Zoek.exe v5.0.0.1 Updated 24-October-2015 Tool run by Eigenaar on zo 25/10/2015 at 10:51:16,08. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 25/10/2015 10:58:35 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\Eigenaar\AppData\Roaming\DiskDefrag deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 32 Bit HP CIO Components Installer 7-Zip 15.09 beta Adobe Flash Player 19 ActiveX Adobe Flash Player 19 NPAPI B110 BufferChm CCleaner Content Transfer Definition Update for Microsoft Office 2010 (KB3085607) 32-Bit Edition Duplicate Cleaner Pro 3.2.7 ExtractNow Glary Utilities 5.36 Google Chrome Google Update Helper HD Tune 2.55 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HPAppStudio HPPhotoGadget Java 8 Update 65 Java Auto Updater Kaspersky Internet Security Malwarebytes Anti-Malware versie 2.1.8.1057 Mediapurge Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Mozilla Firefox 41.0.2 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyDriveConnect 4.0.2.2123 Nero 8 neroxml Network NirSoft BlueScreenView NVIDIA-configuratiescherm 307.83 NVIDIA Drivers NVIDIA Grafisch stuurprogramma 307.83 NVIDIA Install Application NVIDIA Update 1.10.8 NVIDIA Update Components NWZ-E450 WALKMAN Guide PerfectDisk Professional Business PS_AIO_07_B110_SW_Min QuickTransfer Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB2972107) Security Update for Microsoft .NET Framework 4.5.2 (KB2972216) Security Update for Microsoft .NET Framework 4.5.2 (KB2978128) Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft .NET Framework 4.5.2 (KB3072310) Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft Excel 2010 (KB3085609) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598244) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054965) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3085514) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Speccy SUPERAntiSpyware Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD Toolbox Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Access 2010 (KB3055045) 32-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055034) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3085604) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB3085513) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Update for Microsoft Word 2010 (KB3085599) 32-Bit Edition VCRedistSetup Visual Studio C++ 10.0 Runtime VLC media player WD Drive Utilities WD Link WD Quick View WD Security WD SmartWare WebReg ==== Running Processes ====================== C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\CheckDrive\CheckDrive.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe C:\Windows\system32\IoctlSvc.exe C:\Program Files\SUPERAntiSpyware\SASCore.exe C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Glary Utilities 5\Integrator.exe C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe C:\Program Files\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe C:\Windows\system32\wbem\WmiApSrv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Users\Eigenaar\Downloads\zoek.exe C:\Windows\system32\conime.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k HPService ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\47mvf4zy.default-1414307109170 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20152510_1154_.backup ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\9hg7n3tu.default-1445267059727 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20152510_1154_.backup ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\nwnk26ap.default-1434370288704 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20152510_1154_.backup ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677 prefs.js not found user.js not found ---- FireFox user.js and prefs.js backups ---- ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 2047 MB CPU Info: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz CPU Speed: 2397,1 MHz Sound Card: Luidsprekers (High Definition A | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Display Adapters: NVIDIA GeForce 210 | NVIDIA GeForce 210 | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH40F Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 285,1GB | E: 114,5GB | I: 2794,5GB Hard Disks - Free: C: 96,7GB | E: 82,3GB | I: 2458,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/10/08 | PacBel - 20080910 Time Zone: Romance (standaardtijd) Motherboard *: Packard Bell BV MCP73VT-PM Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886} SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} Default Browser: Google Chrome 46.0.2490.80 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 41.0.2 (x86 nl) Google Chrome version: 46.0.2490.80 Sun Java version: 1.8.0_65 (32-bit) Flash Player version: 19.0.0.226 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-10-01 12:58:26 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\Eigenaar\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-10-15 11:13:15 80BEB858D2EEE9CA657647B599E5D844 11616 ----a-w- C:\Windows\System32\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-15 11:13:13 B23936CF83DAC4B64660A88711B5234A 12128 ----a-w- C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-15 11:13:13 9F9FE5F52E9B2AD655C896B849883B1A 12128 ----a-w- C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-15 11:13:13 9D66FCC681389EC619D4E801F1DDBB2F 17760 ----a-w- C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-15 11:13:13 8E534F49C77D787DB69BABFF931A497A 12640 ----a-w- C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-15 11:13:13 73CED8B30963E54D262DAE2559116E46 13664 ----a-w- C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-15 11:13:13 6C7F782FDBF9AEFFE7663FA1579A610E 17760 ----a-w- C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll 2015-10-15 11:13:13 39F9D0F1B698D53D78C79576C7C60526 14176 ----a-w- C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll 2015-10-15 11:13:13 33E8CCBE05123C8146CD16293B688417 15712 ----a-w- C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-15 11:13:11 CBF3CFC9EE1FD29707D95C63A5E7A78B 19808 ----a-w- C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-15 11:13:11 C1096DA4634AD3356A10C00B24F53393 22368 ----a-w- C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll 2015-10-15 11:13:11 85CEBA9A21CE5D51B35EF2DE9EBFBAC4 12128 ----a-w- C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-15 11:13:11 4669249FB01EA369C7FD40A530966FA1 12640 ----a-w- C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-15 11:13:11 408019E57D3D2DA62A9F28389EED0AC1 16224 ----a-w- C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-15 11:13:11 00A0A24BB2E9AADE11494B627EB164C4 12640 ----a-w- C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll 2015-10-15 11:13:09 94FEB4417CF3E39C8C58A1B73620687E 66400 ----a-w- C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll 2015-10-15 11:13:07 5B55E9A1360A6C52CC988DA6804D6CA2 901264 ----a-w- C:\Windows\System32\ucrtbase.dll 2015-10-15 11:09:20 BAFE1DCCFD0E728E7DB4C3CAEB8A3FD0 1206192 ----a-w- C:\Windows\System32\ntdll.dll 2015-10-15 11:09:20 07ACB6DDA54212DC308E07B5F6987D37 3606464 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-10-15 11:09:16 E762DDDC2802CC15A13DE4656B1153EC 3554240 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-10-15 11:07:58 6FDC511D688F00D1F9083BAF04B31F13 11588096 ----a-w- C:\Windows\System32\shell32.dll 2015-10-14 14:19:14 E00A0AD02051A13C1461FB0C512109C0 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-10-14 14:19:13 DBDE44BEF9EA1B0FA4668F88BC477D74 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2015-10-14 14:19:13 5C171891A4439F3BE3B493376D582DCF 176640 ----a-w- C:\Windows\System32\ieui.dll 2015-10-14 14:19:13 1A387F732AE45DA6A3976509A047716D 422912 ----a-w- C:\Windows\System32\vbscript.dll 2015-10-14 14:19:13 0ED0C46A3407B6BA8774603D9327A389 1129472 ----a-w- C:\Windows\System32\wininet.dll 2015-10-14 14:19:12 BB46497F559959405E37CD4680A29B23 367616 ----a-w- C:\Windows\System32\html.iec 2015-10-14 14:19:12 8AC8DE3F8869A2553C13DE3C6C6DF0DB 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2015-10-14 14:19:11 40F2736FA3D1D7B35163F8358BD58A1D 718848 ----a-w- C:\Windows\System32\jscript.dll 2015-10-14 14:19:09 91E8879F3AD75C1FBAE9760D8DC09682 12388352 ----a-w- C:\Windows\System32\mshtml.dll 2015-10-14 14:19:08 C0C202D9758566B5C03D56D4E408C065 1814016 ----a-w- C:\Windows\System32\jscript9.dll 2015-10-14 14:19:03 B56E56718265AE07D88B850AAAC5F583 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2015-10-14 14:19:03 8CEF2DEDDA1BA25C3B88A0348921172D 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2015-10-14 14:19:03 672C1E44CCA63E24428E5A1A8599762C 1139712 ----a-w- C:\Windows\System32\urlmon.dll 2015-10-14 14:19:02 BD568FE0BAD2BBB775E7ACC2A713311B 11776 ----a-w- C:\Windows\System32\mshta.exe 2015-10-14 14:19:02 7AB66EDE5C68C1EA93372472B6A072A5 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2015-10-14 14:19:02 72FA287A6FC5CC2B4EEEB6A26445B501 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2015-10-14 14:19:02 4F671F8AA6183AB257F959E14CFE2F65 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2015-10-14 14:19:00 E7A365E3AAA34667347AEDBF44D1BAC1 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-10-14 14:19:00 A707C85989F0771FDE4AEC146E316C0C 1804288 ----a-w- C:\Windows\System32\iertutil.dll 2015-10-14 14:18:59 CDA1E29C7CEB139C3F17948EF19F9803 9751552 ----a-w- C:\Windows\System32\ieframe.dll 2015-10-14 14:18:59 4431B1D8D6AC50F53773EB6BFF4AAF08 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-10-14 14:18:59 3BE0FF3DFCC124D2F8BBF51B4C63D8D0 231936 ----a-w- C:\Windows\System32\url.dll ====== C:\Windows\system32\drivers ===== 2015-10-25 09:39:26 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\06D842EB.sys 2015-10-19 16:24:32 05C11D2DA6B396F6AD8C590D32CF81D7 17472 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys 2015-10-11 11:30:02 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\358351B5.sys 2015-10-01 12:27:19 3546C0B6F2D808D4E6294A9D6B25151B 221568 ----a-w- C:\Windows\System32\drivers\netio.sys 2015-09-28 17:36:54 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\6F7E72C4.sys 2015-09-28 16:43:51 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\662D4A2A.sys 2015-09-28 16:43:50 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\3C304A26.sys 2015-09-28 16:41:07 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\007A4812.sys ====== C:\Windows\Tasks ====== 2015-10-19 16:24:39 F8756A9B64287B5EC649A673354336B8 2980 ----a-w- C:\Windows\system32\Tasks\GU5SkipUAC 2015-10-19 16:24:35 0E05E37B07BB158C16813E65022137B8 3310 ----a-w- C:\Windows\system32\Tasks\GlaryInitialize 5 2015-10-03 14:52:05 E5B46B48F96AE13C4BBE282FAB6A56D0 3792 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater 2015-10-03 14:52:05 70967C06EB789A291849DE5533B2144B 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-10-25 10:47:55 -------- dc----w- C:\Program Files\Mediapurge 2015-10-24 15:23:16 -------- dc----w- C:\Program Files\Duplicate Cleaner Pro 2015-10-24 15:03:30 -------- dc----w- C:\Program Files\Common Files\Java 2015-10-19 16:24:12 -------- dc----w- C:\Program Files\Glary Utilities 5 2015-10-18 14:51:54 -------- dc----w- C:\Program Files\Abee MP3 Duplicates Finder 2015-10-16 16:14:12 -------- dc----w- C:\Program Files\uTorrent ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2015-10-25 10:48:51 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\MediaPurge 2015-10-25 10:47:55 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2015-10-24 12:51:20 -------- d-----w- C:\Users\Eigenaar\AppData\Locallow\uTorrent 2015-10-19 16:24:29 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\GlarySoft 2015-10-18 15:03:22 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner 2015-10-18 14:19:17 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Similarity 2015-10-18 14:11:41 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\AC1 2015-10-18 12:58:11 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\IsolatedStorage 2015-10-18 11:24:44 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\DigitalVolcano 2015-10-16 16:14:12 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent 2015-10-06 14:10:36 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-10-06 14:10:36 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-10-06 14:10:36 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2015-10-06 14:10:35 -------- dc----w- C:\Users\Eigenaar\AppData\Local\Temp 2015-10-06 14:10:35 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-10-06 14:10:35 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-10-06 14:10:35 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-10-01 13:08:39 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps 2015-09-27 18:32:27 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Nero 2015-09-27 13:01:03 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\SUPERAntiSpyware.com ====== C:\Users\Eigenaar ====== 2015-10-25 10:45:55 1D918EABE44C8116778C23DCF890CE3B 4044725 -c--a-w- C:\Users\Eigenaar\Downloads\Mediapurge_installer(1).exe 2015-10-25 10:43:12 1D918EABE44C8116778C23DCF890CE3B 4044725 ----a-w- C:\Users\Eigenaar\Downloads\Mediapurge_installer (2).exe 2015-10-25 10:42:16 7A04A056CDDA78DA0AA1E316D9B6CC45 129032 ----a-w- C:\Users\Eigenaar\Downloads\Mediapurge_installer (1).exe 2015-10-25 10:41:31 1D918EABE44C8116778C23DCF890CE3B 4044725 ----a-w- C:\Users\Eigenaar\Downloads\Mediapurge_installer.exe 2015-10-24 15:23:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro 2015-10-24 14:55:07 461A1FEB2BE3C9AD35CD9206470BDA89 584288 ----a-w- C:\Users\Eigenaar\Downloads\chromeinstall-8u65 (1).exe 2015-10-24 14:54:46 461A1FEB2BE3C9AD35CD9206470BDA89 584288 ----a-w- C:\Users\Eigenaar\Downloads\chromeinstall-8u65.exe 2015-10-24 08:00:48 B5C2077084B67A26FFD090D29F649D0C 5172392 ----a-w- C:\Users\Eigenaar\Downloads\DuplicateCleaner_setup (3).exe 2015-10-24 08:00:00 4DA83A1B44D13D455097325C6438DD8A 4377996 ----a-w- C:\Users\Eigenaar\Downloads\DuplicateCleaner_setup (2).exe 2015-10-24 07:58:57 B5C2077084B67A26FFD090D29F649D0C 5172392 ----a-w- C:\Users\Eigenaar\Downloads\DuplicateCleaner_setup.exe 2015-10-24 07:40:11 42AFA6CA9E47C71326CF35B824FACA13 1938023 -c--a-w- C:\Users\Eigenaar\Downloads\tagscan5.1.668setup.exe 2015-10-22 11:19:31 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 -c--a-w- C:\Users\Eigenaar\Downloads\RSIT.exe 2015-10-21 12:04:41 974C32F8EC24194EAE13E4628FD3B933 141864 -c--a-w- C:\Users\Eigenaar\Downloads\bluescreenview_setup(1).exe 2015-10-21 11:53:37 974C32F8EC24194EAE13E4628FD3B933 141864 -c--a-w- C:\Users\Eigenaar\Downloads\bluescreenview_setup.exe 2015-10-19 16:33:08 C24FB90BF94193F2D71EE2450CCFA3A7 1090363 ----a-w- C:\Users\Eigenaar\Downloads\7_Zip_(32bit)_v15.09_Beta (1).exe 2015-10-19 16:32:48 C24FB90BF94193F2D71EE2450CCFA3A7 1090363 ----a-w- C:\Users\Eigenaar\Downloads\7_Zip_(32bit)_v15.09_Beta.exe 2015-10-19 16:29:00 -------- d-----w- C:\ProgramData\GlarySoft 2015-10-19 16:24:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2015-10-18 16:40:37 9021D1C15A51374B24344CA8073213AE 117727000 ----a-w- C:\Users\Eigenaar\Downloads\iTunesSetup (1).exe 2015-10-18 16:39:16 9021D1C15A51374B24344CA8073213AE 117727000 ----a-w- C:\Users\Eigenaar\Downloads\iTunesSetup.exe 2015-10-18 15:50:49 20C1609C27262F196BB8244085EC308E 4513277 ----a-w- C:\Users\Eigenaar\Downloads\mp3tagassistant_pro_installer-R38603.exe 2015-10-18 15:08:09 B5C2077084B67A26FFD090D29F649D0C 5172392 ----a-w- C:\Users\Eigenaar\Downloads\DuplicateCleaner_setup (1).exe 2015-10-18 14:54:44 9F0C5B2E3E174F9880D99B00545FA23A 812544 ----a-w- C:\Users\Eigenaar\Downloads\DoubleKiller.exe 2015-10-18 14:10:12 1DFB584A80D3941E90145C5F71985A58 2985616 -c--a-w- C:\Users\Eigenaar\Downloads\ac_setup.exe 2015-10-18 12:58:11 -------- d-----w- C:\ProgramData\IsolatedStorage 2015-10-18 08:23:23 E6FA7781D11C3FFDFB91D3B3C78383A3 781312 ----a-w- C:\Users\Eigenaar\Downloads\delfix_1.011.exe 2015-10-17 09:08:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-09-27 12:57:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com ====== C: exe-files == 2015-10-24 16:21:18 0E84D08A5C8A3291F9A65422A4E8D44D 939088 -c--a-w- C:\Program Files\Google\Update\Install\{C82E8A8E-DD20-4CF7-81D0-60D1C2CF9149}\46.0.2490.80_46.0.2490.71_chrome_updater.exe 2015-10-24 16:21:18 0E84D08A5C8A3291F9A65422A4E8D44D 939088 -c--a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_46.0.2490.71_chrome_updater.exe 2015-10-24 15:23:17 1B534FCB22B6DFA239FC39F135A3457F 133149 -c--a-w- C:\Program Files\Duplicate Cleaner Pro\uninst.exe 2015-10-24 15:00:26 CC0CF93D2BF12A423DA4134FFB9C324D 50784 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\ssvagent.exe 2015-10-24 15:00:26 6211595DD15306DFD8E07B95E6F2984D 16480 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\tnameserv.exe 2015-10-24 15:00:26 4D2DDC988E4F67E7E07E78954FBEED2D 159328 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\unpack200.exe 2015-10-24 15:00:25 FAE99E011922F5BE4CB2160E316D057B 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\rmiregistry.exe 2015-10-24 15:00:25 FA5E33B54BD044F489BA4281B3D6ED95 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\servertool.exe 2015-10-24 15:00:25 BBC68E5519B11A74B8208AA7B85F3B80 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\rmid.exe 2015-10-24 15:00:25 857117663B1F28ABBA4E1C6110A09282 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\policytool.exe 2015-10-24 15:00:24 B61623580A304714A4E2FE6A5E73327F 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\pack200.exe 2015-10-24 15:00:24 940EE00C074A46D638A756723964D65D 16480 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\orbd.exe 2015-10-24 15:00:22 56DCBCE6CF84B5F12185AF6DB7B85EB2 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\keytool.exe 2015-10-24 15:00:22 1A859E08A65ECBA7B687ACAED5EA5080 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\ktab.exe 2015-10-24 15:00:22 1933BBD87F9759CC2D7DC2909C4CA0CD 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\klist.exe 2015-10-24 15:00:22 0AD21325149141252F05B32F7809F441 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\kinit.exe 2015-10-24 15:00:21 AA79E5830F4B6C29A5A976891ED0E86B 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\jjs.exe 2015-10-24 15:00:21 2AA43B8A44341F90DCCFAE38107BA484 76896 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\jp2launcher.exe 2015-10-24 15:00:02 50CC4A65F784A51813A169EA33CF319A 278624 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\javaws.exe 2015-10-24 15:00:01 A53E431775DF91EA016AF5817DF26B41 191584 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\javaw.exe 2015-10-24 14:59:58 B6DBE62611DA178B2CA578BC2B7BBA30 68192 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\javacpl.exe 2015-10-24 14:59:55 8ED50DA4BAE0046E05BEC0110CF20B17 15968 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\java-rmi.exe 2015-10-24 14:59:55 66B01DCB41FBE8C3CAB13D3F8ED4FA58 30816 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\jabswitch.exe 2015-10-24 14:59:55 4547FB479010206D8BEA10B2694C5C6D 191072 -c--a-w- C:\Program Files\Java\jre1.8.0_65\bin\java.exe 2015-10-19 16:24:41 12BC7D1672AC0BD392DF5723C29B39D9 201423 -c--a-w- C:\Program Files\Glary Utilities 5\uninst.exe 2015-10-19 16:15:00 C73349A573125AB579EB20663A329C45 8632888 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$RK9CINT\setup\DuplicateCleaner3_setup.exe 2015-10-19 12:37:28 E6F8CECC96AD9EABA36641D3124CFA35 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$I6JIXXW.exe 2015-10-19 12:37:28 D995074F63B890DD021FAA36945BDEF3 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IJC89OD.exe 2015-10-19 12:37:28 C1E0EE67AE32A9105F66EEB46E26545E 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$I4SOZHK.exe 2015-10-19 12:37:28 B1029F8F0E8BD7D0B931FF5AF4D41F29 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$ISK2VSH.exe 2015-10-19 12:37:28 8A0F9C464E6AA2CEB21F306BB9FB17C2 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$I0I819C.exe 2015-10-19 12:37:28 4EEE84E14A9793146C0D200B2EF141A2 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IZ79GNR.exe 2015-10-19 12:37:28 346C62FA8D24BC9D7CD7AEDAAFE0FCD8 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$I5N3IEU.exe 2015-10-19 12:37:27 DDC4997B35608D9E27E1BE6523958ECC 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IYEZPN4.exe 2015-10-18 14:54:24 DB76A6982AA95F0F09A444535FE8B5CF 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IOJVFUH.exe 2015-10-18 14:54:24 9808A4CE6B893CB783CB9136DA0A2CF5 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IPBM162.exe 2015-10-18 14:54:24 8CF805F4C8C90441A2723F4104F60785 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IOTA3Z4.exe 2015-10-18 14:54:24 89A81FA941E323660A5ED1B53258F25A 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$I34CJXK.exe 2015-10-18 14:54:24 851FD884B6BFF7C11EBB9B6E932A135B 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IWGWLEW.exe 2015-10-18 14:54:24 438829EFCA75003255C20A053C6BD9F6 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IA1KMLG.exe 2015-10-18 14:54:24 2C3FF0914F7B1D2ECE3D7326EDC87EAB 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IQKKO06.exe 2015-10-18 14:54:24 26BD2F1DCE1CDA72DCC547FFBA70178E 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IIWA2MQ.exe 2015-10-18 14:54:24 0FE43FA6793ED45F34F7DDF406BCCF56 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IW3IBLS.exe 2015-10-18 14:54:24 0F5604EA9D381B1596817C100B63234B 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IUWK92I.exe === C: other files == 2015-10-25 09:39:26 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\06D842EB.sys 2015-10-24 15:00:26 577B724A8DB4380F8B8F0098D1C9A722 14130 -c--a-w- C:\Program Files\Java\jre1.8.0_65\lib\deploy\ffjcext.zip 2015-10-19 16:24:32 05C11D2DA6B396F6AD8C590D32CF81D7 17472 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys 2015-10-19 12:37:28 A9531EEB903B9747AD105208E711B7A9 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IVMQTQ2.zip 2015-10-19 12:37:28 50A8B11288C0B850AC0D866ECF43EA92 544 -c--a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$I5SW6KI.zip 2015-10-18 14:53:43 E68AC3926BA37B8AB7A8B4CFF951D5C0 400720 -c--a-w- C:\Users\Eigenaar\Downloads\doublekiller.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "uTorrent"="C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "GUDelayStartup"="C:\Program Files\Glary Utilities 5\StartupManager.exe -delayrun" [HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1002\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe" "WD Drive Unlocker"="C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe" "DriveUtilitiesHelper"="C:\Program Files\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe" "WD Quick View"="C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "uTorrent"="C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "GUDelayStartup"="C:\Program Files\Glary Utilities 5\StartupManager.exe -delayrun" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [17/10/2015 15:54] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [30/08/2015 11:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [30/08/2015 11:07] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GlaryInitialize 5" [C:\Program Files\Glary Utilities 5\Initialize.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GU5SkipUAC" [C:\Program Files\Glary Utilities 5\Integrator.exe] "C:\Windows\system32\tasks\UnHackMe Task Scheduler" [C:\Program Files\UnHackMe\hackmon.exe] "C:\Windows\system32\tasks\Abelssoft\StartBackgroundguardWithWindows" [C:\Program Files\CheckDrive\CheckDrive.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\system32\tasks\Western Digital\SmartWare\____Volume_9c6e30fc_4489_11e4_b074_806e6f6e6963______Volume_d8d0ac2b_5094_11e5_beb6_00251117326a__" [C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [02/02/2015 17:09] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\9hg7n3tu.default-1445267059727 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 7D127425BBE91DF37448A7F44C1DDA52 - C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 0A7CFC4EE9CC3206B1DC522FCB8C3DB1 - c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll - Silverlight Plug-In E2B92179DA6F4CF6EC3778D2802C960F - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll - Plugins PDK 57686DF728BE5FE43A05B265051D1935 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll - Plugins PDK 4BA14D74164EC27A9A97663D7D9755A1 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll - Plugins PDK 707BD8847C224D2FC54116BFBED8B504 - C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U65 163CE3EDEA7701198D1931B3084F29B8 - C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.650.17 863AF0003392FEBC2667A8A790DED955 - C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash 0B8378EA70622A6F3EC50CC4AF62764C - c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho[] Kaspersky Protection - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho Chrome Web Store Payments - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.pckeeper.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.pckeeper.com_0.localstorage-journal deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe O4 - HKLM\..\Run: [WD Quick View] C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [uTorrent] "C:\Users\Eigenaar\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun O4 - HKUS\S-1-5-21-99750587-4078008973-3465543785-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O4 - HKUS\S-1-5-21-99750587-4078008973-3465543785-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Kaspersky Anti-Virus-service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCore.exe O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe ==== Empty IE Cache ====================== C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\9hg7n3tu.default-1445267059727\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8 folders=0 89524 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\UpdatusUser\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on zo 25/10/2015 at 12:23:20,32 ======================