het zoek.me log:
Zoek.exe Version 4.0.0.5 Updated 26-October-2013
Tool run by Ronald on za 26-10-2013 at 18:17:03,93.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ronald\Desktop\zoek.scr
==== System Restore Info ======================
26-10-2013 18:17:41 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\ProgramData\firebird deleted successfully
C:\ProgramData\Guitar Pro 6 deleted successfully
C:\ProgramData\RegRun deleted successfully
C:\Users\Ronald\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} deleted successfully
C:\Users\Ronald\AppData\Local\CutePDF Writer deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2845422584-2823169968-540093950-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F8305D7D-CF69-465a-9003-813C6013A702} deleted successfully
HKEY_USERS\S-1-5-21-2845422584-2823169968-540093950-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F8305D7D-CF79-465a-9003-813C6013A702} deleted successfully
HKEY_USERS\S-1-5-21-2845422584-2823169968-540093950-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-2845422584-2823169968-540093950-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully
HKEY_USERS\S-1-5-21-2845422584-2823169968-540093950-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73AD5D47-66E5-4127-80CA-C0EEDABAFBCC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311551178} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2845422584-2823169968-540093950-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2B171655-A70C-5C18-B693-6CB5DC269D41} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
G:\Video\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\qualitink\updatequalitink.exe
C:\Program Files (x86)\qualitink\bin\utilqualitink.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Users\Ronald\AppData\Local\Akamai\netsession_win.exe
C:\Users\Ronald\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
I:\Utils\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
E:\Itunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update qualitink deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update qualitink deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default
user.js not found
—- Lines Downloader.com modified from prefs.js —-
user_pref(“extensions.installCache”, "");
—- FireFox user.js and prefs.js backups —-
prefs_26-10-2013_1826_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
“Wondershare Helper Compact.exe”=-
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Common Files\Wondershare deleted
C:\Users\Ronald\AppData\Roaming\msregsvv.dll deleted
C:\Users\Ronald\AppData\Local\Wondershare deleted
C:\Users\Ronald\AppData\Local\Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\windows\SysNative\tasks\ProtectedSearch deleted
C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default\extensions\ftdownloader3@ftdownloader.com.xpi deleted
C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default\jetpack deleted
“C:\Program Files (x86)\qualitink\updatequalitink.exe” deleted
“C:\PROGRA~2\qualitink\updatequalitink.exe” deleted
“C:\Program Files (x86)\qualitink\bin\sqlite3.dll” deleted
“C:\Program Files (x86)\qualitink\bin\utilqualitink.exe” deleted
“C:\PROGRA~2\qualitink\bin\sqlite3.dll” deleted
“C:\PROGRA~2\qualitink\bin\utilqualitink.exe” deleted
“C:\Program Files (x86)\qualitink” not deleted
“C:\PROGRA~2\qualitink” not deleted
“C:\Program Files (x86)\qualitink\bin” not deleted
“C:\PROGRA~2\qualitink\bin” not deleted
==== System Specs ======================
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8009 MB
CPU Info: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
CPU Speed: 2250,4 MHz
Sound Card: Luidsprekers (DEC Audio) |
Speakers (Realtek High Definiti |
Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR5BWB222 Wireless Network Adapter
CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8C0
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 305,6GB | E: 41,5GB | F: 13,0GB | G: 97,7GB | H: 95,2GB | I: 83,0GB | J: 12,4GB | K: 1863,0GB | L: 1863,0GB | S: 15,3GB | X: 34,2GB
Hard Disks - Free: C: 208,5GB | E: 33,1GB | F: 11,1GB | G: 93,3GB | H: 72,5GB | I: 79,9GB | J: 7,1GB | K: 1785,8GB | L: 138,3GB | S: 879,9MB | X: 34,1GB
Manufacturer *: Insyde Corp.
BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Type2 - Board Vendor Name1 VA70_HC
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Spybot - Search and Destroy disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Firefox 24.0
Internet Explorer Version: 10.0.9200.16721
Mozilla Firefox version: 20.0 (x86 nl)
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.117
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-10-24 15:47:32 485055033BCDDFDE56325C0D2FEEA4F2 151552 —-a-w- C:\Windows\KMSEmulator.exe
2013-09-30 16:52:07 81051BCC2CF1BEDF378224B0A93E2877 2 –shatr- C:\Windows\winstart.bat
====== C:\Users\Ronald\AppData\Local\Temp ====
2013-10-25 17:50:03 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\Ronald\AppData\Local\Temp\SHSetup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-10-22 17:31:12 BB9B1E4AD29328FAFCA5A9AD05BC9554 1245696 —-a-w- C:\Windows\SysWOW64\wdc.dll
2013-10-22 17:31:12 831EB87A22B5011908334B8481289948 437248 —-a-w- C:\Windows\SysWOW64\wvc.dll
2013-10-22 17:31:12 2A4C4B4921AD0DE90D4DFCD6E4CF8B84 399360 —-a-w- C:\Windows\SysWOW64\sysmon.ocx
2013-10-22 17:31:03 594C715F554206032FE8C8AC9FF8F440 17561088 —-a-w- C:\Windows\SysWOW64\shell32.dll
2013-10-22 17:30:59 5363A9B4FA7DB5E3B1025411CBF9977F 8858112 —-a-w- C:\Windows\SysWOW64\twinui.dll
2013-10-22 17:30:57 D8FED3E93970890FC25C5D378E6A5BD6 893952 —-a-w- C:\Windows\SysWOW64\msctf.dll
2013-10-22 17:30:51 E2C9A11BC849BC39384A8C430F17B63C 158208 —-a-w- C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-22 17:30:51 7DD1611953A4CB01F9E3287E86629172 356352 —-a-w- C:\Windows\SysWOW64\SettingSync.dll
2013-10-22 17:30:51 7D98A4A02FEA4C24A2EA9D8978E6CAB5 2035712 —-a-w- C:\Windows\SysWOW64\authui.dll
2013-10-22 17:30:51 42946DF60DA82E1350AB6D636AE19B3D 199168 —-a-w- C:\Windows\SysWOW64\shdocvw.dll
2013-10-22 17:25:00 9223A2810B73069F4A03A636052EF14A 264616 —-a-w- C:\Windows\SysWOW64\javaws.exe
2013-10-22 17:24:58 DC1342498BEE7EF1646E9D63138B69CC 175016 —-a-w- C:\Windows\SysWOW64\javaw.exe
2013-10-22 17:24:58 9B0B14B405E0EDF76B5F5E31A49EB753 96168 —-a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-22 17:24:58 658633D255FEF154EA1CB8705B4468C5 174504 —-a-w- C:\Windows\SysWOW64\java.exe
====== C:\Windows\SysWOW64\drivers =====
2013-09-30 16:53:43 6DDCF3F801EC15FE698F6A215CF30A1F 35816 —-a-w- C:\Windows\SysWOW64\drivers\Partizan.sys
2013-09-30 16:52:03 922D364098683EFED6A01D47526A9371 12800 —-a-w- C:\Windows\SysWOW64\drivers\UnHackMeDrv.sys
====== C:\Windows\Sysnative =====
2013-10-26 12:53:21 05A641B8381001AFBA78224BB784DB26 64 —-a-w- C:\Windows\Sysnative\Partizan.RRI
2013-10-25 17:38:37 853D6CBD76EB4477229069415637033E 4912880 —-a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2013-10-22 17:31:13 CA45D615BA0102CEDE9C25F4C6EE0983 1374208 —-a-w- C:\Windows\Sysnative\wdc.dll
2013-10-22 17:31:13 20E76634DE7792397261A8AC442B9ACB 566784 —-a-w- C:\Windows\Sysnative\wvc.dll
2013-10-22 17:31:12 EEB55974CFE4DB0B4FC840E6101090B8 462336 —-a-w- C:\Windows\Sysnative\sysmon.ocx
2013-10-22 17:31:05 4416D7F0F05098711EA45C9D95610A6E 19758080 —-a-w- C:\Windows\Sysnative\shell32.dll
2013-10-22 17:31:00 09B07DFC6792D49516073FEF024315C9 10116608 —-a-w- C:\Windows\Sysnative\twinui.dll
2013-10-22 17:30:58 F85D33830D2655FB2916667579D45725 1125888 —-a-w- C:\Windows\Sysnative\msctf.dll
2013-10-22 17:30:56 7D5FEB67505A6D983F5D8AE0B474581D 2304512 —-a-w- C:\Windows\Sysnative\authui.dll
2013-10-22 17:30:56 5690B3793FD93716EF4C5CE71D9FF156 448512 —-a-w- C:\Windows\Sysnative\SettingSync.dll
2013-10-22 17:30:54 DFB8703836AF863A25FC55BF88176591 222208 —-a-w- C:\Windows\Sysnative\shdocvw.dll
2013-10-22 17:30:51 755059FD6A758EA4413B58A1B423E7D1 128512 —-a-w- C:\Windows\Sysnative\SettingSyncInfo.dll
2013-10-22 17:30:51 6A4B9FBC1E88C400AD671A50DADFA84D 386923 —-a-w- C:\Windows\Sysnative\ApnDatabase.xml
2013-10-22 17:30:51 60CF5B27BBEF38F11729B847541E33A3 225280 —-a-w- C:\Windows\Sysnative\mbsmsapi.dll
====== C:\Windows\Sysnative\drivers =====
2013-10-22 17:30:57 37D85E873C9531A2F88DD9C63D3F8A9E 2233688 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-11 15:49:15 E2C933EDBC389386EBE6D2BA953F43D8 785624 —-a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-11 15:49:15 11876881E87BACEBBCEE41A037614D48 54488 —-a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2013-10-11 15:49:14 AD91D1BBE5D3CF4501887DC1C09384FD 43008 —-a-w- C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-11 15:49:14 9FDBA6982582A6F2354144980F641E7B 25600 —-a-w- C:\Windows\Sysnative\drivers\usbprint.sys
2013-10-11 15:49:14 9EF7C01D3ACCBC243B5CB1A95865B2FF 210560 —-a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
2013-10-11 15:49:14 9E9F21FF91D7ECC0BCCB94D3FE52A959 121984 —-a-w- C:\Windows\Sysnative\drivers\USBAUDIO.sys
2013-10-11 15:49:14 427B6DB8C05A5A977E8C3525370A2595 99328 —-a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-11 15:49:14 346DEF1A9DB0B4133CE0FA38AAF565C0 32768 —-a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-11 15:49:14 2C2A9A4D53DC90A5195BB51F0A4B1E21 83968 —-a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-11 15:49:05 F8C2A832DF9403F5EA8080CBDBDA95FB 623448 —-a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2013-10-11 15:49:05 C976C4306F9AE133D6BBD47FDFC3BF92 120832 —-a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2013-10-11 15:49:05 B24FDEB1B18496F1B463782235AA3AF1 79192 —-a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2013-10-11 15:49:05 9F83642C3709D1A4DD49EEE9F48F839D 21848 —-a-w- C:\Windows\Sysnative\drivers\usbd.sys
2013-10-11 15:49:05 7CB7E04259F323D051A10515B8863564 498008 —-a-w- C:\Windows\Sysnative\drivers\usbport.sys
2013-10-11 15:49:05 1ABF657259DB57F7E5558E4DF1357C0C 32256 —-a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2013-10-11 15:49:03 B1E910DDC08A8536116214326124903C 447320 —-a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2013-10-11 15:49:03 8DC398D7B8E02C929A2096E74A170970 337752 —-a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS
2013-10-11 15:49:03 061BA3EE0D2BE17944990544008CF190 213336 —-a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS
2013-09-29 18:12:29 FAEF4C245BE832DB41B15DAAC336AFB7 58200 —-a-w- C:\Windows\Sysnative\drivers\dam.sys
2013-09-29 18:11:22 09039F3D5A23483010AA6F5FE388F3C4 327512 —-a-w- C:\Windows\Sysnative\drivers\Classpnp.sys
2013-09-29 18:11:21 FC2B8B06BDBD3B6457F5A3DA9AD2410E 120144 —-a-w- C:\Windows\Sysnative\drivers\msgpioclx.sys
2013-09-29 18:11:21 F58B030A0664385C707B8C1C63682041 195416 —-a-w- C:\Windows\Sysnative\drivers\sdbus.sys
2013-09-29 18:11:21 DD7B107B2BB3EE845F57315EF4ECAC9A 125784 —-a-w- C:\Windows\Sysnative\drivers\dumpsd.sys
2013-09-29 18:11:21 630555943E5A3FE21010CE91EC7FC84F 341504 —-a-w- C:\Windows\Sysnative\drivers\HdAudio.sys
2013-09-29 18:11:20 BFC7FE4AAEB61317A921871B4085EF4B 119040 —-a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS
2013-09-29 18:11:20 3F1F31883EAC9DDDF836ACC6D1DAC36C 96512 —-a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys
2013-09-29 18:11:20 25C50F4EDF70D0A831E0566BD181CCF2 321536 —-a-w- C:\Windows\Sysnative\drivers\udfs.sys
====== C:\Windows\Tasks ======
2013-10-03 16:54:32 ——– d—–w- C:\Windows\Sysnative\Tasks\Safer-Networking
2013-09-30 16:52:04 C13A2EF64D0819F30221AF70CDC77A64 3294 —-a-w- C:\Windows\Sysnative\Tasks\UnHackMe Task Scheduler
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-20 12:39:03 ——– d—–w- C:\Program Files\iPod
2013-10-20 12:39:02 ——– d—–w- C:\Program Files\iTunes
======= C:\PROGRA~2 =====
2013-10-23 19:00:08 ——– d—–w- C:\PROGRA~2\qualitink
2013-10-22 17:25:02 ——– d—–w- C:\PROGRA~2\COMMON~1\Java
2013-09-27 17:02:32 ——– d—–w- C:\PROGRA~2\AVG
======= C: =====
====== C:\Users\Ronald\AppData\Roaming ======
2013-10-20 13:07:28 ——– d—–w- C:\Users\Ronald\AppData\Roaming\Apowersoft
2013-10-15 17:10:00 ——– d—–w- C:\Users\Ronald\AppData\Local\Ashampoo Movie Studio 2013
2013-10-04 17:13:55 ——– d—–w- C:\Users\Ronald\AppData\Local\Aiseesoft Studio
2013-09-27 17:07:23 ——– d—–w- C:\Users\Ronald\AppData\Roaming\AVG2014
2013-09-27 17:06:30 ——– d—–w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
2013-09-27 17:04:56 ——– d—–w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
2013-09-27 17:02:32 ——– d—–w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014
2013-09-27 16:56:19 ——– d—–w- C:\Users\Ronald\AppData\Local\Avg2014
====== C:\Users\Ronald ======
2013-10-26 15:21:50 8C27D71B2F6719136407C525ECF18D51 1060070 —-a-w- C:\Users\Ronald\Downloads\adwcleaner (2).exe
2013-10-26 14:55:32 ——– d—–w- C:\Windows\serviceprofiles\Localservice\winhttp
2013-10-26 13:54:04 28430B8B058F352B19436E691B002B0B 55954968 —-a-w- C:\Users\Ronald\Downloads\gtk-2.1.9.4-setup.exe
2013-10-26 13:05:17 8C27D71B2F6719136407C525ECF18D51 1060070 —-a-w- C:\Users\Ronald\Downloads\AdwCleaner(1).exe
2013-10-26 13:04:02 C3E04B7E8326EB118113CE175EFA86A9 894600 —-a-w- C:\Users\Ronald\Downloads\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exe
2013-10-22 17:24:58 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-10-20 13:07:31 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2013-10-20 12:39:27 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2013-10-20 12:39:02 ——– d—–w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-10 15:12:19 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-10-04 17:13:48 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2013-10-04 17:13:38 ——– d—–w- C:\ProgramData\Aiseesoft Studio
2013-10-03 18:29:16 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
2013-09-30 16:52:03 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2013-09-27 17:02:40 ——– d—–w- C:\ProgramData\AVG2014
====== C: exe-files ==
2013-10-26 15:21:50 8C27D71B2F6719136407C525ECF18D51 1060070 —-a-w- C:\Users\Ronald\Downloads\adwcleaner (2).exe
2013-10-26 15:05:52 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Ronald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WILUAOSO\RSITx64.exe
2013-10-26 13:54:04 28430B8B058F352B19436E691B002B0B 55954968 —-a-w- C:\Users\Ronald\Downloads\gtk-2.1.9.4-setup.exe
2013-10-26 13:05:17 8C27D71B2F6719136407C525ECF18D51 1060070 —-a-w- C:\Users\Ronald\Downloads\AdwCleaner(1).exe
2013-10-26 13:04:02 C3E04B7E8326EB118113CE175EFA86A9 894600 —-a-w- C:\Users\Ronald\Downloads\cbsidlm-cbsi134-AdwCleaner-ORG-75851221.exe
2013-10-25 17:50:03 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\Ronald\AppData\Local\Temp\SHSetup.exe
2013-10-24 15:47:32 485055033BCDDFDE56325C0D2FEEA4F2 151552 —-a-w- C:\Windows\KMSEmulator.exe
2013-10-22 17:25:00 9223A2810B73069F4A03A636052EF14A 264616 —-a-w- C:\Windows\SysWOW64\javaws.exe
2013-10-22 17:24:58 DC1342498BEE7EF1646E9D63138B69CC 175016 —-a-w- C:\Windows\SysWOW64\javaw.exe
2013-10-22 17:24:58 658633D255FEF154EA1CB8705B4468C5 174504 —-a-w- C:\Windows\SysWOW64\java.exe
2013-10-22 12:28:28 C6B4E899C909935D1F639D2E52BA4C43 5970992 —-a-w- C:\Program Files (x86)\AVG\AVG2014\avgcrema.exe
2013-10-20 12:35:34 FA1B0ADAC903A0B9F1F73D5C3840AEEB 77136 —-a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.1.1.11\SetupAdmin.exe
=== C: other files ==
2013-10-22 17:30:57 37D85E873C9531A2F88DD9C63D3F8A9E 2233688 —-a-w- C:\Windows\System32\Drivers\tcpip.sys
==== Startup Registry Enabled ======================
“Adobe Acrobat Synchronizer”=“F:\Adobe\Acrobat\Acrobat\AdobeCollabSync.exe”
“SUPERAntiSpyware”=“I:\Utils\superantispyware\SUPERAntiSpyware.exe”
“Akamai NetSession Interface”=“C:\Users\Ronald\AppData\Local\Akamai\netsession_win.exe”
“Spybot-S&D Cleaning”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“BCSSync”=“C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“SwitchBoard”=“C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS5ServiceManager”=“C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin”
“AVG_UI”=“C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“PWRISOVM.EXE”=“I:\Utils\PowerISO\PWRISOVM.EXE -startup”
“QuickTime Task”=“H:\Quicktime\QTTask.exe -atboottime”
“BrowserPlugInHelper”=“H:\Video Converter Ultimate\BrowserPlugInHelper.exe”
“SDTray”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe”
“iTunesHelper”=“E:\Itunes\iTunesHelper.exe”
“SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe Acrobat Synchronizer”=“F:\Adobe\Acrobat\Acrobat\AdobeCollabSync.exe”
“SUPERAntiSpyware”=“I:\Utils\superantispyware\SUPERAntiSpyware.exe”
“Akamai NetSession Interface”=“C:\Users\Ronald\AppData\Local\Akamai\netsession_win.exe”
“Spybot-S&D Cleaning”=“C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean”
“BtvStack”=“C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“Persistence”=“C:\Windows\system32\igfxpers.exe”
“RtHDVCpl”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
“RtHDVBg_Dolby”=“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 ”
“BtPreLoad”=“C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe”
“AdobeAAMUpdater-1.0”=“C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“Windows Mobile Device Center”=“%windir%\WindowsMobile\wmdc.exe ”
“BtvStack”=“C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe”
==== Startup Folders ======================
2013-02-05 18:00:59 1300 —-a-w- C:\Users\Ronald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2013-06-11 16:04:39 1113 —-a-w- C:\Users\Ronald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
2012-10-24 05:15:34 2173 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a——–
C:\Windows\tasks\AutoKMS.job –a——–
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-ERJEBE-Ronald”
“C:\Windows\SysNative\tasks\ALU”
“C:\Windows\SysNative\tasks\ALUAgent”
“C:\Windows\SysNative\tasks\AutoKMS”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\DeviceDetector”
“C:\Windows\SysNative\tasks\EgisUpdate”
“C:\Windows\SysNative\tasks\iuBrowserIEAgent”
“C:\Windows\SysNative\tasks\iuEmailOutlookAgent”
“C:\Windows\SysNative\tasks\PMMUpdate”
“C:\Windows\SysNative\tasks\Power Management”
“C:\Windows\SysNative\tasks\UnHackMe Task Scheduler”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
“C:\Windows\SysNative\tasks\Recovery Management\Notification”
“C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates”
“C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization”
“C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system”
==== Firefox Extensions Registry ======================
“{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}”=“H:\Video Converter Ultimate\SVRFirefoxExt”
“{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}”=“H:\Video Converter Ultimate\SVRFirefoxExt”
==== Firefox Extensions ======================
ProfilePath: C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default
- Flash Video Downloader - %ProfilePath%\extensions\artur.dubovoy@gmail.com.xpi
- qualitink - %ProfilePath%\extensions\firefox@qualitink.net.xpi
- Print Edit - %ProfilePath%\extensions\printedit@DW-dev.xpi
- Torntv 3 - %ProfilePath%\extensions\trtv3@trtv.com.xpi
- Abduction - %ProfilePath%\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
D71FD9D50DEE32075F0D4F93CE2051ED - E:\Itunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
86FD0445C7A92516FC0BA201C79B8E9E - H:\Quicktime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
9FDABAD05A9623988750CCC10223BDB0 - H:\Quicktime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
5E1D0432C765884434A7CCD4DBDC80AA - H:\Quicktime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
3B293C235A80E7A5369E6AA28FEA50B1 - H:\Quicktime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
A80BCBED52F7DD5FDBF346A985A4E4D5 - H:\Quicktime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
A843FC35574ECFD9E7A41C5505A9921B - G:\Video\VLC\npvlc.dll - VLC Web Plugin
==== Deleted Firefox Extensions ======================
C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default\extensions\firefox@qualitink.net.xpi deleted
C:\Users\Ronald\AppData\Roaming\Mozilla\Firefox\Profiles\oue5htis.default\extensions\trtv3@trtv.com.xpi deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
chgdeabpmphfhkoemjjglmilajldekbp - H:\Video Converter Ultimate\SVRChromePlugin.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
“Search Page”=“http://www.google.com”
“Start Default_Page_URL”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Start Default_Page_URL”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Start Default_Page_URL”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“(Default)”=“”
“Start Page”=“http://www.google.com”
“Start Default_Page_URL”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com/”
“Search Bar”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Start Default_Page_URL”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com/”
“Search Bar”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Start Default_Page_URL”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com/”
“Search Bar”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
not found
New Values:
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://www.startpagina.nl/”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WsSVRIEHelper - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - H:\Video Converter Ultimate\SVRIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: I:\Utils\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: “H:\Quicktime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: H:\Video Converter Ultimate\BrowserPlugInHelper.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe”
O4 - HKLM\..\Run: “E:\Itunes\iTunesHelper.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: “F:\Adobe\Acrobat\Acrobat\AdobeCollabSync.exe”
O4 - HKCU\..\Run: I:\Utils\superantispyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: “C:\Users\Ronald\AppData\Local\Akamai\netsession_win.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe” /autoclean
O4 - HKLM\..\Policies\Explorer\Run: “C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe”
O4 - HKUS\S-1-5-19\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘Default user’)
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - I:\Utils\superantispyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - G:\Video\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ronald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ronald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Ronald\AppData\Local\Mozilla\Firefox\Profiles\oue5htis.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Ronald\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Program Files (x86)\qualitink” not found
“C:\PROGRA~2\qualitink” not found
==== EOF on za 26-10-2013 at 18:35:36,15 ======================
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
