Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by christiana on zo 03/05/2015 at 10:40:45,58.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: E:\downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]
==== System Restore Info ======================
3/05/2015 10:43:43 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\7-Zip deleted successfully
C:\Program Files\PDFCreator deleted successfully
C:\Users\christiana\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\christiana\AppData\Local\calibre-cache deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-824262022-4070246776-4170008024-1002\Software\Microsoft\Internet Explorer\SearchScopes\{3EB4B0BA-A5C1-411B-BD3E-C76E4F07FD53} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Installed Programs ======================
64 Bit HP CIO Components Installer
7-Zip 9.22 (x64 edition)
AC3Filter 1.63b
Adobe AIR
Adobe Digital Editions 2.0
Adobe Flash Player 17 NPAPI
Adobe Premiere Elements 11
Adobe Reader XI (11.0.08) - Nederlands
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
ArcSoft Panorama Maker 6
ArcSoft Scan-n-Stitch Deluxe
Ashampoo AppLauncher (Medion) v.1.0.0
Avast Internet Security
AVI Splitter
avi.NET 3.5.1.0
AviSynth 2.5
Bing Bar
BufferChm
C5300
calibre
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP250 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Carta v 1.63
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Norwegian
CCC Help Spanish
CCC Help Swedish
CCleaner
CDBurnerXP
Classic Shell
ComicRack v0.9.171
D3DX10
DAEMON Tools Lite
Destinations
DeviceDiscovery
Dropbox
Elements 11 Organizer
Epson Copy Utility 3.5
Epson Event Manager
EPSON PERFECTION V500 PHOTO Handboek
EPSON Scan
FlashPeak SlimBrowser
Fotogalerie
Fotogalerija
Fotogalleri
Fotogalleriet
Fotograf Galerisi
Fot˘t r
Foxit Cloud
Foxit Reader
Freemake Video Converter versie 4.1.4
Gadwin PrintScreen
Galeria de Fotografias
Galerˇa de fotos
Galeria fotografii
Galerie de photos
Gebruikersregistratie voor Canon MP250 series
Google Chrome
Google Update Helper
GPBaseService2
HiJackThis
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6
HP Solution Center 14.0
HP Update
HPPhotoGadget
HPProductAssistant
HPSSupply
ImgBurn
Inkscape 0.48.5
Java 7 Update 76
Java 8 Update 45
Java Auto Updater
K-Lite Codec Pack 9.9.5 (Full)
LibreOffice 4.3.2.2
Malwarebytes Anti-Malware versie 2.0.2.1012
MarketResearch
MergeModule_x64
MergeModule_x86
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Movie Maker
Mozilla Firefox 37.0.2 (x86 nl)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser (KB2758694)
neroxml
Olympus Digital Wave Player
OpenOffice 4.0.1
Photo Common
Photo Gallery
PhotoFiltre
PlayMemories Home
PMB_ModeEditor
PMB_ServiceUploader
Podstawowe programy Windows Live
PRE11 STI 64Installer
PS_AIO_04_C5300_Software_Min
Raccolta foto
Realtek High Definition Audio Driver
Revo Uninstaller Pro 3.0.5
S?????? f?t???af???
Shop for HP Supplies
SOHLib for PlayMemories Home
SolutionCenter
SPCA1628 PC Driver
Status
Toolbox
Torrent2Exe 1.0
TrayApp
Tweaking.com - Windows Repair (All in One)
Valokuvavalikoima
VLC media player
VobSub v2.23 (Remove Only)
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Par‡alar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Liven peruspaketti
WinRAR 5.01 (64-bit)
Xvid 1.2.2 final uninstall
==== Running Processes ======================
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\WINDOWS\SysWOW64\svchost.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\8u7o3pwz.default
user.js not found
---- Lines vfdownload removed from prefs.js ----
user_pref("extensions.vfdownload.installDate", "2013-6-17");
user_pref("extensions.vfdownload.installID", "{B3942310-C0DA-455F-8ACD-75393A44E408}");
user_pref("extensions.vfdownload.installedProduct", "selectionlinks");
user_pref("extensions.vfdownload.installerVersion", "3.3");
user_pref("extensions.vfdownload.installpartner", "dlc");
user_pref("extensions.vfdownload.testgroup", "");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----
prefs_20150305_1054_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\7-Zip not found
C:\Users\christiana\AppData\Roaming\calibre deleted
C:\windows\SysNative\Tasks\HP Photo Creations Communicator deleted
C:\Users\christiana\AppData\Roaming\FoxitReaderUpdateInfo.txt deleted
C:\Users\christiana\AppData\Roaming\AlawarEntertainment deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\8u7o3pwz.default\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\8u7o3pwz.default\FVD Toolbar deleted
==== System Specs ======================
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3543 MB
CPU Info: AMD A10-5700 APU with Radeon(tm) HD Graphics
CPU Speed: 3431,9 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: AMD Radeon HD 7660D | AMD Radeon HD 7660D | AMD Radeon HD 7660D
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family-controller | Realtek RTL8188CU draadloze LAN 802.11n USB 2.0-netwerkadapater
CD / DVD Drives: 2x (I: | K: | ) I: TSSTcorpCDDVDW SH-216BB | K: DTSOFT BDROM
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 117,5GB | D: 60,0GB | E: 752,0GB
Hard Disks - Free: C: 28,4GB | D: 41,9GB | E: 39,2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | | MEDION - 11112011
Time Zone: Romance (standaardtijd)
Motherboard *: MEDION MS-7800
Country: Belgi‰
Language: NLB
==== System Specs (Software) ======================
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Firewall: avast! Antivirus disabled
Default Browser: Firefox 37.0.2
Internet Explorer Version: 11.0.9600.17728
Mozilla Firefox version: 37.0.2 (x86 nl)
Google Chrome version: 42.0.2311.135
Adobe Reader version: 11.0.8.4
Sun Java version: 1.8.0_45 (32-bit)
Sun Java version: 1.8.0_45 (64-bit)
Flash Player version: 17.0.0.169
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
2015-05-02 20:06:26 82CB960D0455B2D2A0F6454CE7E81223 507033539 ----a-w- C:\WINDOWS\MEMORY.DMP
2015-05-02 19:52:49 2169B4B1EFAA3453A4DA732F1F94C1E1 43112 ----a-w- C:\WINDOWS\avastSS.scr
====== C:\Users\CHRIST~1\AppData\Local\Temp ====
2015-05-02 19:58:07 E3A25C80E2375B2D42C3D4729769BDF3 10240 ----a-w- C:\Users\christiana\AppData\Local\Temp\SDIAG_038d66f8-1b00-4d36-8d74-ba733bdba9c2\NetworkDiagnosticSnapIn.dll
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-05-02 19:52:57 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe
====== C:\WINDOWS\Sysnative\drivers =====
2015-05-02 19:53:02 2EF62E6F46345480A2946AA7D7EB28F5 28144 ----a-w- C:\WINDOWS\Sysnative\drivers\aswKbd.sys
2015-05-02 19:52:34 81A2A421E6D7B43AA9E87A5FCB5730C3 449896 ----a-w- C:\WINDOWS\Sysnative\drivers\aswNdisFlt.sys
2015-04-15 07:31:45 E87A6D3B8FECD5B93BC0CFBB48C27970 991552 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys
2015-04-15 07:31:44 8EB7E70C2D348FE2476A2E3F2D585E3D 377152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-05-02 17:17:11 -------- d-----w- C:\Program Files\trend micro
2015-04-04 12:15:22 -------- d-----w- C:\Program Files\7-Zip
======= C:\PROGRA~2 =====
2015-04-24 13:47:11 -------- d-----w- C:\PROGRA~2\Torrent2Exe
2015-04-19 08:07:13 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\christiana\AppData\Roaming ======
2015-05-03 05:53:01 -------- d-----w- C:\Users\christiana\AppData\Local\ElevatedDiagnostics
====== C:\Users\christiana ======
2015-04-24 13:47:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrent2Exe
2015-04-21 08:33:51 -------- d-----w- C:\Users\christiana\Desktop
2015-04-04 12:15:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-04-04 12:13:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
====== C: exe-files ==
2015-05-02 19:52:57 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\System32\aswBoot.exe
2015-05-02 17:17:11 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\christiana.exe
2015-04-29 07:48:23 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Install\{F034132B-B7B5-4AB2-AD50-3E2AF52F190A}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-04-29 07:48:23 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe
=== C: other files ==
2015-05-02 19:53:02 2EF62E6F46345480A2946AA7D7EB28F5 28144 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2015-05-02 19:52:34 81A2A421E6D7B43AA9E87A5FCB5730C3 449896 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-824262022-4070246776-4170008024-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"CAHeadless"="C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"EEventManager"="C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"CAHeadless"="C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"
==== Startup Folders ======================
2014-09-19 09:00:27 2023 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
2013-11-03 18:56:17 2103 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/04/2015 18:01]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/08/2013 09:48]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/08/2013 09:48]
C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\ProgramData\HP Photo Creations\Communicator.exe [20/09/2011 11:11]
==== Other Scheduled Tasks ======================
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms" [C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe]
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\8u7o3pwz.default
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [02/05/2015 21:52]
==== Firefox Extensions ======================
ProfilePath: C:\Users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\8u7o3pwz.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Secure Login - %ProfilePath%\extensions\secureLogin@blueimp.net.xpi
- Youtube and more - Easy Video Downloader - %ProfilePath%\extensions\vdpure@link64.xpi
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\christiana\AppData\Roaming\Mozilla\Firefox\Profiles\8u7o3pwz.default
F4D52B252DA08B647F2BD5379191A741 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer
9AE02005247DA91AB1743F5208DBEF76 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135 (Possible outdated, latest Stable version: , Mac and Linux. A list of changes is available in the log.
)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02/05/2015 21:52]
Google Docs - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - christiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz="
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz="
{6EC6B259-ED57-45C4-8C8C-CCA6422F1E92} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: Sony Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\christiana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\christiana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\christiana\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\christiana\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\christiana\AppData\Local\Mozilla\Firefox\Profiles\8u7o3pwz.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\christiana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=41 folders=15 5709938 bytes)
==== Empty Temp Folders ======================
C:\Users\christiana\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\CHRIST~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on zo 03/05/2015 at 11:04:01,17 ======================