Zoek.exe v5.0.0.0 Updated 02-April-2015 Tool run by Wijna on di 07-04-2015 at 11:47:37,19. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Wijna\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 7-4-2015 11:53:38 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\Evernote deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Wijna\AppData\Roaming\IrfanView deleted successfully C:\Users\Wijna\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Wijna\AppData\Roaming\Virus Scan deleted successfully C:\Users\Wijna\AppData\Local\CutePDF Writer deleted successfully C:\Users\Wijna\AppData\Local\Samsung deleted successfully C:\Users\Wijna\AppData\Local\Unity deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB54FA27-96CF-4C62-80DC-DA7616EBD326} deleted successfully HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB54FA27-96CF-4C62-80DC-DA7616EBD326} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB54FA27-96CF-4C62-80DC-DA7616EBD326} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live ??????????? ?? Windows Live ABN AMRO e.dentifier2 software Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer Registration Acer ScreenSaver Acer Updater Adobe AIR Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Photoshop 6.0 Adobe Reader X (10.1.10) MUI Agatha Christie - Death on the Nile Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Avast Free Antivirus Backup Manager V3 Bejeweled 3 BitTorrent calibre Canon Easy-PhotoPrint EX Canon Hulpprogramma Snelkiezen Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MP Navigator EX 5.1 Canon MX430 series MP Drivers Canon MX430 series On-screen Manual Canon My Printer Canon Solution Menu EX Chandler 1.0.3 Chuzzle Deluxe Citrix Online Launcher clear.fi clear.fi Client Compatibiliteitspakket voor het 2007 Microsoft Office system CutePDF Writer 3.0 D3DX10 DAEMON Tools Lite Facebook Video Calling 3.1.0.521 FastStone Image Viewer 4.8 FATE Final Drive: Nitro FormatFactory 3.2.0.1 Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galeria fotogr…fica del Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live Gebruikersregistratie voor Canon MX430 series Identity Card Insaniquarium Deluxe Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Turbo Boost Technology Monitor 2.0 Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update Launch Manager LibreOffice 4.4.1.2 Malwarebytes Anti-Malware versie 2.0.4.1028 Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office XP Professional Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mobile Partner More Games from Acer Games Mozilla Firefox 37.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MyWinLocker MyWinLocker 4 MyWinLocker Suite NTI Media Maker 9 NVIDIA Control Panel 285.90 NVIDIA Graphics Driver 285.90 NVIDIA Install Application NVIDIA Optimus 1.5.21 NVIDIA PhysX NVIDIA Update Components PDF To Excel Converter V2.0 Penguins Plants vs. Zombies - Game of the Year Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Bowler Popcorn Time Posta Windows Live Raccolta foto di Windows Live Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Revo Uninstaller Pro 3.0.7 S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Shared C Run-time for x64 Shredder SkypeT 7.0 Slingo Deluxe Sophos Virus Removal Tool SUPERAntiSpyware Synaptics Pointing Device Driver Tales of Lagoona Task Coach 1.3.33 Torchlight Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life Wedding Dash Welcome Center Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotogal‚ria Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotograf Galerisi Windows Live Fot¢t r Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinRAR 4.20 (32-bit) Wunderlist Zuma Deluxe ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Wijna\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Wijna\AppData\Roaming\calibre deleted C:\Users\Wijna\AppData\Roaming\DriverCure deleted C:\PROGRA~3\Package Cache deleted C:\Users\Wijna\AppData\Local\Software deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 7861 MB CPU Info: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz CPU Speed: 2666,7 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | NVIDIA GeForce 610M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Atheros AR5B125 Wireless Network Adapter | Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) CD / DVD Drives: 3x (D: | E: | G: | ) D: MATSHITADVD-RAM UJ8B0AW | E: DTSOFT BDROM | G: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 390,6GB | F: 293,0GB Hard Disks - Free: C: 152,9GB | F: 107,8GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | 02/29/12 | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer HMA71_CP Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Firewall: avast! Antivirus disabled Default Browser: Firefox 37.0.1 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 37.0.1 (x86 nl) Adobe Reader version: 10.1.10.18 Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Wijna\AppData\Local\Temp ==== 2015-04-05 14:46:56 FDCF03208012026400DA8626656983F8 298096 ----a-w- C:\Users\Wijna\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-08 21:40:19 -------- d-----w- C:\Program Files\TaskUnifier ======= C:\PROGRA~2 ===== 2015-03-31 18:01:45 -------- d-----w- C:\PROGRA~2\Wunderlist2 2015-03-23 22:32:37 -------- d-----w- C:\PROGRA~2\Eshasoft ======= C: ===== ====== C:\Users\Wijna\AppData\Roaming ====== 2015-04-06 13:13:13 -------- d-----w- C:\Users\Wijna\AppData\Locallow\Temp 2015-03-31 18:02:17 -------- d-----w- C:\Users\Wijna\AppData\Local\6_Wunderkinder_GmbH 2015-03-31 18:02:16 -------- d-----w- C:\Users\Wijna\AppData\Roaming\6Wunderkinder 2015-03-08 21:40:28 -------- d-----w- C:\Users\Wijna\AppData\Roaming\TaskUnifier ====== C:\Users\Wijna ====== 2015-04-07 09:26:42 45A11C9C96AB08DDEA7172C53452E447 561064 ----a-w- C:\Users\Wijna\Pictures\jxpiinstall.exe 2015-04-06 13:10:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Wijna\Pictures\RSITx64.exe 2015-03-23 22:36:47 -------- d-----w- C:\Users\Wijna\.Get Organized ====== C: exe-files == 2015-04-07 09:40:13 269BDB3CB77EB77BABE2862BEAB1F208 148080 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe 2015-04-02 18:24:34 554D0E50BFE40D6B633392A03077C046 446584 ----a-w- C:\ProgramData\NVIDIA\Updatus\Download\731E\updatus.19457567_RUNASUSER.exe 2015-03-31 18:23:19 DD370F1BC3A887A0D7193E4A834B1DF5 443776 ----a-w- C:\ProgramData\NVIDIA\Updatus\Download\72D3\updatus.19449754_RUNASUSER.exe === C: other files == 2015-04-07 09:40:51 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Wijna\AppData\Local\Temp\avastBCLTMP\{5852f5ed-8bf4-11d4-a245-0080c6f74284}.zip 2015-04-01 11:24:45 D0F79F818657D03A6A951854585A9E8F 12662343 ----a-w- C:\Users\Wijna\Desktop\Nieuwe map\EssentialPIMProPort5.zip 2015-04-01 10:45:23 F52EA9D12D73827A6A6460643233F162 688224 ----a-w- C:\Users\Wijna\Desktop\Nieuwe map\CRM2011ExcelDataModelAddin.zip 2015-04-01 10:45:18 9464A5D909975A1CAD3A388252CA1B23 2295161 ----a-w- C:\Users\Wijna\Desktop\Nieuwe map\DynamicsCRMCustomizationToolForExcel.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1001\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Facebook Update"="C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Wunderlist"="C:\Program Files (x86)\Wunderlist2\Wunderlist.exe /silent" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Facebook Update"="C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Wunderlist"="C:\Program Files (x86)\Wunderlist2\Wunderlist.exe /silent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Folders ====================== 2015-03-23 22:33:01 2337 ----a-w- C:\Users\Wijna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eCentral.lnk 2014-09-03 18:03:50 1257 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04-02-2015 22:32] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001Core.job --a------ C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe [24-09-2014 10:28] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001UA.job --a------ C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe [24-09-2014 10:28] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"] "C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"] "C:\Windows\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001Core" [C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001UA" [C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Wijna\AppData\Roaming\Mozilla\Firefox\Profiles\r71ig6wv.default-1422294269087 user_pref("browser.startup.homepage", "www.google.com"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22-02-2015 15:02] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Wijna\AppData\Roaming\Mozilla\Firefox\Profiles\r71ig6wv.default-1422294269087 A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Wijna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Wijna\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22-01-2015 09:40] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully ==== HijackThis Entries ====================== O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Wunderlist] "C:\Program Files (x86)\Wunderlist2\Wunderlist.exe" /silent O4 - HKUS\S-1-5-21-3171778365-3289252850-328694927-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3171778365-3289252850-328694927-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: eCentral.lnk = C:\Program Files (x86)\Eshasoft\Desktop Calendar and Planner Software\eCentral.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {FB54FA27-96CF-4C62-80DC-DA7616EBD326} - http://downloads.bullguard.com/VirusScan/bgvax.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Wijna\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wijna\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L3ZDTGY1 will be deleted at reboot C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Wijna\AppData\Local\Mozilla\Firefox\Profiles\r71ig6wv.default-1422294269087\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=246 folders=62 209012903 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\UpdatusUser\AppData\Local\temp emptied successfully C:\Users\Wijna\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Wijna\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L3ZDTGY1" not found ==== EOF on di 07-04-2015 at 12:24:06,06 ======================