Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by ANTONIO on vr 08/05/2015 at 20:45:32,62. Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANTONIO\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-05-05-200038.log 58874 bytes C:\zoek-results2015-05-06-195240.log 59127 bytes C:\zoek-results2015-05-06-203821.log 58019 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer AAC Decoder ACDSee Pro 2 Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 17 ActiveX Adobe Reader X (10.1.13) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 11.6 Alcatech BPM Studio Professional v4.9.1 Alt.Binz 0.25.0 Apple Application Support Apple Software Update Asterisk Key 10.0 AutoUnpack 4.4.4 AutoUpdate AVI DivX to DVD SVCD VCD Converter 4.0.0822 AVS Update Manager 1.0 AVS Video Converter 6 Belastingen 2009 versie 1.x Belastingen 2010 versie 1.x Belastingen 2013 versie 1.x Belastingen 2014 versie 1.x Belgium e-ID middleware 4.0.7 (build 7466) BS.Player FREE BufferChm C310 CADdy++ - SEE Camera RAW Plug-In for EPSON Creativity Suite CardRecovery 5.30 CCleaner Combined Community Codec Pack 2009-09-09 Compatibiliteitspakket voor het 2007 Microsoft Office system CompuApps SwissKnife V3 ConvertXtoDVD 4.0.3.312 CoreAAC CyberLink PowerDVD 10 CyberLink PowerDVD 9 D3DX10 Destinations DeviceDiscovery Dicom Viewer Demo (Rubo) DicomWorks 1.3.5b DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Version Checker DivX Web Player Document Express DjVu Plug-in Doxillion Document Converter Dropbox DVD Decrypter (Remove Only) DVD Profiler Version 3.5.1 DVD Shrink 3.2 DVD to DivX Converter 4 dvdSanta 4.50 ECOhome 2009b EPSON-printersoftware Facebook Video Calling 3.1.0.521 Firebird SQL Server - MAGIX Edition Foxit Reader Free YouTube to MP3 Converter version 3.9.31 FSC OSD Utility Fujitsu Siemens Computers Recovery GoGear VIBE Device Manager Google Chrome Google Drive Google Earth Google Earth Pro Google SketchUp Pro 7 Google Toolbar for Internet Explorer Google Update Helper Google+ Auto Backup GPBaseService2 GrabIt 1.7.2 Beta 4 (build 997) H.264 Decoder Home'Bank Light 3.3.3 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 HP Solution Center 14.0 HP Update HPAppStudio HPPhotoGadget HPProductAssistant HPSSupply ImagXpress ImgBurn Intel(R) Graphics Media Accelerator Driver IrfanView (remove only) Java 8 Update 25 Java 8 Update 45 Java Auto Updater Junk Mail filter update Launch Manager LCP 5.04 LifeTV MAGIX Foto Manager MX MAGIX Photo Designer 7 Malwarebytes Anti-Malware versie 2.0.4.1028 MarketResearch Maxtor Manager Media Converter for Philips Media Player Product Tool 5.25 MediaPortal MEDION GoPal Assistant Medion GoPal Assistant 4.03.006 Mesh Runtime Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Rekenmachine Plus Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MKV Splitter Mozilla Firefox 37.0.2 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 31.6.0 (x86 nl) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MultiStage Recovery 4 MyFreeCodec Nero 8 Essentials Nero Burning ROM Help Nero ControlCenter Nero Vision neroxml Network Norton Ghost NZB finder Off-linediensten van Home'Bank 5.21 OGA Notifier 2.0.0048.0 Onis 2.3 Free Edition OpenOffice.org 3.0 Opera 9.64 Paragon Drive BackupT 9 Personal Edition Password Spectator PC Connectivity Solution PC Inspector File Recovery PDF Architect PDFCreator Picasa 3 Picture Resize 5.1.3 Pinkhof Geneeskundig woordenboek PS_AIO_07_C310_SW_Min QuickPar 0.9 QuickTime 7 QuickTransfer Realtek High Definition Audio Driver REALTEK Wireless LAN Driver and Utility Recover My Files Recuva Revo Uninstaller 1.95 SA304x Device Manager SA304x Media Converter SABnzbd (remove only) SAMSUNG Intelli-studio Samsung Kies Samsung New PC Studio Samsung New PC Studio USB Driver Installer SAMSUNG USB Driver for Mobile Phones SamsungConnectivityCableDriver Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition SeePassword Segoe UI Shockwave Director 11.0.3 Shop for HP Supplies SIW version 2009.10.22 SkypeT 7.0 SmartWebPrinting SolutionCenter Spybot - Search & Destroy SSC Service Utility v4.30 Status Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) SUPERAntiSpyware swMSM Synaptics Pointing Device Driver SystemDiagnostics Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TomTom HOME TomTom HOME Visual Studio Merge Modules Toolbox TrayApp TuneUp Utilities 2013 TuneUp Utilities Language Pack (nl-NL) TweakVI Ultra DVD to DivX Converter 3.0.1228 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2965207) 32-Bit Edition Update voor het stuurprogramma voor Windows Mobile Apparaatcentrum Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB Storage Driver VC80CRTRedist - 8.0.50727.4053 VCRedistSetup VirtualCloneDrive VLC media player 1.0.1 WebcamTest WebReg wGXe Photo Recovery Windows-stuurprogrammapakket - Nokia pccsmcfd (10/12/2007 6.85.4.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver WinUtilities 9.2 WinUtilities 9.4 Professinal Edition Xilisoft Video Converter Ultimate ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\FsUsbExService.Exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\PDF Architect\HelperService.exe C:\Program Files\PDF Architect\ConversionService.exe C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtWlan.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\ANTONIO\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\conime.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\ANTONIO\Desktop\zoek.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k WindowsMobile ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MoraLrob"=- ==== Deleting Files \ Folders ====================== ==== System Specs ====================== Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002) Memory (RAM): 2908 MB CPU Info: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz CPU Speed: 2158,3 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1680 X 945 - 16 bit Network: Network Present Network Adapters: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCDDVDW TS-L633A | F: ELBY CLONEDRIVE Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 92,2GB | D: 131,9GB Hard Disks - Free: C: 959,0MB | D: 61,1GB Manufacturer *: BIOS Info: AT/AT COMPATIBLE | 02/04/09 | FSC - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 37.0.2 (x86 nl) Google Chrome version: 42.0.2311.135 Adobe Reader version: 10.1.13.16 Sun Java version: 1.8.0_45 (32-bit) Shockwave Player version: 11.6.1r629 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ANTONIO\AppData\Local\Temp ==== 2015-05-08 18:31:07 C9889FA47FA63E6257B7A966C40BE286 43008 ----a-w- C:\Users\ANTONIO\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcrmoqm.dll ====== Java Cache ===== 2015-05-06 20:43:59 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-78d692a6 ====== C:\Windows\system32 ===== 2015-04-28 20:27:12 AC841E83E5B0914C700D236AC2E84BB0 369664 ----a-w- C:\Windows\System32\WMPhoto.dll 2015-04-28 20:26:50 217B3071BA854D5D704EE24CFF7E5F9C 975360 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2015-04-28 20:26:33 BFC1892FFA0E8D3351EF59D6E3F39A2F 1249280 ----a-w- C:\Windows\System32\msxml3.dll 2015-04-28 20:26:11 9F0BF29BB9D6E77C6F909412FB052F1D 2064384 ----a-w- C:\Windows\System32\win32k.sys 2015-04-28 20:14:40 1359F3CD7DF4D105C6C70CCE671F8520 297984 ----a-w- C:\Windows\System32\gdi32.dll 2015-04-28 20:14:24 5D9311526801643000D7032A83B18B12 244152 ----a-w- C:\Windows\System32\clfs.sys 2015-04-28 20:14:24 2FF4B8BA9805BABA5E8FB923AF44F480 57344 ----a-w- C:\Windows\System32\clfsw32.dll 2015-04-28 20:13:46 E33CD56F2F344658C6000821611BBBD7 1205168 ----a-w- C:\Windows\System32\ntdll.dll 2015-04-28 20:13:46 D9DD1D278927A9CD5FF135887928C8EC 49152 ----a-w- C:\Windows\System32\csrsrv.dll 2015-04-28 20:13:46 B5C66E0B251D954D6CED30E4FDB07792 64000 ----a-w- C:\Windows\System32\smss.exe 2015-04-28 20:13:45 952EA6E27E3A16F02F85C10BB7F4752A 3552184 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-04-28 20:13:45 377602E869DA9C05AC67CA3A5019A051 3604920 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-04-28 20:13:16 ED1E4D1CA97596E0871C1F59AC4DE8F0 34304 ----a-w- C:\Windows\System32\atmlib.dll 2015-04-28 20:13:16 AB272D0B2EF1C79E43E7744D098352B2 296960 ----a-w- C:\Windows\System32\atmfd.dll 2015-04-28 20:12:49 259F6A6294AF75E74F93F480E05F264A 807936 ----a-w- C:\Windows\System32\msctf.dll 2015-04-28 20:12:11 2D357C80ABB17CFACB7B552BC9CC8548 279040 ----a-w- C:\Windows\System32\schannel.dll 2015-04-28 20:11:09 2BF660554AD726BD43869E2A452B547F 11587584 ----a-w- C:\Windows\System32\shell32.dll 2015-04-28 19:39:16 BAC7D3632B09A5DF7D2BD067933E49E0 2264064 ----a-w- C:\Windows\System32\msi.dll 2015-04-27 18:38:41 C1BC2B2E0AA56E9C28299273C86A73E4 421376 ----a-w- C:\Windows\System32\vbscript.dll 2015-04-27 18:38:41 9B1B09743E49F4E2364C34203F843844 11776 ----a-w- C:\Windows\System32\mshta.exe 2015-04-27 18:38:40 686DFDA82EE2DBE1F58A48C9E3093996 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2015-04-27 18:38:40 67DB0E50E830E45BA24AA7B1B2143B93 1139200 ----a-w- C:\Windows\System32\urlmon.dll 2015-04-27 18:38:39 E8DFFB36F1120DC1DB7C0BCBCF1640AD 231936 ----a-w- C:\Windows\System32\url.dll 2015-04-27 18:38:39 E6DE7F4A4BF8CD9E5C4F9466981892EC 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-04-27 18:38:39 E38129C89502D27580368D9762B6AFC6 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2015-04-27 18:38:39 B4AAF0FD9C32478889639DE464B21DA0 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2015-04-27 18:38:39 052A629983DD1A2116629293D02B1B58 1803264 ----a-w- C:\Windows\System32\iertutil.dll 2015-04-27 18:38:37 B76F31C79764D2D8835CBEC935D49DB7 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-04-27 18:38:37 02D9B399770C9C971F3B3344017106BA 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2015-04-27 18:38:36 F73E3C29743621D9AAF09503E523E175 367104 ----a-w- C:\Windows\System32\html.iec 2015-04-27 18:38:36 5E2BFFFBAA061C1660F8255B2E3BD25C 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2015-04-27 18:38:36 19B481D70FBC176AE5D3E91347B0128F 1129472 ----a-w- C:\Windows\System32\wininet.dll 2015-04-27 18:38:35 95D3A97897CE0386358FA6F65D8F343D 717824 ----a-w- C:\Windows\System32\jscript.dll 2015-04-27 18:38:35 88965158C3620A7AA0B177599C6504AC 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-04-27 18:38:34 6B5500DE200DC9C51A3F6A9377D14789 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2015-04-27 18:38:32 5FCA6B58D90B6D17327B48216451266D 1810944 ----a-w- C:\Windows\System32\jscript9.dll 2015-04-27 18:38:31 A4C519E68C75A9657B884990326CA1C8 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2015-04-27 18:38:30 16BAD3B8ABC01EC9D34E912162CA4A53 176640 ----a-w- C:\Windows\System32\ieui.dll 2015-04-27 18:38:26 59717C2C872AAEA7519B0124409B4578 9747968 ----a-w- C:\Windows\System32\ieframe.dll 2015-04-27 18:38:23 1035970885DD6ABA0EBCB3C02006A8E9 12377600 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== 2015-04-19 16:07:34 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-04-19 16:06:57 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-04-19 16:06:57 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-04-19 16:06:57 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys ====== C:\Windows\Tasks ====== 2015-05-02 16:49:41 B8E4D76F30E3659C8573506FF40A4861 2960 ----a-w- C:\Windows\system32\Tasks\{50026D17-3B73-4457-AFDE-3F8122A40E7D} 2015-05-02 16:49:29 -------- d-----w- C:\Windows\system32\Tasks\Leader Technologies ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-15 17:34:32 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\ANTONIO\AppData\Roaming ====== 2015-05-06 20:34:27 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Temp 2015-05-06 20:34:27 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-05-06 20:34:27 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-05-06 20:34:27 -------- d-----w- C:\Users\TEMP\AppData\Local\temp 2015-05-06 20:34:27 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-05-06 20:34:27 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-05-06 20:34:27 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-05-06 20:34:27 -------- d-----w- C:\Users\ANTONIO\AppData\Local\Temp 2015-05-06 20:34:27 -------- d-----w- C:\Users\Administrator\AppData\Local\temp 2015-05-02 17:11:26 -------- d-----w- C:\Users\ANTONIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownShotFree 2015-05-02 16:46:26 -------- d-----w- C:\Users\ANTONIO\AppData\Roaming\Leadertech 2015-04-21 20:37:33 -------- d-----w- C:\Users\ANTONIO\AppData\Local\Windows Live Writer ====== C:\Users\ANTONIO ====== 2015-05-08 18:43:41 607B0038E035E6AC128BA2A28A0D8CBD 29417920 ----a-w- C:\Users\ANTONIO\Desktop\Thunderbird Setup 31.6.0.exe 2015-05-08 18:33:15 9A22FED5E73AE31B0D3B7FB6C40D5915 243472 ----a-w- C:\Users\ANTONIO\Desktop\Firefox Setup Stub 37.0.2.exe 2015-05-04 20:26:57 -------- d-----w- C:\ProgramData\ESET 2015-04-24 21:11:40 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ====== C: exe-files == 2015-05-08 18:43:41 607B0038E035E6AC128BA2A28A0D8CBD 29417920 ----a-w- C:\Users\ANTONIO\Desktop\Thunderbird Setup 31.6.0.exe 2015-05-08 18:34:38 EB39E9FD63B97FBA1B4812DE032E80AD 119408 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe 2015-05-08 18:33:15 9A22FED5E73AE31B0D3B7FB6C40D5915 243472 ----a-w- C:\Users\ANTONIO\Desktop\Firefox Setup Stub 37.0.2.exe 2015-05-06 19:00:45 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-05-06 19:00:45 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-05-06 19:00:45 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-05-06 19:00:45 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-05-06 19:00:45 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-05-06 19:00:45 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-05-06 19:00:45 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-05-06 19:00:44 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-05-06 19:00:44 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-05-06 19:00:44 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-05-06 19:00:44 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-05-06 19:00:44 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-05-06 19:00:44 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-05-06 19:00:44 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-05-06 19:00:44 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-05-06 19:00:38 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-05-06 19:00:38 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-05-06 19:00:38 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-05-06 19:00:38 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-05-06 19:00:38 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-05-06 19:00:38 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-05-02 19:27:44 B4605D865BF030CD5CEFCC3266A06C7F 41792592 ----a-w- C:\Program Files\Google\Update\Install\{14CF9D95-481A-464C-A3F1-02F274214DF2}\42.0.2311.135_chrome_installer.exe 2015-05-02 19:27:40 B4605D865BF030CD5CEFCC3266A06C7F 41792592 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_chrome_installer.exe 2015-05-02 14:27:22 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files\Google\Update\Install\{B7BA6FDC-31B3-4B2D-A41A-F2A889364946}\42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-05-02 14:27:22 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe === C: other files == 2015-05-06 19:00:45 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-05-04 20:34:32 5C63B68556BEE5F4EDB40BAD8FBA63AB 156533 ----a-w- C:\Users\ANTONIO\Desktop\Speclean\ei_D570.exe_20150504.223432.1688.zip 2015-05-04 20:28:04 27E3168D793645808344C5CA179ECFB0 156535 ----a-w- C:\Users\ANTONIO\Desktop\Speclean\ei_DA5F.exe_20150504.222804.4704.zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "RtHDVCpl"="RtHDVCpl.exe" "Skytel"="Skytel.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcSoft Connection Service" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BDRegion" "hkey"="HKLM" "command"="C:\\Program Files\\Cyberlink\\Shared files\\brs.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ESDRWSTT] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ESDRWSTT" "hkey"="HKLM" "command"="C:\\Program Files\\wGXe SOFTWARE\\wGXe Photo Recovery\\esdrwstt.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\ANTONIO\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FSC OSD Utility] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FSC OSD Utility" "hkey"="HKLM" "command"="c:\\PROGRA~1\\FSCOSD~1\\OSDUTI~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FSCRecovery] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FSCRecovery" "hkey"="HKLM" "command"="c:\\Program Files\\Fujitsu Siemens Computers\\Fujitsu Siemens Computers Recovery\\FSCRecoveryReminder.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google EULA Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google EULA Launcher" "hkey"="HKLM" "command"="c:\\Program Files\\Google\\Google EULA\\GoogleEULALauncher.exe IE PA" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\ANTONIO\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google+ Auto Backup" "hkey"="HKCU" "command"="\"C:\\Users\\ANTONIO\\AppData\\Local\\Programs\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesHelper" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\KiesHelper.exe /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Launch Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Launch Manager" "hkey"="HKLM" "command"="C:\\PROGRA~1\\FSCLAU~1\\LAUNCH~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSC" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mxomssmenu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mxomssmenu" "hkey"="HKLM" "command"="\"C:\\Program Files\\Maxtor\\OneTouch Status\\maxmenumgr.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Ghost 12.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Ghost 12.0" "hkey"="HKLM" "command"="\"C:\\Program Files\\Norton Ghost\\Agent\\VProTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD9LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVD9LanguageShortcut" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD9\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl10" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD10\\PDVD10Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl9] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl9" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD9\\PDVD9Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="RtHDVCpl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SDTray" "hkey"="HKLM" "command"="\"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirtualCloneDrive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VirtualCloneDrive" "hkey"="HKLM" "command"="\"C:\\Program Files\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe\" /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Mobile Device Center" "hkey"="HKLM" "command"="%windir%\\WindowsMobile\\wmdc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear VIBE Device Manager.lnk] "item"="Philips GoGear VIBE Device Manager" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Philips GoGear VIBE Device Manager.lnk" "backup"="C:\\Windows\\pss\\Philips GoGear VIBE Device Manager.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Philips\\GOGEAR~1\\GOGEAR~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^ANTONIO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk] "path"="C:\\Users\\ANTONIO\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MyPC Backup.lnk" "backup"="C:\\Windows\\pss\\MyPC Backup.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MYPCBA~1\\MYPCBA~1.EXE " "item"="MyPC Backup" ==== Startup Folders ====================== 2015-04-14 18:30:45 1049 ----a-w- C:\Users\ANTONIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/04/2015 21:06] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core.job --a------ C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 23:08] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA.job --a------ C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 23:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/10/2014 21:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/10/2014 21:49] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core.job --a------ C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe [26/04/2014 18:12] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA.job --a------ C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe [26/04/2014 18:12] C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDImmunize.exe [] C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDScan.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core" [C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA" [C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core" [C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA" [C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Refresh immunization (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe] "C:\Windows\system32\tasks\Scan the system (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe] "C:\Windows\system32\tasks\Security Center Update - 1173996274" [C:\Users\ANTONIO\AppData\Roaming\Fefuka\odepi.exe] "C:\Windows\system32\tasks\{C508080C-72AD-49D4-A934-1BF3D462BD69}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.18.0.106/nl/go/help.faq.installer?LastError=1618] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\ANTONIO\AppData\Roaming\Mozilla\Firefox\Profiles\k0kdrl4h.default user_pref("browser.startup.homepage", "https://www.google.be/?gws_rd=ssl"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [03/03/2015 20:21] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/01/2012 23:06] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Thunderbird\Profiles\a78shui8.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\ANTONIO\AppData\Roaming\Thunderbird\Profiles\5jz6rqsn.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\ANTONIO\AppData\Roaming\TomTom\HOME\Profiles\mbkco0cd.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.419.1257@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.401.862279@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.430.890926@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.465.1074274@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\ANTONIO\AppData\Roaming\Mozilla\Firefox\Profiles\k0kdrl4h.default DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5 B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5 5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5 87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5 5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5 647670C013AD60DA6F94B6881E6AC9E4 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 39309FEDDFA73FAE29EC99A07A55A3E8 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In CA808688B28D12B368F9A511FC5E3697 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U45 B28862688B70415A3C0C5DCC8B242388 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.450.15 6A6E27C9BFC56CBA188DE251F291273D - C:\Program Files\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin E93467C5327C2760FCAB2B4670847496 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll - DivX Player Netscape Plugin 1DE714BB4BB48B10BC94FF84C9BC6471 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Web Player F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 58F41CA8F9C2014709F9547B2B81A468 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash FB5621842FDABF9F8359775573498FBC - C:\Users\ANTONIO\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - C:\Users\ANTONIO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 99F97C9FE748C37528C338A423577FCB - C:\Users\ANTONIO\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 1A02FC0F35E1236136A2AF0BAE2D1A0E - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.135 Google Slides - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Wallet - ANTONIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="https://www.google.com/search?q={searchTerms}" {868F27AB-A2F6-4A28-9031-62139268FE42} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}" {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== R3 - URLSearchHook: (no name) - {99a56a24-3a9c-4760-bb2e-7eb2e02cf02e} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKUS\S-1-5-21-1290501801-2183166161-1729595285-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?') O4 - HKUS\S-1-5-21-1290501801-2183166161-1729595285-1000\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s (User '?') O4 - S-1-5-21-1290501801-2183166161-1729595285-1000 Startup: Dropbox.lnk = C:\Users\ANTONIO\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = C:\Users\ANTONIO\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: StartupFaster O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ANTONIO\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: Realtek87B - Realtek - C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Silent Runners ====================== ==== Empty IE Cache ====================== C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\ANTONIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANTONIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\nfb8qx5l.default\cache2 emptied successfully C:\Users\ANTONIO\AppData\Local\Mozilla\Firefox\Profiles\k0kdrl4h.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ANTONIO\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=53 folders=23 7982037 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\temp emptied successfully C:\Users\ANTONIO\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\TEMP\AppData\Local\temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ANTONIO\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\ANTONIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on vr 08/05/2015 at 21:31:25,62 ======================