Zoek.exe v5.0.0.0 Updated 22-February-2015 Tool run by C‚dricVE on zo 22/02/2015 at 17:14:37,37. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\CDRICV~1\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-02-22-154924.log 42348 bytes ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully ==== Installed Programs ====================== clear.fi SDK- Movie 2 clear.fi SDK - Video 2 Acer Power Management Acer Recovery Management AcerCloud AcerCloud Docs Adobe Flash Player 16 NPAPI Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Agatha Christie - Death on the Nile Aloha TriPeaks Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft ShowBiz AVG 2015 AVG SafeGuard toolbar Battle Realms WOTW Expansion Bejeweled 3 BitLord 2.3 Bonjour calibre clear.fi Media clear.fi Photo Command & Conquer Generals Comodo Dragon Conexant Polaris Unused CIR Function CutePDF Writer 3.0 CyberLink MediaEspresso 6.5 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB2956079) 32-Bit Edition Delicious: Emily's True Love Premium Edition Final Drive: Nitro Free YouTube to MP3 Converter version 3.12.16.1030 GameSpy Arcade Google Chrome Google Earth Google SketchUp Pro 8 Google Toolbar for Internet Explorer Google Update Helper Governor of Poker 2 Premium Edition Hotkey Utility Identity Card Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Network Connections Drivers Intel(R) Rapid Storage Technology Intel© Trusted Connect Service Client iTunes Java 8 Update 31 Java Auto Updater Jewel Match 3 John Deere Drive Green Live Updater Magic Academy Microsoft Office 2010 voor Thuisgebruik en Zakelijke toepassingen Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD More Games from WildTangent Games Moveslink for Movestick Mini Mozilla Firefox 35.0.1 (x86 nl) Mozilla Maintenance Service MyWinLocker MyWinLocker 4 MyWinLocker Suite Nero 12 Essentials OEM.a01 Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Express Nero Express Help (CHM) Nero Launcher Nero Update NVIDIA-configuratiescherm 332.21 NVIDIA 3D Vision controllerstuurprogramma 332.21 NVIDIA 3D Vision stuurprogramma 332.21 NVIDIA GeForce Experience 2.1 NVIDIA Grafisch stuurprogramma 332.21 NVIDIA HD Audio-stuurprogramma 1.3.30.1 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.0725 NVIDIA ShadowPlay 14.6.22 NVIDIA Stereoscopic 3D Driver NVIDIA Update 14.6.22 NVIDIA Update Core NVIDIA Virtual Audio 1.2.23 Office Addin Office Addin 2003 Penguins Plants vs. Zombies - Game of the Year Polar Bowler Prerequisite installer Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Rise Of Legends Samsung New PC Studio Security Update for Microsoft Excel 2010 (KB2956081) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2956066) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shared C Run-time for x64 SHIELD Streaming Shredder Steam Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Tales of Lagoona Total War: ROME II Total War: SHOGUN 2 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition Update for Microsoft Office 2010 (KB2956054) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2956129) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update Installer for WildTangent Games App Video Grabber Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) VLC media player 2.0.7 WinRAR 4.20 (64-bit) Zuma's Revenge ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\Moveslink.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\CédricVE\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\CDRICV~1\AppData\Roaming\Mozilla\Firefox\Profiles\bprbfdxz.default user.js not found ---- Lines SpeedAnalysis removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"2020Player_IKEA@2020Technologies.com\":{\"d\":\"C:\\\\Users\\\\CédricVE\\\\AppData\\\\Roaming\\ ---- FireFox user.js and prefs.js backups ---- prefs_20152202_1722_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_0414c"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Common Files\AVG Secure Search not found C:\Users\CédricVE\AppData\Local\AVG SafeGuard toolbar not found C:\Users\CédricVE\AppData\Local\Software not found C:\Users\CédricVE\Documents\BitLord not found "C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job" not found "C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job" not found "C:\Windows\Installer\5f55f.msi" not found "C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dllsearch" not deleted "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exesearch" not deleted "C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dllsearch" not deleted "C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dllsearch" not deleted "C:\PROGRA~2\AVG SafeGuard toolbar" not deleted "C:\Program Files (x86)\Avg Secure Update" not deleted "C:\Program Files (x86)\AVG SafeGuard toolbar" not deleted "C:\PROGRA~2\AVG SafeGuard toolbar" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 6081 MB CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz CPU Speed: 3424,0 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: NVIDIA GeForce GT 620 | NVIDIA GeForce GT 620 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Hosted Network Virtual Adapter | Linksys AE1200 | Intel(R) 82579V Gigabit Network Connection CD / DVD Drives: 2x (F: | G: | ) F: HL-DT-STDVDRAM GH82N | G: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 455,3GB | D: 456,1GB Hard Disks - Free: C: 112,5GB | D: 455,9GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Acer Aspire M3985 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Default Browser: Firefox 35.0.1 Internet Explorer Version: 11.0.9600.17631 Mozilla Firefox version: 35.0.1 (x86 nl) Google Chrome version: 40.0.2214.115 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\CDRICV~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-02-22 15:21:26 13D186FA6F19823C598335443CE233BC 98216 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-02-21 10:13:13 3B26DCAB842C280FA7271FF2B58D3293 28352 ----a-w- C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-02-21 10:09:34 C9E243A14893E41E1EF6D3A31BAEF08A 359424 ----a-w- C:\WINDOWS\SysWOW64\schannel.dll 2015-02-21 10:09:32 332625D3A96613A7CBC66B04F307F2FA 393728 ----a-w- C:\WINDOWS\SysWOW64\scesrv.dll 2015-02-21 10:09:31 A7AA844B8C4F7A5A13D85201877C84E5 1498360 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-02-21 10:09:30 F7A9D2E57D357B36C11F1C8269F2B05F 25600 ----a-w- C:\WINDOWS\SysWOW64\setup16.exe 2015-02-21 10:09:30 ACC85159376F84F49F8FE6D860E39A4F 8704 ----a-w- C:\WINDOWS\SysWOW64\instnm.exe 2015-02-21 10:09:30 3C908C70D5876D6B55D742A665DC88C7 14336 ----a-w- C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-02-21 10:09:30 20FE9408E23EC6486CD995759B0BE02B 5632 ----a-w- C:\WINDOWS\SysWOW64\wow32.dll 2015-02-21 10:09:30 1D4E9DD1CF2B3A280FCF26693FBBD299 4096 ----a-w- C:\WINDOWS\SysWOW64\user.exe 2015-02-21 10:09:28 96750B86DA18725EBAE201989AAD9B98 1489072 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-02-21 10:09:25 6705E8543E628DE9877F726C6B4A1E39 324096 ----a-w- C:\WINDOWS\SysWOW64\certcli.dll 2015-02-21 10:09:25 53670AE50F15C82990FCF599B02C6B36 154112 ----a-w- C:\WINDOWS\SysWOW64\msaudite.dll 2015-02-21 10:09:24 FFE2F54DA7DE767C943F18823913EC07 736768 ----a-w- C:\WINDOWS\SysWOW64\adtschema.dll 2015-02-21 10:08:57 74887EBB4777EC450EF167645C99163E 602776 ----a-w- C:\WINDOWS\SysWOW64\oleaut32.dll 2015-02-21 10:08:50 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-02-21 10:08:48 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-02-21 10:08:47 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-02-21 10:08:47 E4D2BC3DA34348662960E5C2A66DD2F4 664064 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-02-21 10:08:47 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-02-21 10:08:47 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-02-21 10:08:47 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-02-21 10:08:47 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-02-21 10:08:47 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-02-21 10:08:47 47893802431547E170D36E033F846882 327168 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-02-21 10:08:47 180C599C9D5E15475EFEF3994067D739 4300800 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-02-21 10:08:46 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-02-21 10:08:46 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-02-21 10:08:46 E06ED042936F8D932748FACCB229A52C 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll 2015-02-21 10:08:46 9947D49276026A96D8ACDE9CBAAFC807 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll 2015-02-21 10:08:46 94BD6172078CFB71B59A7AF56CF77AF9 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2015-02-21 10:08:46 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-02-21 10:13:14 9BC00C5608BF75BEAE893814A3AEC2AD 29888 ----a-w- C:\WINDOWS\Sysnative\aspnet_counters.dll 2015-02-21 10:09:34 3D2E3A5CFCE65310134C11A00D6D32D0 430080 ----a-w- C:\WINDOWS\Sysnative\schannel.dll 2015-02-21 10:09:32 F8A442ABBAB56529B625DB9D916EA46A 538624 ----a-w- C:\WINDOWS\Sysnative\scesrv.dll 2015-02-21 10:09:31 7162FD845D142C542C0D041F3B3D525F 1733440 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-02-21 10:09:31 57D55B8D3387C51758C785C425922C0E 285184 ----a-w- C:\WINDOWS\Sysnative\wow64.dll 2015-02-21 10:09:31 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-02-21 10:09:30 BC9E947C4B1E166CE2237871CAA4BDC0 16896 ----a-w- C:\WINDOWS\Sysnative\ntvdm64.dll 2015-02-21 10:09:30 63274242700279852B5CFFE4E2E0C6D1 13312 ----a-w- C:\WINDOWS\Sysnative\wow64cpu.dll 2015-02-21 10:09:28 9EC0B4E613DB6002DEF0346208E433E7 1762840 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll 2015-02-21 10:09:27 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2015-02-21 10:09:25 F5BC103612FE72C176C751721B874FA6 445440 ----a-w- C:\WINDOWS\Sysnative\certcli.dll 2015-02-21 10:09:25 A40E52EB03C793735C916FC2C58A015F 154112 ----a-w- C:\WINDOWS\Sysnative\msaudite.dll 2015-02-21 10:09:25 8E0AA77F379DEA510D8AC00102C8D509 736768 ----a-w- C:\WINDOWS\Sysnative\adtschema.dll 2015-02-21 10:09:25 461729186C7F280019E369ECD652D4DB 1441792 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2015-02-21 10:09:01 43647B730E82998201C61CA7FF7B524A 391526 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2015-02-21 10:08:59 FCEE1C08EA416800FAC891DDEB608627 414208 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2015-02-21 10:08:59 E357B0D37DB9C4B17923C893CCF75A18 894464 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-02-21 10:08:59 642A03FB834B4C4BCA8DFEE2EFD4175B 609280 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2015-02-21 10:08:59 32DE26000788F35DA344702B44728524 761856 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2015-02-21 10:08:59 12D4142E4EBFDB6F057B615A0547C4CF 1098752 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2015-02-21 10:08:58 EF2C89AEE3D56860F6CCB8D97374402B 227328 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll 2015-02-21 10:08:57 6835D94FDAAB39E008E8490BD3E88CA3 788680 ----a-w- C:\WINDOWS\Sysnative\oleaut32.dll 2015-02-21 10:08:55 BA0ED854110D45E5D4A46BD250BAF4E0 1487976 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll 2015-02-21 10:08:50 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-02-21 10:08:48 F4B79B54D173FF0E6748F8C93E16CF4C 6041088 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-02-21 10:08:48 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-02-21 10:08:47 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2015-02-21 10:08:47 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-02-21 10:08:47 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-02-21 10:08:47 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-02-21 10:08:47 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-02-21 10:08:47 505815B1967A504B077497D304239B4A 816128 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-02-21 10:08:47 49FABD0144A3BBD59D5DA1A0180DCE6E 374272 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-02-21 10:08:47 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-02-21 10:08:46 F86097CFDE7624DA2DE246F5B4BE3704 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-02-21 10:08:46 CF1488FCA487516DB09E797F3AC49E4A 2865152 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2015-02-21 10:08:46 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-02-21 10:08:46 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-02-21 10:08:46 907B558B742B1E52E9E37E3CAAF6508E 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-02-21 10:08:46 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2015-02-21 10:08:46 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-02-21 10:08:46 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-02-21 10:09:25 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2015-02-21 10:09:25 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2015-02-10 15:48:58 87C55B69A0E2C0F56C84F9A3CE811016 270816 ----a-w- C:\WINDOWS\Sysnative\drivers\avgidsdrivera.sys 2015-02-03 09:47:26 179835151F9B3FCC2FCB5E633D4F1A2B 341472 ----a-w- C:\WINDOWS\Sysnative\drivers\avgloga.sys ====== C:\WINDOWS\Tasks ====== 2015-02-22 09:38:54 D27CB12394A3FA6D3F039E20299D0E1A 3828 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater 2015-02-22 09:38:54 5E93DDFEED44EC94114F35C3226E4AD3 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-22 09:29:10 AF1AD37A943CD9E47AD77F8737019806 3172 ----a-w- C:\WINDOWS\Sysnative\Tasks\{CF433844-3093-42D9-A06C-FDCFF2381047} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-02-22 08:39:08 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-02-22 15:21:27 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-02-22 15:21:02 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\CDRICV~1\AppData ====== 2015-02-07 22:22:49 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\CédricVE\AppData\Local\recently-used.xbel 2015-02-07 15:54:43 -------- d-----w- C:\Users\CédricVE\AppData\Local\Steam 2015-01-25 09:48:14 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\COMODO ====== C:\Users\CDRICV~1 ====== 2015-02-22 15:21:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-02-21 21:16:33 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp ====== C: exe-files == 2015-02-22 15:21:11 B0D46640968F989830413EB88F43E0D0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-02-22 15:21:11 52C8B9FD016E6317FDB151296FF90877 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-02-22 15:21:11 3E72E1AB196855916E2065C604674631 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-02-22 15:21:08 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe 2015-02-22 15:21:08 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe 2015-02-22 15:21:08 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe 2015-02-22 15:21:08 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe 2015-02-22 15:21:08 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe 2015-02-22 15:21:08 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe 2015-02-22 15:21:08 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe 2015-02-22 15:21:08 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-02-22 15:21:08 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe 2015-02-22 15:21:08 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe 2015-02-22 15:21:08 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-02-22 15:21:08 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe 2015-02-22 15:21:08 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe 2015-02-22 15:21:08 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe 2015-02-22 15:21:08 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe 2015-02-22 15:21:08 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe 2015-02-22 15:21:08 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe 2015-02-22 15:21:08 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe 2015-02-22 15:21:08 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe 2015-02-22 15:21:08 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe 2015-02-22 15:21:08 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe 2015-02-22 14:58:03 A52F929CA3C9D7E0E943E8F64A748B62 22992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe 2015-02-22 14:58:03 3FFFA2DD9799A50FAB46BDD4C416D959 24016 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe 2015-02-22 14:58:03 3BDA1FC23CA42C0796B0BA6C64C6E4B9 6264208 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe 2015-02-22 14:58:03 2F0371DB9CCACBE51C2F63FB72D1A6A2 70096 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe 2015-02-22 14:54:56 6713E17AFCB3A28191A747DC8C475721 639912 ----a-w- C:\Users\CédricVE\Downloads\jxpiinstall(1).exe 2015-02-22 08:39:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\CédricVE.exe 2015-02-22 08:38:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\CédricVE\Downloads\RSITx64.exe 2015-02-21 10:55:47 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{4C3A7C02-5618-4B8F-8D00-2E4BB0A73BB4}\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-21 10:55:47 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-21 10:09:31 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-02-21 10:09:30 F7A9D2E57D357B36C11F1C8269F2B05F 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-02-21 10:09:30 ACC85159376F84F49F8FE6D860E39A4F 8704 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-02-21 10:09:30 1D4E9DD1CF2B3A280FCF26693FBBD299 4096 ----a-w- C:\Windows\SysWOW64\user.exe 2015-02-21 10:08:58 B62B7F2ACDEDF61F4DAA1FF2A6BB247A 67240 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe 2015-02-21 10:08:46 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\System32\ie4uinit.exe === C: other files == 2015-02-22 15:21:08 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip 2015-02-21 10:09:27 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\Windows\System32\win32k.sys 2015-02-21 10:09:25 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-02-21 10:09:25 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2579762135-9236838-3331535415-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "NTRedirect"="C:\Windows\SysWOW64\rundll32.exe C:\Users\C‚dricVE\AppData\Roaming\BabSolution\Shared\enhancedNT.dll,Run" "AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "NTRedirect"="C:\Windows\SysWOW64\rundll32.exe C:\Users\C‚dricVE\AppData\Roaming\BabSolution\Shared\enhancedNT.dll,Run" "AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\NVIDIA~1\\3DVISI~1\\NVSTIN~1.DLL" ==== Startup Folders ====================== 2013-08-30 03:41:25 2673 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Moveslink for Movestick Mini.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/02/2015 10:38] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/04/2013 02:47] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/04/2013 02:47] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\WINDOWS\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Hotkey Utility" ["C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"] "C:\WINDOWS\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\WINDOWS\SysNative\tasks\StPrsSW" [C:\Users\C‚dricVE\AppData\Roaming\StPrsSW\stprss.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{27E55E52-152C-4BDA-B0AD-E298A03A1236}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\CDRICV~1\AppData\Roaming\Mozilla\Firefox\Profiles\bprbfdxz.default user_pref("browser.search.selectedEngine", "AVG Secure Search"); user_pref("keyword.URL", ""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\C‚dricVE\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [28/07/2013 21:25] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\C‚dricVE\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [28/07/2013 21:25] ==== Firefox Extensions ====================== ProfilePath: C:\Users\CDRICV~1\AppData\Roaming\Mozilla\Firefox\Profiles\bprbfdxz.default - Undetermined - C:\Users\CédricVE\AppData\Roaming\Mozilla\Firefox\Profiles\bprbfdxz.default\extensions\2020Player_IKEA@2020Technologies.com - Undetermined - 2020Player_IKEA@2020Technologies.com - Visualisateur 3D de 20-20 - %ProfilePath%\extensions\2020Player_IKEA@2020Technologies.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\CédricVE\AppData\Local\Google\Chrome deleted Fake profile C:\Users\CédricVE\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\C‚dricVE\AppData\Roaming\BabSolution\CR\Delta.crx[] gflandjopdloblmlcoiidmncpinmmacn - C:\Users\C‚dricVE\AppData\Roaming\zulagames\zulagames.crx[01/07/2013 14:58] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {FE0BECBC-3D31-4E03-B073-2DF6AF466EA9} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2579762135-9236838-3331535415-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FE0BECBC-3D31-4E03-B073-2DF6AF466EA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Flv2PC - {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} - C:\Program Files (x86)\FLV2PC\flv2pc_ie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [NTRedirect] C:\Windows\SysWOW64\rundll32.exe "C:\Users\CédricVE\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - Global Startup: Moveslink for Movestick Mini.lnk = ? O9 - Extra button: Flv2PC - {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} - C:\Program Files (x86)\FLV2PC\flv2pc_ie.dll O9 - Extra 'Tools' menuitem: Flv2PC - {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} - C:\Program Files (x86)\FLV2PC\flv2pc_ie.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\CédricVE\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\CédricVE\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\CédricVE\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\CédricVE\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2292 folders=676 502812174 bytes) ==== Empty Temp Folders ====================== C:\Users\CédricVE\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\CDRICV~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dllsearch" not found "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exesearch" not found "C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dllsearch" not found "C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dllsearch" not found "C:\Program Files (x86)\Avg Secure Update" not found "C:\Program Files (x86)\AVG SafeGuard toolbar" not found "C:\PROGRA~2\AVG SafeGuard toolbar" not found "C:\PROGRA~2\AVG SafeGuard toolbar" not found "C:\Program Files (x86)\Avg Secure Update" not found "C:\Program Files (x86)\AVG SafeGuard toolbar" not found "C:\PROGRA~2\AVG SafeGuard toolbar" not found ==== EOF on zo 22/02/2015 at 17:27:11,26 ======================