Zoek.exe v5.0.0.0 Updated 20-September-2014 Tool run by cis on wo 15/10/2014 at 11:37:42,62. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\cis\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== ==== Empty Folders Check ====================== C:\PROGRA~2\Audacity deleted successfully C:\PROGRA~2\CPU Miner deleted successfully C:\PROGRA~2\McAfee Security Scan deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\PCFix deleted successfully C:\PROGRA~2\SoundSpectrum deleted successfully C:\PROGRA~2\UtiluMFC deleted successfully C:\PROGRA~2\VLC Player GPU+ deleted successfully C:\Program Files\ATI Technologies deleted successfully C:\Program Files\Need4 Audio Converter 7 deleted successfully C:\Program Files\Need4 Software Launcher deleted successfully C:\Program Files\Virtual Audio Cable deleted successfully C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully C:\PROGRA~3\nView_Profiles deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully C:\PROGRA~3\{4A818508-3355-4FBC-B302-D53B599DD9D5} deleted successfully C:\PROGRA~3\{B1148819-B88A-4DDE-A988-CA8093A887F4} deleted successfully C:\PROGRA~3\{D79D348D-B804-455D-BF34-7E3989C8E84D} deleted successfully C:\PROGRA~3\{E648CD4D-3307-4213-89B2-9C0E20C77202} deleted successfully C:\Users\cis\AppData\Roaming\AccurateRip deleted successfully C:\Users\cis\AppData\Roaming\WinRAR deleted successfully C:\Users\Default\AppData\Roaming\Genie9 deleted successfully C:\Users\cis\AppData\Local\CRE deleted successfully C:\Users\cis\AppData\Local\DriverTuner deleted successfully C:\Users\cis\AppData\Local\MigWiz deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{76a39c95-086b-44df-bb69-b9e158ecffcf} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{76a39c95-086b-44df-bb69-b9e158ecffcf} deleted successfully ==== Installed Programs ====================== æTorrent Acrobat.com Adobe AIR Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader X (10.1.10) AoA Audio Extractor 1.0 Applian Director ArKaos GrandVJ 1.2.2 ASIO4ALL AVG 2014 AVG PC TuneUp 2014 AVG PC TuneUp 2014 (nl-NL) Bonjour CCleaner ConvertHelper 2.2 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Driver Download Manager Dell WUSB DJ Intro version 1.0 Genesis Hercules DJ Products Series drivers IDT Audio iTunes Java 7 Update 17 (64-bit) Java 7 Update 67 Java 7 Update 7 Java Auto Updater JavaFX 2.1.1 LaCie Desktop Manager 1.5.5 Malwarebytes Anti-Malware versie 2.0.2.1012 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Language Pack 2010 - Dutch/Nederlands Microsoft Office O MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office X MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 mIRC Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Native Instruments Traktor 2 neroxml Nuendo 4 NVIDIA-configuratiescherm 327.02 NVIDIA 3D Vision stuurprogramma 327.02 NVIDIA Grafisch stuurprogramma 327.02 NVIDIA Install Application NVIDIA nView 140.62 NVIDIA Stereoscopic 3D Driver NVIDIA WMI 2.14.0 Pioneer DDJ Driver Process Hacker 2.33 (r5590) qBittorrent 3.1.1.1 RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 RegSeeker Replay Converter 2.8 Replay Media Catcher 4 (4.4.3) Replay Media Splitter 2.2.1207 Replay Music 5 Replay Video Capture 6 RICOH R5C83x/84x Media Driver Ver.3.53.02 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition Speccy TuneUp Utilities Language Pack (nl-NL) UltraISO Premium V9.33 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition USB Multi-Channel Audio Device Video Padlock VirtualDJ Home FREE Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.1.2 Waves Diamond Bundle v5.2 Windows 7 Codec Pack 3.3.0 WinRAR archiver WinTuneUp 1.0 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe C:\Users\cis\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\069z3igp.Mozilla_Firefox_4.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0b2ho60l.Mozilla_Firefox_9.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0pev450h.Mozilla_Firefox_5.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0s33awnx.Mozilla_Firefox_3.6 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0vqhhw2d.Mozilla_Firefox_3.0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\46bd3l6v.Mozilla_Firefox_6.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\6ouy65ng.Mozilla_Firefox_16.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9gvajoja.default user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{ABDE892B-13A8-4d1b-88E6-365A6E755758}\":{\"descriptor\":\"C:\\\\ ---- Lines OneClickDownload removed from prefs.js ---- user_pref("extensions.OneClickDownload.filter", "filter:0,3"); user_pref("extensions.OneClickDownloader.last_register", "2012-5-18"); user_pref("extensions.OneClickDownloader.SupportedSite", "[]"); user_pref("extensions.OneClickDownloader.UserID", "10.54.14.1674f9698b8552c76.70733099"); ---- Lines OneClickDownload modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{ABDE892B-13A8-4d1b-88E6-365A6E755758}\":{\"descriptor\":\"C:\\\\ ---- Lines extensions.4f905aef42f84 removed from prefs.js ---- user_pref("extensions.4f905aef42f84.epoch", "1343420967"); user_pref("extensions.4f905aef42f84.url", "http://getjpinet.info /sync/?ext=bcool&pid=21&country=BE®d=120424121312&lsd=120726202929&uid=4f9698d8d20 ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9rcgulps.Mozilla_Firefox_14.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\cslhzfbt.Mozilla_Firefox_10.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\ds5lslbu.Mozilla_Firefox_3.5 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\dvss1dpa.Mozilla_Firefox_2.0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\fprlawla.Mozilla_Firefox_10.0esr user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\im6pllur.Mozilla_Firefox_11.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\l6zepabb.Mozilla_Firefox_15.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\lzm1aijf.Mozilla_Firefox_17.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\pvj9e5kw.Mozilla_Firefox_12.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\vdqj9waa.Mozilla_Firefox_13.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zhnqcibr.Mozilla_Firefox_8.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zxhukwiz.Mozilla_Firefox_7.0 user.js not found ---- Lines finder modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ProfilePath: C:\Users\cis\AppData\Roaming\TomTom\HOME\Profiles\nxmbyvbz.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141510_1719_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Mobogenie not found C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found C:\PROGRA~3\{4A818508-3355-4FBC-B302-D53B599DD9D5} not found C:\PROGRA~3\{B1148819-B88A-4DDE-A988-CA8093A887F4} not found C:\PROGRA~3\{D79D348D-B804-455D-BF34-7E3989C8E84D} not found C:\PROGRA~3\{E648CD4D-3307-4213-89B2-9C0E20C77202} not found C:\Users\cis\.android deleted C:\PROGRA~2\GUT3F43.tmp deleted C:\PROGRA~2\GUTAD9.tmp deleted C:\PROGRA~2\GUM3F42.tmp deleted C:\PROGRA~2\GUMAC9.tmp deleted C:\PROGRA~2\FoxTabFLVPlayer deleted C:\user.js deleted C:\Users\cis\AppData\Roaming\ASIO4TYPHOON.ini deleted C:\Users\cis\AppData\Roaming\Thinstall deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\InstallMate deleted C:\Users\cis\AppData\Local\BITD2F3.tmp deleted C:\Users\cis\AppData\Local\Thinstall deleted C:\Users\cis\AppData\Local\BearShare deleted C:\Users\cis\AppData\Local\cache deleted C:\Users\cis\AppData\LocalLow\mediabarbs deleted C:\windows\SysNative\tasks\CPU Grid Computing deleted C:\windows\SysNative\tasks\GPU Grid Computing deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWOW64\dfrg deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\069z3igp.Mozilla_Firefox_4.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0b2ho60l.Mozilla_Firefox_9.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0pev450h.Mozilla_Firefox_5.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0s33awnx.Mozilla_Firefox_3.6\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0vqhhw2d.Mozilla_Firefox_3.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\46bd3l6v.Mozilla_Firefox_6.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9gvajoja.default\jetpack deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\cslhzfbt.Mozilla_Firefox_10.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\ds5lslbu.Mozilla_Firefox_3.5\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\dvss1dpa.Mozilla_Firefox_2.0\.autoreg deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\dvss1dpa.Mozilla_Firefox_2.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\fprlawla.Mozilla_Firefox_10.0esr\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\im6pllur.Mozilla_Firefox_11.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\lzm1aijf.Mozilla_Firefox_17.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\pvj9e5kw.Mozilla_Firefox_12.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\vdqj9waa.Mozilla_Firefox_13.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zhnqcibr.Mozilla_Firefox_8.0\extensions\staged deleted C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zxhukwiz.Mozilla_Firefox_7.0\extensions\staged deleted C:\Users\Public\Desktop\Emoticons for your messenger!.url deleted C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted "C:\Users\cis\AppData\Local\{7FB52051-0028-4869-9550-0A7CCC24642D}" deleted "C:\ProgramData\383b36372621302727_c" deleted ==== System Specs ====================== Operating System: Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 64-bits Manufacturer: Dell Inc. - Model: Precision M6400 Install Date: 2/02/2012 10:50:21 Last Boot: 15/10/2014 10:50:08 Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz Number of Processors: 2 Work Station Bootmode: Normal boot Total RAM: 4083 MB ( - 0) Computername: PRECISION Domain: WORKGROUP User: cis (Administrator account) Local Disk: C:\ - NTFS - 148 GB (free 70 GB) CD \ DVD Drive: D:\ Local Disk: E:\ - NTFS - 465 GB (free 84 GB) CD \ DVD Drive: F:\ Removable Disk: G:\ - FAT32 - 1 GB (free 1 GB) Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus 2014 disabled (Outdated) Internet Explorer Version: 11.0.9600.17280 Mozilla Firefox version: 10.0.2 (x86 en-US) Mozilla Firefox version: 10.0.6 (x86 en-US) Mozilla Firefox version: 11.0 (x86 en-US) Mozilla Firefox version: 12.0 (x86 en-US) Mozilla Firefox version: 13.0.1 (x86 en-US) Mozilla Firefox version: 15.0 (x86 en-US) Mozilla Firefox version: 25.0.1 (x86 en-US) Mozilla Firefox version: (3.0.19) Mozilla Firefox version: (3.5.19) Mozilla Firefox version: (3.6.28) Mozilla Firefox version: 4.0.1 (x86 en-US) Mozilla Firefox version: 5.0.1 (x86 en-US) Mozilla Firefox version: 6.0.2 (x86 en-US) Mozilla Firefox version: 7.0.1 (x86 en-US) Mozilla Firefox version: 8.0.1 (x86 en-US) Mozilla Firefox version: 9.0.1 (x86 en-US) Adobe Reader version: 10.1.10.18 Sun Java version: 1.7.0_67 (32-bit) Sun Java version: 1.7.0_17 (64-bit) Flash Player version: 15.0.0.152 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\cis\AppData\Local\Temp ==== 2014-10-15 05:12:34 EFFEF020C1DA26252528E4DCB49FF9BA 1491456 ----a-w- C:\Users\cis\AppData\Local\Temp\speccycpuid.dll 2014-10-12 16:54:48 E17B30D3B06DBC63E9E94DAE70290A35 787968 ----a-w- C:\Users\cis\AppData\Local\Temp\sqlite3.dll 2014-10-04 11:07:13 AA2A68098801AB50CE128F3A731F86ED 377097 ----a-w- C:\Users\cis\AppData\Local\Temp\Quarantine.exe ====== Java Cache ===== 2014-10-07 02:50:13 2289EC45714E643C68398BDBC363F44B 759 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\359e0b0a-4e58751e 2014-10-07 02:50:15 2CF73240CAB628B33F2C49E048DAEC3D 85 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\359e0b0a-538bafb8f99c40494bfd7511c09316812c762c3ef6dd54173a3fe6c36dabf852-6.0.lap 2014-10-06 21:30:24 6E6FAF84E7FA49502D2807E0B52A11EC 1891 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\125ed8b-34ddf60b 2014-10-08 21:36:28 8D2292FD8D4C440FC647236A3F1675C3 18362 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\31d5ab8b-4f9c68d4 2014-10-09 01:04:03 208EBC3E03EBC156EA1C2D998DFE2627 1562 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\15bae68c-6cbf33e5 2014-09-26 11:27:30 CA4F8C3EF2F20B8BF6B15009B5F6D491 18303 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\2ba7facc-484f863d 2014-09-24 14:56:30 0C5E40F57717A4250AFDECAA2BF1D7DF 3562 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\4cae560e-1ea24892 2014-09-26 04:53:03 D4229C8DC1DAD74B858944FBD37DD544 11852 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\181c3992-52603d43 2014-09-26 10:23:20 30E8B562CB2C8191A15580B2B880FA9D 4666 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5d528415-57ca3416 2014-09-17 11:32:20 11F15763A356AFEF7678D676728DACF0 6337 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\d110058-666756d9 2014-09-17 12:26:00 D34DED5EB5EFDB8E51E34715C9355A31 1175 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\4f063c9a-6be0f1d1 2014-10-08 21:54:08 F6584AB8DB0E3B4E5C9E740328CCD04D 3137 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\30cbeedb-2acaef5b 2014-09-24 14:56:40 B0D689FE494A32C10CF8FA513AD91C61 2103 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\432ba35c-2110150c 2014-09-24 14:56:43 46FB0842EBC4B0F583F60E0786ABA245 4388 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\642c275d-5a0ce8a2 2014-09-17 11:32:33 77831B8696FEAB612EDD44E2FED4DD21 1716 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5cca9c5e-46846965 2014-10-06 21:30:23 9B9F637FD2571FDAFAC8F79FC0B54B4F 4530 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2bd69a5f-625a7b60 2014-10-06 21:30:29 0E3B506E9EE5F0ACF63C3DA1FF4B8DE8 6825 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\41563f5f-5a1a548d 2014-09-17 12:00:56 070D00FDB40A26C1284135759077DB51 7527 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\daa2723-3a234b2a 2014-09-21 20:14:18 714092E8406C5A57B4BDDBECEC22869D 2990 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\37fee7e5-1b79e1d4 2014-10-09 01:15:24 5096B75B94F54030B764B0C4FA128577 6309 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\48522ba6-7d4c06f0 2014-09-20 17:30:54 58443817FFEDFC0FE18DB033EC9EB5B6 14516 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\10b75527-6b79a4f9 2014-09-26 11:27:32 55869F428B2A708B36CE0A3FCB042E4A 3476 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\3658d7a7-70e7c41a 2014-09-17 08:04:10 90FD5B01837849B84333237B87F346A4 11804 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\476910c4-2b7c0ea4 2014-09-17 18:21:51 A9DCBF8443850371395552363DDC052F 4905 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\3fe4aaa8-14ac18f2 2014-10-08 21:31:20 B98010F9DC0DBADE01720D6E8D8B75B6 9013 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\6ef98769-3c96796d 2014-09-17 08:04:11 9A8216ABA58EE1FC99094E1CDF4E2079 18836 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5e7d4b6a-71aab41b 2014-09-24 15:42:14 10D3C41E07C5CCFBD853E8EBF3C8D054 2884 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\36002f6b-3dc5329e 2014-10-09 01:27:02 5FC72A5C56B6A45814188AE974D9EFB5 3316 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\734b6aeb-5b095d42 2014-09-17 12:00:57 9FF498D8495AB18BD341EF230DFB13C1 2807 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\61e868b0-12775169 2014-09-17 11:32:31 10C1A3518ABDB3058E6135016D06D877 2544 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\4ffc1432-438c9104 2014-09-17 08:04:14 FD1AF87854DD3276A7A992D38CD2EE53 7894 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\10a2baf6-6b8d7f9f 2014-10-08 21:31:18 CFDB69E926EBB3D0B8986525D703AABE 6381 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\61047df8-264b75d1 2014-09-17 11:32:28 A2405830939050F594B1DC35D9CB63FD 6183 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\37927439-6a58ec95 2014-09-24 15:46:10 E81DD19B300C45F8D2C12203AA7AA048 5573 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\f0c2ba-161ff3fc 2014-09-24 14:56:33 2CBD1D29FF0FA986062AF4265212F26A 7168 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3d7827b-492c5cb9 2014-10-06 21:30:26 E325E73D386A0432A118D21D066B7950 5133 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2217893c-60e1e5a8 2014-09-26 10:14:56 FCC16AA018EA3166CA995AC3BC0146B7 6209 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\3046bcbf-543f308d 2014-09-24 15:18:53 B309B33A227777683D1816EC5F57D67B 2511 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\420b0dbf-6fb948b7 2014-09-26 11:27:33 21C0FB1B8240287A45C10E04318B7DF1 4023 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\4427403f-3b3da86d 2014-10-06 21:30:27 DF242589A0BB83394A1D1E6029BAA02C 16853 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\1feb108-3a44356b 2014-09-26 10:31:48 9ED698610F5510D99813F36B43EB62A5 13534 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\561d0308-71a1fdc1 2014-10-08 18:36:51 42F33EC0123B6AE81FE732B4DF3736B1 3393 ----a-w- C:\Users\cis\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\aac77c9-2808dd4f ====== C:\Windows\SysWOW64 ===== 2014-10-04 00:54:44 BBA80D3CAB22620A6AC9BB603386EE33 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-04 00:54:45 8D46C7BCDF7FBAAC8666D6640ADA930E 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll ====== C:\Windows\Sysnative\drivers ===== 2014-09-21 01:47:57 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_HDJBulk_01009.Wdf 2014-09-21 01:47:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_HDJAsioK_01009.Wdf 2014-09-21 01:36:30 BC7621ABA631223E9006DD9F729361DD 38704 ----a-w- C:\Windows\Sysnative\drivers\HDJCtrl.sys 2014-09-21 01:36:30 116E61D61CF9CAF3CABF1EF31AAB2F4F 276272 ----a-w- C:\Windows\Sysnative\drivers\HDJMidi.sys 2014-09-21 01:36:29 936439EB34C99BEDC3ED90972FB44445 296240 ----a-w- C:\Windows\Sysnative\drivers\HDJBulk.sys 2014-09-21 01:36:29 311D659CE1DA10DA6D92943A63DE789D 323376 ----a-w- C:\Windows\Sysnative\drivers\HDJAsioK.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-15 05:09:15 -------- d-----w- C:\Program Files\Speccy 2014-10-15 04:38:12 -------- d-----w- C:\Program Files\trend micro 2014-10-14 14:54:48 -------- d-----w- C:\Program Files\Process Hacker 2 2014-09-21 01:36:36 -------- d-----w- C:\Program Files\Guillemot 2014-09-21 01:35:58 -------- d-----w- C:\Program Files\Hercules ======= C:\PROGRA~2 ===== 2014-10-15 05:17:17 -------- d-----w- C:\PROGRA~2\RegSeeker 2014-09-21 02:19:38 -------- d-----w- C:\PROGRA~2\VirtualDJ ======= C: ===== ====== C:\Users\cis\AppData\Roaming ====== 2014-10-15 06:08:05 -------- d-----w- C:\Users\cis\AppData\Roaming\Process Hacker 2 2014-10-15 05:17:17 -------- d-----w- C:\Users\cis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegSeeker 2014-09-21 02:19:49 -------- d-----w- C:\Users\cis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2014-09-21 00:53:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WERF47D.tmp.secure.hdmp 2014-09-21 00:53:41 7B36531573629AD12A1E06C4F70D518D 3518 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WERF382.tmp.WERInternalMetadata.xml ====== C:\Users\cis ====== 2014-10-15 05:17:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegSeeker 2014-10-15 05:09:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-10-15 04:37:08 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\cis\Desktop\RSITx64.exe 2014-10-15 04:37:08 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\cis\Desktop\spsetup126.exe 2014-10-15 04:12:35 F783EC309D42813F74319EB776153B2B 165376 ----a-w- C:\Users\cis\Desktop\SystemLook_x64.exe 2014-10-14 14:54:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 2014-10-14 11:21:10 DFF72B75746001A9060AB2B80310012E 14349744 ----a-w- C:\Users\cis\Desktop\mbar-1.07.0.1012.exe 2014-10-14 11:21:08 590AE97695A21AE8FA5B419BE3E13452 1976320 ----a-w- C:\Users\cis\Desktop\adwcleaner_4.000.exe 2014-10-14 11:21:08 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\cis\Desktop\mbam-setup-2.0.3.1025.exe 2014-10-14 11:21:07 F7C77350AEF13278213E70B5FD6FB017 1932448 ----a-w- C:\Users\cis\Desktop\processhacker-2.33-setup.exe ====== C: exe-files == 2014-10-15 05:17:39 18182F46F97DEDA321CF2BFD357F7479 57706 ----a-w- C:\Program Files (x86)\RegSeeker\uninst.exe 2014-10-15 05:01:16 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\cis.exe 2014-10-15 04:28:57 A9333116F5CA2CC04B17C60F8FE57517 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1098797224-2494827788-1321191559-1000\$IU0GKOQ.exe 2014-10-15 04:12:35 C191C746CD975CE2DD5F8B5E009F8385 1528184 ----a-w- C:\$Recycle.Bin\S-1-5-21-1098797224-2494827788-1321191559-1000\$RU0GKOQ.exe 2014-10-14 14:54:51 5BE5720FB4FADF6FB846183BC08DC46F 201560 ----a-w- C:\Program Files\Process Hacker 2\peview.exe 2014-10-14 14:54:49 FE989F01F30BB96A9D20AABF635DA465 811743 ----a-w- C:\Program Files\Process Hacker 2\unins000.exe 2014-10-14 14:54:49 C89298E0A7CDE628B0349F016D676FCF 1448280 ----a-w- C:\Program Files\Process Hacker 2\ProcessHacker.exe === C: other files == 2014-10-15 04:12:36 043870E47278B9A30F70A8A4D77D31CC 715214 ----a-w- C:\Users\cis\Desktop\RegSetup.zip 2014-10-14 14:54:51 C80E5F6861DF5E983DC17B9EEE224748 39576 ----a-w- C:\Program Files\Process Hacker 2\kprocesshacker.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet" "Hercules DJ Series TrayAgent"="C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe /boot" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Creative Cloud" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BearShare] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BearShare" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cm106Sound] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Cm106Sound" "hkey"="HKLM" "command"="C:\\Windows\\syswow64\\RunDll32.exe C:\\Windows\\Syswow64\\cm106.dll,CMICtrlWnd" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DriverMax" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Innovative Solutions\\DriverMax\\drivermax.exe\" -agent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax_RESTART] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DriverMax_RESTART" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Innovative Solutions\\DriverMax\\drivermax.exe\" -RESTART" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LaCie Desktop Manager Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LaCie Desktop Manager Launcher" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LaCie Desktop Manager Startup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LaCie Desktop Manager Startup" "hkey"="HKCU" "command"="\"C:\\Program Files\\LaCie\\Desktop Manager\\LaCieDesktopManagerStatusItem.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Media Finder" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /installquiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OfficeSyncProcess" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSOSYNC.EXE\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SweetIM" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TkBellExe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UsageLoader] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UsageLoader" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UsageTemp] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UsageTemp" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UtiluMFCAllUsers] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UtiluMFCAllUsers" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless USB Manager.lnk] "backup"="C:\\Windows\\pss\\Wireless USB Manager.lnk.CommonStartup" "backupExtension"=".CommonStartup" "item"="Wireless USB Manager" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TomTomHOMEService] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/09/2014 13:05] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\RealCreateProcessScheduledTask168871S-1-5-21-1098797224-2494827788-1321191559-1000" [C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe] "C:\Windows\SysNative\tasks\RealCreateProcessScheduledTask176951S-1-5-21-1098797224-2494827788-1321191559-1000" [C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe] "C:\Windows\SysNative\tasks\RealCreateProcessScheduledTask81096838S-1-5-21-1098797224-2494827788-1321191559-1000" [C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe] "C:\Windows\SysNative\tasks\RealCreateProcessScheduledTask98442886S-1-5-21-1098797224-2494827788-1321191559-1000" [C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-1098797224-2494827788-1321191559-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-1098797224-2494827788-1321191559-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG PC TuneUp 2014\OneClick.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2D2FB5FD-7587-49CE-9411-70A48F2FFAB8}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{50D60FA0-A840-4E8C-8804-72D96A325DA2}" [C:\Program Files\Native Instruments\Traktor 2\Traktor.exe] "C:\Windows\SysNative\tasks\{7A1FB039-A33B-41D1-AE14-51CF703E2CAD}" [C:\Users\cis\Documents\MasterPinguin.PG-AM.Standard.v2.3.0.580.Incl.Keygen-AiR\Setup.exe] "C:\Windows\SysNative\tasks\{867A4741-9329-47AE-A5DC-85732E5A7529}" [C:\Users\cis\Documents\MasterPinguin.PG-AM.Standard.v2.3.0.580.Incl.Keygen-AiR\Setup.exe] "C:\Windows\SysNative\tasks\{92FBED0C-A711-4C4B-BA1C-E17F5D17DD75}" [C:\Users\cis\Documents\MasterPinguin.PG-AM.Standard.v2.3.0.580.Incl.Keygen-AiR\Setup.exe] "C:\Windows\SysNative\tasks\{B60FBA3C-52D9-4252-8199-9D09570BC3B7}" [C:\Program Files\Native Instruments\Traktor 2\Traktor.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [26/03/2014 04:39] ==== Firefox Extensions ====================== ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\069z3igp.Mozilla_Firefox_4.0 - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 4.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 4.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 4.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0b2ho60l.Mozilla_Firefox_9.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 9.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 9.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 9.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0pev450h.Mozilla_Firefox_5.0 - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 5.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 5.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 5.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0s33awnx.Mozilla_Firefox_3.6 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.6\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.6\extensions\titlebar_tweaks@software.utilu.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.6\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0vqhhw2d.Mozilla_Firefox_3.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.0\extensions\titlebar_tweaks@software.utilu.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\46bd3l6v.Mozilla_Firefox_6.0 - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 6.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 6.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 6.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\6ouy65ng.Mozilla_Firefox_16.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 16.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 16.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9gvajoja.default - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Extension Auto-Installer - %ProfilePath%\extensions\autoinstaller@adblockplus.org.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9rcgulps.Mozilla_Firefox_14.0 - Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - FireDownload - %ProfilePath%\extensions\firedownload@mozilla.org.xpi - FlyOrDie Quick Java Installer - %ProfilePath%\extensions\java@flyordie.com.xpi ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\cslhzfbt.Mozilla_Firefox_10.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 10.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 10.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 10.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\ds5lslbu.Mozilla_Firefox_3.5 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.5\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.5\extensions\titlebar_tweaks@software.utilu.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 3.5\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\dvss1dpa.Mozilla_Firefox_2.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 2.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 2.0\extensions\titlebar_tweaks@software.utilu.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 2.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Program Files\Protector by IB\Firefox ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\fprlawla.Mozilla_Firefox_10.0esr - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 10.0esr\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 10.0esr\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 10.0esr\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\im6pllur.Mozilla_Firefox_11.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 11.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 11.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 11.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\l6zepabb.Mozilla_Firefox_15.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 15.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 15.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\lzm1aijf.Mozilla_Firefox_17.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 17.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 17.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\pvj9e5kw.Mozilla_Firefox_12.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 12.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 12.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 12.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\vdqj9waa.Mozilla_Firefox_13.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 13.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 13.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zhnqcibr.Mozilla_Firefox_8.0 - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 8.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 8.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 8.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} ProfilePath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zxhukwiz.Mozilla_Firefox_7.0 - Undetermined - C:\Users\cis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 7.0\extensions\firebug@software.joehewitt.com - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 7.0\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} - Undetermined - C:\Program Files (x86)\UtiluMFC\Mozilla Firefox 7.0\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} - Undetermined - C:\Program Files\Protector by IB\Firefox - Undetermined - C:\Program Files\Alwil Software\Avast5\WebRep\FF - RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext ProfilePath: C:\Users\cis\AppData\Roaming\TomTom\HOME\Profiles\nxmbyvbz.default - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.080.9662@tomtom.com ==== Firefox Plugins ====================== Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\069z3igp.Mozilla_Firefox_4.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0b2ho60l.Mozilla_Firefox_9.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0pev450h.Mozilla_Firefox_5.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0s33awnx.Mozilla_Firefox_3.6 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\0vqhhw2d.Mozilla_Firefox_3.0 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\46bd3l6v.Mozilla_Firefox_6.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\6ouy65ng.Mozilla_Firefox_16.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9gvajoja.default 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\9rcgulps.Mozilla_Firefox_14.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\cslhzfbt.Mozilla_Firefox_10.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\ds5lslbu.Mozilla_Firefox_3.5 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\fprlawla.Mozilla_Firefox_10.0esr 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\im6pllur.Mozilla_Firefox_11.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\l6zepabb.Mozilla_Firefox_15.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\lzm1aijf.Mozilla_Firefox_17.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\pvj9e5kw.Mozilla_Firefox_12.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\vdqj9waa.Mozilla_Firefox_13.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zhnqcibr.Mozilla_Firefox_8.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System Profilepath: C:\Users\cis\AppData\Roaming\Mozilla\Firefox\Profiles\zxhukwiz.Mozilla_Firefox_7.0 92E874667621A2A475FC8EA91DD763A2 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) 94A6E06BF6531D623FE30A7C38E65F61 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\cis\AppData\Local\Temp\ccex.crx[] jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[20/09/2012 08:15] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:13976" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaCie Desktop Manager Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Finder deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UsageLoader deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UsageTemp deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UtiluMFCAllUsers deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_28d2dd9e7b045988\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_28d2dd9e7b045988\STacSV64.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\cis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\cis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=475 folders=72 211118898 bytes) ==== Empty Temp Folders ====================== C:\Users\cis\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\cis\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 15/10/2014 at 23:22:05,90 ======================