Zoek.exe v5.0.0.0 Updated 11-August-2014 Tool run by Ludo on wo 13/08/2014 at 9:49:16,47. Running in: Normal Mode Internet Access Detected Launched: C:\zoek_backup\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-12-213724.log 48320 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\PHotkey\ASLDRSrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Time Stamp\IBP\fsloader.exe C:\Program Files\Time Stamp\IBP\VBPTask.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\windows\SysWOW64\notepad.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Users\Ludo\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Users\Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\real\realplayer\Update\realsched.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\zoek_backup\zoek.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Utility Chest Search Scope Monitor"=- "UtilityChest_49 Browser Plugin Loader"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\Browser Manager not found ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4009 MB CPU Info: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz CPU Speed: 2366.9 MHz Sound Card: Speakers (Conexant SmartAudio H | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | NVIDIA GeForce GT 540M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT40N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 410.1GB | D: 273.4GB | G: 18.6GB | I: 279.5GB Hard Disks - Free: C: 206.0GB | D: 216.0GB | G: 16.6GB | I: 60.4GB Manufacturer *: BIOS Info: AT/AT COMPATIBLE | 09/08/11 | MSI_NB - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton 360 On-access scanning disabled (Outdated) Anti-Spyware: Norton 360 disabled (Outdated) Firewall: Norton 360 disabled Default Browser: Google Chrome 36.0.1985.125 Internet Explorer Version: 10.0.9200.16844 Google Chrome version: 36.0.1985.125 Torch Browser version: 25.0.0.4626 Adobe Reader version: 10.1.11.8 Sun Java version: 1.6.0_31 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\Ludo\AppData\Local\Temp ==== 2014-08-12 21:38:34 D8BE96BC224FB9A6034A01156A527271 43008 ----a-w- C:\Users\Ludo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpszg1kj.dll ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== 2014-07-31 13:17:20 867148EBF47E7E7E7B21C07B4A981929 581600 ----a-w- C:\windows\SysWOW64\wuapi.dll 2014-07-31 13:17:20 372218B80DEF827063049EBEE76B7501 92672 ----a-w- C:\windows\SysWOW64\wudriver.dll 2014-07-31 13:17:20 255F0417EC31C71585824269522EC8E9 36320 ----a-w- C:\windows\SysWOW64\wups.dll 2014-07-31 13:17:06 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\windows\SysWOW64\wuapp.exe 2014-07-31 13:17:06 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\windows\SysWOW64\wuwebv.dll ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2014-07-31 13:17:32 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 ----a-w- C:\windows\Sysnative\wuauclt.exe 2014-07-31 13:17:32 E76F105AD039B9E4DA9ECE839298C4A2 44512 ----a-w- C:\windows\Sysnative\wups2.dll 2014-07-31 13:17:31 6335F8B4B89F002A3801473C1A799237 2620928 ----a-w- C:\windows\Sysnative\wucltux.dll 2014-07-31 13:17:31 61FF576450CCC80564B850BC3FB6713A 2477536 ----a-w- C:\windows\Sysnative\wuaueng.dll 2014-07-31 13:17:20 7EC6617005F76714C7E16605E7A8AB06 38880 ----a-w- C:\windows\Sysnative\wups.dll 2014-07-31 13:17:20 1180B5ADFB507258DA10F51B46681A33 97792 ----a-w- C:\windows\Sysnative\wudriver.dll 2014-07-31 13:17:20 0DB2758CF1BAFE22E0970FDA0785B74C 700384 ----a-w- C:\windows\Sysnative\wuapi.dll 2014-07-31 13:17:06 45D4BDEA136E72E75CF008D3C38D949A 198600 ----a-w- C:\windows\Sysnative\wuwebv.dll 2014-07-31 13:17:06 29FE783F75362AD6D2D9C0555BA83BD2 36864 ----a-w- C:\windows\Sysnative\wuapp.exe ====== C:\windows\Sysnative\drivers ===== 2014-08-11 17:15:42 E403AACF8C7BB11375122D2464560311 34152 ----a-w- C:\windows\Sysnative\drivers\GEARAspiWDM.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Ludo\AppData\Roaming ====== 2014-08-12 21:33:31 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Temp 2014-08-12 21:33:31 -------- d-----w- C:\windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-08-12 21:33:31 -------- d-----w- C:\windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-08-12 21:33:31 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-08-12 21:33:31 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2014-08-12 21:33:30 -------- d-----w- C:\Users\Ludo\AppData\Local\Temp 2014-08-12 21:33:30 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-08-12 21:33:30 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\Ludo ====== 2014-08-12 20:33:44 -------- d-----w- C:\ProgramData\2C5B 2014-08-11 19:39:57 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Ludo\Downloads\spsetup126.exe 2014-08-10 17:07:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-10 15:41:07 91F0CB57E59A9572447CB72DDF8F82FE 61060040 ----a-w- C:\Users\Ludo\Downloads\EIE11_NL-NL_WOL_WIN764.EXE ====== C: exe-files == 2014-08-11 19:39:57 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Ludo\Downloads\spsetup126.exe 2014-08-10 17:07:01 5CA3B9DB1F03E19C4EAD46A7322D1D3F 39749712 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\36.0.1985.125\36.0.1985.125_chrome_installer.exe 2014-08-10 15:41:07 91F0CB57E59A9572447CB72DDF8F82FE 61060040 ----a-w- C:\Users\Ludo\Downloads\EIE11_NL-NL_WOL_WIN764.EXE === C: other files == 2014-08-13 07:18:11 C513E8A5E7978DA49077F5484344EE1B 40568 ----a-r- C:\Windows\system32\drivers\N360x64\0502010.003\srtspx64.sys 2014-08-13 07:18:11 BD0D711D8CBFCAA19CA123306EAF53A5 171128 ----a-r- C:\Windows\system32\drivers\N360x64\0502010.003\ironx64.sys 2014-08-13 07:18:11 A6ADB3D83023F8DAA0F7B6FDA785D83B 386168 ----a-w- C:\Windows\system32\drivers\N360x64\0502010.003\symnets.sys 2014-08-13 07:18:11 96AEED40D4D3521568B42027687E69E0 912504 ----a-r- C:\Windows\system32\drivers\N360x64\0502010.003\symefa64.sys 2014-08-13 07:18:11 90EF30C3867BCDE4579C01A6D6E75A7A 744568 ----a-r- C:\Windows\system32\drivers\N360x64\0502010.003\srtsp64.sys 2014-08-13 07:18:11 6160145C7A87FC7672E8E3B886888176 450680 ----a-r- C:\Windows\system32\drivers\N360x64\0502010.003\symds64.sys 2014-08-12 17:35:31 07EEB07544204292F6331110F888F4CF 40167 ----a-w- C:\Users\Gast\Desktop\N 7753945 - NMBS Ticket on line NL.zip 2014-08-11 19:48:26 A6ADB3D83023F8DAA0F7B6FDA785D83B 386168 ----a-w- C:\Windows\system32\drivers\N360x64\0502000.00D\symnets.sys 2014-08-11 19:48:26 96AEED40D4D3521568B42027687E69E0 912504 ----a-r- C:\Windows\system32\drivers\N360x64\0502000.00D\symefa64.sys 2014-08-11 19:48:25 C513E8A5E7978DA49077F5484344EE1B 40568 ----a-r- C:\Windows\system32\drivers\N360x64\0502000.00D\srtspx64.sys 2014-08-11 19:48:25 BD0D711D8CBFCAA19CA123306EAF53A5 171128 ----a-r- C:\Windows\system32\drivers\N360x64\0502000.00D\ironx64.sys 2014-08-11 19:48:25 90EF30C3867BCDE4579C01A6D6E75A7A 744568 ----a-r- C:\Windows\system32\drivers\N360x64\0502000.00D\srtsp64.sys 2014-08-11 19:48:25 6160145C7A87FC7672E8E3B886888176 450680 ----a-r- C:\Windows\system32\drivers\N360x64\0502000.00D\symds64.sys 2014-08-11 17:15:42 E403AACF8C7BB11375122D2464560311 34152 -c--a-r- C:\Windows\system32\DRVSTORE\GEARAspiWD_AABE64655D8D5936ABBDF4C4B48BA5458FA0A505\x64\GEARAspiWDM.sys 2014-08-11 17:15:42 E403AACF8C7BB11375122D2464560311 34152 ----a-w- C:\Windows\system32\drivers\GEARAspiWDM.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3524197655-1448111208-155105887-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3524197655-1448111208-155105887-1001\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray" "PC Suite Tray"="C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray" "EPSON SX410 Series"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU C:\windows\TEMP\E_S647.tmp /EF HKCU" "TouchFreeze"="C:\Users\Ludo\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3524197655-1448111208-155105887-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "Utility Chest Search Scope Monitor"="C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe /m=2 /w /h" "UtilityChest_49 Browser Plugin Loader"="C:\PROGRA~2\UTILIT~2\bar\1.bin\49brmon.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray" "PC Suite Tray"="C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray" "EPSON SX410 Series"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU C:\windows\TEMP\E_S647.tmp /EF HKCU" "TouchFreeze"="C:\Users\Ludo\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t" "AmIcoSinglun64"="c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" ==== Startup Folders ====================== 2013-06-10 19:01:20 1060 ----a-w- C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-06-24 21:03:24 1258 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk 2011-10-20 20:59:14 2056 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS PC Sound.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/08/2014 19:43] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2012 19:24] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2012 19:24] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\system32\browserchoice.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe"] "C:\windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe] "C:\windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3524197655-1448111208-155105887-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{7DFE0397-03EE-438B-890F-A8D26C90FCA8}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\windows\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe] "C:\windows\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe] "C:\windows\SysNative\tasks\Symantec\Norton Error Analyzer 5.2.0.13" [C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\SymErr.exe] "C:\windows\SysNative\tasks\Symantec\Norton Error Processor 5.2.0.13" [C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_1" [12/08/2014 23:36] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[10/06/2014 17:54] RealPlayer Downloader - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Google Wallet - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Search - Ludo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealPlayer Downloader - Ludo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Google Wallet - Ludo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Ludo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - Ludo\AppData\Local\Torch\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Ludo\AppData\Local\Torch\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Ludo\AppData\Local\Torch\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo DropToS - Ludo\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo Torch Music - Ludo\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad FaceLift - Ludo\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk RealDownloader - Ludo\AppData\Local\Torch\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Torch Helper - Ludo\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Torch Music - Ludo\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed Hola - Ludo\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh Gmail - Ludo\AppData\Local\Torch\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.search.ask.com/?o=APN10653A&gct=hp&d=1-0&v=a10781-152&t=4", "startup_urls": [ "http://www.search.ask.com/?o=APN10653A&gct=hp&d=1-0&v=a10781-152&t=4" ], C:\Users\Ludo\AppData\Local\Torch\User Data\Default\Preferences "homepage": "http://home.torchbrowser.com/?systemid=1&appid=393&ua=Torch&clid={4CEA6C2F-E361-42C3-823B-ADA5E7138150}", "urls_to_restore_on_startup": [ "http://home.torchbrowser.com/?systemid=1&appid=393&ua=Torch&clid={4CEA6C2F-E361-42C3-823B-ADA5E7138150}" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" ==== Reset Google Chrome ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Ludo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Ludo\AppData\Local\Torch\User Data\Default\Preferences was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\web data was reset successfully C:\Users\Ludo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Ludo\AppData\Local\Torch\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Gast\Desktop\Belastingen 2013.lnk - C:\Belast\Bel2013\Bel2013.exe C:\Users\Gast\Desktop\Belastingen 2014.lnk - C:\Belast\Bel2014\Bel2014.exe C:\Users\Ludo\Desktop\Belastingen 2013.lnk - C:\Belast\Bel2013\Bel2013.exe C:\Users\Ludo\Desktop\Belastingen 2014.lnk - C:\Belast\Bel2014\Bel2014.exe C:\Users\Ludo\Desktop\Dropbox.lnk - C:\Users\Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Ludo\Desktop\Elements 1078 - Snelkoppeling.lnk - C:\Users\Ludo\Desktop\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Ludo\Desktop\Norton-installatiebestanden.lnk - C:\Users\Public\Downloads\Norton\{N360S_prod_1.6.18_5.1.0.29} C:\Users\Ludo\Desktop\Pixbook.lnk - C:\Program Files (x86)\Pixbook\Pixbook.exe C:\Users\Ludo\Desktop\Time Stamp.lnk - C:\Program Files (x86)\Time Stamp\FsMain.exe C:\Users\Ludo\Desktop\Torch.lnk - C:\Users\Ludo\AppData\Local\Torch\Application\torch.exe C:\Users\Ludo\Desktop\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe C:\Users\UpdatusUser\Desktop\Belastingen 2011.lnk - C:\Belast\Bel2011\Bel2011.exe C:\Users\UpdatusUser\Desktop\Belastingen 2012.lnk - C:\Belast\Bel2012\Bel2012.exe C:\Users\UpdatusUser\Desktop\Belastingen 2013.lnk - C:\Belast\Bel2013\Bel2013.exe C:\Users\UpdatusUser\Desktop\Belastingen 2014.lnk - C:\Belast\Bel2014\Bel2014.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader X .lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Brother Creative Center.lnk - C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url C:\Users\Public\Desktop\BurnRecovery Help.lnk - C:\Program Files\MSI\BurnRecovery\BurnRecovery.pdf C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\Windows\system32\browserchoice.exe /launch C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\MSI BurnRecovery.lnk - C:\Program Files\MSI\BurnRecovery\BurnRecovery.exe C:\Users\Public\Desktop\Nokia PC Suite.lnk - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Users\Public\Desktop\Norton 360.lnk - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\uistub.exe /page {5ABC34AE-1037-4f5d-BF93-B2B74C80B5F7} C:\Users\Public\Desktop\Nuance PDF Reader.lnk - C:\Program Files (x86)\Nuance\PDF Reader\bin\PDFReader.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\RealPlayer Cloud.lnk - C:\program files (x86)\real\realplayer\RealPlay.exe /launch:desktop C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Ludo\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Norton-installatiebestanden.lnk - C:\Users\Public\Downloads\Norton\{N360S_prod_1.6.18_5.1.0.29} C:\Users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\LiveUpdate.lnk - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\uistub.exe /lu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Norton 360.lnk - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\uistub.exe /page {5ABC34AE-1037-4f5d-BF93-B2B74C80B5F7} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Norton Recovery Tools.LNK - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Support.lnk - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\uistub.exe /ocs C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Uninstall Norton 360.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\A5E82D02\5.2.0.13\inststub.exe /X /shortcut ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Taakbeheer.lnk - C:\Windows\system32\taskmgr.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk - C:\Users\Ludo\AppData\Local\Torch\Application\torch.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk - C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Access 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Groove 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Publisher 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Belastingen 2014.lnk - C:\Belast\Bel2014\Bel2014.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Outlook 2007.lnk - C:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe C:\Users\Ludo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Utility Chest Search Scope Monitor] "C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [UtilityChest_49 Browser Plugin Loader] C:\PROGRA~2\UTILIT~2\bar\1.bin\49brmon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [EPSON SX410 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU "C:\windows\TEMP\E_S647.tmp" /EF "HKCU" O4 - HKCU\..\Run: [TouchFreeze] C:\Users\Ludo\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3524197655-1448111208-155105887-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-3524197655-1448111208-155105887-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3524197655-1448111208-155105887-1001\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User '?') O4 - S-1-5-21-3524197655-1448111208-155105887-1001 Startup: Dropbox.lnk = Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing) O23 - Service: DriveClone Network Client IBP - Unknown owner - C:\Program Files\Time Stamp\IBP\fsloader.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: Torch Crash Handler (TorchCrashHandler) - Unknown owner - C:\Users\Ludo\AppData\Local\Torch\Update\TorchCrashHandler.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Ludo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ludo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Ludo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Ludo\AppData\Local\Torch\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2676 folders=435 306344740 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Ludo\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Ludo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 13/08/2014 at 12:09:31,75 ======================