Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by Administrator on di 03/06/2014 at 13:32:12,96. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Administrator\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Windows\SysWOW64\XSrvSetup.exe C:\Windows\SysWOW64\nlssrv32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\Logitech Gaming Software\LCore.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Avid\Avid Media Composer\EditorServiceMgrIcon.exe C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Nettalk6\Nettalk.exe C:\Users\Administrator\AppData\Local\Apps\2.0\WXH7MHTV.Q92\1TTPQJ2O.QHG\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\Raptr\raptr.exe C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\SearchProtocolHost.exe C:\PROGRA~2\Raptr\raptr_im.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Raptr\raptr_ep64.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Users\Administrator\Downloads\zoek.exe C:\Windows\system32\conhost.exe ==== System Restore Info ====================== 3/06/2014 13:33:00 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Dungeon Defenders deleted successfully C:\PROGRA~2\Image-Line deleted successfully C:\PROGRA~2\MarkAny deleted successfully C:\PROGRA~2\VstPlugins deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\MTA San Andreas All deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Administrator\AppData\Roaming\SynthMaker deleted successfully C:\Users\Administrator\AppData\Local\Bundled software uninstaller deleted successfully C:\Users\Administrator\AppData\Local\icsxml deleted successfully C:\Users\Administrator\AppData\Local\NMXz1yLzMpImp1 deleted successfully C:\Users\Administrator\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Administrator\AppData\Local\Samsung deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== @BIOS æTorrent Acoustica Mixcraft 6 Adobe After Effects CS6 Adobe AIR Adobe Flash Player 13 ActiveX Adobe Help Manager Adobe Illustrator CS6 Adobe Photoshop CS6 Adobe Premiere Pro CS6 Adobe Reader XI (11.0.02) - Nederlands Adobe Shockwave Player 12.0 Alien Skin Exposure 5 AMD Accelerated Video Transcoding AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Wireless Display v3.0 Ancient Weapon Sounds Apple Application Support Apple Mobile Device Support Apple Software Update ASIO4ALL Audacity 2.0.5 avast Free Antivirus Avid Editor Transcode Avid License Control Avid Media Composer Battle.net bl BlueStacks Notification Center Bonjour Borderlands 2 Canon MP510 Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Celtx (2.9.7) Comic Sound Pack Counter-Strike: Global Offensive Creatures of Darkness Curse Client D3DX10 Darksiders II Deep Space Voices Diablo III Dolby Home Theater v4 doPDF 7.3 printer DreamSuite Ultimate Dropbox Easy Tune 6 B11.0902.1 Effects Suite 64-bit Etron USB3.0 Host Controller Fantasy Sound Pack Fantasy Voice Pack Farm Animal Sounds Female Voice Pack Furry Voices for Second Life Galactic Voices Gigabyte Raid Configurer Google Chrome Google Update Helper Hearthstone Hugin 2013.0.0 Imagenomic Noiseware 5.0 Plug-in (build 5006) Imagenomic Portraiture 2.3 Plug-in (build 2308) ISO to USB iTunes Java 7 Update 40 (64-bit) Java 7 Update 60 Java Auto Updater Java(TM) 6 Update 20 Java(TM) SE Runtime Environment 6 Update 6 Killing Floor Killing Floor Mod: Defence Alliance 2 Knoll Light Factory Photo 64 bit League of Legends Line 6 Uninstaller Logitech Gaming Software Logitech Gaming Software 8.40 Male Voice Pack Malwarebytes Anti-Malware versie 1.75.0.1300 ManyCam 3.1.43 melondrea Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Camera Codec Pack Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Xbox 360 Accessories 1.2 Microsoft XNA Framework Redistributable 4.0 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 MorphVOX Pro MotioninJoy Gamepad tool 0.7.0000 Movie Maker MSVCRT MSVCRT110 MSVCRT110_amd64 Mumble 1.2.4 Mystical Nettalk 6.7 NewBlue 3D Explosions for Windows NewBlue 3D Transformations for Windows NewBlue Art Blends for Windows NewBlue Art Effects for Windows NewBlue ColorFast for Windows NewBlue Film Effects for Windows NewBlue Light Blends for Windows NewBlue Light Effects for Windows NewBlue Motion Blends for Windows NewBlue Motion Effects for Windows NewBlue Paint Blends for Windows NewBlue Paint Effects for Windows NewBlue Titler Pro 2.0 for Windows NewBlue Video Essentials for Windows NewBlue Video Essentials II for Windows NewBlue Video Essentials III for Windows NewBlue Video Essentials IV for Windows NewBlue Video Essentials V for Windows NewBlue Video Essentials VI for Windows Notepad++ NVIDIA PhysX ON_OFF Charge B11.0905.1 Path of Exile PAYDAY: The Heist PDF Settings CS6 Personality Voices ph Photo Common Photo Gallery Photomatix Pro version 4.2.5 Piccure Piccure Plugin Setup x64 Piccure Plugin Setup x86 PlanetSide 2 QuickTime Raptr RE:Vision Effects Twixtor AE RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek Ethernet Controller Driver Realtek HDMI Audio Driver for ATI Realtek High Definition Audio Driver RealUpgrade 1.1 Rocksmith Rocksmith 2014 RollerCoaster Tycoon 3: Platinum Rust Sci-Fi 2 Sound Pack Sci-Fi Sound Pack Sci-Fi Voice Pack Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition Sentinel Protection Installer 7.6.6 Silver Efex Pro 2 SkypeT 6.14 South ParkT: The Stick of TruthT Spooky Sounds Steam Steam Trading Card Beta Access SteelSeries USB Sound Card Win7 v1.10 Superfrog HD swMSM System Requirements Lab CYRI TeamSpeak 3 Client TeamViewer 9 The Binding of Isaac The Elder Scrolls V: Skyrim The Incredible Adventures of Van Helsing Thief Tomb Raider Translator Fun Voice Pack Trine UM-ONE Stuurprogramma Uninstall Mystical Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Uplay virtualPhotographer 1.5.6 VLC media player 2.0.7 VTFEdit 1.3.3 Watch_Dogs Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 4.20 (64-bit) ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\windows\SysNative\Tasks\SomotoUpdateCheckerAutoStart deleted C:\user.js deleted C:\Windows\SysWow64\AI_RecycleBin deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8190 MB CPU Info: AMD FX(tm)-8350 Eight-Core Processor CPU Speed: 4020,0 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | AMD Radeon HD 6900 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 3x (D: | E: | J: | ) D: TSSTcorpCDDVDW SH-S223F | E: TSSTcorpCDDVDW SH-S223F | J: DTSOFT BDROM Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 111,7GB | F: 298,1GB | G: 4,9GB | H: 293,2GB Hard Disks - Free: C: 18,0GB | F: 23,3GB | G: 1,9GB | H: 259,9GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 09/16/11 | GBT - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. GA-990FXA-UD3 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 35.0.1916.114 Internet Explorer Version: 11.0.9600.17107 Google Chrome version: 35.0.1916.114 Adobe Reader version: 11.0.02.0 Sun Java version: 1.7.0_60 (32-bit) Shockwave Player version: 12.0.9r149 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-06-03 11:29:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin 2014-05-15 18:57:57 84B4F61F59A421BD85D97B35D194B42B 86016 ----a-w- C:\Windows\unvise32.exe 2014-05-09 17:13:56 F9F4905664C5B42B49E78EFA12D1A6B6 20 ----a-w- C:\Windows\ˆ÷X ====== C:\Users\ADMINI~1\AppData\Local\Temp ==== 2014-06-03 11:29:55 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Administrator\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsgm5e3.dll 2014-06-03 11:25:38 27CF243E60B90E64D42EBE8A20CF9B5F 42596008 ----a-w- C:\Users\Administrator\AppData\Local\Temp\raptrpatch.exe 2014-06-03 11:25:35 222F76D913947F1991D2DE68DF526209 221632 ----a-w- C:\Users\Administrator\AppData\Local\Temp\raptr_stub.exe 2014-06-03 09:27:57 D8443B9F63353C4094664752D9B36E56 207872 ------w- C:\Users\Administrator\AppData\Local\Temp\SRLDetectionLibrary4841971185244495481.dll ====== Java Cache ===== 2014-06-03 08:46:41 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-3b58d255 2014-06-03 08:46:38 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-60977677 2014-06-03 08:46:38 A83D85565EA035CBCFFE7E9BB128D1F4 425 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-06-03 08:52:11 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-16556e11 2014-05-08 14:32:59 4DB9365FFDEDF03D1369D11D38CC88BA 11440 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\67a14222-1723ab5a 2014-06-03 08:46:39 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-74658af6 2014-06-03 09:27:51 582FC71FC06BA696AC1E0F3D55A3CA1D 458 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6c5f632d-e2eaed9145bd9ba9117e4efe154230e2fef1d40fdd181dcf14b87361efe2b840-6.0.lap 2014-06-03 09:27:53 D41F3BBA3B6E699FD31957B5209C278F 354733 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\e729e45-53c32cb1 2014-05-08 14:32:59 80A69DBA7D91F8EBB32BEA7EF9610FBA 85 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\662c6fb5-6.0.lap ====== C:\Windows\SysWOW64 ===== 2014-06-03 08:46:28 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-06-03 08:46:25 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-06-03 08:46:25 8C7C6D494D86307CDCF63E0478767C16 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-03 08:46:25 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-06-03 11:24:56 504901430B6E03B99EBB6BF26E0868C6 58536 ----a-w- C:\Windows\Sysnative\drivers\usbfilter.sys 2014-05-14 09:02:48 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-14 09:02:48 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-03 10:51:14 -------- d-----w- C:\Program Files\ATI 2014-06-03 08:53:58 -------- d-----w- C:\Program Files\trend micro 2014-05-30 10:34:57 -------- d-----w- C:\Program Files\Hugin 2014-05-15 18:45:38 -------- d-----w- C:\Program Files\Alien Skin 2014-05-07 13:38:27 -------- d-----w- C:\Program Files\Nem's Tools ======= C:\PROGRA~2 ===== 2014-06-03 11:25:38 -------- d-----w- C:\PROGRA~2\Raptr 2014-06-03 11:25:32 -------- d-----w- C:\PROGRA~2\AMD AVT 2014-06-03 09:37:09 -------- d-----w- C:\PROGRA~2\Ubisoft 2014-06-03 08:46:29 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-21 09:47:07 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam 2014-05-15 18:57:49 -------- d---a-r- C:\PROGRA~2\Mystical 2014-05-15 18:45:39 -------- d-----w- C:\PROGRA~2\Alien Skin 2014-05-15 18:03:47 -------- d-----w- C:\PROGRA~2\Auto FX Software 2014-05-14 15:41:40 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-14 11:46:54 -------- d-----w- C:\PROGRA~2\Screaming Bee LLC 2014-05-14 11:42:32 -------- d-----w- C:\PROGRA~2\Screaming Bee 2014-05-09 17:13:56 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition 2014-05-09 17:13:42 -------- d-----w- C:\PROGRA~2\Windows Live 2014-05-09 17:12:38 -------- d-----w- C:\PROGRA~2\COMMON~1\Windows Live 2014-05-08 15:05:45 -------- d-----w- C:\PROGRA~2\Audacity ======= C: ===== ====== C:\Users\Administrator\AppData\Roaming ====== 2014-06-03 11:25:59 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2014-06-03 11:25:38 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Raptr 2014-06-03 10:52:22 -------- d-----w- C:\Users\Administrator\AppData\Roaming\ATI 2014-06-03 10:52:22 -------- d-----w- C:\Users\Administrator\AppData\Local\ATI 2014-06-03 09:37:12 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-03 09:37:11 -------- d-----w- C:\Users\Administrator\AppData\Local\Ubisoft Game Launcher 2014-05-30 10:35:00 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin 2014-05-23 08:40:00 -------- d-----w- C:\Users\Administrator\AppData\Roaming\3909 LLC 2014-05-16 09:38:28 -------- d-----w- C:\Users\Administrator\AppData\Roaming\DropboxMaster 2014-05-15 18:48:07 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Alien Skin 2014-05-15 18:47:30 -------- d-----w- C:\Users\Administrator\AppData\Local\Alien Skin 2014-05-14 11:43:45 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Screaming Bee 2014-05-09 17:12:49 -------- d-----w- C:\Users\Administrator\AppData\Local\Windows Live 2014-05-08 15:06:03 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Audacity 2014-05-07 12:03:26 -------- d-----w- C:\Users\Administrator\AppData\Local\Activision ====== C:\Users\Administrator ====== 2014-06-03 11:29:53 -------- d-----w- C:\ProgramData\ATI 2014-06-03 11:24:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-06-03 11:19:45 AC8D3D67918E7E8C705033B52F47EFAC 295347968 ----a-w- C:\Users\Administrator\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe 2014-06-03 11:12:09 39B2E0A4048EA6D0F41FEE27298B62FE 791552 ----a-w- C:\Users\Administrator\Downloads\amddriverdownloader (1).exe 2014-06-03 11:11:39 558373A5A85B244426FE929660D9BE4F 318105192 ----a-w- C:\Users\Administrator\Downloads\amd-catalyst-14.6-beta-v1.0-windows-may23.exe 2014-06-03 10:49:26 3340DADE940BC1A93494C29FF9B88096 218673400 ----a-w- C:\Users\Administrator\Downloads\13-12_winvista_64_dd_ccc_whql.exe 2014-06-03 10:35:11 21E2DE1F0E08C2B51684B20850B266DC 3103744 ----a-w- C:\Users\Administrator\Downloads\Display Driver Uninstaller.exe 2014-06-03 10:33:47 D40FBFD19ACA1EF9236573243BF84FC6 1591791 ----a-w- C:\Users\Administrator\Downloads\DDUv1271-[Guru3D.com].exe 2014-06-03 09:35:55 14BE9FD4748D57E36646DEBAFF7D8B19 63548256 ----a-w- C:\Users\Administrator\Downloads\UplayInstaller.exe 2014-06-03 08:53:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Administrator\Downloads\RSITx64.exe 2014-06-03 08:45:05 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\Administrator\Downloads\chromeinstall-7u60.exe 2014-05-30 10:43:59 A27FB5B5ACA09469E1CFC000F1D603D5 801552 ----a-w- C:\Users\Administrator\Downloads\PhotoshopPluginInstaller.exe 2014-05-30 10:31:30 C1173F16A0A13C41330F41B9ADB62FCD 34628454 ----a-w- C:\Users\Administrator\Downloads\HuginSetup_2013.0.0_64bit_Windows.exe 2014-05-22 09:03:03 4DA9176C8C7F301433AA2A231F6F189E 6210248 ----a-w- C:\Users\Administrator\Downloads\TeamViewer_Setup_nl (1).exe 2014-05-21 09:47:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2014-05-21 09:46:33 F5050ACBFDF22210CBA2A18755C3852C 1141680 ----a-w- C:\Users\Administrator\Downloads\SteamSetup.exe 2014-05-15 18:47:30 -------- d-----w- C:\Users\Administrator\.AS 2014-05-15 18:45:38 -------- d-----w- C:\ProgramData\Alien Skin 2014-05-15 18:03:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto FX Software 2014-05-15 17:47:51 -------- d-----w- C:\ProgramData\RedGiant 2014-05-14 11:42:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee 2014-05-14 11:42:32 -------- d-----w- C:\ProgramData\Screaming Bee 2014-05-07 13:38:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nem's Tools 2014-05-06 13:03:48 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches ====== C: exe-files == 2014-06-03 11:25:38 3EC70832830C36A956F8F03DE21145AD 52882 ----a-w- C:\Program Files (x86)\Raptr\uninstall.exe 2014-06-03 11:25:38 27CF243E60B90E64D42EBE8A20CF9B5F 42596008 ----a-w- C:\Users\Administrator\AppData\Local\Temp\raptrpatch.exe 2014-06-03 11:25:35 222F76D913947F1991D2DE68DF526209 221632 ----a-w- C:\Users\Administrator\AppData\Local\Temp\raptr_stub.exe 2014-06-03 11:19:45 AC8D3D67918E7E8C705033B52F47EFAC 295347968 ----a-w- C:\Users\Administrator\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe 2014-06-03 11:12:09 39B2E0A4048EA6D0F41FEE27298B62FE 791552 ----a-w- C:\Users\Administrator\Downloads\amddriverdownloader (1).exe 2014-06-03 11:11:39 558373A5A85B244426FE929660D9BE4F 318105192 ----a-w- C:\Users\Administrator\Downloads\amd-catalyst-14.6-beta-v1.0-windows-may23.exe 2014-06-03 10:49:26 3340DADE940BC1A93494C29FF9B88096 218673400 ----a-w- C:\Users\Administrator\Downloads\13-12_winvista_64_dd_ccc_whql.exe 2014-06-03 10:35:39 89013516F80C37A0EFA30C2AF6F173BA 294400 ----a-w- C:\Users\Administrator\Downloads\x64\ddudr.exe 2014-06-03 10:35:39 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Users\Administrator\Downloads\x64\setacl.exe 2014-06-03 10:35:11 21E2DE1F0E08C2B51684B20850B266DC 3103744 ----a-w- C:\Users\Administrator\Downloads\Display Driver Uninstaller.exe 2014-06-03 10:33:47 D40FBFD19ACA1EF9236573243BF84FC6 1591791 ----a-w- C:\Users\Administrator\Downloads\DDUv1271-[Guru3D.com].exe 2014-06-03 09:35:55 14BE9FD4748D57E36646DEBAFF7D8B19 63548256 ----a-w- C:\Users\Administrator\Downloads\UplayInstaller.exe 2014-06-03 08:53:58 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Administrator.exe 2014-06-03 08:53:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Administrator\Downloads\RSITx64.exe 2014-06-03 08:46:28 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-06-03 08:46:25 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-06-03 08:46:25 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-06-03 08:45:26 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Administrator\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-06-03 08:45:05 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\Administrator\Downloads\chromeinstall-7u60.exe 2014-05-30 10:43:59 A27FB5B5ACA09469E1CFC000F1D603D5 801552 ----a-w- C:\Users\Administrator\Downloads\PhotoshopPluginInstaller.exe 2014-05-30 10:35:05 679C61B06BAC8C84CDF500A289CF0FD9 104784 ----a-w- C:\Program Files\Hugin\Uninstall.exe 2014-05-30 10:31:30 C1173F16A0A13C41330F41B9ADB62FCD 34628454 ----a-w- C:\Users\Administrator\Downloads\HuginSetup_2013.0.0_64bit_Windows.exe 2014-05-27 13:16:21 D0DC4C6CB68E6DAA0AA439388A7C4792 419328 ----a-w- C:\Users\Administrator\Desktop\saveeditor b2\Gibbed.Borderlands2.SaveEdit.exe === C: other files == 2014-06-03 11:30:02 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Administrator\AppData\Roaming\Raptr\data\raptrguestot3dfqyy\config\certificates\x509\tls_peers\xmpp-server7.raptr.com 2014-06-03 11:30:02 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Administrator\AppData\Roaming\Raptr\data\raptrguestot3dfqyy\config\certificates\x509\tls_peers\xmpp-server2.raptr.com 2014-06-03 11:26:47 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Administrator\AppData\Roaming\Raptr\data\raptrguestot3dfqyy\config\certificates\x509\tls_peers\xmpp-server3.raptr.com 2014-06-03 11:26:45 620620C91E3FDEE0C182BCE8F9CC36D4 1617 ----a-w- C:\Users\Administrator\AppData\Roaming\Raptr\data\raptrguestot3dfqyy\config\certificates\x509\tls_peers\gmail.com 2014-06-03 11:24:56 504901430B6E03B99EBB6BF26E0868C6 58536 -c--a-w- C:\Windows\System32\DRVSTORE\USBFIL~1_1C223BF70320B46C5FEA7265C4C2F2F1966430A4\amd64\usbfilter.sys 2014-06-03 11:24:56 504901430B6E03B99EBB6BF26E0868C6 58536 ----a-w- C:\Windows\System32\drivers\usbfilter.sys 2014-05-30 11:16:59 300C7E9F39C11421C0B1BB6933E17EF0 1611 ----a-w- C:\Users\Administrator\Desktop\Nieuwe map\mvps.bat 2014-05-30 11:16:34 4FB353542CDDD41FC43D61C068D3A6E4 134263 ----a-w- C:\Users\Administrator\Downloads\hosts.zip 2014-05-30 10:54:32 42BA07093EACCE9501EDD5A6191790EE 19965398 ----a-w- C:\Users\Administrator\Downloads\flexify-269.zip 2014-05-27 13:15:54 B5358DBEA590F9BCC3102FE383C95847 1229009 ----a-w- C:\Users\Administrator\Downloads\Borderlands 2 Save Editor.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2185689132-51139461-3828278347-500\Software\Microsoft\Windows\CurrentVersion\Run] @="F:\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart" "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "iTunesHelper"="H:\iTunes\iTunesHelper.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] @="F:\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "Cm108Sound"="C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun" ==== Startup Folders ====================== 2013-03-06 20:20:32 0 ----a-w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip 2013-07-05 17:43:36 1056 ----a-w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-02-17 15:40:33 1032 ----a-w- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nettalk.lnk 2013-10-17 16:52:51 2773 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Editor Service Manager.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/02/2013 17:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/02/2013 17:52] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2185689132-51139461-3828278347-500" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2185689132-51139461-3828278347-500" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{FCE04E1F-9378-4f39-96F6-5689A9159E45}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [13/07/2013 16:32] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Greyfirst\Celtx\Profiles\4ez34b8n.default - Timezone Definitions for Mozilla Calendar - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org - Default Shot Palette - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com - DOM Inspector - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11] Google Docs - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Last updated at time on date - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf IP Address - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml Cargo Bridge - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn ButtonBeats Guitar - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf Plants vs Zombies - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina Google Wallet - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda PhotoFit Me - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk Gmail - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.goodsearch.com_0.localstorage deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.goodsearch.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [iTunesHelper] "H:\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [] F:\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [uTorrent] "C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CurseClientStartup.ccip O4 - Startup: Dropbox.lnk = Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Nettalk.lnk = C:\Program Files (x86)\Nettalk6\Nettalk.exe O4 - Global Startup: Avid Editor Service Manager.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O17 - HKLM\System\CCS\Services\Tcpip\..\{71A50712-52A7-42C6-BF59-94CD09FFF817}: NameServer = 8.8.8.8,8.8.4.4,192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{71A50712-52A7-42C6-BF59-94CD09FFF817}: NameServer = 8.8.8.8,8.8.4.4,192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{71A50712-52A7-42C6-BF59-94CD09FFF817}: NameServer = 8.8.8.8,8.8.4.4,192.168.0.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avid DMF Service - Avid Technology, Inc. - C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe O23 - Service: Avid Editor Broker - Avid Technology, Inc. - C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe O23 - Service: Avid Editor DB Engine (Avid Editor Db Engine) - Avid Technology, Inc. - C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe O23 - Service: Avid Editor Transcode (Avid Editor Transcode Service) - Avid Technology, Inc. - C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe O23 - Service: Avid Editor Transcode Status - Avid Technology, Inc. - C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8FSQKE3U will be deleted at reboot C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6WNJXLY will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=19 folders=42 14519091 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8FSQKE3U" not found "C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6WNJXLY" not found ==== EOF on di 03/06/2014 at 13:47:27,65 ======================