Zoek.exe v5.0.0.0 Updated 28-12-2014 Tool run by Eigenaar on ma 29-12-2014 at 18:12:43,76. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-12-2014 18:21:33 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\Users\Eigenaar\AppData\Roaming\MinecraftSavesBackup deleted successfully C:\Users\Eigenaar\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311281150} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311281150} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611511123} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611511123} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6c14185e-4de6-4a79-985b-19f23fd1e638} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6c14185e-4de6-4a79-985b-19f23fd1e638} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E84C8F2A-6615-4A40-8572-7E517B677E5B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311281150} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611511123} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611511123} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6c14185e-4de6-4a79-985b-19f23fd1e638} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c14185e-4de6-4a79-985b-19f23fd1e638} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Program Files\PC Speed Up\PCSUService.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Flwsrf\abengine.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\AEADISRV.EXE C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Intel\AMT\atchksrv.exe C:\Program Files\Flwsrf\ijs.exe C:\Program Files\Intel\AMT\LMS.exe C:\QUALCOMM\QDLService\QDLService.exe C:\Program Files\Common Files\ShopperPro\spbiu.exe C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files\Intel\AMT\UNS.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Intel\AMT\atchk.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\YTDownloader\YTDownloader.exe C:\Program Files\ShopperPro\JSDriver\1453.0.0.0\jsdrv.exe C:\Program Files\eDealPop\eDealPop.exe C:\Program Files\Desktop Dock\DesktopDock.exe C:\Program Files\Desktop Dock\DesktopDockApp.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\wbem\wmiprvse.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\PC Speed Up\PCSUNotifier.exe C:\Windows\system32\debuggerracengn64\debuggerracengn64.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\program files\iwebar\iwebar-buttonutil.exe C:\Program Files\YTDownloader\DownloadHelper.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Hold Page\updateHoldPage.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\iWebar\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.exe C:\Program Files\YTDownloader\DownloadHelper.exe C:\Users\Eigenaar\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Users\Eigenaar\AppData\Local\netpathBckp\netpathBckp.exe C:\Users\Eigenaar\AppData\Local\netpathBckp\wpcmigmsvidctlSched.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\System32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netpathBckp.exe deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\netpathBckp.exe deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\debuggerracengn64 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\debuggerracengn64 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Abengine deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Abengine deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\Abengine deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Abengine deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InjectorService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\InjectorService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCSUService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCSUService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPBIUpd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPBIUpd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Hold Page deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Hold Page deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Hold Page deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Hold Page deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YTDUpdt deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YTDUpdt deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbmntr deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sbmntr deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPBIUpdd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPBIUpdd deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default user.js not found ---- Lines Hold Page removed from prefs.js ---- user_pref("extensions.Hold Page.asul", "1419814729654"); user_pref("extensions.Hold Page.aul", "1419814738121"); user_pref("extensions.Hold Page.irl", true); user_pref("extensions.Hold Page.is", "isgiwhNL"); user_pref("extensions.Hold Page.ug", "bd0b7230-19ee-4c01-a328-b902b8d4ce6f"); ---- FireFox user.js and prefs.js backups ---- prefs_29-12-2014_1834_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611511123}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c14185e-4de6-4a79-985b-19f23fd1e638}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "eDealPop"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "YTDownloader"=- "SPDriver"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WSE_Vosteran"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] C:\Users\Eigenaar\AppData\Roaming\1H1Q1V1N1N1S1R ==== Deleting Files \ Folders ====================== C:\Users\Eigenaar\AppData\Roaming\tricomfi deleted C:\Program Files\Object Browser deleted C:\Program Files\SupTab deleted C:\Program Files\AskPartnerNetwork deleted C:\ProgramData\ShopperPro deleted C:\Program Files\Optimizer Pro 3.16 deleted C:\Users\Eigenaar\AppData\Roaming\WSE_Vosteran deleted C:\Program Files\Flwsrf deleted C:\Program Files\globalUpdate deleted C:\ProgramData\IePluginServices deleted C:\Program Files\Common Files\ShopperPro deleted C:\Users\Eigenaar\AppData\Roaming\Optimizer Pro deleted C:\Program Files\WSE_Vosteran deleted C:\Program Files\f2cf1818-ec8b-4262-b345-e9201346d155 deleted C:\ProgramData\WindowsMangerProtect deleted C:\Users\Eigenaar\AppData\Roaming\mystartsearch deleted C:\ProgramData\AskPartnerNetwork deleted C:\ProgramData\APN deleted C:\Program Files\Analog Devices\221f0d6d-1503-4db1-bc95-850792ebe9c7.dll deleted C:\Program Files\Analog Devices\10705e28-4024-40b6-98b3-b171bcce6047.dll deleted C:\Users\Eigenaar\appdata\locallow\iWebar deleted C:\Users\Eigenaar\appdata\locallow\Object Browser deleted C:\PROGRA~2\Hewlett-Packard deleted C:\Program Files\e26b8697-4727-491c-9307-3ce084742726 deleted C:\Program Files\Common Files\System\SysMenu.dll deleted C:\Users\Eigenaar\AppData\Roaming\WB.CFG deleted C:\Users\Eigenaar\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted C:\Users\Eigenaar\AppData\Local\globalUpdate deleted C:\Users\Eigenaar\AppData\Local\AskPartnerNetwork deleted C:\Users\Eigenaar\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader deleted C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator deleted C:\Windows\Tasks\PC SpeedUp Service Deactivator.job deleted C:\Windows\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-1.job deleted C:\Windows\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-2.job deleted C:\Windows\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-5.job deleted C:\Windows\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-5_user.job deleted C:\Windows\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.job deleted C:\Windows\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-7.job deleted C:\Windows\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-1.job deleted C:\Windows\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-2.job deleted C:\Windows\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-5.job deleted C:\Windows\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-5_user.job deleted C:\Windows\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-6.job deleted C:\Windows\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-7.job deleted C:\Windows\system32\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-1 deleted C:\Windows\system32\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-2 deleted C:\Windows\system32\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-5 deleted C:\Windows\system32\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-5_user deleted C:\Windows\system32\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-6 deleted C:\Windows\system32\Tasks\37f4b516-338d-473b-85f5-9b1e3776b8ae-7 deleted C:\Windows\system32\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-1 deleted C:\Windows\system32\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-2 deleted C:\Windows\system32\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-5 deleted C:\Windows\system32\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-5_user deleted C:\Windows\system32\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-6 deleted C:\Windows\system32\Tasks\53ce5ae2-46a7-410d-9c57-cf26d544b5ec-7 deleted C:\Users\Public\Documents\ShopperPro deleted C:\Windows\tasks\DUWJP.job deleted C:\Windows\system32\tasks\DUWJP deleted C:\Windows\system32\Tasks\SPBIW_UpdateTask_Time_3835343338313335342d3437415a556c2a3223346c41 deleted C:\Windows\system32\Tasks\SPDriver deleted C:\Windows\system32\tasks\ShopperPro deleted C:\Windows\system32\tasks\ShopperProJSUpd deleted C:\Windows\system32\tasks\YTDownloader deleted C:\Windows\system32\tasks\YTDownloaderUpd deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\Windows\system32\tasks\globalUpdateUpdateTaskMachineCore deleted C:\Windows\system32\tasks\globalUpdateUpdateTaskMachineUA deleted C:\Windows\system32\tasks\SMupdate1 deleted C:\Windows\system32\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted C:\Windows\system32\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted C:\Windows\system32\tasks\WSE_Vosteran deleted C:\Windows\tasks\WSE_Vosteran.job deleted C:\Windows\system32\tasks\Optimizer Pro Schedule deleted C:\END deleted C:\Windows\System32\drivers\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw.sys deleted C:\Users\Eigenaar\Documents\Optimizer Pro deleted C:\Users\Eigenaar\Documents\PCSpeedUp deleted C:\Users\Eigenaar\Desktop\Optimizer Pro.lnk deleted C:\Users\Eigenaar\Desktop\Continue installation .lnk deleted C:\Users\Eigenaar\AppData\Roaming\DUWJP.exe deleted "C:\Windows\Installer\4ebb82.msi" deleted "C:\Users\Eigenaar\AppData\Roaming\DUWJP" deleted "C:\Program Files\Hold Page\updateHoldPage.exe" deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\msvcp100.dll" deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\msvcr100.dll" not deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\netpathBckp.exe" deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\QtCore4.dll" deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\QtNetwork4.dll" deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\wpcmigmsvidctlSched.exe" deleted "C:\Windows\System32\debuggerracengn64\debuggerracengn64.exe" deleted "C:\Windows\System32\debuggerracengn64\msvcp100.dll" deleted "C:\Windows\System32\debuggerracengn64\msvcr100.dll" not deleted "C:\Windows\System32\debuggerracengn64\QtCore4.dll" deleted "C:\Windows\System32\debuggerracengn64\QtNetwork4.dll" deleted "C:\Program Files\iWebar\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.exe" deleted "C:\Program Files\iWebar\iWebar-buttonutil.exe" deleted "C:\Program Files\Hold Page\updateHoldPage.exe" deleted "C:\Program Files\PC Speed Up\PCSUNotifier.exe" deleted "C:\Program Files\PC Speed Up\PopupNotification.dll" deleted "C:\Program Files\PC Speed Up\Sqlite3.dll" deleted "C:\Windows\system32\debuggerracengn64\debuggerracengn64.exe" deleted "C:\Windows\system32\debuggerracengn64\msvcp100.dll" deleted "C:\Windows\system32\debuggerracengn64\msvcr100.dll" not deleted "C:\Windows\system32\debuggerracengn64\QtCore4.dll" deleted "C:\Windows\system32\debuggerracengn64\QtNetwork4.dll" deleted "C:\Program Files\eDealPop\eDealPop.exe" deleted "C:\Program Files\eDealPop\msvcr100.dll" deleted "C:\Program Files\Hold Page\updateHoldPage.exe" deleted "C:\Program Files\iWebar\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.exe" deleted "C:\Program Files\iWebar\iWebar-buttonutil.exe" deleted "C:\Program Files\iWebar\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.exe" deleted "C:\Program Files\iWebar\iWebar-buttonutil.exe" deleted "C:\Program Files\iWebar\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.exe" deleted "C:\Program Files\iWebar\iWebar-buttonutil.exe" deleted "C:\Program Files\eDealPop\eDealPop.exe" deleted "C:\Program Files\eDealPop\msvcr100.dll" deleted "C:\Program Files\YTDownloader\DownloadHelper.exe" deleted "C:\Program Files\YTDownloader\libeay32.dll" deleted "C:\Program Files\YTDownloader\YTDownloader.exe" deleted "C:\Program Files\PC Speed Up\PCSUNotifier.exe" deleted "C:\Program Files\PC Speed Up\PopupNotification.dll" deleted "C:\Program Files\PC Speed Up\Sqlite3.dll" deleted "C:\Program Files\iWebar\37f4b516-338d-473b-85f5-9b1e3776b8ae-6.exe" deleted "C:\Program Files\iWebar\iWebar-buttonutil.exe" deleted "C:\Program Files\Hold Page\updateHoldPage.exe" deleted "C:\Program Files\ShopperPro\JSDriver\1453.0.0.0\jsdrv.exe" deleted "C:\Program Files\ShopperPro\JSDriver\1453.0.0.0\jsdrv.exe" deleted "C:\Program Files\ShopperPro\JSDriver\1453.0.0.0\jsdrv.exe" deleted "C:\Program Files\Hold Page" not deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp" not deleted "C:\Windows\System32\debuggerracengn64" not deleted "C:\Program Files\iWebar" not deleted "C:\Program Files\Hold Page" not deleted "C:\Program Files\PC Speed Up" deleted "C:\Windows\system32\debuggerracengn64" not deleted "C:\Program Files\eDealPop" deleted "C:\Program Files\ShopperPro" deleted "C:\Program Files\Hold Page" not deleted "C:\Program Files\iWebar" not deleted "C:\Program Files\iWebar" not deleted "C:\Program Files\iWebar" not deleted "C:\Program Files\ShopperPro" deleted "C:\Program Files\eDealPop" deleted "C:\Program Files\YTDownloader" deleted "C:\Program Files\PC Speed Up" deleted "C:\Program Files\iWebar" not deleted "C:\Program Files\ShopperPro" deleted "C:\Program Files\Hold Page" not deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\desktop" not deleted "C:\Users\Eigenaar\AppData\Local\netpathBckp\service" not deleted "C:\Program Files\ShopperPro\JSDriver" deleted "C:\Program Files\ShopperPro\JSDriver\1453.0.0.0" deleted "C:\Program Files\ShopperPro\JSDriver" deleted "C:\Program Files\ShopperPro\JSDriver\1453.0.0.0" deleted "C:\Program Files\ShopperPro\JSDriver" deleted "C:\Program Files\ShopperPro\JSDriver\1453.0.0.0" deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601) Memory (RAM): 1977 MB CPU Info: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz CPU Speed: 205,9 MHz Sound Card: Luidsprekers (3- SoundMAX Integ | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Broadcom 802.11g Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet #7 | HP un2400 Mobile Broadband Module Network Device | Bluetooth-apparaat (Personal Area Network) #3 CD / DVD Drives: 1x (D: | ) D: hp DVD-ROM DT30N Ports: COM1 | COM6 | COM9 | COM10 | COM8 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 105,7GB Hard Disks - Free: C: 80,2GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 09/15/09 | HPQOEM - f Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 30DD Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 34.0.5 Internet Explorer Version: 11.0.9600.17501 Mozilla Firefox version: 34.0.5 (x86 nl) Google Chrome version: 39.0.2171.95 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_25 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Eigenaar\AppData\Local\Temp ==== 2014-12-28 18:03:42 D051FF31F1BD7DA8C3A02D314F0D74F2 1050280 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_26327.exe 2014-12-28 18:01:16 5C30226B8022D5D7E14988807FB8F725 231648632 ------w- C:\Users\Eigenaar\AppData\Local\Temp\is1238184746\0B9A8EC3_stp.EXE 2014-12-28 18:01:13 3C7733E1983E75C23D69A926AC0D0AD6 8200752 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\optprosetup.exe 2014-12-28 18:00:52 4CAE8FF6091FA54FD4C3DA048798CD34 583544 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\is1238184746\1FBF57E8_stp.EXE 2014-12-28 17:51:23 6631E97998BAC70D0C5C61F00CACCE5B 576192 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Minecraft Cracked 1.7.9__8438_il2497.exe 2014-12-28 12:42:11 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\psuser.dll 2014-12-28 12:42:10 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\psmachine.dll 2014-12-28 12:42:10 C0A2D854DA879A5D55244E8DC4E7C8B8 761856 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\goopdate.dll 2014-12-28 12:42:10 AEF95394FF8029B9C17F81197C6AAB5A 220672 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\npGoogleUpdate4.dll 2014-12-28 12:42:10 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdateOnDemand.exe 2014-12-28 12:42:09 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\psmachine.dll 2014-12-28 12:42:09 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdateHelper.msi 2014-12-28 12:42:09 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdateBroker.exe 2014-12-28 12:42:09 AEF95394FF8029B9C17F81197C6AAB5A 220672 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\npGoogleUpdate4.dll 2014-12-28 12:42:09 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\psuser.dll 2014-12-28 12:42:08 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdateHelper.msi 2014-12-28 12:42:08 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdate.exe 2014-12-28 12:42:08 C0A2D854DA879A5D55244E8DC4E7C8B8 761856 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\goopdate.dll 2014-12-28 12:42:08 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdateOnDemand.exe 2014-12-28 12:42:08 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleCrashHandler.exe 2014-12-28 12:42:07 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdateBroker.exe 2014-12-28 12:42:07 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdate.exe 2014-12-28 12:42:07 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleCrashHandler.exe 2014-12-28 12:40:59 9CF6F7CB557412DE8CD9D20F70A76617 6825480 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_ytd.exe 2014-12-28 12:40:58 D46819D58846EEEF0A182C1A879B93AB 13235064 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_iwebar.exe 2014-12-28 12:40:58 8B7E927CABA898BDC7204DEA322C25FB 4687031 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_shopperpro.exe 2014-12-28 12:40:58 7B910475AED491435C594D78F145D572 12573208 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_cr.exe 2014-12-28 12:40:47 A082E5473B2A9A4D846ED7DDF637AC76 8704 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\SpOrder.dll 2014-12-24 13:11:06 B00626F39DD80A5F0485A4B127FB7112 294912 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-7cfc969d.exe ====== Java Cache ===== 2014-12-27 14:53:29 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-27416a2e 2014-12-27 14:53:25 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1efc1da8 2014-12-27 14:53:25 DD67E56B7A8CA890321360FBDC8EDE97 424 ----a-w- C:\Users\Eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-12-27 14:53:24 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-1772f7d7 2014-12-27 14:53:26 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Eigenaar\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-7854f403 ====== C:\Windows\system32 ===== 2014-12-28 12:40:50 327A51B647B2EE34AA8A6A069303AF01 2472 ----a-w- C:\Windows\System32\abengineOff.ini 2014-12-28 12:40:50 158CB1E0F6330A5B287E4D1334906E3F 4592 ----a-w- C:\Windows\System32\abengine.ini 2014-12-28 12:40:40 F0F48B26DA08C10D2D56C5EBD690D8E3 324592 ----a-w- C:\Windows\System32\abengine.dll 2014-12-27 13:16:19 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\System32\ieUnatt.exe ====== C:\Windows\system32\drivers ===== 2014-12-28 18:23:46 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-12-24 12:53:26 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf 2014-12-10 08:48:54 1E1845606C5A4579F7F3D95796CC1ED1 136632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2014-12-28 12:40:38 55147BB3698C5B6CB2F04F3697521CB6 3092 ----a-w- C:\Windows\system32\Tasks\upfs7235 2014-12-27 14:28:41 57CB31AA67D157C9733A3670EEC27FE5 1044 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-27 14:28:41 264D2820EE990BFC4F2E5513BE877C7B 4040 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2014-12-27 14:28:40 D8E12F66BE8C1F4550B6A6D35EB23362 3788 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2014-12-27 14:28:40 73681BA5AB437B0AAC7D468D522CD134 1040 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-29 00:56:42 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2014-12-28 20:39:50 -------- d-----w- C:\Program Files\trend micro 2014-12-28 19:44:02 -------- d-----w- C:\Program Files\Speccy 2014-12-28 18:03:30 -------- d-----w- C:\Program Files\Hold Page 2014-12-28 12:50:43 -------- d-----w- C:\Program Files\Minecraft 2014-12-28 12:49:44 -------- d-----w- C:\Program Files\Desktop Dock 2014-12-28 12:42:03 -------- d-----w- C:\Program Files\iWebar 2014-12-27 14:42:36 -------- d-----w- C:\Program Files\Common Files\Java 2014-12-27 14:28:35 -------- d-----w- C:\Program Files\Google ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2014-12-29 00:56:53 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Mozilla 2014-12-29 00:56:53 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Mozilla 2014-12-28 19:44:29 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-12-28 18:03:54 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\1H1Q1V1N1N1S1R 2014-12-28 14:14:41 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\QuickScan 2014-12-28 14:14:41 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\QuickScan 2014-12-28 12:50:43 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2014-12-28 12:49:59 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Dock 2014-12-28 12:49:50 -------- d-----w- C:\Users\Eigenaar\AppData\Local\DesktopDock 2014-12-28 12:49:49 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Dock 2014-12-28 12:44:08 -------- d-----w- C:\Users\Eigenaar\AppData\Local\netpathBckp 2014-12-28 12:43:36 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Programs 2014-12-28 12:41:44 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\vlc 2014-12-28 12:28:24 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\java 2014-12-28 12:28:07 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\.minecraft 2014-12-27 14:35:17 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Google 2014-12-27 14:28:35 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Google 2014-12-27 13:13:12 -------- d-sh--w- C:\Users\Eigenaar\AppData\Local\EmieBrowserModeList 2014-12-27 13:12:56 -------- d-sh--w- C:\Users\Eigenaar\AppData\Locallow\EmieBrowserModeList ====== C:\Users\Eigenaar ====== 2014-12-29 00:56:42 -------- d-----w- C:\ProgramData\Mozilla 2014-12-29 00:51:56 3D345061DFD15F533C33D78829FBD31A 244280 ----a-w- C:\Users\Eigenaar\Downloads\Firefox Setup Stub 34.0.5.exe 2014-12-28 20:39:16 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Eigenaar\Downloads\RSIT.exe 2014-12-28 19:44:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-12-28 19:41:25 A7DD64E7AB5605665CE68A00814343D7 5122624 ----a-w- C:\Users\Eigenaar\Downloads\spsetup127 (1).exe 2014-12-28 19:41:16 A7DD64E7AB5605665CE68A00814343D7 5122624 ----a-w- C:\Users\Eigenaar\Downloads\spsetup127.exe 2014-12-28 18:02:05 -------- d-----w- C:\ProgramData\{9149798A-C1CB-A80C-704D-D88EA0CF0B00} 2014-12-28 18:00:59 FEAB0935FF9659316E4AFC6305D09C39 355310 ----a-w- C:\Users\Eigenaar\Downloads\MinecraftSetup [1].exe 2014-12-28 18:00:16 3BB61C67E2499C13C559C2B7405AD9E6 818144 ----a-w- C:\Users\Eigenaar\Downloads\MinecraftSetup (1).exe 2014-12-28 18:00:10 4FA5EF59C4C02E805A9F5B851B35C261 818144 ----a-w- C:\Users\Eigenaar\Downloads\MinecraftSetup.exe 2014-12-28 17:54:01 6FEF3D04CBC77C00252B36F8D02F25E9 1592398 ----a-w- C:\Users\Eigenaar\Downloads\Minecraft Launcher.exe 2014-12-28 17:50:37 CE8A5B5DAB9524A47E49B24644B3B31B 1583745 ----a-w- C:\Users\Eigenaar\Downloads\minecraft cracked 1.7..9 and 1.7.10cracked.exe 2014-12-27 14:29:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-27 14:28:55 -------- d-----w- C:\ProgramData\Google ====== C: exe-files == 2014-12-29 00:56:43 B015BE6E7E2E47EDF38186C3CCCD41CF 103588 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe 2014-12-29 00:56:42 B4E9C7383A705628AD491CF0F87D901F 114800 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 2014-12-29 00:51:56 3D345061DFD15F533C33D78829FBD31A 244280 ----a-w- C:\Users\Eigenaar\Downloads\Firefox Setup Stub 34.0.5.exe 2014-12-28 20:39:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Eigenaar.exe 2014-12-28 20:39:16 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Eigenaar\Downloads\RSIT.exe 2014-12-28 19:41:25 A7DD64E7AB5605665CE68A00814343D7 5122624 ----a-w- C:\Users\Eigenaar\Downloads\spsetup127 (1).exe 2014-12-28 19:41:16 A7DD64E7AB5605665CE68A00814343D7 5122624 ----a-w- C:\Users\Eigenaar\Downloads\spsetup127.exe 2014-12-28 18:03:54 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Eigenaar\AppData\Roaming\1H1Q1V1N1N1S1R\Minecraft Packages\uninstaller.exe 2014-12-28 18:03:42 D051FF31F1BD7DA8C3A02D314F0D74F2 1050280 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_26327.exe 2014-12-28 18:01:16 5C30226B8022D5D7E14988807FB8F725 231648632 ------w- C:\Users\Eigenaar\AppData\Local\Temp\is1238184746\0B9A8EC3_stp.EXE 2014-12-28 18:01:13 3C7733E1983E75C23D69A926AC0D0AD6 8200752 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\optprosetup.exe 2014-12-28 18:00:59 FEAB0935FF9659316E4AFC6305D09C39 355310 ----a-w- C:\Users\Eigenaar\Downloads\MinecraftSetup [1].exe 2014-12-28 18:00:52 4CAE8FF6091FA54FD4C3DA048798CD34 583544 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\is1238184746\1FBF57E8_stp.EXE 2014-12-28 18:00:16 3BB61C67E2499C13C559C2B7405AD9E6 818144 ----a-w- C:\Users\Eigenaar\Downloads\MinecraftSetup (1).exe 2014-12-28 18:00:10 4FA5EF59C4C02E805A9F5B851B35C261 818144 ----a-w- C:\Users\Eigenaar\Downloads\MinecraftSetup.exe 2014-12-28 17:54:20 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\launch4j-tmp\Minecraft Launcher.exe 2014-12-28 17:54:01 6FEF3D04CBC77C00252B36F8D02F25E9 1592398 ----a-w- C:\Users\Eigenaar\Downloads\Minecraft Launcher.exe 2014-12-28 17:51:23 6631E97998BAC70D0C5C61F00CACCE5B 576192 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Minecraft Cracked 1.7.9__8438_il2497.exe 2014-12-28 17:51:09 CBB2FADC7EEE03C7195637A19EA4DBA7 991091 ----a-w- C:\Users\Eigenaar\Downloads\minecraft cracked\Minecraft_Cracked_1.7.9_TeamDecode.exe 2014-12-28 17:51:09 6631E97998BAC70D0C5C61F00CACCE5B 576192 ----a-w- C:\Users\Eigenaar\Downloads\minecraft cracked\Minecraft Cracked 1.7.9__8438_il2497.exe 2014-12-28 17:50:37 CE8A5B5DAB9524A47E49B24644B3B31B 1583745 ----a-w- C:\Users\Eigenaar\Downloads\minecraft cracked 1.7..9 and 1.7.10cracked.exe 2014-12-28 12:50:00 8A241D25476D902C7EA2E70C00C3EFEC 1494784 ----a-w- C:\Program Files\Desktop Dock\DesktopDock.exe 2014-12-28 12:49:59 8F2F9D498C4437FEE4ED0EC4BB1095A8 717985 ----a-w- C:\Program Files\Desktop Dock\unins000.exe 2014-12-28 12:49:47 41564D74C56C5F4A9EEFBB9300F0A015 100109 ----a-w- C:\Program Files\Desktop Dock\DesktopDockappuninstall.exe 2014-12-28 12:44:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Temp\UptUpdater.exe 2014-12-28 12:42:10 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdateOnDemand.exe 2014-12-28 12:42:09 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdateBroker.exe 2014-12-28 12:42:08 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleUpdate.exe 2014-12-28 12:42:08 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdateOnDemand.exe 2014-12-28 12:42:08 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.485478\GoogleCrashHandler.exe 2014-12-28 12:42:07 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdateBroker.exe 2014-12-28 12:42:07 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleUpdate.exe 2014-12-28 12:42:07 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\comh.244057\GoogleCrashHandler.exe 2014-12-28 12:40:59 9CF6F7CB557412DE8CD9D20F70A76617 6825480 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_ytd.exe 2014-12-28 12:40:58 D46819D58846EEEF0A182C1A879B93AB 13235064 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_iwebar.exe 2014-12-28 12:40:58 8B7E927CABA898BDC7204DEA322C25FB 4687031 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_shopperpro.exe 2014-12-28 12:40:58 7B910475AED491435C594D78F145D572 12573208 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\Install_30272\ins_cr.exe 2014-12-27 14:51:14 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-12-27 14:51:14 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-12-27 14:51:14 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-12-27 14:51:04 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmid.exe 2014-12-27 14:51:04 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\unpack200.exe 2014-12-27 14:51:04 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ssvagent.exe 2014-12-27 14:51:04 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-12-27 14:51:04 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\servertool.exe 2014-12-27 14:51:04 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\tnameserv.exe 2014-12-27 14:51:03 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\pack200.exe 2014-12-27 14:51:03 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\keytool.exe 2014-12-27 14:51:03 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\kinit.exe 2014-12-27 14:51:03 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\orbd.exe 2014-12-27 14:51:03 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\policytool.exe 2014-12-27 14:51:03 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-12-27 14:51:03 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\klist.exe 2014-12-27 14:51:03 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ktab.exe 2014-12-27 14:51:02 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jabswitch.exe 2014-12-27 14:51:02 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jjs.exe 2014-12-27 14:51:02 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java.exe 2014-12-27 14:51:02 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe 2014-12-27 14:51:02 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java-rmi.exe 2014-12-27 14:51:02 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe 2014-12-27 14:51:02 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe 2014-12-27 14:45:43 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2014-12-27 14:45:38 4C401FCC6D0C95E1A5D989E403E18F2F 1072072 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe 2014-12-27 14:44:52 107A176FF25E2BA8016A92C301844839 532312 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.5111.1712\GoogleToolbarInstaller_updater_signed.exe 2014-12-27 14:41:22 205E775B4B2C165922203A390B115523 40747600 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_chrome_installer.exe 2014-12-27 14:35:24 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-12-27 14:35:24 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-12-27 14:35:23 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-12-27 14:35:18 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-12-27 14:35:18 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-12-27 14:35:18 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-12-27 14:35:17 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-12-27 14:35:14 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-12-27 14:29:11 5D61BE7DB55B026A5D61A3EED09D0EAD 39408 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2014-12-27 14:29:09 5D4BC124FAAE6730AC002CDB67BF1A1C 194032 ----a-w- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 2014-12-27 14:29:03 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe 2014-12-27 14:29:03 2276C2E1172F2DEEEA861DE006630725 401488 ----a-w- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_64.exe 2014-12-27 14:29:01 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe 2014-12-27 14:29:01 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe 2014-12-27 14:29:01 1F2AFAB903C0D48480561F3BBD4539C2 739640 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleUpdateSetup_5CC4B0F53D73AD88.exe 2014-12-27 14:28:46 2040B57C08F7A97E4E44ACB324647CF2 6110688 ----atw- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_full_signed.exe 2014-12-27 14:28:37 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe 2014-12-27 13:16:19 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-12-24 13:11:06 B00626F39DD80A5F0485A4B127FB7112 294912 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-7cfc969d.exe === C: other files == 2014-12-29 00:58:43 7730AC8505F1916D52DC8BB7E9FC62D5 6741 ----a-w- C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default\extensions\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}.xpi 2014-12-28 17:51:13 F07890D2A71C981C2C7D97EEF7D01441 530 ----a-w- C:\Users\Eigenaar\Downloads\minecraft cracked\install.bat 2014-12-28 12:50:43 439489EE235C596B90ED9630AB2ECAF7 991 ----a-w- C:\Program Files\Minecraft\CleanMinecraft.bat 2014-12-27 14:51:05 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files\Java\jre1.8.0_25\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Run] "PCSpeedUp"="C:\Program Files\PC Speed Up\PCSUNotifier.exe" "Optimizer Pro"="C:\Program Files\Optimizer Pro 3.16\OptProLauncher.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\DellTPad\Apoint.exe" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "atchk"="C:\Program Files\Intel\AMT\atchk.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" "YTDownloader"="C:\Program Files\YTDownloader\YTDownloader.exe /boot" "SPDriver"="C:\Program Files\ShopperPro\JSDriver\1453.0.0.0\jsdrv.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "PCSpeedUp"="C:\Program Files\PC Speed Up\PCSUNotifier.exe" "Optimizer Pro"="C:\Program Files\Optimizer Pro 3.16\OptProLauncher.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:/PROGRA~2/{91497~1/171~1.0/ramo.dll" ==== Startup Folders ====================== 2014-12-28 12:49:49 1070 ----a-w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDockApp.lnk 2014-12-28 12:50:01 1037 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDock.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-12-2014 15:28] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27-12-2014 15:28] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27-12-2014 15:28] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\upfs7235" [C:\PROGRA~1\Flwsrf\upfs7235.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default - Undetermined - {c88279d3-91dd-4bd9-ad38-681f71d6e36d} - Shopper-Pro - %ProfilePath%\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} - Hold Page 1.0.1 - %ProfilePath%\extensions\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25 238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18 D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 260488E2BC07C276D1EDD54CCA086809 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Deleted Firefox Extensions ====================== C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} deleted ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaahlfahldnilidgnlikdckbfehhca - No path found[] aaaaaiabcopkplhgaedhbloeejhhankf - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx[] oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] Search Extension by Ask v3 - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca Search App By Ask v2 - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://Vosteran.com/?f=1&a=vst_ggbc_14_52_ie&cd=2XzuyEtN2Y1L1Qzu0Dzz0DtAzzyDtD0FyCyDzzzzyDyDtC0EtN0D0Tzu0StCtDzytBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StC0DzytA0CyDyEtAtGtCyByC0BtGyC0F0C0CtG0ByC0DtDtGyCyEtA0DtC0EtCzzyC0BtDyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CyE0B0DtBtAtDtGyD0ByByDtGyEtAzztBtGzytA0D0DtGyDtByDtAyC0BzyyD0E0E0AtD2Q&cr=1445469294&ir=" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\LibreOffice 4.1.lnk - C:\Windows\Installer\{F8478020-D98E-49FB-BA14-07A534AED99C}\soffice.exe C:\Users\Public\Desktop\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy.exe C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Dock\Uninstall DesktopDock.lnk - C:\Program Files\Desktop Dock\DesktopDockappuninstall.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk - C:\Program Files\Minecraft\minecraft180.jar C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDockApp.lnk - C:\Program Files\Desktop Dock\DesktopDockApp.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk - C:\Program Files\Speccy\Speccy.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDock.lnk - C:\Program Files\Desktop Dock\DesktopDock.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk - C:\Windows\explorer.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (3).lnk - C:\Windows\explorer.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (3).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk - C:\Windows\explorer.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (3).lnk - C:\Windows\explorer.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (3).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419770395&from=amt&uid=FUJITSUXMHZ2120BHXG2_K615T8A2R72F C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (4).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (5).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (6).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (3).lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (4).lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (5).lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (6).lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (3).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (4).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (5).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (6).lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:28462" "ProxyOverride"=";*origin.com;*ea.com;*akamaihd.net" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC05100 deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{74f1e872-8d6f-4cc7-58d6-c60d8dfe43ed} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1500} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hold Page deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\eDeals_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\278e1f47f6d87cc4856d6cd0d8ef34de deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC05100 deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot O4 - HKLM\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1453.0.0.0\jsdrv.exe O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\PC Speed Up\PCSUNotifier.exe O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro 3.16\OptProLauncher.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: DesktopDockApp.lnk = C:\Program Files\Desktop Dock\DesktopDockApp.exe O4 - Global Startup: DesktopDock.lnk = C:\Program Files\Desktop Dock\DesktopDock.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\abengine.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\abengine.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\abengine.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\abengine.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\abengine.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:/PROGRA~2/{91497~1/171~1.0/ramo.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Qualcomm Gobi Download Service (QDLService) - QUALCOMM, Inc. - C:\QUALCOMM\QDLService\QDLService.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\t7bgy9ph.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=852 folders=249 152463970 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\netpathBckp\msvcr100.dll" not found "C:\Windows\System32\debuggerracengn64\msvcr100.dll" not found "C:\Windows\system32\debuggerracengn64\msvcr100.dll" not found "C:\Users\Eigenaar\AppData\Local\netpathBckp" not found "C:\Windows\System32\debuggerracengn64" not found "C:\Program Files\iWebar" not found "C:\Program Files\Hold Page" not found "C:\Windows\system32\debuggerracengn64" not found "C:\Program Files\Hold Page" not found "C:\Program Files\iWebar" not found "C:\Program Files\iWebar" not found "C:\Program Files\iWebar" not found "C:\Program Files\iWebar" not found "C:\Program Files\Hold Page" not found "C:\Program Files\Hold Page" not found ==== EOF on ma 29-12-2014 at 18:46:20,06 ======================