Zoek.exe v5.0.0.0 Updated 04-September-2014 Tool run by account on vr 05-09-2014 at 7:35:03,44. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\account\Downloads\zoek(1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-09-05-045617.log 43458 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-171703404-3741874152-1506883294-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-171703404-3741874152-1506883294-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A539405E-716B-4192-97CC-6DA9BF3BF223} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Adobe Flash Player 14 ActiveX Adobe Flash Player 14 Plugin Adobe Reader X (10.1.11) - Nederlands Adobe Shockwave Player 12.0 Age of Castles Aleks 3.18 AMD APP SDK Runtime AMD Catalyst Install Manager America's Army Deploy Client aMSN 0.98.4 Apple Software Update AutoHotkey 1.1.09.04 Barbarian Invasion BlueStacks App Player Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Compatibility Pack for the 2007 Office system ConvertHelper 2.2 CyberLink PowerDVD 12 DwimPerl version 0.07 Elite Gunz Client 1.0 Entropia Universe Europa Universalis IV Freestyle GunZ Version 7 Freestyle GunZ version 7.0 Google Chrome Google Update Helper Gunz GunZ Factor Official Version GunZFactor GunZ The Duel HD Tune 2.55 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) IceWeasel (3.0) ijji Auto Installer ISO to USB LiveUSB Creator (remove only) MagicDisc 2.7.106 Mathematica Extras 9.0 (4092550) MetaTrader 4 MetaTrader 5 Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Office Home and Business 2010 - Nederlands Microsoft Office Klik-en-Klaar 2010 Microsoft Office Outlook Connector Microsoft Office Professional Editie 2003 Microsoft Visio Viewer 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 31.0 (x86 nl) Mozilla Maintenance Service Notification Center NVIDIA Drivers Opera Stable 24.0.1558.53 Oracle VM VirtualBox 4.3.6 Path of Exile PGP Desktop Plants vs. Zombies Prisma E-N 1.0 QuickTime REACTOR Rome - Total War(TM) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Simple GPU Miner SkypeT 5.10 Smugglers V Sophos Anti-Virus Sophos AutoUpdate Speccy SPORET SPSS 16.0 Evaluation Version swMSM Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL UMPlayer 0.98 [P4] Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) VirtualCloneDrive Wajam Windows Media Player Firefox Plugin WinRAR 4.20 (32-bit) WinRAR 4.20 (64-bit) Wolfram CDF Player (M-WIN-D 9.0.1 4092685) ==== Running Processes ====================== C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe C:\Windows\SysWOW64\conime.exe C:\Users\account\Downloads\zoek(1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\account\AppData\Roaming\Mozilla\Firefox\Profiles\xnd26lcs.default-1387551642912 user.js not found ---- Lines search.com removed from prefs.js ---- user_pref("capability.policy.maonoscript.sites", "addons.mozilla.org adf.ly afx.ms ajax.aspnetcdn.com akamaihd.net armorgames.com bitfinex.com btc-e.c ---- FireFox user.js and prefs.js backups ---- prefs_05-09-2014_0747_.backup ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Wajam not found C:\PROGRA~2\smartdl deleted C:\PROGRA~2\OApps deleted C:\PROGRA~2\TorrentSearch deleted C:\PROGRA~2\Wolfram Research deleted C:\found.000 deleted C:\found.001 deleted C:\found.002 deleted C:\found.003 deleted C:\Users\account\AppData\Roaming\Microsoft\Windows\unicode2.nls deleted C:\Users\account\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com deleted C:\Users\account\AppData\Roaming\Media Finder deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\Trymedia deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder deleted C:\Users\account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam deleted C:\Users\account\Downloads\Wajam_RocketFuelInstaller.exe deleted C:\Users\account\AppData\LocalLow\Softonic deleted C:\end deleted C:\Windows\Syswow64\SearchProtect deleted C:\Users\account\AppData\Roaming\Mozilla\Firefox\Profiles\xnd26lcs.default-1387551642912\searchplugins\conduit-search.xml deleted C:\Users\account\Desktop\CyberLink_PowerDVD_Downloader[1].exe deleted C:\Users\account\Desktop\Oude Firefox-gegevens\ncur5mi3.default\extensions\ffxtlbra@softonic.com\content\softonic.css deleted C:\Users\account\Desktop\Oude Firefox-gegevens\ncur5mi3.default\extensions\ffxtlbra@softonic.com\content\softonic.xul deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition (64-bit) Service Pack 2 (Build 6002) Memory (RAM): 4095 MB CPU Info: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz CPU Speed: 2355,5 MHz Sound Card: Luidsprekers (High Definition A | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Luidsprekers (High Definition A | Display Adapters: ATI Radeon HD 4600 Series | ATI Radeon HD 4600 Series | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen niet-PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: NVIDIA nForce Networking Controller | VirtualBox Host-Only Ethernet Adapter CD / DVD Drives: 2x (E: | J: | ) E: ATAPI DVD A DH16A6S | J: ELBY CLONEDRIVE Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 146,5GB | D: 449,7GB | Q: 0,0MB Hard Disks - Free: C: 30,6GB | D: 313,9GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/22/08 | ACRSYS - 20081222 Time Zone: West-Europa (standaardtijd) Motherboard *: ACER MCP73PV Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Sophos Anti-Virus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Sophos Anti-Virus disabled (Outdated) Default Browser: Firefox 31.0 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 31.0 (x86 nl) Opera Browser version: 24.0.1558.53 Google Chrome version: 32.0.1700.107 Adobe Reader version: 10.1.11.8 Flash Player version: 14.0.0.145 Shockwave Player version: 12.0.4r144 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\account\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-08-29 01:01:44 25B9C743CA4C90F4D9BE42C1F31038EB 304128 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2014-08-28 23:23:40 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-08-28 23:23:40 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll 2014-08-28 23:23:36 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\SysWOW64\xactengine3_7.dll 2014-08-28 23:23:16 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-08-28 23:23:15 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\SysWOW64\d3dcsx_43.dll 2014-08-28 23:23:14 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll 2014-08-28 23:23:13 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll 2014-08-28 23:23:12 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2014-08-28 23:23:11 F81C4678A55FFEE585AC75825FAF5582 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_6.dll 2014-08-28 23:23:11 E4CE2AF32F501A7F7DDDD908704A0EE6 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-08-28 23:23:11 4976243BD70FAE3D1D24E49739AB2710 528216 ----a-w- C:\Windows\SysWOW64\XAudio2_6.dll 2014-08-28 23:23:10 C811E70C8804CFFF719038250A43B464 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-08-28 23:23:09 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_5.dll 2014-08-28 23:22:49 781E8B5B6FDB3C9B4E4A4A9FB019960D 1846632 ----a-w- C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-08-28 23:22:49 1AA571774936717EE776DBED51E9EDF4 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_41.dll 2014-08-28 23:22:48 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\SysWOW64\XAudio2_4.dll 2014-08-28 23:22:48 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\SysWOW64\D3DX9_41.dll 2014-08-28 23:22:47 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\SysWOW64\xactengine3_4.dll 2014-08-28 23:22:32 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll 2014-08-28 23:22:32 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-08-28 23:22:31 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll 2014-08-28 23:22:30 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\SysWOW64\XAudio2_3.dll 2014-08-28 23:22:30 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-08-28 23:22:29 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\SysWOW64\xactengine3_3.dll 2014-08-28 23:22:28 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-08-28 23:22:26 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_2.dll 2014-08-28 23:22:25 E6C2F1D8B667DDC04CB55B9F0159EF97 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_39.dll 2014-08-28 23:22:25 C4F1972497FE2CEB7D900938C97FCF91 1493528 ----a-w- C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-08-28 23:21:25 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\SysWOW64\XAudio2_1.dll 2014-08-28 23:21:25 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-08-28 23:21:23 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-08-28 23:21:23 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_1.dll 2014-08-28 23:21:22 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_38.dll 2014-08-28 23:21:22 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-08-28 23:21:21 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\SysWOW64\D3DX9_38.dll 2014-08-28 23:21:19 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\SysWOW64\XAudio2_0.dll 2014-08-28 23:21:18 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_0.dll 2014-08-28 23:21:17 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-08-28 23:21:16 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-08-28 23:21:16 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\SysWOW64\d3dx10_37.dll 2014-08-28 23:21:14 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\SysWOW64\D3DX9_37.dll 2014-08-28 23:21:12 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\SysWOW64\xactengine2_10.dll 2014-08-28 23:21:11 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-08-28 23:21:11 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_36.dll 2014-08-28 23:21:09 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\SysWOW64\d3dx9_36.dll 2014-08-28 23:20:47 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\SysWOW64\X3DAudio1_2.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-08-29 01:01:44 548BA5779A6FBBB4216BFFD43EBD8B37 2782208 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-08-29 01:01:44 474DAC0FB53BA3742ABB4CB9DC7B4BC2 390144 ----a-w- C:\Windows\Sysnative\gdi32.dll 2014-08-28 23:23:40 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll 2014-08-28 23:23:40 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll 2014-08-28 23:23:36 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\Windows\Sysnative\xactengine3_7.dll 2014-08-28 23:23:32 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll 2014-08-28 23:23:15 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\Windows\Sysnative\d3dcsx_43.dll 2014-08-28 23:23:14 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll 2014-08-28 23:23:13 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll 2014-08-28 23:23:12 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll 2014-08-28 23:23:11 A9724EB3D6CC032D0C4ECAFF4AD8C17F 78680 ----a-w- C:\Windows\Sysnative\XAPOFX1_4.dll 2014-08-28 23:23:11 936DCC640B2991905D909395E03B64F9 176984 ----a-w- C:\Windows\Sysnative\xactengine3_6.dll 2014-08-28 23:23:11 05E88C8D8E652DFF03B469331F474CCE 530776 ----a-w- C:\Windows\Sysnative\XAudio2_6.dll 2014-08-28 23:23:10 B4FF2A39685C1A6D43F0E56EB350AF3A 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_7.dll 2014-08-28 23:23:09 51D65BE2F794B944CADAF287B34EF603 176968 ----a-w- C:\Windows\Sysnative\xactengine3_5.dll 2014-08-28 23:22:49 E730967811E3702499446FFC8A432607 520544 ----a-w- C:\Windows\Sysnative\d3dx10_41.dll 2014-08-28 23:22:49 A59A5BADE4AF200C720D99EAE6E04E0E 2430312 ----a-w- C:\Windows\Sysnative\D3DCompiler_41.dll 2014-08-28 23:22:48 ECDDB13BC805B9F3EF3A855E6FD85C69 5425496 ----a-w- C:\Windows\Sysnative\D3DX9_41.dll 2014-08-28 23:22:48 B94F08069EFE2F8151DEF350E526E063 521560 ----a-w- C:\Windows\Sysnative\XAudio2_4.dll 2014-08-28 23:22:47 1BA01062450BD1F052C54C01C12248F6 174936 ----a-w- C:\Windows\Sysnative\xactengine3_4.dll 2014-08-28 23:22:32 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll 2014-08-28 23:22:32 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll 2014-08-28 23:22:31 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll 2014-08-28 23:22:30 758139A39AECC1B512576275A27C1177 518480 ----a-w- C:\Windows\Sysnative\XAudio2_3.dll 2014-08-28 23:22:30 2F8F9B707FED2405A787380230CC6FA9 74576 ----a-w- C:\Windows\Sysnative\XAPOFX1_2.dll 2014-08-28 23:22:29 84B41FD03CAFC5048346B3B2AB92D199 175440 ----a-w- C:\Windows\Sysnative\xactengine3_3.dll 2014-08-28 23:22:28 CFF1C1F7B9F855DDEE431D7B5DCACDF8 25936 ----a-w- C:\Windows\Sysnative\X3DAudio1_5.dll 2014-08-28 23:22:26 CC8399A9E51B2AF1C2C20A26D85EB60E 177672 ----a-w- C:\Windows\Sysnative\xactengine3_2.dll 2014-08-28 23:22:25 EAA692FDC990ED0407DF957316DA33C2 540688 ----a-w- C:\Windows\Sysnative\d3dx10_39.dll 2014-08-28 23:22:25 7741A0A6CED6C441B97D625B730D6075 1942552 ----a-w- C:\Windows\Sysnative\D3DCompiler_39.dll 2014-08-28 23:21:25 E9C0F926D7C9082A805F4FEF81DEEB30 511496 ----a-w- C:\Windows\Sysnative\XAudio2_1.dll 2014-08-28 23:21:25 0E92D8C0ECA74B6D0A55ABAD53226113 68104 ----a-w- C:\Windows\Sysnative\XAPOFX1_0.dll 2014-08-28 23:21:23 DE6004D16DBACD781ED4596C4FEA7D14 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_4.dll 2014-08-28 23:21:23 A2A098BF5A8C255A0090818AD8E87B0F 177672 ----a-w- C:\Windows\Sysnative\xactengine3_1.dll 2014-08-28 23:21:22 A7E59BB6FAC119FABB83F18BD72AA1D7 1941528 ----a-w- C:\Windows\Sysnative\D3DCompiler_38.dll 2014-08-28 23:21:22 72CB653CECF4EA670E7F5A8D74358423 540688 ----a-w- C:\Windows\Sysnative\d3dx10_38.dll 2014-08-28 23:21:21 E5EC2AB7156A752F9614CDA4BE66EFE8 4991496 ----a-w- C:\Windows\Sysnative\D3DX9_38.dll 2014-08-28 23:21:19 29AF48F6C894328A58DEFDC560A70CF3 489480 ----a-w- C:\Windows\Sysnative\XAudio2_0.dll 2014-08-28 23:21:18 A8B5370B7B61D3777D840DA1C64A1C2D 177672 ----a-w- C:\Windows\Sysnative\xactengine3_0.dll 2014-08-28 23:21:17 C4C2ED69B18EE1C60026877FCC470FA7 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_3.dll 2014-08-28 23:21:16 A8C5688BBA00C1630550F26260AB5CAE 529424 ----a-w- C:\Windows\Sysnative\d3dx10_37.dll 2014-08-28 23:21:16 31026CEA5AFA2798292179102C06FE40 1860120 ----a-w- C:\Windows\Sysnative\D3DCompiler_37.dll 2014-08-28 23:21:14 8A10974DC6E1E42BDC635C2C2AFBD2CC 4910088 ----a-w- C:\Windows\Sysnative\D3DX9_37.dll 2014-08-28 23:21:12 E8932AF24786765859558CB79E385AC2 411656 ----a-w- C:\Windows\Sysnative\xactengine2_10.dll 2014-08-28 23:21:11 7299DF5CF81135934740211D9A946737 2006552 ----a-w- C:\Windows\Sysnative\D3DCompiler_36.dll 2014-08-28 23:21:11 570FDAE7041775DE0C67747BB7081939 508264 ----a-w- C:\Windows\Sysnative\d3dx10_36.dll 2014-08-28 23:21:09 BBB6C6833C30E323B41860D6DF61972D 5081608 ----a-w- C:\Windows\Sysnative\d3dx9_36.dll 2014-08-28 23:20:47 BC78D5328541410510DDE06B9FA92024 21000 ----a-w- C:\Windows\Sysnative\X3DAudio1_2.dll ====== C:\Windows\Sysnative\drivers ===== 2014-08-29 12:06:50 F71BFE7AC6C52273B7C82CBF1BB2A222 23040 ----a-w- C:\Windows\Sysnative\drivers\serenum.sys 2014-08-29 12:06:49 E62FAC91EE288DB29A9696A9D279929C 94208 ----a-w- C:\Windows\Sysnative\drivers\serial.sys 2014-08-16 16:53:38 362CCEF305F45829316D62D3410F2062 901568 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== 2014-08-27 14:28:52 68C26D53B90A4CB9507AE60E1C149B75 3128 ----a-w- C:\Windows\Sysnative\Tasks\{E64F2C9C-F62F-4025-AFDC-F7CAC74A800C} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-04 09:24:26 -------- d-----w- C:\Program Files\Speccy 2014-08-24 15:56:08 223938 ----a-w- C:\Program Files\system.mrs 2014-08-24 15:56:07 3276516 ----a-w- C:\Program Files\sfx.mrs 2014-08-24 15:56:07 -------- d-----w- C:\Program Files\Sound 2014-08-24 15:56:07 -------- d-----w- C:\Program Files\Shader 2014-08-24 15:56:06 6380729 ----a-w- C:\Program Files\model.mrs 2014-08-24 15:56:06 -------- d-----w- C:\Program Files\Quest 2014-08-24 15:56:03 -------- d-----w- C:\Program Files\Model 2014-08-24 15:56:01 -------- d-----w- C:\Program Files\Maps 2014-08-24 15:56:01 -------- d-----w- C:\Program Files\Interface 2014-08-24 15:56:00 -------- d-----w- C:\Program Files\CUSTOM 2014-08-24 15:55:57 92220 ----a-w- C:\Program Files\Uninstal.exe 2014-08-24 15:55:57 -------- d-----w- C:\Program Files\ChallengeQuest 2014-08-22 19:46:41 6 ----a-w- C:\Program Files\lastchar.dat 2014-08-22 19:44:33 3211264 ----a-w- C:\Program Files\Gunz.exe 2014-08-22 19:34:10 65 ----a-w- C:\Program Files\patch.xml 2014-08-22 19:24:16 880640 ----a-w- C:\Program Files\GunzLauncher.exe ======= C:\PROGRA~2 ===== 2014-08-31 15:30:57 -------- d-----w- C:\PROGRA~2\HD Tune 2014-08-28 23:13:54 -------- d-----w- C:\PROGRA~2\Europa Universalis IV 2014-08-16 18:34:42 -------- d-----w- C:\PROGRA~2\GunZFactor GunZ The Duel ======= C: ===== ====== C:\Users\account\AppData\Roaming ====== 2014-09-04 11:54:00 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-09-04 09:24:46 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-08-24 15:56:08 -------- d-----w- C:\Users\account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GunZ Factor Official Version 2014-08-16 18:34:56 -------- d-----w- C:\Users\account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GunZFactor GunZ The Duel ====== C:\Users\account ====== 2014-09-04 09:23:02 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\account\Downloads\spsetup126(1).exe 2014-08-31 15:30:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2014-08-31 15:30:33 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\account\Downloads\hdtune_255.exe 2014-08-31 14:59:48 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\account\Downloads\spsetup126.exe 2014-08-27 16:19:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2014-08-24 19:22:55 7FFCD0DAEC3EADEC6FEA95D489A6F43D 27281991 ----a-w- C:\Users\account\Downloads\torbrowser-install-3.6.4_en-US.exe 2014-08-24 15:52:10 DE35ED1AA6516907BEF3A2DFB8B6602A 402628227 ----a-w- C:\Users\account\Downloads\GunZ Factor Official Setup.exe ====== C: exe-files == 2014-09-04 09:23:02 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\account\Downloads\spsetup126(1).exe 2014-09-02 17:14:24 79DFA08D63BD3091046F9085323B8A51 73336 ----a-w- C:\Program Files (x86)\Opera\24.0.1558.53\wow_helper.exe 2014-09-02 17:14:22 6F4498CFE5F00917CBA9300E1C613D0B 1372280 ----a-w- C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe 2014-09-02 17:14:21 3FC9B9010CCB96B2B76BBEE0699DEA1B 3179128 ----a-w- C:\Program Files (x86)\Opera\24.0.1558.53\opera_autoupdate.exe 2014-09-02 17:14:09 881F98BFE33C2B9C67D75D0B87AA3D36 48077432 ----a-w- C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe 2014-09-02 17:14:04 54216248BBF1A106BD1247E8647CB2A9 3537528 ----a-w- C:\Program Files (x86)\Opera\24.0.1558.53\installer.exe 2014-09-02 16:54:00 498449640545A466B2D9C1E5704E378A 73336 ----a-w- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\wow_helper.exe 2014-09-02 16:53:51 01D859786CF25B6443EE26FC3715E9D6 1401464 ----a-w- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\opera_crashreporter.exe 2014-09-02 16:53:49 1E3DA26A9C0495EC2DE72F85BE7F0CDC 3075704 ----a-w- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\opera_autoupdate.exe 2014-09-02 16:53:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-r- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\opera.exe 2014-09-02 16:53:17 54216248BBF1A106BD1247E8647CB2A9 3537528 ----a-w- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\installer.exe 2014-09-02 16:52:56 2715BB1FEA9C8A9B9E53084C065755B4 466040 ----a-w- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\launcher.exe 2014-09-02 16:48:14 99CDB70FA978C6878B1411A1C2BB12E2 12138240 ----a-w- C:\Windows\Temp\CProgram Files (x86)Opera\3488_7234\Opera_Stable_24.0.1558.53-23.0.1522.77_Patch.exe 2014-08-31 15:30:57 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 ----a-w- C:\Program Files (x86)\HD Tune\HDTune.exe 2014-08-31 15:30:57 CEFC20D14D9940D53505E9B9769139E7 682266 ----a-w- C:\Program Files (x86)\HD Tune\unins000.exe 2014-08-31 15:30:33 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\account\Downloads\hdtune_255.exe 2014-08-31 14:59:48 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\account\Downloads\spsetup126.exe === C: other files == 2014-09-01 14:34:23 935E83EFC6C4263DA1F162FFCEE125E2 14976 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\Win2K\SophosBootDriver.sys 2014-09-01 14:34:23 2474F6359B2686EBCC034214ECDA6253 18944 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\WinXP_AMD64\SophosBootDriver.sys 2014-09-01 14:34:11 935E83EFC6C4263DA1F162FFCEE125E2 14976 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\WinXP_i386\SophosBootDriver.sys 2014-09-01 14:34:11 51CD32B9D6E55E859E53259C64331D30 34816 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\WinXP_IA64\SophosBootDriver.sys 2014-09-01 14:34:10 8AC4857C4203EB9A7E1CE2B28F3BC388 25608 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\WinLH_AMD64\SophosBootDriver.sys 2014-09-01 14:34:10 6CDE1473C400234D82664B096E584045 41464 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\WinLH_IA64\SophosBootDriver.sys 2014-09-01 14:34:10 4175D5CCDCB61DDA556AFF19FDF6359C 22536 ----a-w- C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\1409582021\WinLH_i386\SophosBootDriver.sys 2014-08-29 12:06:50 F71BFE7AC6C52273B7C82CBF1BB2A222 23040 ----a-w- C:\Windows\System32\drivers\serenum.sys 2014-08-29 12:06:49 E62FAC91EE288DB29A9696A9D279929C 94208 ----a-w- C:\Windows\System32\drivers\serial.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-171703404-3741874152-1506883294-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\account\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Sophos AutoUpdate Monitor"="C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe" "VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "PowerDVD12DMREngine"="C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" "PowerDVD12Agent"="C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" "QuickTime Task"="D:\Program Files (x86)\QTTask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "uTorrent"="C:\Users\account\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="PGPmapih.dll,C:\\PROGRA~2\\Sophos\\SOPHOS~1\\SOPHOS~1.DLL" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="PGPmapih.dll,C:\\PROGRA~2\\Sophos\\SOPHOS~1\\SOPHOS~2.DLL" ==== Startup Folders ====================== 2012-06-28 12:39:26 1814 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PGP Tray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-07-2014 17:47] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06-10-2013 13:04] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06-10-2013 13:04] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1381098818" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5D004C10-B1C3-4390-8A41-07A5D94BBAC7}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [28-02-2012 12:19] ==== Firefox Extensions ====================== ProfilePath: C:\Users\account\AppData\Roaming\Mozilla\Firefox\Profiles\xnd26lcs.default-1387551642912 - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\account\AppData\Roaming\Mozilla\Firefox\Profiles\xnd26lcs.default-1387551642912 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash F6D12679B9112358AC705A1308156F59 - C:\Users\account\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions elchiiiejkobdbblfejjkbphbddgmljf - C:\Program Files (x86)\Softonic\Softonic\1.8.8.11\Softonic.crx[] Google Docs - account\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - account\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - account\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - account\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - account\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - account\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\account\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://startpage.com/", "startup_urls": [ "https://startpage.com/", "https://startpage.com/" ], ==== Chrome Fix ====================== C:\Users\account\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully C:\Users\account\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3314136&octid=EB_ORIGINAL_CTID&SearchSource=61&CUI=&UM=&UP=SP5F2834C0-6DB3-41F2-B58F-85C77422E83A&SSPV=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files (x86)\QTTask.exe" -atboottime O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [uTorrent] "C:\Users\account\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: PGP Tray.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O10 - Unknown file in Winsock LSP: c:\programdata\sophos\web intelligence\swi_ifslsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://webmail.saxion.nl/dwa85W.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: PGPmapih.dll,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PGP RDD Service - Symantec Corporation - C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe O23 - Service: Sophos Web Intelligence Update (swi_update_64) - Sophos Limited - C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\PROGRA~2\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\account\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\account\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\account\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\account\AppData\Local\Temp\OICE_6E8EE500-70DC-48AB-A623-DCC8C2343A4F.0\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\account\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\account\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\account\AppData\Local\Mozilla\Firefox\Profiles\xnd26lcs.default-1387551642912\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\account\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3276 folders=624 779663238 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\account\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\account\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\account\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on vr 05-09-2014 at 8:00:37,28 ======================