkdbcpgbononhiohcabocp Google Wallet - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.apps.conduit.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_twitter.conduitapps.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bittorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage-journal deleted successfully C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://istart.webssearches.com/?type=hp&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX" "Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX&q={searchTerms}" "Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX" "Start Page"="http://istart.webssearches.com/?type=hp&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{2532841A-7DE4-0A7C-F27A-5FB3A238AFDE}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2532841A-7DE4-0A7C-F27A-5FB3A238AFDE}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== shortcuts in Users Start Menu ====================== C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers\SOLDIERS.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4.lnk - C:\Program Files\Glary Utilities 4\Integrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Dll-Files Fixer.lnk - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Verwijder Dll-Files Fixer.lnk - C:\Program Files\Dll-Files.com Fixer\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4\Glary Utilities 4.lnk - C:\Program Files\Glary Utilities 4\Integrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4\Uninstall.lnk - C:\Program Files\Glary Utilities 4\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4\Website.lnk - C:\Program Files\Glary Utilities 4\Glary Utilities 4.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus Center.lnk - C:\Windows\system32\rundll32.exe "C:\ProgramData\68225e52-c3bd-4db8-ba27-7fec34636b04.dat", ugcokbfhub C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 4.lnk - C:\Program Files\Glary Utilities 4\Integrator.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SOLDIERS.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1419416632&from=cvs&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files\Windows Live\Mail\wlmail.exe ==== shortcuts After Repair ====================== C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers\SOLDIERS.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SOLDIERS.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\46c1b493-17d8-4b58-a954-4c0c9179b44c deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B7A4FAED-8CD1-E76F-258B-70A392B56E1C} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E2459B37-9E1F-D975-6990-1BE7582B5F17} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\587E5A317915DAE4E83E6D0672E194CB deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [DeLay] C:\Program Files\BisonCam\DeLay.exe O4 - HKLM\..\Run: [BisonHK] C:\Program Files\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_705E96E934D3E2453ADF928937B734B5] "C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [SDP] C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto O4 - HKCU\..\Run: [SoftonicAssistant] "C:\Users\Glowing Starter\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Hotkey.lnk = C:\Program Files\Hotkey\Hotkey.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Glowing Starter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files\Hotkey\PowerBiosServer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Glowing Starter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Glowing Starter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Glowing Starter\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Glowing Starter\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1135 folders=283 77991359 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Glowing Starter\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GLOWIN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\SupTab\msvcr110.dll" not found "C:\Program Files\SupTab\msvcr110.dll" not found "C:\Program Files\SupTab" not found "C:\Program Files\SupTab" not found "C:\Program Files\SweetIM" not found ==== EOF on ma 05-01-2015 at 12:46:28,20 ======================