Zoek.exe v5.0.0.0 Updated 08-September-2015 Tool run by Adri-Joke on wo 09-09-2015 at 16:35:40,46. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Adri-Joke\Downloads\Programs\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 9-9-2015 16:38:02 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\Program Files\proDAD deleted successfully C:\PROGRA~2\Dumps deleted successfully C:\PROGRA~2\firebird deleted successfully C:\PROGRA~2\IDM deleted successfully C:\PROGRA~2\Pinnacle Studio Plus deleted successfully C:\PROGRA~2\SoftwareImaging deleted successfully C:\Users\Adri-Joke\AppData\Roaming\HpUpdate deleted successfully C:\Users\Adri-Joke\AppData\Roaming\proDAD deleted successfully C:\Users\Adri-Joke\AppData\Roaming\QuickScan deleted successfully C:\Users\Adri-Joke\AppData\Local\Axialis deleted successfully C:\Users\Adri-Joke\AppData\Local\calibre-cache deleted successfully C:\Users\Adri-Joke\AppData\Local\Pinnacle deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe C:\Program Files\Start Menu 7\StartMenu7.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxapps.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\InkSaver\ISApExtSvc32.exe C:\Windows\system32\GWX\GWX.exe C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files\IObit\Advanced SystemCare 8\RealTimeProtector.exe C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Users\Adri-Joke\Downloads\Programs\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netfilter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\netfilter deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\proDAD not found C:\Users\Adri-Joke\AppData\Roaming\calibre deleted C:\Program Files\0B5B57EA-D000-4946-935E-F894CC2B4581 deleted C:\Program Files\NewFreeScreensavers deleted C:\Program Files\HitsBlender deleted C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader deleted C:\Users\Adri-Joke\AppData\Roaming\ProductData deleted C:\PROGRA~2\Microsoft\Windows\Start Menu\HitsBlender deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\Package Cache deleted C:\Users\Adri-Joke\AppData\Local\hitsblender deleted C:\Users\Adri-Joke\AppData\LocalLow\ADSRemoval deleted C:\Windows\Reimage.ini deleted C:\Windows\system32\tasks\Update Service HitsBlender deleted C:\Windows\system32\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601) Memory (RAM): 2048 MB CPU Info: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz CPU Speed: 2439,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Realtek HDMI Output (Realtek Hi | Display Adapters: NVIDIA GeForce 8500 GT | NVIDIA GeForce 8500 GT | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: USB Wireless 802.11 b/g Adaptor | Intel(R) 82566DC-2 gigabit-netwerkverbinding CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVD-RW GSA-H60L | E: ASUS DVD-E616A3T Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 298,1GB | F: 298,1GB | M: 232,8GB Hard Disks - Free: C: 203,3GB | F: 55,4GB | M: 145,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/27/07 | DELL - 20070927 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. Berkeley Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Bitdefender Antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: IObit Malware Fighter disabled (Outdated) Firewall: Bitdefender Firewall disabled Default Browser: Google Chrome 45.0.2454.85 Internet Explorer Version: 11.0.9600.17959 Google Chrome version: 45.0.2454.85 Adobe Reader version: 11.0.12.18 Flash Player version: 18.0.0.232 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-08-22 08:43:27 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Graffiti5.2Pin.ini 2015-08-21 13:47:32 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\notepad.exe ====== C:\Users\ADRI-J~1\AppData\Local\Temp ==== 2015-09-09 14:15:42 46092BBDDB5BDF775F67A341D2B03AD7 112286 ----a-w- C:\Users\Adri-Joke\AppData\Local\Temp\48a89222-3625-429b-a460-0b0e39918267\CliSecureRT.dll 2015-09-04 11:55:17 2BFDF5C89DE27C0C7EA681102646ACC8 151003 ----a-w- C:\Users\Adri-Joke\AppData\Local\Temp\mybackup.42251,5800491898.exe 2015-09-04 07:47:08 83E35EC396927601B59D457B1E1DF954 45146064 ----a-w- C:\Users\Adri-Joke\AppData\Local\Temp\ASCSetup_2563985.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-09-01 10:13:05 A98799EBA5BAABF1AB2BAFCE488FC9F9 19871232 ----a-w- C:\Windows\System32\mshtml.dll 2015-09-01 10:13:05 225DB7BABA68ED284693EAEE04E94EA1 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2015-09-01 10:12:52 A691D4B4B4167F56A717C421F9CF58C7 1372160 ----a-w- C:\Windows\System32\dwmcore.dll 2015-09-01 10:12:52 52213D271F6804AAA44F57AEFD2B778A 67584 ----a-w- C:\Windows\System32\dwmapi.dll 2015-09-01 10:12:30 672CCD96BAB00F869D4F46A148FCCBAE 1805824 ----a-w- C:\Windows\System32\authui.dll 2015-09-01 10:12:30 242562474262FAA1BCA77D5DBA0F605B 105408 ----a-w- C:\Windows\System32\consent.exe 2015-09-01 10:12:30 133A7896E643D139443B47FDBFA327C7 47104 ----a-w- C:\Windows\System32\appinfo.dll 2015-09-01 10:11:35 FA8E0A5360FE2AFE6EC1545A6F40D153 100352 ----a-w- C:\Windows\System32\sspicli.dll 2015-09-01 10:11:35 D92052C4A96E61AD3DB597B5720B583F 1061376 ----a-w- C:\Windows\System32\lsasrv.dll 2015-09-01 10:11:35 D0D0AB5CA02B07A9C1D566E76C49A95C 686080 ----a-w- C:\Windows\System32\adtschema.dll 2015-09-01 10:11:35 BDDF8431790A4818B39889346337EA9F 22016 ----a-w- C:\Windows\System32\secur32.dll 2015-09-01 10:11:35 B17EB4DDA3D59A5E6ECDF422A6EADEED 41984 ----a-w- C:\Windows\System32\UtcResources.dll 2015-09-01 10:11:35 88142648ED929E6D2178CC3B8C13C00F 22528 ----a-w- C:\Windows\System32\lsass.exe 2015-09-01 10:11:35 5D42935FE1D6038C3C91789705F02F1E 146432 ----a-w- C:\Windows\System32\msaudite.dll 2015-09-01 10:11:35 4FACA72BAE89648154BB36ED622F1BEC 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2015-09-01 10:11:35 43FFE2ED0632B955A3050355074BE7CF 50176 ----a-w- C:\Windows\System32\auditpol.exe 2015-09-01 10:11:35 310E1CAC29BBF0736617E7A34C5A4BF5 60416 ----a-w- C:\Windows\System32\msobjs.dll 2015-09-01 10:11:35 0A3386E3CF9C5D089D695AC5A35F4C6F 937984 ----a-w- C:\Windows\System32\diagtrack.dll 2015-09-01 10:11:34 F58753FAEE561563530D110D1DA78DF4 248832 ----a-w- C:\Windows\System32\schannel.dll 2015-09-01 10:11:34 EEEE7A2838CA49C320DF8223E1B347AC 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2015-09-01 10:11:34 D16F40BF0B23926923A28ABF513A00B1 552960 ----a-w- C:\Windows\System32\kerberos.dll 2015-09-01 10:11:34 D0BA0678EB334E65FE285683E470DD27 400896 ----a-w- C:\Windows\System32\srcore.dll 2015-09-01 10:11:34 C352009A3BE68D131EA4CDBBE55C253C 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2015-09-01 10:11:34 BAADA65CC5F9002C335033A3280DD06F 262656 ----a-w- C:\Windows\System32\rstrui.exe 2015-09-01 10:11:34 B83B25734C88C16026DFA483C5FE2107 3934656 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-09-01 10:11:34 933992B9C0E6FA3574A669D189B144AD 43008 ----a-w- C:\Windows\System32\srclient.dll 2015-09-01 10:11:34 8E0D294A30DE08CCB5FFB6A464BC96C5 6656 ----a-w- C:\Windows\System32\apisetschema.dll 2015-09-01 10:11:34 82CBE024109D89FFE27DB8601792758A 641536 ----a-w- C:\Windows\System32\advapi32.dll 2015-09-01 10:11:34 7798C39730CA28B18F8CC45EDBB479DC 3989952 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-09-01 10:11:34 774202C5F5A03FF413D0B478124AE91A 69632 ----a-w- C:\Windows\System32\smss.exe 2015-09-01 10:11:34 772D885BBEA6CD0A20BC6C24E63DB9E6 36864 ----a-w- C:\Windows\System32\cryptbase.dll 2015-09-01 10:11:34 634C2FE10334B1EEA16EAABDE73144D7 221184 ----a-w- C:\Windows\System32\ncrypt.dll 2015-09-01 10:11:34 5BF2FEEE760D2ED0540720B29C7EEE4A 1308160 ----a-w- C:\Windows\System32\ntdll.dll 2015-09-01 10:11:34 3F4331E86DDFDEBDEAB55B24B4DFDC46 172032 ----a-w- C:\Windows\System32\wdigest.dll 2015-09-01 10:11:34 2B071656FF8452CE9FFD379F50F873B6 17408 ----a-w- C:\Windows\System32\credssp.dll 2015-09-01 10:11:34 15F29E5918BE66A93010A949D14532FF 655360 ----a-w- C:\Windows\System32\rpcrt4.dll 2015-09-01 10:11:34 0E1490FB24DF3386AF80F66107A8515C 635392 ----a-w- C:\Windows\System32\tdh.dll 2015-09-01 10:11:34 04BD33477EF07906E307F87E7317CB9F 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2015-09-01 10:09:58 449A5A6D6B6F1ECB27ADA3002382D3BC 2048 ----a-w- C:\Windows\System32\tzres.dll 2015-08-31 08:38:10 4FA66A573E9A45D05AD5A25B1E76A35D 103120 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll ====== C:\Windows\system32\drivers ===== 2015-09-04 12:07:39 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-09-04 12:07:18 B4CD87E78A01562E3DA67FE1C2779204 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-09-04 12:07:18 A1E3A332E76F48410CF403FDF85FAFE0 94936 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-09-04 12:07:18 490F0F3ED8A970E2BAA38F719242B8F7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-09-01 10:11:35 C41140DBF0BEA35E480A9CF9823B2B08 137664 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-09-01 10:11:35 88246FD556E98BF416AC00C418B83D1D 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-09-01 10:11:34 BAF4E2BE25E8EDFDAA98AA17D92E3C35 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2015-09-01 10:11:34 70EF9F86474BA28A6898228E1C9ABDCB 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2015-09-01 10:11:34 300E85A19AFD4DF992AB6297C6E64CA1 225792 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2015-08-26 07:10:45 1DCD18196410C281B1229323E6602000 25768 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys 2015-08-26 07:04:03 8D8B4C290557259FB92C9F5EFF8F9AD0 3535576 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys 2015-08-26 07:03:54 EEBB2430E7BAFBD7B7A9F399502A43E1 35222128 ----a-w- C:\Windows\System32\drivers\RTAIODAT.DAT 2015-08-21 07:58:08 BAD9C0366134BA181514E9263C8CE606 78784 ----a-w- C:\Windows\System32\drivers\mountmgr.sys ====== C:\Windows\Tasks ====== 2015-09-04 12:04:01 C8104ACC30C82C21F942575156B94805 3188 ----a-w- C:\Windows\system32\Tasks\SmartDefrag4_Startup 2015-09-04 12:03:59 C07A00A9F551001DFAE6E6B75F781D1B 3186 ----a-w- C:\Windows\system32\Tasks\SmartDefrag4_Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-09-08 14:01:26 -------- d-----w- C:\Program Files\trend micro 2015-09-04 13:49:16 -------- d-----w- C:\Program Files\Common Files\Innovative Solutions 2015-08-22 08:42:44 -------- d-----w- C:\Program Files\Boris FX, Inc 2015-08-22 08:32:34 -------- d-----w- C:\Program Files\Common Files\Pinnacle 2015-08-22 08:24:31 -------- d-----w- C:\Program Files\Common Files\Yahoo! 2015-08-14 14:18:56 -------- d-----w- C:\Program Files\iPod 2015-08-14 14:18:54 -------- d-----w- C:\Program Files\iTunes ======= C: ===== ====== C:\Users\Adri-Joke\AppData\Roaming ====== 2015-09-09 15:03:10 -------- d-----w- C:\Users\Adri-Joke\AppData\Roaming\ProductData 2015-09-04 13:49:17 -------- d-----w- C:\Users\Adri-Joke\AppData\Local\Innovative Solutions 2015-08-18 12:39:18 -------- d-----w- C:\Users\Adri-Joke\AppData\Local\Sonic_Solutions ====== C:\Users\Adri-Joke ====== 2015-09-09 15:03:10 -------- d-----w- C:\ProgramData\ProductData 2015-09-04 13:49:19 -------- d-----w- C:\ProgramData\Innovative Solutions 2015-09-04 12:06:21 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Adri-Joke\Downloads\mbam-setup-2.1.8.1057 (1).exe 2015-09-04 12:05:57 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Adri-Joke\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-04 12:03:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4 2015-09-04 11:54:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2015-08-22 08:44:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD 2015-08-22 08:42:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris Graffiti 5.2 2015-08-22 08:31:53 -------- d-----w- C:\ProgramData\Pinnacle Studio Ultimate 2015-08-22 08:31:06 -------- d-----r- C:\Users\Adri-Joke\Favorites 2015-08-22 08:30:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 12 2015-08-22 08:24:31 -------- d-----w- C:\Users\Public\Documents\My Projects 2015-08-22 08:24:30 -------- d-----w- C:\Users\Public\Documents\Pinnacle 2015-08-22 08:24:30 -------- d-----w- C:\ProgramData\Studio 12 2015-08-21 13:39:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle 2015-08-14 14:20:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes ====== C: exe-files == 2015-09-04 13:49:16 422B51C5BDB8B30686EA0C660CC86B3C 1064552 ----a-w- C:\Program Files\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe 2015-09-04 12:09:41 941933D32103C8740F41915110B0F428 43325520 ----a-w- C:\Program Files\Google\Update\Install\{B52C17A0-ED1B-48A6-808A-B23590E2EC51}\45.0.2454.85_chrome_installer.exe 2015-09-04 12:09:40 941933D32103C8740F41915110B0F428 43325520 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.85\45.0.2454.85_chrome_installer.exe 2015-09-04 12:03:56 480D366011B3E6A43BE2DA068FCBF4BB 1709856 ----a-w- C:\Program Files\IObit\Smart Defrag 4\UninstallPromote.exe 2015-09-04 12:03:56 46573F4542E59BBC7BDDFB463CD52506 2390816 ----a-w- C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe 2015-09-04 12:03:56 3A3E4115D5D2CB00699B9706112C6334 2161440 ----a-w- C:\Program Files\IObit\Smart Defrag 4\ActionCenterDownloader.exe 2015-09-04 12:03:55 39956C1ABAB13FF57F92F89E7B457921 174880 ----a-w- C:\Program Files\IObit\Smart Defrag 4\LocalLang.exe 2015-09-04 12:03:54 FD862E75F14941280BFD4CC2FA8906C9 34080 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wxp_x64\SmartDefragBootTime.exe 2015-09-04 12:03:54 EB568B709E7170A9BE67A405644E8CBF 4525344 ----a-w- C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe 2015-09-04 12:03:54 C7D5606AFDDA7C2DACF5A249AC1DA0BC 34592 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wlh_x64\SmartDefragBootTime.exe 2015-09-04 12:03:54 AA5489F0109BFFC72B5F953ADC5B64A1 31008 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wnet_x86\SmartDefragBootTime.exe 2015-09-04 12:03:54 95FB4A65214A9E3F3FC040F9398822CB 34080 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wnet_x64\SmartDefragBootTime.exe 2015-09-04 12:03:54 7A5B0AA932941D3D809BBBF3A2E27694 31008 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win8_x86\SmartDefragBootTime.exe 2015-09-04 12:03:54 7A5B0AA932941D3D809BBBF3A2E27694 31008 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win7_x86\SmartDefragBootTime.exe 2015-09-04 12:03:54 7A5B0AA932941D3D809BBBF3A2E27694 31008 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win10_x86\SmartDefragBootTime.exe 2015-09-04 12:03:54 4D5D8058F17C873B4F0792678BAA6534 34080 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win8_x64\SmartDefragBootTime.exe 2015-09-04 12:03:54 4D5D8058F17C873B4F0792678BAA6534 34080 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win7_x64\SmartDefragBootTime.exe 2015-09-04 12:03:54 4D5D8058F17C873B4F0792678BAA6534 34080 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win10_x64\SmartDefragBootTime.exe 2015-09-04 12:03:54 2BE91085B88B7CC27060422237D8CA04 31008 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wxp_x86\SmartDefragBootTime.exe 2015-09-04 12:03:54 0844717E02574A22DDE810BB4E45FBE7 31520 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wlh_x86\SmartDefragBootTime.exe 2015-09-04 12:03:52 C0FE7473DBD65984D45E3C81B9B775C0 592160 ----a-w- C:\Program Files\IObit\Smart Defrag 4\AUpdate.exe 2015-09-04 12:03:51 98E338DE91D9FD770C65B35294903498 1195808 ----a-w- C:\Program Files\IObit\Smart Defrag 4\unins000.exe 2015-09-04 12:03:51 68B4AC4A0A7682F5B3C67B8F5FA4A0B6 1683232 ----a-w- C:\Program Files\IObit\Smart Defrag 4\SDInit.exe 2015-09-04 12:03:51 4FFAFF87E20D1238AA5661F6BB05FD8E 589088 ----a-w- C:\Program Files\IObit\Smart Defrag 4\SendBugReportNew.exe 2015-09-04 11:54:45 61E988EA778FF81375582DE424F5726A 1195808 ----a-w- C:\Program Files\IObit\Surfing Protection\unins000.exe 2015-09-04 11:54:34 D7BB9E7311F53CCE1C082BA9DBEE712A 2690336 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMFInstaller.exe 2015-09-04 11:54:32 D8DA74B66224E7654C36B0A0E3C1C3CA 17408 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\skin\process.exe 2015-09-04 11:54:32 6FC397F0EE2ED5A87AE8F1CFC597DFD0 17408 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\skin\registry.exe 2015-09-04 11:54:27 D6CABD6145FE6BAD4BECF935D874AE50 1195840 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\unins001.exe 2015-09-04 07:47:22 37E24A946C409B7A0F7BE1FBC02218ED 1198368 ----a-w- C:\Program Files\IObit\Advanced SystemCare 8\unins000.exe 2015-09-04 07:08:58 06CFCD864C25DBC2F4CED85066459355 8702032 ----a-w- C:\Program Files\Google\Update\Install\{10341F96-DBA9-45E2-BCE5-FCF87BB710A7}\45.0.2454.85_44.0.2403.157_chrome_updater.exe 2015-09-04 07:08:58 06CFCD864C25DBC2F4CED85066459355 8702032 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.85\45.0.2454.85_44.0.2403.157_chrome_updater.exe === C: other files == 2015-09-04 12:07:39 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-09-04 12:07:18 B4CD87E78A01562E3DA67FE1C2779204 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-09-04 12:07:18 A1E3A332E76F48410CF403FDF85FAFE0 94936 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-09-04 12:07:18 490F0F3ED8A970E2BAA38F719242B8F7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-09-04 12:03:54 EBAF78B71431E8729A7809C89FAF5EF9 21184 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win8_x64\SmartDefragDriver.sys 2015-09-04 12:03:54 EBAF78B71431E8729A7809C89FAF5EF9 21184 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win10_x64\SmartDefragDriver.sys 2015-09-04 12:03:54 E77CB3736A702D46A6FB15FB4A9894E3 21184 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win7_x64\SmartDefragDriver.sys 2015-09-04 12:03:54 E5373CBF10497C4473E91479F9F339EC 17088 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wxp_x64\SmartDefragDriver.sys 2015-09-04 12:03:54 A5FF19BCD851B3FE87281011E9F04CA7 17088 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wnet_x64\SmartDefragDriver.sys 2015-09-04 12:03:54 853DADF45A76CB18EBC415EEBFFE0065 15808 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wxp_x86\SmartDefragDriver.sys 2015-09-04 12:03:54 70C20DDD0B62E7325962349FCF9F36F2 18624 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wlh_x86\SmartDefragDriver.sys 2015-09-04 12:03:54 536F48D55FFE7AD973B393B4124B13B3 16064 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wnet_x86\SmartDefragDriver.sys 2015-09-04 12:03:54 11011926F2C4C853693C9ED909D2B059 18624 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win8_x86\SmartDefragDriver.sys 2015-09-04 12:03:54 11011926F2C4C853693C9ED909D2B059 18624 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win10_x86\SmartDefragDriver.sys 2015-09-04 12:03:54 081E92E85F03C0BD757F7D3A1F454FD0 21184 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\wlh_x64\SmartDefragDriver.sys 2015-09-04 12:03:54 01411333E125717D9D0C1193FC08EDD5 18624 ----a-w- C:\Program Files\IObit\Smart Defrag 4\drivers\win7_x86\SmartDefragDriver.sys 2015-09-04 11:54:41 FD0057DFB7BB0A32C6FBFE43E9F901E1 66128 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys 2015-09-04 11:54:41 EDFC44468C59A19FB810AFC85320536B 36896 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys 2015-09-04 11:54:41 D39E6B769F8BD7F26949FD9C950F7358 34848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys 2015-09-04 11:54:41 BA8DFA3826B6348863F736F506184454 18384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys 2015-09-04 11:54:41 B38026FE5CA420C6A22B7F7F6C6D6547 64592 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys 2015-09-04 11:54:41 B1C51A3CB466C0C4AFA54F0FA199F6B8 17360 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys 2015-09-04 11:54:41 AA1639ED5610A85C95CEAB38978CED5A 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys 2015-09-04 11:54:41 A89FF59E9162127053F5F9F632BA3D5D 20432 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys 2015-09-04 11:54:41 A507B0EB01980FED379D82EF7D3CB43F 34848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys 2015-09-04 11:54:41 9D6B3BF280120750A88BC8E08A2DE9CB 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys 2015-09-04 11:54:41 9AF784DE16723A51BADB1EC48D4F704E 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys 2015-09-04 11:54:41 9840396B26E424046AD335C98B3F16C3 247968 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys 2015-09-04 11:54:41 9075C95322A94C355DFD3B614E9E3532 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys 2015-09-04 11:54:41 7EBAB88FEE6E97397C183ED3B71F0797 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys 2015-09-04 11:54:41 7752291EA190FBDC3F001861261C2B59 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys 2015-09-04 11:54:41 6EF92564A06AEDA36F2E2414B4EA7D02 64592 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\RegFilter.sys 2015-09-04 11:54:41 6BB17E7A108A5D5B21ECD95C6297B4AE 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys 2015-09-04 11:54:41 69AA6AF470BA8D8CE13FA45DE0D49C1C 31776 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys 2015-09-04 11:54:41 60CA7D495DA23089E4F4D70F4DC2B11C 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys 2015-09-04 11:54:41 4A03296A4F482D877FEF95FB7488216D 36384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys 2015-09-04 11:54:41 4351FD537D4B5BFB5CC73ABBECD9D678 32288 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys 2015-09-04 11:54:41 2AC63E2EBD94A7788B6D91A15DDC2D41 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys 2015-09-04 11:54:41 23450BAFD5439114FB6F8DC1371F4CB8 32288 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys 2015-09-04 11:54:40 F5DBCF84176C62B4BEDF22DB56444CBD 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys 2015-09-04 11:54:40 D409D4A4517865131999FAC96D366CBF 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys 2015-09-04 11:54:40 B53B59305D9B10D84D5AA5CE323E6A9B 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys 2015-09-04 11:54:40 8BD175378BE3455B8F821EB807C7F4BC 32288 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys 2015-09-04 11:54:40 893A6B67C8AA502648AD946CF50DDFD1 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys 2015-09-04 11:54:40 5623E2CC4F1F6DE24BE9DB3319E42D23 34848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys 2015-09-04 11:54:40 415821AD05A3A19DF44A27FB72119473 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys 2015-09-04 11:54:40 3C7682F5BC9E65A0AB6CA980009D5631 39992 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys 2015-09-04 11:54:40 00BF94C463D1B768E2F36848888268F3 66128 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3758672103-3907429879-1888598812-1000\Software\Microsoft\Windows\CurrentVersion\Run] "StartMenu7"="C:\Program Files\Start Menu 7\StartMenu7.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" "IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot" "9BCD40A35619A428ADD08B7667865D826DF2EC6E._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "InkSaver"="C:\Program Files\InkSaver\InkSaver.exe hide" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "StartMenu7"="C:\Program Files\Start Menu 7\StartMenu7.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" "IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot" "9BCD40A35619A428ADD08B7667865D826DF2EC6E._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" "HitsBlender"="\"C:\\Program Files\\HitsBlender\\hitsblender.exe\" -s" "GoogleChromeAutoLaunch_17B342AAD18D61F57E309C2B16670592"="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window" "LightScribe Control Panel"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" "Bitdefender Wallet Agent"="\"C:\\Program Files\\Bitdefender\\Bitdefender 2015\\bdwtxag.exe\"" "Advanced SystemCare 8"="\"C:\\Program Files\\IObit\\Advanced SystemCare 8\\ASCTray.exe\" /Auto" "iCloudServices"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe" "ApplePhotoStreams"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe" "MyDriveConnect.exe"="\"C:\\Program Files\\MyDrive Connect\\TomTom MyDrive Connect.exe\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\13.0\\SharedCOM\\RoxWatchTray13.exe\"" "BCSSync"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" "InkSaver.ApExt32"="C:\\Program Files\\InkSaver\\ISApExtSvc32.exe" "APSDaemon"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "hpqSRMon"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe" "ArcSoft Connection Service"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" "NBAgent"="\"C:\\Program Files\\Nero\\Nero 11\\Nero BackItUp\\NBAgent.exe\" /WinStart" "CPMonitor"="\"C:\\Program Files\\Roxio 2012\\5.0\\CPMonitor.exe\"" "DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" "Desktop Disc Tool"="\"C:\\Program Files\\Roxio 2012\\Roxio Burn\\RoxioBurnLauncher.exe\"" "ISUSPM"="C:\\ProgramData\\FLEXnet\\Connect\\11\\\\isuspm.exe -scheduler" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21-08-2015 08:52] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0952741964a0f.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0952743ca2241.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adri-Joke NBAgent 6 0" ["C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe"] "C:\Windows\system32\tasks\ASC8_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe] "C:\Windows\system32\tasks\ASC8_SkipUac_Adri-Joke" ["C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\system32\tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" [C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe] "C:\Windows\system32\tasks\Corr2015" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\Driver Booster Scan" [C:\Program Files\IObit\Driver Booster\Scheduler.exe] "C:\Windows\system32\tasks\Driver Booster SkipUAC (Adri-Joke)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\system32\tasks\Driver Booster Update" [C:\Program Files\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\system32\tasks\Foto's" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0952741964a0f" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1d0952743ca2241" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Keepass" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\Lotus organizer" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\One Note" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\Outlook bestanden" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\SmartDefrag4_Startup" [C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe] "C:\Windows\system32\tasks\SmartDefrag4_Update" [C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe] "C:\Windows\system32\tasks\Uninstaller_SkipUac_Adri-Joke" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~2 0-6 Months Old ====================== 2015-04-17 09:42:57 -------- d-----w- C:\PROGRA~2\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-05-04 14:01:24 -------- d-----w- C:\PROGRA~2\privazer 2015-05-25 08:03:46 -------- d-----w- C:\PROGRA~2\McAfee 2015-06-23 12:51:34 -------- d-----w- C:\PROGRA~2\Avery 2015-06-28 10:14:28 -------- d-----w- C:\PROGRA~2\bdch 2015-07-08 12:26:52 -------- d-----w- C:\PROGRA~2\Trusteer 2015-08-22 08:24:30 -------- d-----w- C:\PROGRA~2\Studio 12 2015-08-22 08:31:53 -------- d-----w- C:\PROGRA~2\Pinnacle Studio Ultimate 2015-09-04 12:07:18 -------- d-----w- C:\PROGRA~2\Malwarebytes 2015-09-04 13:49:19 -------- d-----w- C:\PROGRA~2\Innovative Solutions 2015-09-09 15:03:10 -------- d-----w- C:\PROGRA~2\ProductData ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [24-02-2015 16:42] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08-01-2015 15:19] ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.85 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cnjfgbikbkcmickdalamlmpmkhmbollm - No path found[] fabcmochhfpldjekobfaaggijgohadih - No path found[] hdokiejnpimakedhajhdlcegeplioahd - No path found[] ipmeajfmcoafocgllabadecddnaabakj - No path found[] jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files\Internet Download Manager\IDMGCExt.crx[04-06-2014 07:39] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[23-05-2011 20:24] poimdfnhgefmnkeefbjibbiemlimdnof - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] Google Slides - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Rapport - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof YouTube - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Digital Clock CE-7 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceppoilemjnhfdbkekhcnagmfnhokjgm selector is not a valid CSS selector - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Symbaloo Bookmarker 0.5.0 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm Google Search - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Calendar - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Bitdefender Wallet - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih Google Sheets - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Print or PDF with CleanPrint - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf Collusion for Chrome - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp Google Docs Offline - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Dictionary by Dictionary.com - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh Avast Online Security - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Trustwave SecureBrowsing - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcghfieafojgpngcjbkbbjfecjbahhif LastPass - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Keep - notes and lists - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki Symbaloo Homepage 2 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmeajfmcoafocgllabadecddnaabakj IDM Integration Module - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn Last updated at time on date - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd Evernote Web - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol Ghostery - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij Chrome Web Store Payments - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo> - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm chromeIPass - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae Haalmeeruitjecard toolbar - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifoiijbjchknebeoiohmchpnncpnnnn Evernote Web Clipper - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc Gmail - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pifoiijbjchknebeoiohmchpnncpnnnn deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{357CD1B5-CC05-4C7D-A5A2-AA4D0AD5148D} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C111896C-02C7-4AA3-BFE2-A2DC472EA9A6} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Update Service YourFileDownloader deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B1DC75350CCD7C45A2AAAD4A05D41D8 deleted successfully ==== HijackThis Entries ====================== O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll O2 - BHO: Increase performance and video formats for your HTML5