Zoek.exe v5.0.0.0 Updated 14-September-2014 Tool run by Carl on do 18-09-2014 at 12:33:03,76. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Carl\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-19-194532.log 32777 bytes ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\WinZipper deleted successfully C:\Users\Carl\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Carl\AppData\Roaming\Wave Systems Corp deleted successfully C:\Users\Carl\AppData\Roaming\WinZipper deleted successfully C:\Users\Carl\AppData\Local\Acer PowerSaver deleted successfully C:\Users\Carl\AppData\Local\calibre-cache deleted successfully C:\Users\Carl\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Installed Programs ====================== Acer Backup Manager Acer eLock Management Acer eRecovery Management Acer eSettings Management Acer Framework Acer PowerSaver Acer QuickMigration Acer Registration Acer ScreenSaver Acer SmartBoot Acer Updater Acrobat.com Adobe AIR Adobe Flash Player 15 ActiveX Adobe Reader XI (11.0.08) - Nederlands Advertising Center Apple Application Support Apple Mobile Device Support Apple Software Update AuthenTec Fingerprint Sensor Minimum Install Backup Manager Advance Bonjour calibre CCleaner CDBurnerXP Compatibiliteitspakket voor het 2007 Microsoft Office system CyberLink PowerDVD 8 D3DX10 Document Manager Lite EMBASSY Security Center Lite EMBASSY Security Setup Embassy Trust Suite - Acer Edition EPSON XP-800 Series Printer Uninstall ESC Home Page Plugin eSobi v2 Google Earth Google Toolbar for Internet Explorer Google Update Helper Identity Card ImagXpress iMesh Intel(R) Control Center Intel(R) Graphics Media Accelerator Driver Intel(R) TV Wizard Ipswitch WS_FTP LE iTunes Junk Mail filter update Malwarebytes Anti-Malware versie 2.0.2.1012 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Corporation Microsoft LifeCam Microsoft Office 2003 Web Components Microsoft Office File Validation Add-In Microsoft Office FrontPage 2003 Microsoft Office Professional Editie 2003 Microsoft Office Small Business-verbindingsonderdelen Microsoft Office Suite Activation Assistant Microsoft Silverlight Microsoft SQL Server Native Client Microsoft SQL Server Setup-ondersteuningsbestanden (Engels) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero ControlCenter Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml Norton Internet Security PDF Architect PDFCreator Private Information Manager Realtek High Definition Audio Driver Safari Secure Update Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2) Skype Click to Call SkypeT 6.20 Speccy Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD TeamViewer 9 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) upekmsi Veriton ControlCenter VoipBuster Wave Infrastructure Installer Wave Support Software Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50ST7.EXE C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50RP7.EXE C:\Program Files\Acer\Empowering Technology\Service\ETService.exe C:\Program Files\Acer\Registration\GregHSRW.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files\PDF Architect\HelperService.exe C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe C:\Program Files\Wave Systems Corp\SecureUpgrade.exe C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\PDF Architect\ConversionService.exe C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Real\RealPlayer\realplay.exe C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_152_ActiveX.exe C:\Users\Carl\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iMesh"=- ==== Deleting Files \ Folders ====================== C:\Users\Carl\AppData\Local\Smartbar deleted C:\PROGRA~2\12335 deleted C:\Users\Carl\daemonprocess.txt deleted C:\Users\Carl\.android deleted C:\Program Files\iMesh Applications deleted C:\Users\Carl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk deleted C:\Users\Carl\AppData\Roaming\iSafe deleted C:\Users\Carl\AppData\Roaming\pdfforge deleted C:\PROGRA~2\WPM deleted C:\Users\Carl\AppData\Local\iMesh deleted C:\Users\Carl\AppData\Local\Mobogenie deleted C:\Users\Carl\AppData\Local\cache deleted C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk deleted C:\Users\Carl\Downloads\SoftonicDownloader_voor_emesene-messenger-portable.exe deleted C:\Windows\wininit.ini deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\System32\SET51BF.tmp deleted C:\Windows\System32\SET8A0B.tmp deleted C:\Windows\System32\SETACF8.tmp deleted C:\Windows\System32\SETB118.tmp deleted C:\Windows\System32\SETEF17.tmp deleted C:\Users\Carl\Documents\Mobogenie deleted C:\Users\Carl\Documents\PC Speed Maximizer deleted C:\Users\Carl\Desktop\iMesh.lnk deleted "C:\Users\Carl\AppData\Local\WavXMapDrive.bat" not deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601) Memory (RAM): 2014 MB CPU Info: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz CPU Speed: 2791,1 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Intel(R) G41 Express Chipset | Intel(R) G41 Express Chipset | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Broadcom NetXtreme Gigabit Ethernet CD / DVD Drives: 1x (E: | ) E: ATAPI DVD A DH16AASH Ports: COM1 | COM2 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 59,0GB | D: 59,0GB | F: 465,7GB Hard Disks - Free: C: 21,3GB | D: 46,9GB | F: 330,1GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 04/01/10 | ACRSYS - 20100401 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Veriton M275 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Norton Internet Security disabled Internet Explorer Version: 10.0.9200.16844 Adobe Reader version: 11.0.8.4 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-09-15 18:34:28 14B0743FDA7D5227F86A785A195DDE5B 241 ----a-w- C:\Windows\QSync.INI 2014-09-15 18:32:22 65541F7F9075194CDA176FBAE8977560 308224 ----a-w- C:\Windows\IsUn0413.exe 2014-09-15 18:32:21 E71F81801F89490844BC78949122ED8C 792 ----a-w- C:\Windows\_delis32.ini 2014-09-15 18:31:53 4BAFB62B4270BEA86F4E19DE8BC77BCD 265 ----a-w- C:\Windows\setup.iss ====== C:\Users\Carl\AppData\Local\Temp ==== 2014-09-15 19:42:07 F6B1694455B0D8A23AED574B78CC2D05 12288 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\PIFlagsManager.dll 2014-09-15 19:42:07 F63B8C2EF4F3E781C75EC7578CD75E95 19968 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\Smartbar.Communication.NamedPipe.dll 2014-09-15 19:42:07 DFC77FABC037078A5F7407B50BA298B7 12800 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\Smartbar.Communication.dll 2014-09-15 19:42:07 C7EA316F3186742E502E35ED62678DAD 7680 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\srbhu.dll 2014-09-15 19:42:07 BC42BEC3A88990626F5472F725CD2D58 27136 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\srptc.dll 2014-09-15 19:42:07 B136B0272A164C407524B8A0EABBCC36 238592 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\Smartbar.Installer.CustomActions.dll 2014-09-15 19:42:07 A6F7EC1B10052103EB5CF10BBA274A85 62464 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\srut.dll 2014-09-15 19:42:07 801055EF8A621C35BCED54BCDFD7AB0E 148992 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-09-15 19:42:07 7CB60E06BF737776105E4E478233ADCE 74240 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\srpt.dll 2014-09-15 19:42:07 36F39A9449C0FB231A6CD1DE50C9C10D 11776 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\Smartbar.Common.dll 2014-09-15 19:42:07 34D4A23CAB5F23C300E965AA56AD3843 176128 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIB1C.tmp-\Microsoft.Deployment.WindowsInstaller.dll 2014-09-15 19:41:47 FDAF05F00844A13C150A93581DD0A22A 7168 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Infrastructure.BusinessEntities.dll 2014-09-15 19:41:47 F6B1694455B0D8A23AED574B78CC2D05 12288 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\PIFlagsManager.dll 2014-09-15 19:41:47 F63B8C2EF4F3E781C75EC7578CD75E95 19968 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Communication.NamedPipe.dll 2014-09-15 19:41:47 E302513544F5FBB126E6651D7E1104F5 159232 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Infrastructure.Utilities.dll 2014-09-15 19:41:47 DFC77FABC037078A5F7407B50BA298B7 12800 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Communication.dll 2014-09-15 19:41:47 C7EA316F3186742E502E35ED62678DAD 7680 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srbhu.dll 2014-09-15 19:41:47 C678358B506874637505F133AB51C799 34304 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srbu.dll 2014-09-15 19:41:47 BC42BEC3A88990626F5472F725CD2D58 27136 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srptc.dll 2014-09-15 19:41:47 B8B402D3EA6718308AF402640D040BBA 54784 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\sppsm.dll 2014-09-15 19:41:47 B136B0272A164C407524B8A0EABBCC36 238592 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Installer.CustomActions.dll 2014-09-15 19:41:47 A6F7EC1B10052103EB5CF10BBA274A85 62464 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srut.dll 2014-09-15 19:41:47 A14056F47DEF0D79BC31561D79634AFE 10240 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Personalization.Common.dll 2014-09-15 19:41:47 801055EF8A621C35BCED54BCDFD7AB0E 148992 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-09-15 19:41:47 7CB60E06BF737776105E4E478233ADCE 74240 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srpt.dll 2014-09-15 19:41:47 794580EBBF1A963BD00FFA787B8ADEC5 312320 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Resources.Translations.dll 2014-09-15 19:41:47 64C3BC2B55403D40C60312A1BF750801 698368 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.GUI.Controls.dll 2014-09-15 19:41:47 51B46330DA6901F1CC0DB07226043088 206336 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srbs.dll 2014-09-15 19:41:47 472D1AF577BD181A825202574E8594D8 21504 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\srsl.dll 2014-09-15 19:41:47 39D27239CBA4F1003BE0FE0AF8171616 11264 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\spusm.dll 2014-09-15 19:41:47 36F39A9449C0FB231A6CD1DE50C9C10D 11776 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Smartbar.Common.dll 2014-09-15 19:41:47 34D4A23CAB5F23C300E965AA56AD3843 176128 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Microsoft.Deployment.WindowsInstaller.dll 2014-09-15 19:41:47 22E30038C178F751E3802C8BBC8C4F4F 110592 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\spbe.dll 2014-09-15 19:41:47 0E32F5229D5EE7D288B6B3969A51FCBC 428032 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSIBA9B.tmp-\Newtonsoft.Json.dll 2014-09-15 19:41:28 F6B1694455B0D8A23AED574B78CC2D05 12288 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\PIFlagsManager.dll 2014-09-15 19:41:28 36F39A9449C0FB231A6CD1DE50C9C10D 11776 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Common.dll 2014-09-15 19:41:27 F63B8C2EF4F3E781C75EC7578CD75E95 19968 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Communication.NamedPipe.dll 2014-09-15 19:41:27 E302513544F5FBB126E6651D7E1104F5 159232 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Infrastructure.Utilities.dll 2014-09-15 19:41:27 DFC77FABC037078A5F7407B50BA298B7 12800 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Communication.dll 2014-09-15 19:41:27 C7EA316F3186742E502E35ED62678DAD 7680 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\srbhu.dll 2014-09-15 19:41:27 BC42BEC3A88990626F5472F725CD2D58 27136 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\srptc.dll 2014-09-15 19:41:27 B8B402D3EA6718308AF402640D040BBA 54784 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\sppsm.dll 2014-09-15 19:41:27 B136B0272A164C407524B8A0EABBCC36 238592 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Installer.CustomActions.dll 2014-09-15 19:41:27 A6F7EC1B10052103EB5CF10BBA274A85 62464 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\srut.dll 2014-09-15 19:41:27 A14056F47DEF0D79BC31561D79634AFE 10240 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Personalization.Common.dll 2014-09-15 19:41:27 801055EF8A621C35BCED54BCDFD7AB0E 148992 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-09-15 19:41:27 7CB60E06BF737776105E4E478233ADCE 74240 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\srpt.dll 2014-09-15 19:41:27 39D27239CBA4F1003BE0FE0AF8171616 11264 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\spusm.dll 2014-09-15 19:41:27 34D4A23CAB5F23C300E965AA56AD3843 176128 ----a-w- C:\Users\Carl\AppData\Local\Temp\MSI6F85.tmp-\Microsoft.Deployment.WindowsInstaller.dll 2014-09-15 19:19:00 B6F30625972B2B23418D478E6E2B7688 10432512 ----a-w- C:\Users\Carl\AppData\Local\Temp\SkypeToolbars.msi 2014-09-15 19:18:06 E8B0B9E66DA893E477C468F8D1247A12 26923008 ----a-w- C:\Users\Carl\AppData\Local\Temp\Skype.msi 2014-09-15 18:33:55 9567A2DAC1B8EFBD7B0C6DCE2A2251C3 46592 ----a-w- C:\Users\Carl\AppData\Local\Temp\_ISTMP3.DIR\_WUTL951.DLL 2014-09-15 18:33:55 2A9A390018A50F1AF0DF0B7118696F6E 53248 ----a-w- C:\Users\Carl\AppData\Local\Temp\_ISTMP3.DIR\ZDataI51.dll 2014-09-15 18:33:22 9567A2DAC1B8EFBD7B0C6DCE2A2251C3 46592 ----a-w- C:\Users\Carl\AppData\Local\Temp\_ISTMP2.DIR\_WUTL951.DLL 2014-09-15 18:33:22 2A9A390018A50F1AF0DF0B7118696F6E 53248 ----a-w- C:\Users\Carl\AppData\Local\Temp\_ISTMP2.DIR\ZDataI51.dll 2014-09-15 18:32:21 9567A2DAC1B8EFBD7B0C6DCE2A2251C3 46592 ----a-w- C:\Users\Carl\AppData\Local\Temp\_ISTMP1.DIR\_WUTL951.DLL 2014-09-15 18:32:21 2A9A390018A50F1AF0DF0B7118696F6E 53248 ----a-w- C:\Users\Carl\AppData\Local\Temp\_ISTMP1.DIR\ZDataI51.dll 2014-09-15 13:21:11 699FB5428935DF875E7E296412429EA5 800960 ----a-w- C:\Users\Carl\AppData\Local\Temp\ICReinstall_microsoft-windows-installer_setup.exe 2014-09-15 13:19:47 C1185B4CDA9514B273FE1B5C57A4A6F0 582856 ----a-w- C:\Users\Carl\AppData\Local\Temp\is1143412866\406B1120_stp.EXE ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-09-15 18:31:42 4B3E266D23B5DA5A10A9AE527319A0C1 122880 ----a-w- C:\Windows\System32\rmoc3260.dll 2014-09-15 18:31:38 E3735893EAE9767B6B96D436F12FA3A1 24064 ----a-w- C:\Windows\System32\prefscpl.cpl 2014-09-15 18:31:38 B74E422BC81236042529DC8A42A18423 5632 ----a-w- C:\Windows\System32\pndx5032.dll 2014-09-15 18:31:38 33833B3EDA1B07EBD367FA9B38B23E60 6656 ----a-w- C:\Windows\System32\pndx5016.dll 2014-09-15 18:31:37 B9807BDDD55D3D4DA93A0BF5F67E4144 278528 ----a-w- C:\Windows\System32\pncrt.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-15 19:18:36 -------- d-----w- C:\Program Files\Common Files\Skype 2014-09-15 19:18:35 -------- d-----r- C:\Program Files\Skype 2014-09-15 18:51:25 -------- d-----w- C:\Program Files\Microsoft LifeCam 2014-09-15 18:34:25 -------- d-----w- C:\Program Files\directx 2014-09-15 18:31:38 -------- d-----w- C:\Program Files\Real 2014-09-15 18:31:37 -------- d-----w- C:\Program Files\Common Files\Real 2014-09-15 18:31:23 -------- d-----w- C:\Program Files\Windows Media Components 2014-09-13 16:50:07 -------- d-----w- C:\Program Files\CDBurnerXP 2014-08-26 09:04:13 -------- d-----w- C:\Program Files\TeamViewer ======= C: ===== ====== C:\Users\Carl\AppData\Roaming ====== 2014-09-15 19:19:14 -------- d-----w- C:\Users\Carl\AppData\Local\Skype 2014-09-15 19:19:06 -------- d-----w- C:\Users\Carl\AppData\Roaming\Skype 2014-09-15 19:06:27 B6FAABCC5F33E149521942EE50BCC0BD 3584 ----a-w- C:\Users\Carl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-15 13:08:29 -------- d-----w- C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-09-13 16:50:09 -------- d-----w- C:\Users\Carl\AppData\Roaming\Canneverbe Limited 2014-08-30 15:20:22 -------- d-----w- C:\Users\Carl\AppData\Locallow\Temp ====== C:\Users\Carl ====== 2014-09-16 08:59:48 293962A601FD3716372AAF4B6131AEDA 36013664 ----a-w- C:\Users\Carl\Downloads\SkypeSetupFull.exe 2014-09-15 19:18:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-15 19:18:28 -------- d-----w- C:\ProgramData\Skype 2014-09-15 19:16:45 F0201746A6262629A401D7B19A7F6BD1 1678440 ----a-w- C:\Users\Carl\Downloads\SkypeSetup.exe 2014-09-15 18:51:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam 2014-09-15 18:31:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real 2014-09-15 17:23:28 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Carl\Downloads\RSIT.exe 2014-09-15 14:14:19 955B519235602DD43D20B0312E9A3AC2 4901352 ----a-w- C:\Users\Carl\Downloads\ccsetup417.exe 2014-09-15 13:20:02 F1489656652F4672423622C0BF0EFE6B 8054042 ----a-w- C:\Users\Carl\Downloads\microsoft-windows-installer.exe 2014-09-15 13:16:40 699FB5428935DF875E7E296412429EA5 800960 ----a-w- C:\Users\Carl\Downloads\microsoft-windows-installer_setup.exe 2014-09-13 16:50:30 -------- d-----w- C:\ProgramData\Canneverbe Limited 2014-09-13 16:48:19 C9D490C5E267FE9AE8B35A30451B3B0B 5644000 ----a-w- C:\Users\Carl\Downloads\cdbxp_setup_4.5.4.5000.exe ====== C: exe-files == 2014-09-16 08:59:48 293962A601FD3716372AAF4B6131AEDA 36013664 ----a-w- C:\Users\Carl\Downloads\SkypeSetupFull.exe 2014-09-15 19:16:45 F0201746A6262629A401D7B19A7F6BD1 1678440 ----a-w- C:\Users\Carl\Downloads\SkypeSetup.exe 2014-09-15 19:02:35 293962A601FD3716372AAF4B6131AEDA 36013664 ----a-w- C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HK3PHJZU\SkypeSetupFull.exe 2014-09-15 18:32:24 B3CCE1E8B6FF3E66D31BAA3A694227D0 143360 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\HVideoS.exe 2014-09-15 18:32:24 9D2E68CF3387FA6C0737C4D6A55CA53C 86016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvpd.inf_x86_neutral_cc3defb218a1d486\CamSync.exe 2014-09-15 18:32:24 0EDBFE68B0C81AC51FC9040CDBF6D6DF 102400 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvpd.inf_x86_neutral_cc3defb218a1d486\LVComS.exe 2014-09-15 18:32:24 0EDBFE68B0C81AC51FC9040CDBF6D6DF 102400 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\LVComS.exe 2014-09-15 18:32:22 65541F7F9075194CDA176FBAE8977560 308224 ----a-w- C:\Windows\IsUn0413.exe 2014-09-15 18:31:44 27454A1942CE0FD9D31597623CADEDF0 24064 ----a-w- C:\Program Files\Real\RealPlayer\Setup\.g2cln.exe 2014-09-15 18:31:43 E2A88434A97379DBA5E63CDCEC6ADEC4 3723776 ----a-w- C:\Program Files\Real\RealPlayer\Setup\setup.exe 2014-09-15 18:31:39 29DE369633DF2BD3B0BC4CD08A7D4EB2 20480 ----a-w- C:\Program Files\Real\RealPlayer\realplay.exe 2014-09-15 18:31:37 A8D71C4F577176341FE788CE35F4A083 10752 ----a-w- C:\Program Files\Common Files\Real\Update\nddeserv.exe 2014-09-15 18:31:37 974E22126FED51B68BCA3F70F01949E7 83968 ----a-w- C:\Program Files\Common Files\Real\Update\upgrdhlp.exe 2014-09-15 18:31:37 76A4891F276B898DB8CD293C62D67CFF 88576 ----a-w- C:\Program Files\Common Files\Real\Update\rnuninst.exe 2014-09-15 17:44:11 F89558047E71F655A4DDB99E893213ED 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2014-09-15 17:23:28 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Carl\Downloads\RSIT.exe 2014-09-15 14:14:19 955B519235602DD43D20B0312E9A3AC2 4901352 ----a-w- C:\Users\Carl\Downloads\ccsetup417.exe 2014-09-15 13:21:11 699FB5428935DF875E7E296412429EA5 800960 ----a-w- C:\Users\Carl\AppData\Local\Temp\ICReinstall_microsoft-windows-installer_setup.exe 2014-09-15 13:20:02 F1489656652F4672423622C0BF0EFE6B 8054042 ----a-w- C:\Users\Carl\Downloads\microsoft-windows-installer.exe 2014-09-15 13:19:47 C1185B4CDA9514B273FE1B5C57A4A6F0 582856 ----a-w- C:\Users\Carl\AppData\Local\Temp\is1143412866\406B1120_stp.EXE 2014-09-15 13:16:40 699FB5428935DF875E7E296412429EA5 800960 ----a-w- C:\Users\Carl\Downloads\microsoft-windows-installer_setup.exe 2014-09-13 16:50:08 7D85F521831B311ACA00293A08537A37 1738056 ----a-w- C:\Program Files\CDBurnerXP\cdbxpp.exe 2014-09-13 16:50:08 2EE62F9D285E061E45F3F03F1E1C7E40 24392 ----a-w- C:\Program Files\CDBurnerXP\updater.exe 2014-09-13 16:50:08 02EAAA11A635D1E542BAA188DCE64513 25928 ----a-w- C:\Program Files\CDBurnerXP\cdbxpcmd.exe 2014-09-13 16:50:07 14A1D13B324D0D5B5B37BAAF71ABD9E3 1568233 ----a-w- C:\Program Files\CDBurnerXP\unins000.exe 2014-09-13 16:48:19 C9D490C5E267FE9AE8B35A30451B3B0B 5644000 ----a-w- C:\Users\Carl\Downloads\cdbxp_setup_4.5.4.5000.exe === C: other files == 2014-09-15 18:32:24 F57FCBFBBD7FF68CC286F6FEFEAED2B2 34816 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvsound.inf_x86_neutral_826891a4d8f3ec9e\LVSound2.sys 2014-09-15 18:32:24 EB17C2146D2BAFA79C67E35229F4297C 10254 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvdsc.inf_x86_neutral_2c5d9ed479e554e9\LVBulk.sys 2014-09-15 18:32:24 E0FEBA3178CABF337EE08F6A499A0FB3 12112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvsound.inf_x86_neutral_826891a4d8f3ec9e\LVUSBSta.sys 2014-09-15 18:32:24 E0FEBA3178CABF337EE08F6A499A0FB3 12112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvpd.inf_x86_neutral_cc3defb218a1d486\lvusbsta.sys 2014-09-15 18:32:24 E0FEBA3178CABF337EE08F6A499A0FB3 12112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvdsc.inf_x86_neutral_2c5d9ed479e554e9\LVUSBSta.sys 2014-09-15 18:32:24 E0FEBA3178CABF337EE08F6A499A0FB3 12112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\LVUSBSta.sys 2014-09-15 18:32:24 E046E590EB328B1EC27DC281172E361E 242176 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\LV506AV.SYS 2014-09-15 18:32:24 C4A1DEBC2B9A61A31D2616C2C6C03EEE 188592 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\lvvi500a.sys 2014-09-15 18:32:24 AE4C2D854F2786EDA93E923A4BCED983 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\lvcd.sys 2014-09-15 18:32:24 A3A4D50051DDBCF390E5918C43C167EF 371766 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\CamDrL21.sys 2014-09-15 18:32:24 71E7AE43A0EAA39C00EB36452A031B6E 31744 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\lvca.sys 2014-09-15 18:32:24 6D72758EFEB58C8AA70E2468063A3EB5 37888 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\lvcm.sys 2014-09-15 18:32:24 345A363DEBD9C1F403E62DB744415B34 44544 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\lvce.sys 2014-09-15 18:32:24 2C10A7458CF1418FDB12586607AF21D5 116480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\p35u.sys 2014-09-15 18:32:24 20804BB4F81C9869B38310837FA8ED2F 220079 ----a-w- C:\Windows\System32\DriverStore\FileRepository\lvcam.inf_x86_neutral_d54eeebf67ee04ef\LV551AV.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "VoipBuster"="C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe -nosplash -minimized" "WebCamRT.exe"="" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "AutoLockProcess"="C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe" "Acer PowerSaver"="C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe" "Acer SmartBoot"="C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "WavXMgr"="C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" "SecureUpgrade"="C:\Program Files\Wave Systems Corp\SecureUpgrade.exe" "RemoteControl8"="C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" "QCDriverInstaller"="C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1043 /LaunchAtStart" "LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "VoipBuster"="C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe -nosplash -minimized" "WebCamRT.exe"="" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13-09-2014 11:24] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25-11-2013 13:27] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25-11-2013 13:27] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe"] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files\Norton Internet Security\Engine\20.5.0.28\SymErr.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files\Norton Internet Security\Engine\20.5.0.28\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ [] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bejnhdlplbjhffionohbdnpcbobfejcc - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx[29-04-2014 14:31] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" "Search Page"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpVGgnyda8US7Ofu3J6ublv0-nLSmLzVedAfOWJJDdTfg4FsbuEoro-7TII6qXQi3tbB5Pz4-43VrNxHfW4tP1g8vt0p1jUJMW-pGfz8CYpzJbpSEl5X25DCiRGspAOrQ3f8YtuxskrWUbbYciuhjZCMTfKXuSlAN4GA,,&q={searchTerms}" "Search Bar"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpVGgnyda8US7Ofu3J6ublv0-nLSmLzVedAfOWJJDdTfg4FsbuEoro-7TII6qXQi3tbB5Pz4-43VrNxHfW4tP1g8vt0p1jUJMW-pGfz8CYpzJbpSEl5X25DCiRGspAOrQ3f8YtuxskrWUbbYciuhjZCMTfKXuSlAN4GA,,&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpVGgnyda8US7Ofu3J6ublv0-nLSmLzVedAfOWJJDdTfg4FsbuEoro-7TII6qXQi3tbB5Pz4-43VrNxHfW4tP1g8vt0p1jUJMW-pGfz8CYpzJbpSEl5X25DCiRGspAOrQ3f8YtuxskrWUbbYciuhjZCMTfKXuSlAN4GA,,&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpVGgnyda8US7Ofu3J6ublv0-nLSmLzVedAfOWJJDdTfg4FsbuEoro-7TII6qXQi3tbB5Pz4-43VrNxHfW4tP1g8vt0p1jUJMW-pGfz8CYpzJbpSEl5X25DCiRGspAOrQ3f8YtuxskrWUbbYciuhjZCMTfKXuSlAN4GA,,&q={searchTerms}" "SearchAssistant"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpVGgnyda8US7Ofu3J6ublv0-nLSmLzVedAfOWJJDdTfg4FsbuEoro-7TII6qXQi3tbB5Pz4-43VrNxHfW4tP1g8vt0p1jUJMW-pGfz8CYpzJbpSEl5X25DCiRGspAOrQ3f8YtuxskrWUbbYciuhjZCMTfKXuSlAN4GA,,&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.nl/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL563" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iMesh deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully ==== HijackThis Entries ====================== O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [AutoLockProcess] C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe O4 - HKLM\..\Run: [Acer PowerSaver] C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe O4 - HKLM\..\Run: [Acer SmartBoot] C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [WavXMgr] "C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" O4 - HKLM\..\Run: [SecureUpgrade] "C:\Program Files\Wave Systems Corp\SecureUpgrade.exe" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [QCDriverInstaller] C:\PROGRA~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe /addrun /l 1043 /LaunchAtStart O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Acer SmartBoot Service (ASLSvc) - Acer Incorporated - C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe ==== Empty IE Cache ====================== C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HK3PHJZU will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=412 folders=80 153010515 bytes) ==== Empty Temp Folders ====================== C:\Users\Carl\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Carl\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Carl\AppData\Local\WavXMapDrive.bat" not found "C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HK3PHJZU" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 18-09-2014 at 12:54:12,41 ======================