Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Glowing Starter on ma 05-01-2015 at 16:13:49,92. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Glowing Starter\Downloads\zoek (2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-01-05-114628.log 64975 bytes ==== Empty Folders Check ====================== C:\Users\Glowing Starter\AppData\Local\FSP deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2013 Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.0 Apple Software Update BisonCam CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module D3DX10 Dropbox EasyWorship 2009 EViews 7 Student Version Filternet Finger Sensing Pad Driver Glary Utilities 4.10 Google Chrome Google Update Helper Hotkey 3.0021 HP LaserJet Professional P1100-P1560-P1600 Series Intel(R) Graphics Media Accelerator Driver Java 8 Update 25 Java Auto Updater JMicron JMB38X Flash Media Controller Junk Mail filter update Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Movie Maker MSVCRT MSVCRT110 Nero 7 Essentials Nokia Connectivity Cable Driver Octoshape add-in for Adobe Flash Player OGA Notifier 2.0.0048.0 Photo Common Photo Gallery Photo Transport Realtek High Definition Audio Driver REALTEK Wireless LAN Driver RonyaSoft Poster Printer (ProPoster) 3.01 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition SkypeT 6.11 swMSM Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VideoCam Suite Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\HPSIsvc.exe C:\Program Files\Hotkey\PowerBiosServer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\FSP\FspUip.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\BisonCam\DeLay.exe C:\Program Files\BisonCam\BisonHK.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Windows\System32\StikyNot.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hotkey\Hotkey.exe C:\Program Files\Glary Utilities 4\Integrator.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\DllHost.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Glowing Starter\Downloads\zoek (2).exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Run] "SoftonicAssistant"=- [HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Run] "SoftonicAssistant"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SoftonicAssistant"=- [HKEY_CURRENT_USER\Softwa64re\Microsoft\Windows\CurrentVersion\Run] "SoftonicAssistant"=- ==== Deleting Files \ Folders ====================== C:\Users\Glowing Starter\AppData\Local\SoftonicAssistant not found C:\Program Files\1ClickDownload not found "C:\Users\Glowing Starter\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx" not found "C:\Program Files\TornTV.com\torn11.crx" not found "C:\Users\Glowing Starter\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx" not found "C:\Program Files\TornTV.com\torn2_10.crx" not found "C:\Users\Glowing Starter\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx" not found "C:\Users\GLOWIN~1\AppData\Local\Temp\YontooLayers.crx" not found ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3005 MB CPU Info: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz CPU Speed: 1806,7 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | JMicron PCI Express Fast Ethernet Adapter CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A3S Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Wheel Mouse Present Hard Disks: C: 185,5GB | D: 112,4GB Hard Disks - Free: C: 135,2GB | D: 106,4GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 10/30/09 | PTLTD - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: CLEVO Co. W760T/M740T/M760T Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Virus: Norman Security Suite On-access scanning disabled (Outdated) Anti-Spyware: Norman Security Suite disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 39.0.2171.95 Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 39.0.2171.95 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_25 (32-bit) Flash Player version: 15.0.0.246 Shockwave Player version: 12.0.7r148 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-27 13:06:06 06099D69CF089CFD46E7ECC2624860AE 297123687 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\GLOWIN~1\AppData\Local\Temp ==== 2015-01-05 15:09:17 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Glowing Starter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprox4yy.dll ====== Java Cache ===== 2015-01-05 15:11:38 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Glowing Starter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-3eb11be9 ====== C:\Windows\system32 ===== 2015-01-05 15:10:41 742BD1F196FEFC94A6379BA039D3CD00 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2015-01-04 19:52:10 837624823BC23BD08FFA0C81C5105D18 101664 ----a-w- C:\Windows\System32\BootDefrag.exe ====== C:\Windows\system32\drivers ===== 2015-01-04 19:52:10 F8ADE2053957E8E5F2ED2A1203C79589 16064 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys 2014-12-09 19:11:53 7FE680A3DFA421C4A8E4879AE4C5AAB0 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys ====== C:\Windows\Tasks ====== 2015-01-04 19:52:13 B3979006BC89C5F09EEA7C1BE76A416A 2992 ----a-w- C:\Windows\system32\Tasks\GU4SkipUAC 2015-01-04 19:52:12 F178B15E1FF79B5375D2507CACF09F91 330 ----a-w- C:\Windows\Tasks\GlaryInitialize 4.job 2015-01-04 19:52:12 4A7F3D492E98787318D9C2CFF18F3934 2658 ----a-w- C:\Windows\system32\Tasks\GlaryInitialize 4 2014-12-25 13:09:57 F64A2D5E9C1762DEAFBEB4978044D22B 3874 ----a-w- C:\Windows\system32\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-05 15:10:51 -------- d-----w- C:\Program Files\Common Files\Java 2015-01-05 15:09:39 -------- d-----w- C:\Program Files\Java 2015-01-04 19:51:50 -------- d-----w- C:\Program Files\Glary Utilities 4 2015-01-04 19:28:28 -------- d-----w- C:\Program Files\trend micro 2014-12-24 10:27:01 -------- d--h--r- C:\Program Files\rnamfler ======= C: ===== ====== C:\Users\Glowing Starter\AppData\Roaming ====== 2015-01-05 11:45:57 -------- d-----w- C:\Users\Glowing Starter\AppData\Roaming\DiskDefrag 2015-01-05 11:44:20 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-01-05 11:44:20 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-01-05 11:44:20 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-01-05 11:44:20 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-01-05 11:44:19 -------- d-----w- C:\Users\Glowing Starter\AppData\Local\Temp 2015-01-04 19:52:11 -------- d-----w- C:\Users\Glowing Starter\AppData\Roaming\GlarySoft 2014-12-24 10:24:43 -------- d-----w- C:\Users\Glowing Starter\AppData\Local\Programs ====== C:\Users\Glowing Starter ====== 2015-01-05 15:10:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-05 15:09:50 -------- d-----w- C:\ProgramData\Oracle 2015-01-05 15:06:04 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Glowing Starter\Downloads\chromeinstall-8u25 (2).exe 2015-01-05 15:05:42 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Glowing Starter\Downloads\chromeinstall-8u25 (1).exe 2015-01-04 19:57:34 -------- d-----w- C:\ProgramData\GlarySoft 2015-01-04 19:52:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4 2015-01-04 19:47:04 C29D49E23AD9388691DEEC9A1BECB6FC 123105520 ----a-w- C:\Users\Glowing Starter\Downloads\msert.exe 2015-01-04 19:33:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer 2015-01-04 19:31:50 6D8F844BCA315C75D2686D101CCC7B39 5344984 ----a-w- C:\Users\Glowing Starter\Downloads\dffsetup-msvcr110.exe 2015-01-04 19:27:35 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Glowing Starter\Downloads\RSIT.exe ====== C: exe-files == 2015-01-05 15:11:52 B356A2CD5B992BA69221B694D78408A8 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-70928346-524487458-456366203-1000\$IOL3KSA.exe 2015-01-05 15:10:22 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-01-05 15:10:22 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-01-05 15:10:22 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-01-05 15:10:12 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\unpack200.exe 2015-01-05 15:10:12 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\tnameserv.exe 2015-01-05 15:10:11 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmid.exe 2015-01-05 15:10:11 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\policytool.exe 2015-01-05 15:10:11 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ssvagent.exe 2015-01-05 15:10:11 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmiregistry.exe 2015-01-05 15:10:11 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\servertool.exe 2015-01-05 15:10:10 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\pack200.exe 2015-01-05 15:10:10 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\orbd.exe 2015-01-05 15:10:09 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\keytool.exe 2015-01-05 15:10:09 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\kinit.exe 2015-01-05 15:10:09 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\klist.exe 2015-01-05 15:10:09 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ktab.exe 2015-01-05 15:10:08 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jjs.exe 2015-01-05 15:10:08 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jp2launcher.exe 2015-01-05 15:10:06 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe 2015-01-05 15:10:05 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe 2015-01-05 15:10:05 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe 2015-01-05 15:10:04 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jabswitch.exe 2015-01-05 15:10:04 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java.exe 2015-01-05 15:10:04 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java-rmi.exe 2015-01-05 15:06:04 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Glowing Starter\Downloads\chromeinstall-8u25 (2).exe 2015-01-05 15:05:42 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Glowing Starter\Downloads\chromeinstall-8u25 (1).exe 2015-01-05 14:58:19 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-70928346-524487458-456366203-1000\$ROL3KSA.exe 2015-01-04 19:52:17 0EDC7F6AEC8557F7BB3D594E8A697B38 188768 ----a-w- C:\Program Files\Glary Utilities 4\uninst.exe 2015-01-04 19:52:10 837624823BC23BD08FFA0C81C5105D18 101664 ----a-w- C:\Windows\System32\BootDefrag.exe 2015-01-04 19:47:04 C29D49E23AD9388691DEEC9A1BECB6FC 123105520 ----a-w- C:\Users\Glowing Starter\Downloads\msert.exe 2015-01-04 19:31:50 6D8F844BCA315C75D2686D101CCC7B39 5344984 ----a-w- C:\Users\Glowing Starter\Downloads\dffsetup-msvcr110.exe 2015-01-04 19:28:28 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Glowing Starter.exe 2015-01-04 19:27:35 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Glowing Starter\Downloads\RSIT.exe === C: other files == 2015-01-05 15:10:13 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2015-01-04 19:52:10 F8ADE2053957E8E5F2ED2A1203C79589 16064 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "Google Update"="C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GoogleChromeAutoLaunch_705E96E934D3E2453ADF928937B734B5"="C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "SDP"="C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto " [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "fspuip"="C:\Program Files\FSP\fspuip.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "DeLay"="C:\Program Files\BisonCam\DeLay.exe" "BisonHK"="C:\Program Files\BisonCam\BisonHK.exe" "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "Google Update"="C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GoogleChromeAutoLaunch_705E96E934D3E2453ADF928937B734B5"="C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "SDP"="C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norman ZANDA] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norman ZANDA" "hkey"="HKLM" "command"="C:\\Norman\\Nvc\\BIN\\ZLH.EXE /LOAD /SPLASH" ==== Startup Folders ====================== 2012-05-09 18:28:40 1171 ----a-w- C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2010-06-13 12:57:52 1276 ----a-w- C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2010-06-01 12:53:53 835 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2014 11:18] C:\Windows\tasks\GlaryInitialize 4.job --a------ C:\Program Files\Glary Utilities 4\Initialize.exe [14-04-2014 09:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-12-2012 00:06] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000Core.job --a------ C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe [21-10-2014 14:44] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000UA.job --a------ C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe [21-10-2014 14:44] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GlaryInitialize 4" [C:\Program Files\Glary Utilities 4\Initialize.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000Core" [C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000UA" [C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GU4SkipUAC" [C:\Program Files\Glary Utilities 4\Integrator.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{06D8D0D2-842C-4493-A0E6-25CA9B956F73}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Thunderbird\Profiles\8o93blng.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] selector is not a valid CSS selector - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Gradient - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipehkhefmnpkdbcpgbononhiohcabocp Google Wallet - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [DeLay] C:\Program Files\BisonCam\DeLay.exe O4 - HKLM\..\Run: [BisonHK] C:\Program Files\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Glowing Starter\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_705E96E934D3E2453ADF928937B734B5] "C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [SDP] C:\Users\Glowing Starter\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Hotkey.lnk = C:\Program Files\Hotkey\Hotkey.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Glowing Starter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files\Hotkey\PowerBiosServer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Glowing Starter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Glowing Starter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1135 folders=283 77991359 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Glowing Starter\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GLOWIN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 05-01-2015 at 16:38:43,42 ======================