[Easy_Peasy_Lemon_Squeezy]

My PC got infected by the famous YourFile Downloader virus. I already removed the program itself but I think it infected my internet connection. My internet became very slow, the internet bar goes from 2 bars to 4 bars and then 3 bars for example. Sometimes it even shuts off for about 15 seconds. I have installed and run anti-malware , anti-spyware and other programs but nothing helps. I know the main virus is gone because i don't get any pop-ups anymore. I was wondering what I should do or what programs I should run.

[Advertisements]

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat

Before we start please note the following:

Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.


I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight!

 

 

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Please also download the attached scriptfile, named zoekscript.txt.

 zoekscript.txt   143bytes   271 downloads

Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below:

Please approve any UAC prompt to allow this action to proceed.

Answer Yes to the following prompt to allow the zoek script to run:

This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please post the zoek-results.log in your reply.

 

 

Cheers,

Naat

[Naathim]

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat

Before we start please note the following:

Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.


I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight!

 

 

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Please also download the attached scriptfile, named zoekscript.txt.

 zoekscript.txt   143bytes   271 downloads

Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below:

Please approve any UAC prompt to allow this action to proceed.

Answer Yes to the following prompt to allow the zoek script to run:

This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please post the zoek-results.log in your reply.

 

 

Cheers,

Naat

[Easy_Peasy_Lemon_Squeezy]

Thank you, Naat.

 

This is the zoek-results.log

 

 

 

Zoek.exe v5.0.0.0 Updated 30-06-2014

Tool run by Gebruiker on wo 02/07/2014 at 16:58:59,77.

Microsoft Windows 8.1 6.3.9600  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Desktop\zoek.exe

Script used: C:\Users\Gebruiker\Desktop\zoekscript.txt

 

==== System Restore Info ======================

 

2/07/2014 16:59:35 Zoek.exe System Restore Point Created Succesfully.

 

==== Installed Programs ======================

 

æTorrent  

ACR38/100/122 PC/SC Driver 1.1.5.0  

Adobe After Effects CC  

Adobe Creative Cloud  

Adobe Flash Player 14 Plugin  

Adobe Photoshop CS6  

Adobe Shockwave Player 12.1  

Apple Application Support  

Apple Mobile Device Support  

Apple Software Update  

Assetto Corsa  

Audacity 2.0.5  

BeamNG-Techdemo-0.3 (remove only)  

Belgium e-ID middleware 4.0.4 (build 7251)  

Bonjour  

Computer Security 14.99.103.0 (release)  

Crazybump (remove only)  

D3DX10  

Emsisoft Anti-Malware  

Euro Truck Simulator 2  

F-Secure CCF Reputation  

F-Secure CCF Scanning 1.37.103.151 (release)  

F-Secure Network CCF 1.02.134  

F-Secure SafeSearch 1.03.146.0 (release)  

Fa‡ade  

FINAL FANTASY XIV - A Realm Reborn  

Firebird SQL Server - MAGIX Edition  

Google Chrome  

Google Update Helper  

Intel® Control Center  

Intel® Management Engine Components  

Intel® Rapid Storage Technology  

Intel© Trusted Connect Service Client  

iTunes  

Java 7 Update 51  

Java 7 Update 55  

Java 7 Update 60 (64-bit)  

Java Auto Updater  

Junk Mail filter update  

Launch pad  

Line 6 Uninstaller  

LogMeIn Hamachi  

MAGIX Movie Edit Pro 2013 Plus  

MAGIX Speed burnR (MSI)  

Malwarebytes Anti-Malware versie 2.0.2.1012  

Microsoft Application Error Reporting  

Microsoft Image Composite Editor  

Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl  

Microsoft SkyDrive  

Microsoft SQL Server 2005 Compact Edition [ENU]  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2005 Redistributable (x64)  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005  

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  

Microsoft_VC80_CRT_x86  

Microsoft_VC90_CRT_x86  

Morphyre  

Movie Maker  

MSVCRT  

MSVCRT Redists  

MSVCRT_amd64  

MSVCRT110  

MSVCRT110_amd64  

MSXML 4.0 SP3 Parser  

MSXML 4.0 SP3 Parser (KB2758694)  

MXGP - The Official Motocross VideoGame, ƒ†Ð¤Š˜ 1.0  

Next Car Game Free Technology Demo  

Next Car Game Technology Sneak Peek 2.0  

Notepad++  

NVIDIA-configuratiescherm 331.65  

NVIDIA Grafisch stuurprogramma 331.65  

NVIDIA HD Audio-stuurprogramma 1.3.26.4  

NVIDIA Install Application  

NVIDIA Update 1.15.2  

Office 15 Click-to-Run Extensibility Component  

Office 15 Click-to-Run Licensing Component  

Office 15 Click-to-Run Localization Component  

Online Safety 2.99.2293.1524  

Oxy  

Paint.NET v3.5.11  

Photo Common  

Photo Gallery  

Python 2.6 pycairo-1.4.12  

Python 2.6 pygobject-2.14.2  

Python 2.6 pygtk-2.12.1  

Python 2.6.1  

QuickTime 7  

Realtek Ethernet Controller Driver  

Realtek High Definition Audio Driver  

Resource Hacker Version 3.6.0  

Spotify  

Stuurprogrammapakket voor Windows - ACS (A38CCID) SmartCardReader  (10/05/2012 1.1.6.6)  

Stuurprogrammapakket voor Windows - ACS (ACR122U) SmartCardReader  (10/10/2012 1.1.6.4)  

Stuurprogrammapakket voor Windows - ACS (ACSSCR) SmartCardReader  (09/18/2012 1.1.6.3)  

Stuurprogrammapakket voor Windows - Fedict SmartCard  (10/04/2011 4.0.0.5)  

SUPERAntiSpyware  

swMSM  

Unity Web Player  

Update for Microsoft en-us Dictionary  

ViewPassword  

Vovoid VSXu 0.4.2  

Windows Live Communications Platform  

Windows Live Essentials  

Windows Live Installer  

Windows Live Mail  

Windows Live Messenger  

Windows Live MIME IFilter  

Windows Live Photo Common  

Windows Live PIMT Platform  

Windows Live SOXE  

Windows Live SOXE Definitions  

Windows Live UX Platform  

Windows Live UX Platform Language Pack  

Windows Live Writer  

Windows Live Writer Resources  

WinRAR 5.00 (32-bit)  

WorldPainter 1.8.5  

 

==== Running Processes ======================

 

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\fssm32.exe

C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\Desktop\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

 

==== System Specs ======================

 

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 8132 MB

CPU Info: Intel® Core™ i5-4440 CPU @ 3.10GHz

CPU Speed: 3102,1 MHz

Sound Card: Luidsprekers (Realtek High Defi | 

Realtek Digital Output (Realtek | 

Display Adapters: NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1680 X 1050 - 32 bit

Network: Network Present

Network Adapters: Microsoft Hosted Network Virtual Adapter | Realtek PCIe GBE Family Controller | Sitecom 300N Wireless USB-adapter WL-352v3

CD / DVD Drives: 1x (E: | ) E: ASUS    DRW-24F1ST   a

Ports: COM1 LPT Port NOT Present. 

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C:  111,4GB | D:  931,5GB

Hard Disks - Free: C:  32,7GB | D:  931,3GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 08/15/13 | ALASKA - 1072009

Time Zone: Romance (standaardtijd)

Motherboard *: ASUSTeK COMPUTER INC. H87M-E

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Virus: Computer Bescherming On-access scanning disabled (Outdated)

Anti-Virus: Emsisoft Anti-Malware On-access scanning disabled (Outdated)

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Computer Bescherming disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Emsisoft Anti-Malware disabled (Outdated)

Default Browser: Google Chrome 35.0.1916.153

Internet Explorer Version: 11.0.9600.17126 

Google Chrome version: 35.0.1916.153

Sun Java version: 1.7.0_55 (32-bit) 

Sun Java version: 1.7.0_60 (64-bit) 

Flash Player version: 14.0.0.125

Shockwave Player version: 12.1.1r151

 

==== Startup Registry Enabled ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"F-Secure Manager"="C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE /splash"

"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"F-Secure Hoster (44163)"="C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe -app -hosterid:1"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

"emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe /d=60"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

 

==== Task Scheduler Jobs ======================

 

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/06/2014 11:52]

C:\WINDOWS\tasks\bbd2be0f-45c4-4f0c-91dc-7ca0746ce3ac-5_user.job --a-------- C:\Program Files (x86)\Torntv V9.0\bbd2be0f-45c4-4f0c-91dc-7ca0746ce3ac-5.exe []

C:\WINDOWS\tasks\f3205cef-4ac0-4fed-b578-69c2eb243b89-5_user.job --a-------- C:\Program Files (x86)\Total-1.8\f3205cef-4ac0-4fed-b578-69c2eb243b89-5.exe []

C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [28/06/2014 14:20]

C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [28/06/2014 14:20]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2014 01:11]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2014 01:11]

 

==== Other Scheduled Tasks ======================

 

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-Carbide300R-Gebruiker" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\WINDOWS\SysNative\tasks\bbd2be0f-45c4-4f0c-91dc-7ca0746ce3ac-5_user" [C:\Program Files (x86)\Torntv V9.0\bbd2be0f-45c4-4f0c-91dc-7ca0746ce3ac-5.exe]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\f3205cef-4ac0-4fed-b578-69c2eb243b89-5_user" [C:\Program Files (x86)\Total-1.8\f3205cef-4ac0-4fed-b578-69c2eb243b89-5.exe]

"C:\WINDOWS\SysNative\tasks\globalUpdateUpdateTaskMachineCore" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\globalUpdateUpdateTaskMachineUA" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\LaunchApp" [C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe]

"C:\WINDOWS\SysNative\tasks\Oxy" [C:\Users\Gebruiker\AppData\Roaming\Oxy\Updater.exe]

"C:\WINDOWS\SysNative\tasks\RunAsStdUser Task" [C:\Users\Gebruiker\AppData\Local\Oxy\Application\oxy.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{13146761-AF3D-4B4A-9FAC-6EC7F8DFC653}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{651263B6-9FE3-4657-8AEC-4E0B8273A3BE}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{95757e7f-111e-4d59-9ea4-1122a7d26dbb}"="C:\Program Files (x86)\Telenet Security Pack\apps\OnlineSafety\browser\deploy\fs_firefox_https" [13/05/2014 16:56]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{237e924f-982f-4e43-bf05-47b06b9de998}"="C:\Program Files (x86)\ViewPassword\134.xpi" []

 

==== Firefox Extensions ======================

 

ProfilePath: C:\Users\ISABE_~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default

- Undetermined - C:\Users\isabe_000\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default\extensions\9ee595b4-f5ec-4afb-bea5-3c873daf5e4a@9725de39-97db-467b-bf84-04c276190009.com

 

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\[email protected]

 

==== Firefox Plugins ======================

 

 

==== Chrome Look ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

jmjjnhpacphpjmnnlnccpfmhkcloaade - C:\Program Files (x86)\Telenet Security Pack\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx[23/05/2014 19:46]

llmcibonccojooiboenghfafpieoabpl - C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx[]

 

Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

DefaultTab - C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

 

==== IE Start and Search Settings ======================

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google  Url="http://www.google.co...={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE11SR"

{8E030AF2-B8AA-4874-9ECE-EFC627FA4F23} Ask Search Url="http://www.search.as...rchTerms}&psv="

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} default-search.net  Url="http://www.default-s...={searchTerms}"

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=0 folders=0 0 bytes)

 

==== EOF on wo 02/07/2014 at 17:03:27,02 ======================

[Naathim]

Hi

You have chosen quite difficult username. Is there any shorter form to call you?

First some warnings, later a fix.



I've spotted signs of a P2P program installed on your machine.
uTorrent
 

Be warned:

P2P programs, as they are legal itself, are often used to obtain some illegal downloads. Currently it's one of the best ways to get infected: unsecured ports, downloaded cracks... There have been some extreme cases in which passwords, private or financial data was exposed to file sharing network because of bad P2P configuration.

I'm rather sure that if you'll continue using P2P, you'll be often visiting our Malware Removal Forum.
I strongly recommend full uninstallation of any P2P apps (if so, please do it from the Control Panel > Add/Remove Programs), but if you want to leave them on your OS (cause this is optional), at least please refrain from using it until we finish our work with cleaning your computer now.

My friendly advice: at least, when downloading any files from P2P network, scan them at Jotti or VirScan.




I see that you're running more than one antivirus program at the same time.

• F-Secure
• EmsiSoft Anti-Malware (which contains BitDefender AV engine)

This is a bad idea.
Using more than one AV will not give you any better protection, but may cause interferences between them, slow your machine or even completely block your OS. You should choose only one to stay, and remove any others. Think carefully and stay with only one AV.
It should be done before any other steps in malware removing will be taken.

In your next reply I'd like to know which one will stay and which one will go.
You may remove it from the Control Panel (Start > Control Panel > Uninstall a program or Programs and Features if in Classic View) and in my next post I will provide also the tool that will take care of the uninstalled AV's remnants.



I need you to download the attached script:
 zoekscript.txt   1.34KB   315 downloads

Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below:

Please approve any UAC prompt to allow this action to proceed.

Answer Yes to the following prompt to allow the zoek script to run:

This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please post the zoek-results.log in your reply.


Cheers,
Naat

[Easy_Peasy_Lemon_Squeezy]

Hi Naat,

 

I have uninstalled uTorrent and I chose F-Secure as my main Anti-Virus

I tried disabling F-Secure but I don't know if it worked or not.

 

Anyway, this is the zoek-results.log

 

 

Zoek.exe v5.0.0.0 Updated 30-06-2014

Tool run by Gebruiker on wo 02/07/2014 at 23:13:11,14.

Microsoft Windows 8.1 6.3.9600  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Desktop\zoek.exe

Script used: C:\Users\Gebruiker\Desktop\zoekscript (2).txt

 

==== Older Logs ======================

 

C:\zoek-results2014-07-02-150327.log 16902 bytes

 

==== System Restore Info ======================

 

2/07/2014 23:13:24 Zoek.exe System Restore Point Created Succesfully.

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-1663167145-114369477-2113965918-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8E030AF2-B8AA-4874-9ECE-EFC627FA4F23} deleted successfully

HKEY_USERS\S-1-5-21-1663167145-114369477-2113965918-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

HKEY_USERS\S-1-5-21-1663167145-114369477-2113965918-1001\Software\Mozilla\Firefox\Extensions\{237e924f-982f-4e43-bf05-47b06b9de998} deleted successfully

 

==== Installed Programs ======================

 

ACR38/100/122 PC/SC Driver 1.1.5.0  

Adobe After Effects CC  

Adobe Creative Cloud  

Adobe Flash Player 14 Plugin  

Adobe Photoshop CS6  

Adobe Shockwave Player 12.1  

Apple Application Support  

Apple Mobile Device Support  

Apple Software Update  

Assetto Corsa  

Audacity 2.0.5  

BeamNG-Techdemo-0.3 (remove only)  

Belgium e-ID middleware 4.0.4 (build 7251)  

Bonjour  

Computer Security 14.99.103.0 (release)  

Crazybump (remove only)  

D3DX10  

Euro Truck Simulator 2  

F-Secure CCF Reputation  

F-Secure CCF Scanning 1.37.103.151 (release)  

F-Secure Network CCF 1.02.134  

F-Secure SafeSearch 1.03.146.0 (release)  

Fa‡ade  

FINAL FANTASY XIV - A Realm Reborn  

Firebird SQL Server - MAGIX Edition  

Google Chrome  

Google Update Helper  

Intel® Control Center  

Intel® Management Engine Components  

Intel® Rapid Storage Technology  

Intel© Trusted Connect Service Client  

iTunes  

Java 7 Update 51  

Java 7 Update 55  

Java 7 Update 60 (64-bit)  

Java Auto Updater  

Junk Mail filter update  

Launch pad  

Line 6 Uninstaller  

LogMeIn Hamachi  

MAGIX Movie Edit Pro 2013 Plus  

MAGIX Speed burnR (MSI)  

Malwarebytes Anti-Malware versie 2.0.2.1012  

Microsoft Application Error Reporting  

Microsoft Image Composite Editor  

Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl  

Microsoft SkyDrive  

Microsoft SQL Server 2005 Compact Edition [ENU]  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2005 Redistributable (x64)  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005  

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  

Microsoft_VC80_CRT_x86  

Microsoft_VC90_CRT_x86  

Morphyre  

Movie Maker  

MSVCRT  

MSVCRT Redists  

MSVCRT_amd64  

MSVCRT110  

MSVCRT110_amd64  

MSXML 4.0 SP3 Parser  

MSXML 4.0 SP3 Parser (KB2758694)  

MXGP - The Official Motocross VideoGame, ƒ†Ð¤Š˜ 1.0  

Next Car Game Free Technology Demo  

Next Car Game Technology Sneak Peek 2.0  

Notepad++  

NVIDIA-configuratiescherm 331.65  

NVIDIA Grafisch stuurprogramma 331.65  

NVIDIA HD Audio-stuurprogramma 1.3.26.4  

NVIDIA Install Application  

NVIDIA Update 1.15.2  

Office 15 Click-to-Run Extensibility Component  

Office 15 Click-to-Run Licensing Component  

Office 15 Click-to-Run Localization Component  

Online Safety 2.99.2293.1524  

Oxy  

Paint.NET v3.5.11  

Photo Common  

Photo Gallery  

Python 2.6 pycairo-1.4.12  

Python 2.6 pygobject-2.14.2  

Python 2.6 pygtk-2.12.1  

Python 2.6.1  

QuickTime 7  

Realtek Ethernet Controller Driver  

Realtek High Definition Audio Driver  

Resource Hacker Version 3.6.0  

Spotify  

Stuurprogrammapakket voor Windows - ACS (A38CCID) SmartCardReader  (10/05/2012 1.1.6.6)  

Stuurprogrammapakket voor Windows - ACS (ACR122U) SmartCardReader  (10/10/2012 1.1.6.4)  

Stuurprogrammapakket voor Windows - ACS (ACSSCR) SmartCardReader  (09/18/2012 1.1.6.3)  

Stuurprogrammapakket voor Windows - Fedict SmartCard  (10/04/2011 4.0.0.5)  

swMSM  

Unity Web Player  

Update for Microsoft en-us Dictionary  

ViewPassword  

Vovoid VSXu 0.4.2  

Windows Live Communications Platform  

Windows Live Essentials  

Windows Live Installer  

Windows Live Mail  

Windows Live Messenger  

Windows Live MIME IFilter  

Windows Live Photo Common  

Windows Live PIMT Platform  

Windows Live SOXE  

Windows Live SOXE Definitions  

Windows Live UX Platform  

Windows Live UX Platform Language Pack  

Windows Live Writer  

Windows Live Writer Resources  

WinRAR 5.00 (32-bit)  

WorldPainter 1.8.5  

 

==== Running Processes ======================

 

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\fssm32.exe

C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\Desktop\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

 

==== Deleting Services ======================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeNetFilter deleted successfully

 

==== Registry Fix Code ======================

 

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] 

"{237e924f-982f-4e43-bf05-47b06b9de998}"=- 

 

==== Batch Command(s) Run By Tool======================

 

 

==== Deleting Files \ Folders ======================

 

C:\Program Files (x86)\Torntv V9.0 not found

C:\Program Files (x86)\Total-1.8 not found

C:\Program Files (x86)\MyPC Backup not found

C:\Users\Gebruiker\AppData\Local\Oxy not found

C:\Program Files (x86)\ViewPassword not found

"C:\Users\isabe_000\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default\extensions\9ee595b4-f5ec-4afb-bea5-3c873daf5e4a@9725de39-97db-467b-bf84-04c276190009.com" not found

C:\Users\Gebruiker\AppData\Roaming\Oxy deleted

C:\PROGRA~2\GUT1E1A.tmp deleted

C:\PROGRA~2\GUT26A0.tmp deleted

C:\PROGRA~2\GUM1E19.tmp deleted

C:\PROGRA~2\GUM269F.tmp deleted

C:\PROGRA~2\iSafe deleted

C:\PROGRA~2\globalUpdate deleted

C:\extensions deleted

C:\Users\Gebruiker\AppData\Roaming\eCyber deleted

C:\Users\Gebruiker\AppData\Roaming\ParetoLogic deleted

C:\PROGRA~3\InstallMate deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\Gebruiker\AppData\Local\globalUpdate deleted

C:\WINDOWS\SysNative\roboot64.exe deleted

C:\windows\SysNative\Tasks\LaunchApp deleted

C:\WINDOWS\Tasks\bbd2be0f-45c4-4f0c-91dc-7ca0746ce3ac-5_user.job deleted

C:\WINDOWS\Tasks\f3205cef-4ac0-4fed-b578-69c2eb243b89-5_user.job deleted

C:\windows\SysNative\Tasks\bbd2be0f-45c4-4f0c-91dc-7ca0746ce3ac-5_user deleted

C:\windows\SysNative\Tasks\f3205cef-4ac0-4fed-b578-69c2eb243b89-5_user deleted

C:\Users\Gebruiker\Searches deleted

C:\Users\Gebruiker\AppData\LocalLow\DataMngr deleted

C:\Users\isabe_000\AppData\LocalLow\DataMngr deleted

C:\WINDOWS\wininit.ini deleted

C:\windows\SysNative\tasks\RunAsStdUser Task deleted

C:\windows\SysNative\tasks\Oxy deleted

C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job deleted

C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job deleted

C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted

C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted

C:\WINDOWS\Syswow64\SETCCEA.tmp deleted

C:\WINDOWS\SysWow64\AI_RecycleBin deleted

C:\Users\Gebruiker\Documents\Optimizer Pro deleted

C:\Users\ISABE_~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default\searchplugins\bingp.xml deleted

C:\Users\Gebruiker\worldpainter_1.8.5.exe deleted

C:\Users\Gebruiker\Downloads\Music\Zomboy - Mind Control.exe deleted

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" deleted

"C:\Windows\BrowserChoice" deleted

 

==== System Specs ======================

 

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 8132 MB

CPU Info: Intel® Core™ i5-4440 CPU @ 3.10GHz

CPU Speed: 3105,4 MHz

Sound Card: Luidsprekers (Realtek High Defi | 

Realtek Digital Output (Realtek | 

Display Adapters: NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1680 X 1050 - 32 bit

Network: Network Present

Network Adapters: Microsoft Hosted Network Virtual Adapter | Realtek PCIe GBE Family Controller | Sitecom 300N Wireless USB-adapter WL-352v3

CD / DVD Drives: 1x (E: | ) E: ASUS    DRW-24F1ST   a

Ports: COM1 LPT Port NOT Present. 

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C:  111,4GB | D:  931,5GB

Hard Disks - Free: C:  32,8GB | D:  931,3GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 08/15/13 | ALASKA - 1072009

Time Zone: Romance (standaardtijd)

Motherboard *: ASUSTeK COMPUTER INC. H87M-E

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Virus: Computer Bescherming On-access scanning disabled (Outdated)

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Computer Bescherming disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 35.0.1916.153

Internet Explorer Version: 11.0.9600.17126 

Google Chrome version: 35.0.1916.153

Sun Java version: 1.7.0_55 (32-bit) 

Sun Java version: 1.7.0_60 (64-bit) 

Flash Player version: 14.0.0.125

Shockwave Player version: 12.1.1r151

 

==== Files Recently Created / Modified ======================

 

====== C:\WINDOWS ====

====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

2014-06-28 12:20:05 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\psmachine.dll

2014-06-28 12:20:05 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\psuser.dll

2014-06-28 12:20:04 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdateHelper.msi

2014-06-28 12:20:04 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdateBroker.exe

2014-06-28 12:20:04 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdate.exe

2014-06-28 12:20:04 CFA6975A0F5217C889D11FB3CB289F9B 220672 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\npGoogleUpdate4.dll

2014-06-28 12:20:04 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdateOnDemand.exe

2014-06-28 12:20:04 386F60526913FFA392089C6A78614639 761856 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\goopdate.dll

2014-06-28 12:20:04 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleCrashHandler.exe

2014-06-28 12:08:09 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\psmachine.dll

2014-06-28 12:08:09 CFA6975A0F5217C889D11FB3CB289F9B 220672 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\npGoogleUpdate4.dll

2014-06-28 12:08:09 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\psuser.dll

2014-06-28 12:08:08 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdateHelper.msi

2014-06-28 12:08:08 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdateBroker.exe

2014-06-28 12:08:08 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdateOnDemand.exe

2014-06-28 12:08:08 386F60526913FFA392089C6A78614639 761856 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\goopdate.dll

2014-06-28 12:08:07 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdate.exe

2014-06-28 12:08:07 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleCrashHandler.exe

2014-06-20 11:07:56 CF95932C00190451115C782E139DE582 264488 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll

2014-06-20 11:07:56 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe

2014-06-20 11:07:56 87AA773F15D90973090D4DF76F8E60EF 565808 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll

2014-06-20 11:07:56 2AA753368BF68871962D2E99B8692985 153760 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll

2014-06-20 11:07:56 14E9947D26B0A418AA02F87741E4B40B 769736 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll

2014-06-19 18:49:25 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\htmlayout.dll

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2014-06-24 12:59:19 80DD24235A7E13AFC9E9EBC55ACE1ACF 313256 ----a-w- C:\WINDOWS\Sysnative\javaws.exe

2014-06-24 12:59:16 B139EECAC4B3B43949FA0E2EDB66B905 111016 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll

2014-06-24 12:59:16 75F20BEDF6B95AA316C08D9D3F247692 189352 ----a-w- C:\WINDOWS\Sysnative\java.exe

2014-06-24 12:59:16 22AEEB5D70AFF7C6CB43D16E6F5E2FFF 189352 ----a-w- C:\WINDOWS\Sysnative\javaw.exe

====== C:\WINDOWS\Sysnative\drivers =====

2014-06-29 00:39:35 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys

2014-06-29 00:39:20 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys

2014-06-29 00:39:20 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys

2014-06-29 00:39:20 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys

2014-06-28 23:49:52 2526313ED5B17A70F47779251489C0AE 44544 ----a-w- C:\WINDOWS\Sysnative\drivers\iSafeKrnlBoot.sys

2014-06-12 08:19:40 D18EC2C83C2F773C9476A4FB0AA4C314 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys

2014-06-12 08:19:40 A9749FD0A06E22009EA972D8B9CB046B 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS

2014-06-12 08:19:40 4B666AE119D2ADBAC816BEA7DB4D6881 2518872 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys

2014-06-12 08:19:17 7C7BE474915166B61B84C025F1F10157 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys

2014-06-12 08:19:16 FD163F487CBA9C98AFFEB546C80F49A2 677376 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys

2014-06-12 08:19:16 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys

2014-06-12 08:19:16 DBA635C6398782C549E3BE45CF1D0411 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys

2014-06-12 08:19:16 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys

2014-06-12 08:19:16 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys

2014-06-12 08:19:16 78514B073CC5775800A65BFB82A0D66B 443904 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys

2014-06-12 08:19:16 716059F37BCCB1ABEDE99EBE82E8E362 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys

2014-06-12 08:19:16 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys

2014-06-12 08:19:16 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys

2014-06-12 08:19:16 4BB9BC49DEE1A319EC58274A7BBED663 310616 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys

2014-06-12 08:19:16 498288DD5CA42C2D36D125893E968C53 77312 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys

2014-06-12 08:19:16 33977549C2CED09936E05BEE7659EAFF 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys

2014-06-12 08:19:16 0696F66E4D423793951A60562F794D14 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys

2014-06-12 08:18:45 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys

====== C:\WINDOWS\Tasks ======

2014-06-30 23:46:33 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\GenericSettingsHandler

2014-06-29 23:11:56 DA1DE346EC7215330039E6A29F7359F8 4058 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2014-06-29 23:11:56 C4C7C6D878E93CE611B2B90B2D168A7C 1082 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-29 23:11:56 74B8CB97962BFFCA51CF81310A6F9E13 3822 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2014-06-29 23:11:56 45348CD890A09DCB94574366C79E5467 1086 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-06-24 12:59:11 -------- d-----w- C:\Program Files\Java

======= C:\PROGRA~2 =====

2014-07-02 00:45:58 -------- d-----w- C:\PROGRA~2\Audacity

2014-06-28 19:19:51 -------- d-----w- C:\PROGRA~2\R.G. Freedom

2014-06-28 11:49:01 -------- d-----w- C:\PROGRA~2\MXGP - The Official Motocross VideoGame

2014-06-27 21:54:16 -------- d-----w- C:\PROGRA~2\Goat Simulator

2014-06-27 19:24:14 -------- d-----w- C:\PROGRA~2\Next Car Game

======= C: =====

====== C:\Users\Gebruiker\AppData\Roaming ======

2014-07-02 00:02:36 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Adobe

2014-06-30 20:53:42 -------- d-----w- C:\Users\isabe_000\AppData\Local\Microsoft Help

2014-06-29 23:11:20 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Deployment

2014-06-29 23:11:20 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Apps

2014-06-29 21:12:28 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\SUPERAntiSpyware.com

2014-06-27 19:24:56 -------- d-----w- C:\Users\Gebruiker\AppData\Local\SKIDROW

2014-06-27 18:07:26 -------- d-----w- C:\Users\Gebruiker\AppData\Local\CrashRpt

2014-06-08 21:31:36 -------- d-sh--w- C:\Users\Gebruiker\AppData\Locallow\EmieUserList

2014-06-08 21:31:36 -------- d-sh--w- C:\Users\Gebruiker\AppData\Locallow\EmieSiteList

====== C:\Users\Gebruiker ======

2014-07-02 15:49:30 791137836C3E8F9881A8FCAC162B845A 318176 ----a-w- C:\Users\Gebruiker\Downloads\Brazzers Premium Account Generator__5565_il2321809.exe

2014-07-02 00:02:03 05BD5AC2BAF0ABBCE24DEB916D0FB79C 1057176 ----a-w- C:\Users\Gebruiker\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe

2014-06-30 02:16:55 -------- d-----w- C:\ProgramData\DivX

2014-06-29 23:13:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-06-28 19:28:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Freedom

2014-06-28 11:52:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RePack by XLASER

2014-06-27 21:54:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator

2014-06-27 19:24:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Next Car Game

2014-06-23 21:25:00 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp

 

====== C: exe-files ==

2014-07-02 20:52:03 1C98A54A843862F4D5884606B61E6686 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1663167145-114369477-2113965918-1001\$IYVX507.exe

2014-07-02 15:49:30 791137836C3E8F9881A8FCAC162B845A 318176 ----a-w- C:\Users\Gebruiker\Downloads\Brazzers Premium Account Generator__5565_il2321809.exe

2014-07-02 15:46:50 7E4736CEF4FDA5031563C7018AB5A8E4 236135 ----a-w- C:\$Recycle.Bin\S-1-5-21-1663167145-114369477-2113965918-1001\$RYVX507.exe

2014-07-02 00:45:58 D640054FFC3831431BC6D12265D85A91 7457792 ----a-w- C:\Program Files (x86)\Audacity\audacity.exe

2014-07-02 00:45:58 40F3C3EDDDEA61A20F7020B49843C1EB 1484055 ----a-w- C:\Program Files (x86)\Audacity\unins000.exe

2014-07-02 00:02:03 05BD5AC2BAF0ABBCE24DEB916D0FB79C 1057176 ----a-w- C:\Users\Gebruiker\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe

2014-06-29 23:13:53 EDAC53E2964C7ACE868208C3B6C5C8F1 39078480 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.153\35.0.1916.153_chrome_installer.exe

2014-06-29 23:11:56 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe

2014-06-29 23:11:56 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

2014-06-29 23:11:56 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe

2014-06-29 23:11:56 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe

2014-06-29 23:11:56 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe

2014-06-29 23:11:56 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

2014-06-29 23:11:56 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe

2014-06-29 23:11:56 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

2014-06-29 23:11:49 F2E1B9CBACF89B79F1EAF7F0034EAC1B 10120 ----a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\45A678HH.RE5\2Q1GWV18.970\inst...app_4fe91ede9f9bdca3_0001.0003_220833ca61e45306\clickonce_bootstrap.exe

2014-06-29 23:11:49 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\45A678HH.RE5\2Q1GWV18.970\inst...app_4fe91ede9f9bdca3_0001.0003_220833ca61e45306\GoogleUpdateSetup.exe

2014-06-29 23:11:49 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\45A678HH.RE5\2Q1GWV18.970\clic...exe_4fe91ede9f9bdca3_0001.0003_none_b13295ce3920a12c\GoogleUpdateSetup.exe

2014-06-28 19:28:15 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\redist\dxwebsetup.exe

2014-06-28 19:28:14 4A43D3D8FCC90B953B1564693CF258ED 7190816 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\redist\vcredist_x64.exe

2014-06-28 19:28:12 A65C59A3C25A3EBC1F160996ACF747C8 6500488 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\redist\vcredist_x86.exe

2014-06-28 19:28:12 7033D657214DDC435C3AAB2BAFCA42A5 748896 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\unins000.exe

2014-06-28 19:27:45 8B2EB2881DDA4470A7BC630A61EB6CEB 3995136 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\acs.exe

2014-06-28 19:27:45 36B38675DA4D383CD69860CFD28D76CC 5453312 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\AssettoCorsa.exe

2014-06-28 19:27:43 33ADDEA207A1571C296D49B79BF9C764 595968 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\acShowroom.exe

2014-06-28 12:20:04 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdateBroker.exe

2014-06-28 12:20:04 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdate.exe

2014-06-28 12:20:04 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleUpdateOnDemand.exe

2014-06-28 12:20:04 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.53043\GoogleCrashHandler.exe

2014-06-28 12:08:08 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdateBroker.exe

2014-06-28 12:08:08 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdateOnDemand.exe

2014-06-28 12:08:07 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleUpdate.exe

2014-06-28 12:08:07 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\comh.338266\GoogleCrashHandler.exe

2014-06-28 12:05:37 8F28BB59B59B75BA5B8EE16FB7C84FC2 284184 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\P3WLT083\torntvdownloader4[1].exe

2014-06-28 11:54:44 B5A4DA89F7AA94F4279049264CBB331A 1103284 ----a-w- C:\Program Files (x86)\MXGP - The Official Motocross VideoGame\unins000.exe

2014-06-28 11:49:01 9E598CB893BC3B810A1C137976A8015E 13705216 ----a-w- C:\Program Files (x86)\MXGP - The Official Motocross VideoGame\MXGP.exe

2014-06-27 21:54:17 98AA9FB897A5ED3673654B2923953F7E 43510784 ----a-w- C:\Program Files (x86)\Goat Simulator\Binaries\Win32\GoatGame-Win32-Shipping.exe

2014-06-27 21:54:17 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\Program Files (x86)\Goat Simulator\Redist\dotNetFx40_Full_setup.exe

2014-06-27 21:54:16 D8B7ABCD932BA43AC150E77EF78018FC 697690 ----a-w- C:\Program Files (x86)\Goat Simulator\unins000.exe

2014-06-27 21:54:16 880A353DC9AB4202F2CFBEC1CB37181D 299864 ----a-w- C:\Program Files (x86)\Goat Simulator\Redist\dxwebsetup.exe

2014-06-27 21:54:16 6402438591B548121F54B0706A2C6423 2745256 ----a-w- C:\Program Files (x86)\Goat Simulator\Redist\vcredist_x86.exe

2014-06-27 19:24:14 C470EE6EFE6A455922E8EB21ACA200B4 10747392 ----a-w- C:\Program Files (x86)\Next Car Game\Next Car Game.exe

2014-06-27 19:24:14 880A353DC9AB4202F2CFBEC1CB37181D 299864 ----a-w- C:\Program Files (x86)\Next Car Game\Redist\dxwebsetup.exe

2014-06-27 19:24:14 6402438591B548121F54B0706A2C6423 2745256 ----a-w- C:\Program Files (x86)\Next Car Game\Redist\vcredist_x86.exe

2014-06-27 19:24:14 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\Program Files (x86)\Next Car Game\Redist\dotNetFx40_Full_setup.exe

2014-06-27 19:24:14 21C78B9BE389D4AE674FFB6D7B5BBB5B 697690 ----a-w- C:\Program Files (x86)\Next Car Game\unins000.exe

2014-06-27 18:59:10 0C6519EA11D1950AA7643CE80EB4ADCA 15692800 ----a-w- C:\Users\Gebruiker\Downloads\Games\BeamNG drive.exe

=== C: other files ==

2014-07-02 20:41:54 D169CE311A75CAB4EF23BBECFB5DCE34 99 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\utt466F.tmp.bat

2014-07-02 14:57:00 7E18D714B9BDC4965B894DA6177BBEA5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1663167145-114369477-2113965918-1001\$I9O3RA1.zip

2014-07-02 14:52:38 63A9E8A7CB614C7008E295E6AD1906DB 4095664 ----a-w- C:\$Recycle.Bin\S-1-5-21-1663167145-114369477-2113965918-1001\$R9O3RA1.zip

2014-07-02 12:00:03 962C04D4F0FB9510CEDBA7333E4AAC9B 143360 ----a-w- C:\Windows\LastGood\system32\drivers\cxbu0x64.sys

2014-07-02 00:39:29 F92AEBB0C351D128E4C3C158508D4795 47500041 ----a-w- C:\Users\Gebruiker\Downloads\RapturePack.zip

2014-07-01 13:01:11 2E101E9EA49041C95C46C371C8B32F1A 27080764 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\resourcepacks\Huahwi_Resource_Pack_64x_1.7.zip

2014-06-30 19:14:50 0584EF8990F713A792464A07B67E0A2B 4521808 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\resourcepacks\AdventureTimeCraft_2.zip

2014-06-29 00:39:35 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-06-29 00:39:20 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-06-29 00:39:20 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-06-29 00:39:20 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-06-28 23:49:52 2526313ED5B17A70F47779251489C0AE 44544 ----a-w- C:\Windows\System32\drivers\iSafeKrnlBoot.sys

2014-06-28 19:28:07 18363FB87E88352DAA77A5FFBD53F98D 7129760 ----a-w- C:\Program Files (x86)\R.G. Freedom\Assetto Corsa\python33.zip

2014-06-28 10:13:01 2D8D44204E8E5112BD2B64015B94C8FB 33550 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\shaderpacks\chocapic13 beta v4.4.zip

2014-06-28 10:10:36 FA64DD17D6B0BDCB622AB26C2BF77A3E 36231 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\shaderpacks\Chocapic13 Beta 4.6.zip

2014-06-28 09:47:15 9F64AB2F5F470E957EDE078A375BD71E 38499 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\shaderpacks\CUDA Shaders v4 Ultra - AMD.zip

2014-06-28 09:45:14 AAB14FE5CC6D07E61EC5896746BA3E17 39441 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\shaderpacks\CUDA Shaders v4 Ultra.zip

2014-06-28 09:29:52 323266170B71EA7281EB6D279FB8BD5A 37813 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\shaderpacks\Robobo1221's shaders V 2.3 maximum.zip

2014-06-28 09:26:41 887EDDDEE4F91C35F82297258B26AA9E 37818 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\shaderpacks\Robobo1221's shaders V 2.4 R1.zip

2014-06-27 23:50:07 301F9FBCE86DFD4AAFA814960852B53B 7291524 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\resourcepacks\faithful64pack-v1.4.0.zip

2014-06-27 21:54:27 09D079CD0AFC4B13471FD4F89D90D748 15752 ----a-w- C:\Program Files (x86)\Goat Simulator\Binaries\Win32\GoatGame-Win32-Shipping.com

 

==== Startup Registry Enabled ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"F-Secure Manager"="C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE /splash"

"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"F-Secure Hoster (44163)"="C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe -app -hosterid:1"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

 

==== Task Scheduler Jobs ======================

 

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/06/2014 11:52]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2014 01:11]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2014 01:11]

 

==== Other Scheduled Tasks ======================

 

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-Carbide300R-Gebruiker" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{13146761-AF3D-4B4A-9FAC-6EC7F8DFC653}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{651263B6-9FE3-4657-8AEC-4E0B8273A3BE}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{95757e7f-111e-4d59-9ea4-1122a7d26dbb}"="C:\Program Files (x86)\Telenet Security Pack\apps\OnlineSafety\browser\deploy\fs_firefox_https" [13/05/2014 16:56]

 

==== Firefox Extensions ======================

 

ProfilePath: C:\Users\ISABE_~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default

- Undetermined - C:\Users\isabe_000\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default\extensions\9ee595b4-f5ec-4afb-bea5-3c873daf5e4a@9725de39-97db-467b-bf84-04c276190009.com

 

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\[email protected]

 

==== Firefox Plugins ======================

 

 

==== Chrome Look ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

jmjjnhpacphpjmnnlnccpfmhkcloaade - C:\Program Files (x86)\Telenet Security Pack\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx[23/05/2014 19:46]

llmcibonccojooiboenghfafpieoabpl - C:\Program Files (x86)\glindorus\llmcibonccojooiboenghfafpieoabpl.crx[]

 

Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

DefaultTab - C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

 

==== Chrome Fix ======================

 

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft..../?LinkId=69157"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"

{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google  Url="http://www.google.co...={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.co...ge={startPage}"

 

==== Deleting CLSID Registry Keys ======================

 

 

==== Deleting CLSID Registry Values ======================

 

 

==== Deleting Registry Keys ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{47E9633B-2152-45F2-A719-69709C0A41CD} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{814B84A1-3943-4798-A573-71615AA8A657} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{897F1506-B496-41A9-A342-FCB4529C37F0} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD55F281-20EF-4C8C-AE67-68CD76B6D077} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C13E3C97-D5AC-4541-A7AA-9D8E1ADD1E61} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E010C3DE-5296-4AEB-A800-1AB43BF3E128} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\llmcibonccojooiboenghfafpieoabpl deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1b48117b-6a27-4073-9d75-399e71f13ba4} deleted successfully

 

==== Empty IE Cache ======================

 

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\Users\isabe_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\isabe_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

 

==== Empty FireFox Cache ======================

 

C:\Users\isabe_000\AppData\Local\Mozilla\Firefox\Profiles\9nvx3pdz.default\Cache emptied successfully

 

==== Empty Chrome Cache ======================

 

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\isabe_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=497 folders=124 127645230 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot

C:\Users\isabe_000\AppData\Local\Temp emptied successfully

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\WINDOWS\Temp successfully emptied

C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== EOF on wo 02/07/2014 at 23:29:17,08 =====================

 

Btw, you can call me Lemon

Edited by Easy_Peasy_Lemon_Squeezy, 02 July 2014 - 03:43 PM.

[Naathim]

Hi Lemon

 

Sorry for a little delay, had some personal issues to deal with. Another one scan to run.

 

Download CKScanner by askey127.
Save it to your desktop.

• Double-click  (Right click and Run as administrator in Vista, 7 or 8).
• Give permission if necessary, and click Search For Files.
• After a very short time, when the cursor hourglass disappears, click Save List To File.
• A message box will verify the file saved. Please run the program once only.
• Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Cheers,
Naat 

[Easy_Peasy_Lemon_Squeezy]

 

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad

c:\program files\adobe\adobe media encoder cc\plug-ins\de_de\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\de_de\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\de_de\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\en_us\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\en_us\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\en_us\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\es_es\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\es_es\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\es_es\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\fr_fr\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\fr_fr\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\fr_fr\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\it_it\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\it_it\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\it_it\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ja_jp\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ja_jp\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ja_jp\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ko_kr\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ko_kr\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ko_kr\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\pt_br\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\pt_br\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\pt_br\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ru_ru\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ru_ru\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ru_ru\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\zh_cn\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\zh_cn\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\zh_cn\vstplugins\decrackler6.dll

c:\program files (x86)\next car game\crack\nextcargame.3dmgame.emu\3dmgame.ini

c:\program files (x86)\next car game\crack\nextcargame.3dmgame.emu\steam_api.dll (original)

c:\program files (x86)\next car game\crack\nextcargame.skidrow.emu\skidrow.ini

c:\program files (x86)\next car game\crack\nextcargame.skidrow.emu\steamclient.dll

c:\program files (x86)\next car game\crack\nextcargame.skidrow.emu\steam_api.dll

c:\program files (x86)\next car game\crack\nextcargame.skidrow.emu\steam_api.dll (original)

scanner sequence 3.ZZ.11.GXNAEZ

 ----- EOF ----- 

 

Lemon

[Naathim]

Hi,
Unfortunately there is illegal/cracked software present on your machine:
next car game.

I'm sorry, but I need to remind you the GeeksToGo Terms of Use that you have agreed to abide, when becoming a member of this forum.

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.

This leads me to a conclusion, that all other help will be suspended. We won't support any piracy.

Alternatively, if you wish to continue with my assistance, you'll have to remove all pirated software from your machine.

Regards,
Naat

[Easy_Peasy_Lemon_Squeezy]

Alright, I think I have succesfully uninstalled the program.

 

I apologize for the inconvenience.

 

 

Lemon

 

[Naathim]

Hi


Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:
  

  createsrpoint;
  process;
  services-list;
  systemspecs;
  startupall;
  skipfix-iedefaults;
  firefoxlook;
  chromelook;
  filesrcm;
  installedprogs;
  uninstall-list;
  installer-list;

• Make sure that Scan All Users option is checked.
• Push Run Script and wait patiently. The scan may take a couple of minutes.
• When the scan completes, a zoek-results logfile should open in notepad.
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.


Scan with CKScanner

Please re-run CKScanner.

• Right-click on icon and select Run as Administrator to start the tool.
• click Search For Files.
• When finished, click Save List To File.
• Remember to run this tool once only, if not asked to run it again.

Please include the content of CKFiles.txt in your next reply.


Cheers,
Naat

[Easy_Peasy_Lemon_Squeezy]

Zoek-results.log:

 

 

Zoek.exe v5.0.0.0 Updated 30-06-2014

Tool run by Gebruiker on za 05/07/2014 at 15:09:14,37.

Microsoft Windows 8.1 6.3.9600  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] 

 

==== Older Logs ======================

 

C:\zoek-results2014-07-02-150327.log 16902 bytes

C:\zoek-results2014-07-02-212917.log 46821 bytes

 

==== System Restore Info ======================

 

5/07/2014 15:10:33 Zoek.exe System Restore Point Created Succesfully.

 

==== Windows Installer Info ======================

 

ACR38/100/122 PC/SC Driver 1.1.5.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\182A2C82A136E7D49B62031C0F336E5A]C:\Windows\Installer\242780.msi

Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FF0DAD9DA594B274F901AB4E032A6628]C:\WINDOWS\Installer\136ef44.msi

Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2D6317878F0F5264AAF3277D97A58C24]C:\WINDOWS\Installer\522f5e2.msi

Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\Windows\Installer\4080b23.msi

Belgium e-ID middleware 4.0.4 (build 7251) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED365428DA576614D90C6B84F2022715]C:\Windows\Installer\242785.msi

Bonjour  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B0163E6D0340BE4183EB2758E9BEDD8]C:\Windows\Installer\4080b19.msi

Computer Security 14.99.103.0 (release) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ACBDF8561A7B4E348A94F98021743313]C:\WINDOWS\Installer\5c175e.msi

D3DX10  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\191a2ec.msi

F-Secure CCF Reputation [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000000008772DEB5189925BE418D2DF2]C:\WINDOWS\Installer\5c16d9.msi

F-Secure CCF Scanning 1.37.103.151 (release) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AD1DE25DC085149458676B6932AA3E57]C:\WINDOWS\Installer\5c174e.msi

F-Secure Network CCF 1.02.134 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\56A2F7D895302864CA48A7D229E91C2A]C:\WINDOWS\Installer\5c173b.msi

F-Secure SafeSearch 1.03.146.0 (release) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E1F9DFEB08B79D408ABB208CF6EADBB]C:\WINDOWS\Installer\10c00237.msi

Fa‡ade  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46243E42384DC7749A0AE4356F8943FC]C:\Windows\Installer\1145bcf.msi

Firebird SQL Server - MAGIX Edition [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3058F5C62D55893458C863B2A7A75FC1]C:\Windows\Installer\bf3c632.msi

Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\WINDOWS\Installer\4d32bcf.msi

Intel® Rapid Storage Technology [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D32692670D0F6CA47A36BF0EE68D82C8]C:\Windows\Installer\1c363.msi

Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC3A00AF044783942A171F685FD04DD0]C:\Windows\Installer\1c35e.msi

iTunes  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\656A86A5F979861478592E3E86AAD42C]C:\WINDOWS\Installer\136ff5b.msi

Java 7 Update 51 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381207150F]C:\WINDOWS\Installer\3bbdec7.msi

Java 7 Update 51 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120715FF]C:\WINDOWS\Installer\d82d950.msi

Java 7 Update 60 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF260140706FF]C:\WINDOWS\Installer\3438a13.msi

Java Auto Updater [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401]C:\WINDOWS\Installer\d82d955.msi

Junk Mail filter update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\82C03F6FAA83ABD4EAB0E70332E816BB]C:\Windows\Installer\191a2f8.msi

Launch pad [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F29C0318DEAE969479DCC164C653402F]C:\WINDOWS\Installer\5c1668.msi

LogMeIn Hamachi [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E87322C56A9E83469C4D78BBF5B86ED]C:\WINDOWS\Installer\12398.msi

MAGIX Movie Edit Pro 2013 Plus [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A47ED54A8EA7A5E459BDFDCF42A96575]C:\Windows\Installer\bf3c64b.msi

MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B1FFF4B82C0F6844AB3A88F34940D8B9]C:\Windows\Installer\bf3c63d.msi

Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\191a2da.msi

Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\Windows\Installer\191a301.msi

Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\2aae59.msi

Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9eab5ec6ac3d99b498a1d16c1c815acf]C:\Windows\Installer\ab88eb.msi

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\Windows\Installer\bf3c623.msi

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\2aae64.msi

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]C:\Windows\Installer\59228e.msi

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\2aae6a.msi

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\bf3c628.msi

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\74bc38b.msi

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\1aefd.msi

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\18434.msi

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\62DBF9290209B993A9A757D1160F9B24]C:\WINDOWS\Installer\1941dd15.msi

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8D947A316B3EB3F8F540C548BE2AB9]C:\WINDOWS\Installer\1941dd10.msi

Microsoft_VC80_CRT_x86  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91785D291CBB3CC40AB8659C8E48CCC2]C:\WINDOWS\Installer\6b90f81.msi

Microsoft_VC90_CRT_x86  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\121E2D80A6F7BE3479DF26B944094330]C:\WINDOWS\Installer\6b90f86.msi

Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07189854C86E20F4AA532C81B63F743A]C:\Windows\Installer\191a307.msi

Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E634961E8D94B9145A0C2D54AE9F6911]C:\Windows\Installer\191a322.msi

MSVCRT  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\191a2cb.msi

MSVCRT Redists [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FC72DB4DCBFB3E11B9F80FD42AA3C585]C:\WINDOWS\Installer\bcdfb07.msi

MSVCRT_amd64  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52744B0D6663D294EB6F85A741DBB99D]C:\Windows\Installer\191a2d4.msi

MSVCRT110  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8CDD41E806AE81E43B3E917301D4B5AD]C:\Windows\Installer\191a2ce.msi

MSVCRT110_amd64  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F187AF9E08E3993428A5DAE3112CC877]C:\Windows\Installer\191a2d1.msi

MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09AB59D18F4FCE748A2844C1993DC0E1]C:\Windows\Installer\febf3af.msi

MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F764691F11C67F458B88521DA8CB349]C:\Windows\Installer\bf3c62d.msi

Office 15 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80000000000000000F01FEC]C:\WINDOWS\Installer\cb5dfe.msi

Office 15 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F80000000100000000F01FEC]C:\WINDOWS\Installer\cb5e10.msi

Office 15 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80031400000000000F01FEC]C:\WINDOWS\Installer\cb5e30.msi

Online Safety 2.99.2293.1524 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\900D3C3249163FF4EB42C6AA647CB1A0]C:\WINDOWS\Installer\c1b3426.msi

Paint.NET v3.5.11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F30FE2770501684A9449DF94D4C4181]C:\Windows\Installer\546230.msi

Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8AE106C5915D0104C80DDBB3496ADD85]C:\Windows\Installer\191a313.msi

Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\156929F0615F6594092FFFDBC25D3DE0]C:\Windows\Installer\191a304.msi

Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36D8100CC33C5154C98EB38C38F0971A]C:\Windows\Installer\191a31f.msi

QuickTime 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FD7EE11154CF7C04897A57A34CB621BF]C:\WINDOWS\Installer\424893.msi

swMSM  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C43C21609E58D74B9C5F017D78D7262]C:\WINDOWS\Installer\b2d81ab.msi

Update for Microsoft en-us Dictionary [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8F49EDA96BD3DFA498E9565165776064]C:\WINDOWS\Installer\58a75.msi

Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B265D302E4C64849A0233717888EB00]C:\Windows\Installer\191a2e6.msi

Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1BD608AA288E438418205B2F65EBA9F2]C:\Windows\Installer\191a310.msi

Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0F0EE0A5909EB3F44B73AA9D524272BC]C:\Windows\Installer\191a2d7.msi

Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D6008E3E9DD3FD041917E1ED01325EC7]C:\Windows\Installer\191a31c.msi

Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F009406D572AC614FAD9DCDE5FB827BD]C:\Windows\Installer\191a2fb.msi

Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3CAB682B6EBC4584FB86BE273AC4AE65]C:\Windows\Installer\191a2f5.msi

Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AA5F9B9F406D7A742983226A46BDDE61]C:\Windows\Installer\191a316.msi

Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F774CEE5B9E802448892617E242672BD]C:\Windows\Installer\191a2dd.msi

Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9EE0B6C821284447BEAE5B2640E0F7E]C:\Windows\Installer\191a2f2.msi

Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8955443E42442EE47BC12C33527FBF17]C:\Windows\Installer\191a2e9.msi

Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9B3296B69178B52419C6DC92803FA1FA]C:\Windows\Installer\191a2e3.msi

Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49CC9FF032FEE104DBDB7304D3A1B283]C:\Windows\Installer\191a2e0.msi

Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93785E0FC4B2F894B9D0FFF0F25DB216]C:\Windows\Installer\191a2ef.msi

Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11C86AB636B029148B08B0E5F397949F]C:\Windows\Installer\191a30d.msi

Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\05D70DCE3C506E041AE03A17CAE7B4A8]C:\Windows\Installer\191a325.msi

Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\175ACBFED716A484E9AC3E10BBD67005]C:\Windows\Installer\191a2fe.msi

Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AAE49AAA4A04C854D9681DAD67B5155D]C:\Windows\Installer\191a30a.msi

Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDB97A1FF74AB14459D4EE40C573E9BB]C:\Windows\Installer\191a319.msi

 

==== Installed Programs ======================

 

ACR38/100/122 PC/SC Driver 1.1.5.0  

Adobe After Effects CC  

Adobe Creative Cloud  

Adobe Flash Player 14 Plugin  

Adobe Photoshop CS6  

Adobe Shockwave Player 12.1  

Apple Application Support  

Apple Mobile Device Support  

Apple Software Update  

Audacity 2.0.5  

BeamNG-Techdemo-0.3 (remove only)  

Belgium e-ID middleware 4.0.4 (build 7251)  

Bonjour  

Computer Security 14.99.103.0 (release)  

Crazybump (remove only)  

D3DX10  

Euro Truck Simulator 2  

F-Secure CCF Reputation  

F-Secure CCF Scanning 1.37.103.151 (release)  

F-Secure Network CCF 1.02.134  

F-Secure SafeSearch 1.03.146.0 (release)  

Fa‡ade  

FINAL FANTASY XIV - A Realm Reborn  

Firebird SQL Server - MAGIX Edition  

Google Chrome  

Google Update Helper  

Intel® Control Center  

Intel® Management Engine Components  

Intel® Rapid Storage Technology  

Intel© Trusted Connect Service Client  

iTunes  

Java 7 Update 51  

Java 7 Update 55  

Java 7 Update 60 (64-bit)  

Java Auto Updater  

Junk Mail filter update  

Launch pad  

Line 6 Uninstaller  

LogMeIn Hamachi  

MAGIX Movie Edit Pro 2013 Plus  

MAGIX Speed burnR (MSI)  

Malwarebytes Anti-Malware versie 2.0.2.1012  

Microsoft Application Error Reporting  

Microsoft Image Composite Editor  

Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl  

Microsoft SkyDrive  

Microsoft SQL Server 2005 Compact Edition [ENU]  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2005 Redistributable (x64)  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005  

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  

Microsoft_VC80_CRT_x86  

Microsoft_VC90_CRT_x86  

Morphyre  

Movie Maker  

MSVCRT  

MSVCRT Redists  

MSVCRT_amd64  

MSVCRT110  

MSVCRT110_amd64  

MSXML 4.0 SP3 Parser  

MSXML 4.0 SP3 Parser (KB2758694)  

MXGP - The Official Motocross VideoGame, ƒ†Ð¤Š˜ 1.0  

Notepad++  

NVIDIA-configuratiescherm 331.65  

NVIDIA Grafisch stuurprogramma 331.65  

NVIDIA HD Audio-stuurprogramma 1.3.26.4  

NVIDIA Install Application  

NVIDIA Update 1.15.2  

Office 15 Click-to-Run Extensibility Component  

Office 15 Click-to-Run Licensing Component  

Office 15 Click-to-Run Localization Component  

Online Safety 2.99.2293.1524  

Oxy  

Paint.NET v3.5.11  

Photo Common  

Photo Gallery  

Python 2.6 pycairo-1.4.12  

Python 2.6 pygobject-2.14.2  

Python 2.6 pygtk-2.12.1  

Python 2.6.1  

QuickTime 7  

Realtek Ethernet Controller Driver  

Realtek High Definition Audio Driver  

Resource Hacker Version 3.6.0  

Spotify  

Stuurprogrammapakket voor Windows - ACS (A38CCID) SmartCardReader  (10/05/2012 1.1.6.6)  

Stuurprogrammapakket voor Windows - ACS (ACR122U) SmartCardReader  (10/10/2012 1.1.6.4)  

Stuurprogrammapakket voor Windows - ACS (ACSSCR) SmartCardReader  (09/18/2012 1.1.6.3)  

Stuurprogrammapakket voor Windows - Fedict SmartCard  (10/04/2011 4.0.0.5)  

swMSM  

Unity Web Player  

Update for Microsoft en-us Dictionary  

Vovoid VSXu 0.4.2  

Windows Live Communications Platform  

Windows Live Essentials  

Windows Live Installer  

Windows Live Mail  

Windows Live Messenger  

Windows Live MIME IFilter  

Windows Live Photo Common  

Windows Live PIMT Platform  

Windows Live SOXE  

Windows Live SOXE Definitions  

Windows Live UX Platform  

Windows Live UX Platform Language Pack  

Windows Live Writer  

Windows Live Writer Resources  

WinRAR 5.00 (32-bit)  

WorldPainter 1.8.5  

 

==== Running Processes ======================

 

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\fssm32.exe

C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSLAUNCHER0.EXE

C:\Users\Gebruiker\Desktop\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\WINDOWS\SysWOW64\cmd.exe

 

==== System Specs ======================

 

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 8132 MB

CPU Info: Intel® Core™ i5-4440 CPU @ 3.10GHz

CPU Speed: 3100,2 MHz

Sound Card: Luidsprekers (Realtek High Defi | 

Realtek Digital Output (Realtek | 

Display Adapters: NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1680 X 1050 - 32 bit

Network: Network Present

Network Adapters: Microsoft Hosted Network Virtual Adapter | Realtek PCIe GBE Family Controller | Sitecom 300N Wireless USB-adapter WL-352v3

CD / DVD Drives: 1x (E: | ) E: ASUS    DRW-24F1ST   a

Ports: COM1 LPT Port NOT Present. 

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C:  111,4GB | D:  931,5GB

Hard Disks - Free: C:  48,4GB | D:  931,3GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 08/15/13 | ALASKA - 1072009

Time Zone: Romance (standaardtijd)

Motherboard *: ASUSTeK COMPUTER INC. H87M-E

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Virus: Computer Bescherming On-access scanning disabled (Outdated)

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Computer Bescherming disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 35.0.1916.153

Internet Explorer Version: 11.0.9600.17126 

Google Chrome version: 35.0.1916.153

Sun Java version: 1.7.0_55 (32-bit) 

Sun Java version: 1.7.0_60 (64-bit) 

Flash Player version: 14.0.0.125

Shockwave Player version: 12.1.1r151

 

==== Files Recently Created / Modified ======================

 

====== C:\WINDOWS ====

====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2014-06-24 12:59:19 80DD24235A7E13AFC9E9EBC55ACE1ACF 313256 ----a-w- C:\WINDOWS\Sysnative\javaws.exe

2014-06-24 12:59:16 B139EECAC4B3B43949FA0E2EDB66B905 111016 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll

2014-06-24 12:59:16 75F20BEDF6B95AA316C08D9D3F247692 189352 ----a-w- C:\WINDOWS\Sysnative\java.exe

2014-06-24 12:59:16 22AEEB5D70AFF7C6CB43D16E6F5E2FFF 189352 ----a-w- C:\WINDOWS\Sysnative\javaw.exe

====== C:\WINDOWS\Sysnative\drivers =====

2014-06-29 00:39:35 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys

2014-06-29 00:39:20 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys

2014-06-29 00:39:20 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys

2014-06-29 00:39:20 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys

2014-06-28 23:49:52 2526313ED5B17A70F47779251489C0AE 44544 ----a-w- C:\WINDOWS\Sysnative\drivers\iSafeKrnlBoot.sys

2014-06-12 08:19:40 D18EC2C83C2F773C9476A4FB0AA4C314 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys

2014-06-12 08:19:40 A9749FD0A06E22009EA972D8B9CB046B 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS

2014-06-12 08:19:40 4B666AE119D2ADBAC816BEA7DB4D6881 2518872 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys

2014-06-12 08:19:17 7C7BE474915166B61B84C025F1F10157 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys

2014-06-12 08:19:16 FD163F487CBA9C98AFFEB546C80F49A2 677376 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys

2014-06-12 08:19:16 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys

2014-06-12 08:19:16 DBA635C6398782C549E3BE45CF1D0411 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys

2014-06-12 08:19:16 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys

2014-06-12 08:19:16 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys

2014-06-12 08:19:16 78514B073CC5775800A65BFB82A0D66B 443904 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys

2014-06-12 08:19:16 716059F37BCCB1ABEDE99EBE82E8E362 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys

2014-06-12 08:19:16 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys

2014-06-12 08:19:16 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys

2014-06-12 08:19:16 4BB9BC49DEE1A319EC58274A7BBED663 310616 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys

2014-06-12 08:19:16 498288DD5CA42C2D36D125893E968C53 77312 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys

2014-06-12 08:19:16 33977549C2CED09936E05BEE7659EAFF 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys

2014-06-12 08:19:16 0696F66E4D423793951A60562F794D14 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys

2014-06-12 08:18:45 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys

====== C:\WINDOWS\Tasks ======

2014-06-30 23:46:33 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\GenericSettingsHandler

2014-06-29 23:11:56 DA1DE346EC7215330039E6A29F7359F8 4058 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2014-06-29 23:11:56 74B8CB97962BFFCA51CF81310A6F9E13 3822 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2014-06-29 23:11:56 542F4FFA51F27C72E464C3FEE317E6C4 1082 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-29 23:11:56 4BCE02A413914BBC7D52140B32EFCD12 1086 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-06-24 12:59:11 -------- d-----w- C:\Program Files\Java

======= C:\PROGRA~2 =====

2014-07-02 00:45:58 -------- d-----w- C:\PROGRA~2\Audacity

2014-06-28 19:19:51 -------- d-----w- C:\PROGRA~2\R.G. Freedom

2014-06-28 11:49:01 -------- d-----w- C:\PROGRA~2\MXGP - The Official Motocross VideoGame

======= C: =====

====== C:\Users\Gebruiker\AppData\Roaming ======

2014-07-02 21:27:24 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp

2014-07-02 21:27:24 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp

2014-07-02 21:27:24 -------- d-----w- C:\Users\isabe_000\AppData\Local\Temp

2014-07-02 21:27:23 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Temp

2014-07-02 21:27:23 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-07-02 21:27:23 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-07-02 00:02:36 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Adobe

2014-06-30 20:53:42 -------- d-----w- C:\Users\isabe_000\AppData\Local\Microsoft Help

2014-06-29 23:11:20 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Deployment

2014-06-29 23:11:20 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Apps

2014-06-29 21:12:28 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\SUPERAntiSpyware.com

2014-06-27 19:24:56 -------- d-----w- C:\Users\Gebruiker\AppData\Local\SKIDROW

2014-06-27 18:07:26 -------- d-----w- C:\Users\Gebruiker\AppData\Local\CrashRpt

2014-06-08 21:31:36 -------- d-sh--w- C:\Users\Gebruiker\AppData\Locallow\EmieUserList

2014-06-08 21:31:36 -------- d-sh--w- C:\Users\Gebruiker\AppData\Locallow\EmieSiteList

====== C:\Users\Gebruiker ======

2014-07-02 21:29:17 -------- d-----r- C:\Users\Gebruiker\Searches

2014-07-02 00:02:03 05BD5AC2BAF0ABBCE24DEB916D0FB79C 1057176 ----a-w- C:\Users\Gebruiker\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe

2014-06-30 02:16:55 -------- d-----w- C:\ProgramData\DivX

2014-06-29 23:13:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-06-28 11:52:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RePack by XLASER

2014-06-23 21:25:00 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp

 

====== C: exe-files ==

2014-07-05 13:11:04 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Gebruiker\Downloads\CKScanner.exe

2014-07-04 19:40:26 B157BD5E31B48640FB06F99C795CFF95 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$IQIBWD8.exe

2014-07-04 15:19:03 36586F1192FE78DFD22DB34C497D3429 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$IMXTFBP.exe

2014-07-04 13:31:48 7334076EF9F1105C6FB22650CEDE0D42 44032 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$RMXTFBP.exe

2014-07-04 12:36:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$RQIBWD8.exe

2014-07-02 00:45:58 D640054FFC3831431BC6D12265D85A91 7457792 ----a-w- C:\Program Files (x86)\Audacity\audacity.exe

2014-07-02 00:45:58 40F3C3EDDDEA61A20F7020B49843C1EB 1484055 ----a-w- C:\Program Files (x86)\Audacity\unins000.exe

2014-07-02 00:02:03 05BD5AC2BAF0ABBCE24DEB916D0FB79C 1057176 ----a-w- C:\Users\Gebruiker\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe

2014-06-29 23:13:53 EDAC53E2964C7ACE868208C3B6C5C8F1 39078480 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.153\35.0.1916.153_chrome_installer.exe

2014-06-29 23:11:56 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe

2014-06-29 23:11:56 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

2014-06-29 23:11:56 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe

2014-06-29 23:11:56 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe

2014-06-29 23:11:56 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe

2014-06-29 23:11:56 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

2014-06-29 23:11:56 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe

2014-06-29 23:11:56 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

2014-06-29 23:11:49 F2E1B9CBACF89B79F1EAF7F0034EAC1B 10120 ----a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\45A678HH.RE5\2Q1GWV18.970\inst...app_4fe91ede9f9bdca3_0001.0003_220833ca61e45306\clickonce_bootstrap.exe

2014-06-29 23:11:49 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\45A678HH.RE5\2Q1GWV18.970\inst...app_4fe91ede9f9bdca3_0001.0003_220833ca61e45306\GoogleUpdateSetup.exe

2014-06-29 23:11:49 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\45A678HH.RE5\2Q1GWV18.970\clic...exe_4fe91ede9f9bdca3_0001.0003_none_b13295ce3920a12c\GoogleUpdateSetup.exe

=== C: other files ==

2014-07-05 13:05:37 6208E2EF5981FFE4C684B2875CF86636 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$I53EU4T.zip

2014-07-05 13:05:26 63A9E8A7CB614C7008E295E6AD1906DB 4095664 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$R53EU4T.zip

2014-07-04 21:53:32 96A726AD18E349B38BAF0750C2298ED0 226300 ----a-w- C:\Users\Gebruiker\Downloads\Fishfarm.zip

2014-07-04 19:40:22 CB03B8F4170FB22E79D4884945FBD4D4 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$I3STHGY.zip

2014-07-04 19:40:14 FE835C85FF0C2F25D3B9B042F913F511 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$I36RD78.zip

2014-07-04 19:40:14 2B4E7255347471E17F2189DC03F6A58D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$IFPK4MC.zip

2014-07-04 19:34:58 72C52FAB0252353C770B9C5F1B19B3D8 260307 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$RFPK4MC.zip

2014-07-04 15:19:02 7311EFB061922F5781FAB03DA8F9BD6C 11976743 ----a-w- C:\Users\Gebruiker\Downloads\Programs\MCEdit_dev-0.1.8build799.win-amd64.zip

2014-07-04 12:59:21 CDF8C5AD10536C81207B1B23D0E4147C 11987343 ----a-w- C:\Users\Gebruiker\Downloads\MCEdit_dev-0.1.8build799.win-amd64.zip

2014-07-04 12:55:47 46D914C254515864852DC182AA39CDF1 332989 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$R3STHGY.zip

2014-07-04 12:36:21 A0A650F8CF0837882BD58C51E72B0413 896212 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1663167145-114369477-2113965918-1001\$R36RD78.zip

2014-07-02 12:00:03 962C04D4F0FB9510CEDBA7333E4AAC9B 143360 ----a-w- C:\Windows\LastGood.Tmp\system32\drivers\cxbu0x64.sys

2014-07-01 13:01:11 2E101E9EA49041C95C46C371C8B32F1A 27080764 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\resourcepacks\Huahwi_Resource_Pack_64x_1.7.zip

2014-06-30 19:14:50 0584EF8990F713A792464A07B67E0A2B 4521808 ----a-w- C:\Users\Gebruiker\AppData\Roaming\.minecraft\resourcepacks\AdventureTimeCraft_2.zip

2014-06-29 00:39:35 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-06-29 00:39:20 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-06-29 00:39:20 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-06-29 00:39:20 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-06-28 23:49:52 2526313ED5B17A70F47779251489C0AE 44544 ----a-w- C:\Windows\System32\drivers\iSafeKrnlBoot.sys

 

==== Startup Registry Enabled ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"F-Secure Manager"="C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE /splash"

"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"F-Secure Hoster (44163)"="C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe -app -hosterid:1"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

 

==== Task Scheduler Jobs ======================

 

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/06/2014 11:52]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2014 01:11]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2014 01:11]

 

==== Other Scheduled Tasks ======================

 

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-Carbide300R-Gebruiker" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{13146761-AF3D-4B4A-9FAC-6EC7F8DFC653}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{651263B6-9FE3-4657-8AEC-4E0B8273A3BE}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{95757e7f-111e-4d59-9ea4-1122a7d26dbb}"="C:\Program Files (x86)\Telenet Security Pack\apps\OnlineSafety\browser\deploy\fs_firefox_https" [13/05/2014 16:56]

 

==== Firefox Extensions ======================

 

ProfilePath: C:\Users\ISABE_~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default

- Undetermined - C:\Users\isabe_000\AppData\Roaming\Mozilla\Firefox\Profiles\9nvx3pdz.default\extensions\9ee595b4-f5ec-4afb-bea5-3c873daf5e4a@9725de39-97db-467b-bf84-04c276190009.com

 

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\[email protected]

 

==== Firefox Plugins ======================

 

 

==== Chrome Look ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

jmjjnhpacphpjmnnlnccpfmhkcloaade - C:\Program Files (x86)\Telenet Security Pack\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx[23/05/2014 19:46]

 

Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - isabe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== IE Start and Search Settings ======================

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft..../?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google  Url="http://www.google.co...={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.co...ge={startPage}"

 

==== Uninstall List x64 ======================

 

ACR38/100/122 PC/SC Driver 1.1.5.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{28C2A281-631A-4D7E-B926-30C1F033E6A5}]

Adobe After Effects CC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{317243C1-6580-4F43-AED7-37D4438C3DD5}]

Adobe Creative Cloud [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Creative Cloud]

Adobe Flash Player 14 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]

Adobe Photoshop CS6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Photoshop CS6]

Adobe Shockwave Player 12.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]

Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D9DAD0FF-495A-472B-9F10-BAE430A26682}]

Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{787136D2-F0F8-4625-AA3F-72D7795AC842}]

Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]

Audacity 2.0.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1]

BeamNG-Techdemo-0.3 (remove only) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\BeamNG-Techdemo-0.3]

Belgium e-ID middleware 4.0.4 (build 7251) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824563DE-75AD-4166-9DC0-B6482F207251}]

Bonjour  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}]

Computer Security 14.99.103.0 (release) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{658FDBCA-B7A1-43E4-A849-9F0812473331}]

Crazybump (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crazybump]

D3DX10  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]

Euro Truck Simulator 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1]

F-Secure CCF Reputation [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00000000-2778-5BED-8199-52EB14D8D22F}]

F-Secure CCF Scanning 1.37.103.151 (release) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D52ED1DA-580C-4941-8576-B69623AAE375}]

F-Secure Network CCF 1.02.134 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D7F2A65-0359-4682-AC84-7A2D929EC1A2}]

F-Secure SafeSearch 1.03.146.0 (release) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EFD9F1E7-B80B-4D97-80BA-2B80FCE6DABB}]

Fa‡ade  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24E34264-D483-477C-A9A0-4E53F69834CF}]

FINAL FANTASY XIV - A Realm Reborn [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}]

Firebird SQL Server - MAGIX Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C5F8503-55D2-4398-858C-362B7A7AF51C}]

Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

Intel® Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}]

Intel® Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}]

Intel® Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}]

Intel® Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7629623D-F0D0-4AC6-A763-FBE06ED8288C}]

Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FA00A3CC-7440-4938-A271-F186F50DD40D}]

iTunes  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5A68A656-979F-4168-8795-E2E368AA4DC2}]

Java 7 Update 51 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051F0}]

Java 7 Update 55 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FF}]

Java 7 Update 60 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F06417060FF}]

Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]

Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}]

Launch pad [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8130C92F-EAED-4969-97CD-1C466C3504F2}]

Launch pad [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\F-Secure ServiceEnabler 44163]

Line 6 Uninstaller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Line 6 Uninstaller]

LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C22378E6-9A65-438E-964C-7DB8FBB568DE}]

LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LogMeIn Hamachi]

MAGIX Movie Edit Pro 2013 Plus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A45DE74A-7AE8-4E5A-95DB-DFFC249A5657}]

MAGIX Movie Edit Pro 2013 Plus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MAGIX_{A45DE74A-7AE8-4E5A-95DB-DFFC249A5657}]

MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8B4FFF1B-F0C2-4486-BAA3-883F94048D9B}]

MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MAGIX_{8B4FFF1B-F0C2-4486-BAA3-883F94048D9B}]

Malwarebytes Anti-Malware versie 2.0.2.1012 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]

Microsoft Image Composite Editor [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}]

Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HomeStudentRetail - nl-nl]

Microsoft SkyDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SkyDriveSetup.exe]

Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]

Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}]

Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51adbf11-493f-431c-a862-967a0fae2944}]

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{929FBD26-9020-399B-9A7A-751D61F0B942}]

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}]

Microsoft_VC80_CRT_x86  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}]

Microsoft_VC90_CRT_x86  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}]

Morphyre  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Morphyre]

Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45898170-E68C-4F02-AA35-C2186BF347A3}]

Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E169436E-49D8-419B-A5C0-D245EAF99611}]

MSVCRT  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]

MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}]

MSVCRT_amd64  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]

MSVCRT110  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}]

MSVCRT110_amd64  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9FA781F-3E80-4399-825A-AD3E11C28C77}]

MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}]

MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{196467F1-C11F-4F76-858B-5812ADC83B94}]

MXGP - The Official Motocross VideoGame, ƒ†Ð¤Š˜ 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3BB101F-DFDF-46B2-BD47-03EEDAB775D1}_is1]

Notepad++  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++]

NVIDIA-configuratiescherm 331.65 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]

NVIDIA Grafisch stuurprogramma 331.65 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]

NVIDIA HD Audio-stuurprogramma 1.3.26.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver]

NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]

NVIDIA Update 1.15.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]

Online Safety 2.99.2293.1524 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23C3D009-6194-4FF3-BE24-6CAA46C71B0A}]

Oxy  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9AAF2503-6CD5-414A-B5BA-37639B76C91F}]

Paint.NET v3.5.11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{72EF03F5-0507-4861-9A44-D99FD4C41418}]

Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}]

Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F929651-F516-4956-90F2-FFBD2CD5D30E}]

Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C0018D63-C33C-4515-9CE8-3BC8830F79A1}]

Python 2.6 pycairo-1.4.12 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\pycairo-py2.6]

Python 2.6 pygobject-2.14.2 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\pygobject-py2.6]

Python 2.6 pygtk-2.12.1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\pygtk-py2.6]

Python 2.6.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CC89170-000B-457D-91F1-53691F85B223}]

QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}]

Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]

Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]

Resource Hacker Version 3.6.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ResourceHacker_is1]

Spotify  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]

Stuurprogrammapakket voor Windows - ACS (A38CCID) SmartCardReader  (10/05/2012 1.1.6.6) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\168CA6108E585D22944F996285EBE9B8B8A36755]

Stuurprogrammapakket voor Windows - ACS (ACR122U) SmartCardReader  (10/10/2012 1.1.6.4) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\29742EF5326446C82D0D4B3E1F0EF5AB430EF141]

Stuurprogrammapakket voor Windows - ACS (ACSSCR) SmartCardReader  (09/18/2012 1.1.6.3) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\B3AA751CA8C52015C434B2790E0A934C2585A3C6]

Stuurprogrammapakket voor Windows - Fedict SmartCard  (10/04/2011 4.0.0.5) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\3FE3642036A0F4AEC17772437CE14BB1E67006AA]

swMSM  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}]

Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]

Update for Microsoft en-us Dictionary [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9ADE94F8-3DB6-4AFD-899E-651556770646}]

Vovoid VSXu 0.4.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VSXu 0.4.2]

Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{03D562B5-C4E2-4846-A920-33178788BE00}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA806DB1-E882-4834-8102-B5F256BE9A2F}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]

Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}]

Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D604900F-A275-416C-AF9D-CDEDF58B72DB}]

Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3E8006D-3DD9-40DF-9171-1EDE1023E57C}]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F9B9F5AA-D604-47A7-9238-22A664DBED16}]

Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5EEC477F-8E9B-4420-8829-16E7426227DB}]

Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}]

Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3445598-4424-4EE2-B71C-C23325F7FB71}]

Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B6923B9-8719-425B-916C-CD2908F31AAF}]

Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}]

Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}]

Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BA68C11-0B63-4192-B880-0B5E3F7949F9}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ECD07D50-05C3-40E6-A10E-A371AC7E4B8A}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EFBCA571-617D-484A-9ECA-E301BB6D0750}]

Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F1A79BDD-A47F-441B-954D-EE045C379EBB}]

WinRAR 5.00 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

WorldPainter 1.8.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\4144-4862-0472-7103]

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=497 folders=124 127645230 bytes)

 

==== EOF on za 05/07/2014 at 15:11:51,59 ======================

 

 

ckfiles.txt:

 

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad

c:\program files\adobe\adobe media encoder cc\plug-ins\de_de\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\de_de\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\de_de\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\en_us\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\en_us\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\en_us\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\es_es\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\es_es\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\es_es\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\fr_fr\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\fr_fr\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\fr_fr\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\it_it\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\it_it\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\it_it\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ja_jp\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ja_jp\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ja_jp\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ko_kr\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ko_kr\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ko_kr\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\pt_br\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\pt_br\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\pt_br\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ru_ru\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ru_ru\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\ru_ru\vstplugins\decrackler6.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\zh_cn\vstplugins\decrackler1.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\zh_cn\vstplugins\decrackler2.dll

c:\program files\adobe\adobe media encoder cc\plug-ins\zh_cn\vstplugins\decrackler6.dll

scanner sequence 3.ZZ.11.OPAAXA

 ----- EOF ----- 

 

Lemon

 

[Naathim]

Hi Lemon


Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
• Follow the prompts and click Scan.
• When finished, please click Clean.
• Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.


Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
• Follow the prompts and let this process run uninterrupted.
• This scan can take a while, depending on your System specs.
• Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.


Cheers,
Naat

[Easy_Peasy_Lemon_Squeezy]

Hello Naat,

This is the AdwCleaner[S0].txt log:

 

# AdwCleaner v3.214 - Rapport aangemaakt 06/07/2014 op 19:53:32

# Laatste Update 29/06/2014 door Xplode

# Besturingssysteem : Windows 8.1  (64 bits)

# Gebruikersnaam : Gebruiker - CARBIDE300R

# Gestart vanuit : C:\Users\Gebruiker\Desktop\AdwCleaner.exe

# Optie : Verwijderen

 

***** [ Services ] *****

 

[#] Service Verwijderd : SystemkService

 

***** [ Bestanden / Mappen ] *****

 

Map Verwijderd : C:\Program Files (x86)\Settings Manager

Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy

 

***** [ Snelkoppelingen ] *****

 

 

***** [ Register ] *****

 

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\utilglindorus_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\utilglindorus_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10

Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-006A-76A7-7A786E7484D7}

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5637-006A-76A7-7A786E7484D7}]

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}

Sleutel Verwijderd : HKCU\Software\Escolade

Sleutel Verwijderd : HKCU\Software\Linkey

Sleutel Verwijderd : HKCU\Software\ParetoLogic

Sleutel Verwijderd : HKLM\Software\iSafe

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9AAF2503-6CD5-414A-B5BA-37639B76C91F}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\installedbrowserextensions

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17126

 

 

-\\ Google Chrome v35.0.1916.153

 

[ Bestand : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Verwijderd [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

Verwijderd [Extension] : bopakagnckmlgajfccecajhnimjiiedh

Verwijderd [Extension] : flpcjncodpafbgdpnkljologafpionhb

Verwijderd [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc

 

[ Bestand : C:\Users\isabe_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Verwijderd [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

Verwijderd [Extension] : bopakagnckmlgajfccecajhnimjiiedh

Verwijderd [Extension] : flpcjncodpafbgdpnkljologafpionhb

 

*************************

 

AdwCleaner[R0].txt - [3993 octets] - [06/07/2014 19:51:58]

AdwCleaner[S0].txt - [3705 octets] - [06/07/2014 19:53:32]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3765 octets] ##########

 

 

And this is the JRT.txt log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8.1 x64

Ran by Gebruiker on zo 06/07/2014 at 19:57:08,95

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\big fish games"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on zo 06/07/2014 at 20:03:20,14

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Greetings,

Lemon.

Edited by Easy_Peasy_Lemon_Squeezy, 06 July 2014 - 12:09 PM.

[Naathim]

Hi Lemon.

Please tell me what issues you are currently facing? Anything that bothers you?


Scan with Malwarebytes' Anti-Malware

Please re-run Malwarebytes' Anti-Malware.

• First of all, select update.
• Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
• Click the Scan tab, choose Threat Scan is checked and click Scan Now.
• If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
• Upon completion of the scan (or after the reboot), click the History tab.
• Click Application Logs and double-click the newest Scan Log.
• At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.


Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

• Accept the Terms of Use and click Start.
• Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

• Download esetsmartinstaller_enu.exe that you'll be given link to.
• Double click esetsmartinstaller_enu.exe.
• Allow the Terms of Use and click Start.

To perform the scan:

• Make sure that Remove found threats is unchecked.
• Scan archives is checked.
• In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
• Click Start
• The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
• When completed, the program will begin to scan. This may take several hours. Please, be patient.
• Do not do anything on your machine as it may interrupt the scan.
• When the scan is done, click Finish.
• A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!


Cheers,
Naat

[Easy_Peasy_Lemon_Squeezy]

Hello Naat,

I currently have no issues or anything that is bothering me.

 

This is the scan log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/07/2014

Scan Time: 15:51:13

Logfile: txt.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.07.07.04

Rootkit Database: v2014.07.03.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Gebruiker

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 351415

Time Elapsed: 4 min, 31 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

 

And this is the ESET logfile:

 

 

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7587

# api_version=3.0.2

# EOSSerial=39dc37c64199bb4c9fb4a80f055b2062

# engine=19061

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-07-07 02:53:00

# local_time=2014-07-07 04:53:00 (+0100, Romance (zomertijd))

# country="Belgium"

# lang=1033

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 4563756 20868060 0 0

# scanned=280284

# found=41

# cleaned=0

# scan_time=1360

sh=93F810BECFC4C882FD728E73C9F44BC45E68E009 ft=1 fh=f0caac6fb7bd0c5f vn="a variant of Win32/InstalleRex.P potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\Datsik - Datsik - Hydraulic.exe"

sh=28B620B121788FDE4554B973478310E0BDED0833 ft=1 fh=0ca486adc4f97c2e vn="Win32/InstalleRex.M potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\Delta+Heavy+-+Space+Time+☣+[Drum+'N+Bass] - [MP3Juices.com].exe"

sh=48B9922503F87BDC7BB1AB731B9D64D12775509A ft=1 fh=db6367f9f5cf17e3 vn="Win32/InstalleRex.M potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\Excision+&+Downlink+-+Crowd+Control+(Delta+Heavy+Remix) - [MP3Juices.com].exe"

sh=1B763DC1EB17F843372882F5FB7816E4FCA4871B ft=1 fh=3b1f836d99ec9fb3 vn="Win32/InstalleRex.M potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\J - Zone presents Chief Chinchilla - 24 Project Paradise (ft Poison Pen).exe"

sh=6D62BF5B49944CA52618A3BE5D5772B1B9A6CF26 ft=1 fh=9940da559a04152b vn="a variant of Win32/InstalleRex.P potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\Kill The Noise - Kill the Noise (Alvin Risk Remix).exe"

sh=31F1F7F0CDADE618DD161528E4222DFE91814560 ft=1 fh=1a1c4f498e2b69c1 vn="a variant of Win32/InstalleRex.P potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\Let Go Crissy Criss 96.exe"

sh=1BFA77D8C4DCAEF6E64FA6567CB925A266D8C10A ft=1 fh=441b45588881175d vn="a variant of Win32/InstalleRex.P potentially unwanted application" ac=I fn="C:\Users\Gebruiker\Downloads\Music\Zeds Dead - Oh No - Dubstep Sector - [MP3Juices.com].exe"

sh=CFC7DA2932ABA2A91E4D5CFD3F187E81A1289571 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ORJ-V7[1].7z"

sh=23E643C6B8C6A664F05BF9B8843CE8E7F1B342F1 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ORJ-V7[2].7z"

sh=610D032C32FAA8E3C5D15CF34E4FE36D3FBFE796 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ORJ-V7[3].7z"

sh=CFC7DA2932ABA2A91E4D5CFD3F187E81A1289571 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ORJ-V7[1].7z"

sh=23E643C6B8C6A664F05BF9B8843CE8E7F1B342F1 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ORJ-V7[2].7z"

sh=610D032C32FAA8E3C5D15CF34E4FE36D3FBFE796 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ORJ-V7[3].7z"

sh=F7AA75A68C9A2CF8EDF4A5465BC24E2799E6CB3F ft=1 fh=6d7e2d99efb266bf vn="Win32/InstalleRex.L potentially unwanted application" ac=I fn="C:\zoek_backup\C_Users_Gebruiker_Downloads_Music_Zomboy - Mind Control.exe.vir"

sh=6736252706F89DFC6899FEE6C360D8BFBF401BEC ft=1 fh=374276c930bcde15 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF10.dll"

sh=7909DF2339D78F00C24092FFF9491317AB954316 ft=1 fh=2ff184a74c05a271 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF11.dll"

sh=E5FCE2519122FAF40529BA6294CB3F0844E0C738 ft=1 fh=f13e05a62680f109 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF12.dll"

sh=EFC055DC03DD7698ABBFB92718A7777E2973F079 ft=1 fh=6ef019d475ea6325 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF13.dll"

sh=D2859A7F5E059C24ED68665DA69EDF33A7352D55 ft=1 fh=357742a168447bbd vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF14.dll"

sh=5F46910AFA74FD8EE8574E183A04B8E781F1A249 ft=1 fh=9887df60e379ba2f vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF15.dll"

sh=D755D4C9CC3700F4869589360F53F61B6CC2CC72 ft=1 fh=ce2f72d226aff2b4 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF16.dll"

sh=D5224E3374B861B523BC618B725D88774D077E39 ft=1 fh=c6333adf6866c44f vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF17.dll"

sh=B538DC950FD59AA3F4D1349FE0BD2E2B92603612 ft=1 fh=21900040b5af4e8e vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF18.dll"

sh=B785203A7E1C00F93B888EB494B33EA5D108571E ft=1 fh=fe3406bdfbae635e vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF19.dll"

sh=11A9C493387FFF75D1DDEDBB8F4449CD06DF8C93 ft=1 fh=005351c573d9875e vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF2.dll"

sh=7AE7378589350EA7FF89791FB017E371E653A5B7 ft=1 fh=f8ea411c78bbb34f vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF20.dll"

sh=DFEDDDF25967D22BBDFC60DAB1911B85FEE88D01 ft=1 fh=dc927e8494037489 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF21.dll"

sh=693DE5FECAD1B00542B339DD2F9A529B4A06A5E2 ft=1 fh=e35a43df301ed0c6 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF22.dll"

sh=4ED4F94AF4D97B67412714D0747B45CF0FD6B2DA ft=1 fh=0444909e9111ddc6 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF23.dll"

sh=1AFC1DF188673069ACE2163F696052C1ECB08144 ft=1 fh=9a5377a5e8bddacd vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF24.dll"

sh=75E809C271D5E5ADE512E408C9EA5ADE196DE89C ft=1 fh=7061a52b9960f21b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF25.dll"

sh=C400C8D7DA9B44EF26D343A43D7079E4A87AF733 ft=1 fh=dbd9550bceae1ea9 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF26.dll"

sh=4E650F2C07952D0925C8D71B2B0D36B410D27C51 ft=1 fh=e213dfeb1eda7c6b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF27.dll"

sh=BD6032EF269C1FFAB0931168C6B5CBFE0D8AAF72 ft=1 fh=076f8ebd13e4e9b1 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF28.dll"

sh=764939C29CA79FC7F2802ABCE2CD20C6244BA0BF ft=1 fh=3561307f0699aa6f vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF29.dll"

sh=7670B37DBB5192661C56908529F0C994E45A6954 ft=1 fh=36b8f310622c76d5 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF4.dll"

sh=FDD7DD7F09B21EB50AAC74FC235F05A594DAC4DC ft=1 fh=4edf44d6b267a41c vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF5.dll"

sh=BD07028D4DA0F02790633480206025807B0F78E2 ft=1 fh=473dff4246a7fd2a vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF6.dll"

sh=42E09CB7ADCA9A141089F3F2D45F746B1C236F98 ft=1 fh=ffd8dd6bffaac829 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF7.dll"

sh=53B8D8514A3C23F2B745FBD5C03E09BB24BF331D ft=1 fh=07e550a04c82e3f3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF8.dll"

sh=6539535AAB146A3C27DB949B4376C7895C3731B6 ft=1 fh=e1ba3d53c2ef126c vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\zoek_backup\C_extensions\{E42AC5EF-EAFC-E69C-365F-EF5AF17A5D4D}\components\SystemKHlpFF9.dll"

 

 

Lemon.