Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by Gebruiker on wo 04-12-2013 at 15:09:40,19.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-02-10-161219.log 8040 bytes
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\WinISO Computing deleted successfully
C:\Program Files\Common Files\AltrixSoft deleted successfully
C:\ProgramData\clp deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\ProgramData\ProductData deleted successfully
C:\ProgramData\{27B0A538-DF16-44D6-820D-D0B042C42C20} deleted successfully
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} deleted successfully
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully
C:\Users\Gebruiker\AppData\Roaming\DVD2AVI Ripper deleted successfully
C:\Users\Gebruiker\AppData\Roaming\EurekaLog deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Mozilla deleted successfully
C:\Users\Gebruiker\AppData\Local\Pirate deleted successfully
C:\Users\Gebruiker\AppData\Local\STARGAZE_IMAGE_CACHE deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Internetbeveiliging\fshoster32.exe
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Users\Gebruiker\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\conhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Softonic not found
C:\ProgramData\{27B0A538-DF16-44D6-820D-D0B042C42C20} not found
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} not found
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found
C:\Program Files\Uninstall Information\ib_uninst_514 deleted
C:\Program Files\Uninstall Information\ib_uninst_567 deleted
C:\Program Files\Uninstall Information\ib_uninst_569 deleted
C:\Users\Gebruiker\AppData\Roaming\AlawarEntertainment deleted
C:\ProgramData\Alawar Stargaze deleted
C:\Users\Gebruiker\AppData\Local\cache deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
==== System Specs ======================
Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)
Memory (RAM): 1792 MB
CPU Info: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz
CPU Speed: 2050,0 MHz
Sound Card: Luidsprekers (High Definition A |
Digitale audio (S/PDIF) (High D |
Display Adapters: NVIDIA GeForce 7050 / NVIDIA nForce 610i | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Realtek PCI GBE Family Controller | Realtek PCIe FE Family Controller
CD / DVD Drives: 2x (D: | I: | ) D: Optiarc DVD RW AD-7200S | I:
Ports: COM4 | COM3 LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 286,1GB
Hard Disks - Free: C: 74,4GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 04/08/08 | ACRSYS - 20080408
Time Zone: West-Europa (standaardtijd)
Motherboard *: Packard Bell BV MCP73VT-PM
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: IObit Malware Fighter disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.57
Internet Explorer Version: 11.0.9600.16428
Google Chrome version: 31.0.1650.57
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 12.0.0.17
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2013-12-04 13:57:58 C76B8E74F900E083712ADC5B597A05C3 339264 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\7913\taskmgr.dll
2013-12-04 13:57:58 41977D3785108282FF76915B5D8B8488 1144128 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\7913\ProjectOnUninstall.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2013-11-28 05:08:14 FF90196BEE1CCB39ACAFF21244EA8ACD 509136 —-a-w- C:\Windows\System32\FNTCACHE.DAT
====== C:\Windows\system32\drivers =====
2013-11-14 15:35:12 F286830298323272260332D6ABC905C1 67520 —-a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-11-14 15:35:11 D7C760D57B1656DD748B9E4AB6CB5A51 136640 —-a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-14 15:35:11 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 —-a-w- C:\Windows\System32\drivers\cng.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
2013-12-01 08:06:10 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\asc_rdflag
====== C:\Users\Gebruiker\AppData\Roaming ======
2013-11-27 16:25:36 83DCF367354F6CA66BFBBE018308F752 155856 —-a-w- C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
====== C:\Users\Gebruiker ======
2013-11-29 14:43:25 B3B1B05052C6A25DDF19259BCB8C510F 50573696 —-a-w- C:\Users\Gebruiker\Downloads\AdbeRdr11004_en_US.exe
2013-11-29 13:26:54 ——– d—–w- C:\Users\Gebruiker\RINSE 2012
2013-11-27 16:17:10 CE2E04C5B0C4820E129886A874D92C03 4618136 —-a-w- C:\Users\Gebruiker\Downloads\ccsetup408 (1).exe
2013-11-27 16:10:41 CE2E04C5B0C4820E129886A874D92C03 4618136 —-a-w- C:\Users\Gebruiker\Downloads\ccsetup408.exe
2013-11-27 13:22:15 ——– d—–w- C:\ProgramData\Licenses
2013-11-27 13:21:21 78130949095E6721B40B50E77C1F1BBC 4095448 —-a-w- C:\Users\Gebruiker\Downloads\spywareblastersetup50.exe
2013-11-21 16:39:28 780A11F0BC9162BC3A87601DDABF9B17 1533120 —-a-w- C:\Users\Gebruiker_0000.pdf
2013-11-14 19:13:33 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2013-11-14 18:39:04 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
====== C: exe-files ==
2013-12-04 13:57:58 41977D3785108282FF76915B5D8B8488 1144128 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\7913\ProjectOnUninstall.exe
=== C: other files ==
==== Startup Registry Enabled ======================
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“AvastUI.exe”=“C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui”
“20131121”=“C:\Program Files\AVAST Software\Avast\setup\emupdate\bb7fa1d4-473c-4d86-89ba-40c1445e23c6.exe /check”
“Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Advanced SystemCare 5”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\IObit\\Advanced SystemCare 5\\ASCTray.exe\“ /AutoStart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Advanced SystemCare 6”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\IObit\\Advanced SystemCare 6\\ASCTray.exe\“ /AutoStart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Advanced SystemCare 7”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\IObit\\Advanced SystemCare 7\\ASCTray.exe\“ /Auto”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Advanced SystemCare Ultimate”
“hkey”=“HKCU”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“BCSSync”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\“ /DelayServices”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CommonToolkitTray”
“hkey”=“HKLM”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DivXMediaServer”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\DivX\\DivX Media Server\\DivXMediaServer.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DivXUpdate”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\“ /CHECKNOW”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“F-Secure Hoster (45123)”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Internetbeveiliging\\fshoster32.exe\“ -app -hosterid:1”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“HDInspector.exe”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hard Drive Inspector\\HDInspector.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“IObit Malware Fighter”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\IObit\\IObit Malware Fighter\\IMF.exe\“ /autostart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“msnmsgr”
“hkey”=“HKCU”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“PWRISOVM.EXE”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\PowerISO\\PWRISOVM.EXE -startup”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Skype”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\Skype\\Phone\\Skype.exe\“ /minimized /regrun”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SSDMonitor”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Common Files\\PC Tools\\sMonitor\\SSDMonitor.exe”
“command”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
“hkey”=“HKLM”
“item”=“SunJavaUpdateSched”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SUPERAntiSpyware”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SWPROguard”
“hkey”=“HKLM”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“TrojanScanner”
“hkey”=“HKLM”
“path”=“C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\DesktopEarth AutoStart.lnk”
“backup”=“C:\\Windows\\pss\\DesktopEarth AutoStart.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Installer\\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\\_C1A9BF9D98647632ED5172.exe ”
“item”=“DesktopEarth AutoStart”
“backup”=“C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup”
“backupExtension”=“.Startup”
“item”=“OpenOffice.org 3.3 ”
“Adobe ARM”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“SunJavaUpdateSched”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\Wise Turbo Checker.job –a—— C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
==== Other Scheduled Tasks ======================
“C:\Windows\system32\tasks\Adobe Flash Player Updater”
“C:\Windows\system32\tasks\Adobe online update program”
“C:\Windows\system32\tasks\CCleanerSkipUAC”
“C:\Windows\system32\tasks\CreateChoiceProcessTask”
“C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\system32\tasks\Java Update Scheduler”
“C:\Windows\system32\tasks\Wise Turbo Checker”
“C:\Windows\system32\tasks\{71D38923-DE99-49BA-918E-D5166CD26548}”
“C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate”
“C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Folders in C:\ProgramData 0-6 Months Old ======================
2013-08-07 13:31:18 ——– d—–w- C:\ProgramData\LGMOBILEAX
2013-09-11 18:04:21 ——– d—–w- C:\ProgramData\F-Secure
2013-11-27 13:22:15 ——– d—–w- C:\ProgramData\Licenses
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
hbcennhacfaagdopikcegfcobcadeocj - No path found
icdlfehblmklkikfigmjhbmmpmkmpooj - No path found
mhkaekfpcppmmioggniknbnbdbcigpkk - No path found
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
pfndaklgolladniicklehhancnlgocpp - No path found
Advanced SystemCare Surfing Protection - Gebruiker - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - Gebruiker - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.com”
“Tabs”=“http://www.google.com”
New Values:
“Start Page”=“http://www.google.com”
“Tabs”=“res://ieframe.dll/tabswelcome.htm”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url=“http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare Ultimate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CommonToolkitTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDInspector.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SWPROguard deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner deleted successfully
==== HijackThis Entries ======================
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui
O4 - HKLM\..\Run: C:\Program Files\AVAST Software\Avast\setup\emupdate\bb7fa1d4-473c-4d86-89ba-40c1445e23c6.exe /check
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-3453345529-432745293-659397266-1002\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-3453345529-432745293-659397266-1002\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - Unknown owner - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\fshoster32.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\backup Default\Cache emptied successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 04-12-2013 at 15:32:53,43 ======================
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
