Zoek.exe v5.0.0.0 Updated 21-05-2014 Tool run by Brent on za 31/05/2014 at 12:57:20,09. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Brent\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Users\Brent\AppData\Roaming\GVU Technologies\Free YouTube to MP4 Converter\CertifiedBrowserService.exe C:\Windows\Explorer.EXE C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Erazer\MEDION Gaming Mouse\hid.exe C:\Program Files\Erazer\MEDION Gaming Mouse\trayicon.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Alwil Software\Avast5\avastui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\EXPERTool\TBPANEL.exe C:\Users\Brent\AppData\Local\Akamai\netsession_win.exe C:\Users\Brent\AppData\Local\Akamai\netsession_win.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Google\Update\GoogleUpdate.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\msiexec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brent\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Users\Brent\AppData\Local\Temp\wget.exe C:\Users\Brent\Downloads\zoek.exe C:\Windows\system32\conhost.exe ==== System Restore Info ====================== 31/05/2014 12:58:58 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\BrowseSmart deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\Yahoo! deleted successfully C:\Users\Brent\AppData\Local\Unity deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2D8D9ACC-F6D7-4362-8876-A275CA929591} deleted successfully HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{88AC3CB6-596B-4217-964C-B6757EF9602D} deleted successfully HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) æTorrent 32 Bit HP CIO Components Installer Able MIDI Editor 1.32 (remove only) Adobe AIR Adobe Community Help Adobe Flash Player 13 ActiveX Adobe Flash Player 13 Plugin Adobe Reader XI (11.0.07) - Nederlands Aeria Ignite AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Akamai NetSession Interface Angry Birds Rio Ashampoo Burning Studio 10.0.1 avast Free Antivirus AVS Video Converter 8.5 BufferChm C-Media Card Reader Driver USB2.0 CCleaner Command & Conquer 3 Command & Conquer 3 Kane's Wrath(TM) Worldbuilder Command & Conquer The First Decade Command & ConquerT 3: Kane's Wrath Command & ConquerT 4 Tiberian Twilight ConvertXtoDVD 4.1.19.365 Creeper World Creeper World 2 Creeper World 2 Editor Creeper World 3 Creeper World Map Editor DAEMON Tools Lite DigiSaaver Dr Kawashima Dungeon Siege 2 EpicBot Erazer MEDION Gamingmuis stuurprogramma V1.0 EXPERTool 7.20 ExstraSAvviingS Fax FoxTab FLV Player FoxTab PDF Converter Free Mouse Auto Clicker 3.1 Free YouTube to MP3 Converter version 3.12.16.1030 Free YouTube to MP4 Converter Google Chrome Google Drive Google Earth Google Update Helper Hi-Rez Studios Authenticate and Update Service HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B inSSIDer Home InstallIQ Updater Java 7 Update 55 Java Auto Updater JavaFX 2.1.1 League of Legends Lightshot-5.1.2.0 LockHunter 3.0, 32/64 bit LSI PCI-SV92PP Soft Modem Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Notebook Interactive Viewer NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision controllerstuurprogramma 301.42 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Display Control Panel NVIDIA Grafisch stuurprogramma 311.06 NVIDIA HD Audio-stuurprogramma 1.3.16.0 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver OpenTTD 1.1.5 Pando Media Booster Plants vs. Zombies PVSonyDll ReaandomPrIcee Realtek High Definition Audio Driver Realtek PCI Fast Ethernet Controller Driver For Vista and Win7 Recuva RT2500 USB Wireless LAN Card RuneScape Launcher 1.2.3 Search Protect Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition ShockWave 1.1 Smite Speccy Subtitle Workshop 2.51 SW-Sustainer 1.80 Synthesia Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD Toolbox UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) uTorrent Packages VideoMate T, M, P, S Series Driver VLC media player 2.1.3 Warcraft III WebReg WinRAR 5.01 (32-bit) ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Brent\AppData\LocalLow\{261F2E70-7D89-2754-D8EA-8552937CB5A2} deleted C:\Users\Brent\AppData\LocalLow\{91339493-4E1E-8D6A-6D42-423700C8DC6C} deleted C:\Users\Brent\AppData\LocalLow\{F02D68F7-A8F5-2A0A-FAEB-563B926AA215} deleted C:\PROGRA~2\3d8ae864dc408a07 deleted C:\Users\Brent\AppData\Local\genienext deleted C:\Program Files\TornTV.com deleted C:\PROGRA~2\ReaandomPrIcee deleted C:\PROGRA~2\ExstraSAvviingS deleted C:\PROGRA~2\DigiSaaver deleted C:\Program Files\Mobogenie deleted C:\Users\Brent\AppData\Roaming\newnext.me deleted C:\Users\Brent\AppData\Roaming\GetRightToGo deleted C:\PROGRA~2\W3i deleted C:\PROGRA~2\InstallMate deleted C:\Users\Brent\AppData\Local\SearchProtect deleted C:\Users\Brent\AppData\Local\Mobogenie deleted C:\Users\Brent\AppData\Local\cache deleted C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted "C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe" deleted "C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe" deleted "C:\Users\Brent\AppData\Roaming\GVU Technologies\Free YouTube to MP4 Converter\CertifiedBrowserService.exe" deleted "C:\Program Files\SearchProtect" not deleted "C:\Program Files\SearchProtect" not deleted "C:\Users\Brent\AppData\Roaming\GVU Technologies" not deleted "C:\Program Files\SearchProtect\Main" not deleted "C:\Program Files\SearchProtect\Main\bin" not deleted "C:\Program Files\SearchProtect\Main" not deleted "C:\Program Files\SearchProtect\Main\bin" not deleted "C:\Users\Brent\AppData\Roaming\GVU Technologies\Free YouTube to MP4 Converter" not deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601) Memory (RAM): 3071 MB CPU Info: Intel(R) Pentium(R) D CPU 3.00GHz CPU Speed: 2995,2 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 520 | NVIDIA GeForce GT 520 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: RT2500 USB Wireless LAN Card CD / DVD Drives: 3x (F: | G: | L: | ) F: SONY DVD RW DW-Q31A | G: SONY DVD-ROM DDU1615 | L: WNK OX6F0PEZKP Ports: COM1 | COM2 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 116,3GB | D: 101,3GB | E: 15,2GB Hard Disks - Free: C: 29,6GB | D: 45,5GB | E: 10,6GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 10/07/05 | DELL - 42302e31 Time Zone: Romance (standaardtijd) Motherboard *: MICRO-STAR INTERNATIONAL CO., LTD MS-7204 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 34.0.1847.116 Internet Explorer Version: 11.0.9600.17105 Google Chrome version: 34.0.1847.116 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_55 (32-bit) Flash Player version: 13.0.0.214 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Brent\AppData\Local\Temp ==== 2014-05-30 14:08:12 73AC466A8EBEE344C1F8FD262F69144F 208896 ----a-w- C:\Users\Brent\AppData\Local\Temp\drm_dyndata_7400004.dll ====== Java Cache ===== 2014-05-21 13:24:41 4F5D19F855E3BB185630A3C6AECFCE54 432883 ----a-w- C:\Users\Brent\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\7c29268c-15b657a3 2014-05-21 13:24:40 9CD719477DDD1B57A3B38A70A001C0E0 452 ----a-w- C:\Users\Brent\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3d2024a1-105bc58479bdbbfd7e18b1028f8cebff3e5c0601d8dfee1bd21895871acad045-6.0.lap 2014-05-21 13:24:28 9C23334AC2724751F976954AEA3FE0DC 473 ----a-w- C:\Users\Brent\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\7e0e6928-f82587a9a20398ec2f04ebc854456d12a5444904ab7ad96dff59bd4dc4ab8799-6.0.lap ====== C:\Windows\system32 ===== 2014-05-22 05:53:26 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\System32\shell32.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2014-05-30 15:26:19 08EB3A40579E995ADEC2CC8B1C65BA01 3950 ----a-w- C:\Windows\system32\Tasks\User_Feed_Synchronization-{AB794A2B-9602-4BEF-9FB5-C626E7298CDD} 2014-05-30 14:07:18 F2F14475BB30B0A3E2C1EAF00FDC4B2D 3028 ----a-w- C:\Windows\system32\Tasks\{DDAC0FAB-3901-452F-8B2A-67D4F97220FE} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-05-30 14:05:34 -------- d-----w- C:\Program Files\Dr.Kawashima 2014-05-22 16:16:05 -------- d-----w- C:\Program Files\Creeper World 2 Editor ======= C: ===== ====== C:\Users\Brent\AppData\Roaming ====== 2014-05-31 11:03:26 856F2A0A5BEC89971E3071AD22017410 110400 ----a-w- C:\Users\Brent\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-31 11:00:14 -------- d-----w- C:\Users\Brent\AppData\Local\ElevatedDiagnostics 2014-05-30 14:06:49 -------- d-----w- C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hersengymnastiek met Dr. Kawashima 2014-05-26 15:46:17 -------- d-----w- C:\Users\Brent\AppData\Roaming\.mono 2014-05-25 16:18:39 -------- d-----w- C:\Users\Brent\AppData\Roaming\CreeperWorld3 ====== C:\Users\Brent ====== 2014-05-30 15:17:03 F9DF3B28B2104B2933F82DCEA6DAF47D 918672 ----a-w- C:\Users\Brent\Downloads\ChromeSetup.exe 2014-05-22 15:09:46 -------- d-----r- C:\Users\Brent\Contacts 2014-05-18 17:10:12 00594FD4F42BA43FC1CA0427A0576295 1 ----a-w- C:\Users\Brent\random.dat 2014-05-18 17:10:11 3434FF9B66845D16B2B90659F280D290 44 ----a-w- C:\Users\Brent\jagex_cl_runescape_LIVE.dat 2014-05-18 17:10:05 23E2A0C20994909FC5ED21FDA0A822C9 12 ----a-w- C:\Users\Brent\jagexappletviewer.preferences ====== C: exe-files == 2014-05-30 15:17:14 F9DF3B28B2104B2933F82DCEA6DAF47D 918672 ----a-w- C:\Program Files\Google\Update\1.3.24.7\GoogleUpdateSetup.exe 2014-05-30 15:17:14 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Program Files\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe 2014-05-30 15:17:14 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe 2014-05-30 15:17:14 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler64.exe 2014-05-30 15:17:14 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Program Files\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe 2014-05-30 15:17:14 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.24.7\GoogleUpdate.exe 2014-05-30 15:17:14 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Program Files\Google\Update\1.3.24.7\GoogleUpdateBroker.exe 2014-05-30 15:17:03 F9DF3B28B2104B2933F82DCEA6DAF47D 918672 ----a-w- C:\Users\Brent\Downloads\ChromeSetup.exe 2014-05-30 15:17:03 F9DF3B28B2104B2933F82DCEA6DAF47D 918672 ----a-w- C:\Documents and Settings\Brent\Downloads\ChromeSetup.exe 2014-05-30 14:06:53 E4C25B8CB168049F7BBE93A670B3C1CD 287930 ----a-w- C:\Program Files\Dr.Kawashima\Uninstall.exe 2014-05-28 22:07:01 353D987AB1248FF75D012610E51D37F4 16547320 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_game_client\releases\0.0.0.234\deploy\League of Legends.exe 2014-05-28 10:35:41 A7D6255FAD99121857CE2558AAC902E7 1543456 ----a-w- C:\Users\Brent\AppData\Local\Skillbrains\lightshot\unins000.exe 2014-05-28 10:35:41 A7D6255FAD99121857CE2558AAC902E7 1543456 ----a-w- C:\Documents and Settings\Brent\AppData\Local\Skillbrains\lightshot\unins000.exe 2014-05-28 10:35:41 303023F987CB4DC285B7609410ED8417 455680 ----a-w- C:\Users\Brent\AppData\Local\Skillbrains\lightshot\5.1.2.0\Lightshot.exe 2014-05-28 10:35:41 303023F987CB4DC285B7609410ED8417 455680 ----a-w- C:\Documents and Settings\Brent\AppData\Local\Skillbrains\lightshot\5.1.2.0\Lightshot.exe 2014-05-25 18:13:02 E7945795CD67ACE992040FACFFE9C183 764577 ----a-w- C:\Program Files\KnuckleCracker\Creeper World 3\unins000.exe 2014-05-25 18:13:02 62DA778D7661858FBE95EF73E65181EC 10514432 ----a-w- C:\Program Files\KnuckleCracker\Creeper World 3\CW3.exe 2014-05-25 16:18:19 E0EFDF7D5D9446A800C9691E15F08939 95609548 ----a-r- C:\Users\Brent\DATA van Brent\Downloads\Creeper World 3\CreeperWorld3-104.exe 2014-05-25 16:18:19 E0EFDF7D5D9446A800C9691E15F08939 95609548 ----a-r- C:\Documents and Settings\Brent\DATA van Brent\Downloads\Creeper World 3\CreeperWorld3-104.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "GAINWARD"="C:\Program Files\EXPERTool\TBPanel.exe /A" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount" "Akamai NetSession Interface"="C:\Users\Brent\AppData\Local\Akamai\netsession_win.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "LightShot"="C:\Users\Brent\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "Erazer MEDION"="C:\Program Files\Erazer\MEDION Gaming Mouse\Hid.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Aeria Ignite"="C:\Program Files\Aeria Games\Ignite\aeriaignite.exe silent" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "GAINWARD"="C:\Program Files\EXPERTool\TBPanel.exe /A" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount" "Akamai NetSession Interface"="C:\Users\Brent\AppData\Local\Akamai\netsession_win.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "LightShot"="C:\Users\Brent\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"="c:\\progra~1\\sw-boo~1\\assist~1.dll" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Alcmtr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Alcmtr" "hkey"="HKLM" "command"="ALCMTR.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AlcWzrd] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AlcWzrd" "hkey"="HKLM" "command"="ALCWZRD.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cmiboot] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Cmiboot" "hkey"="HKLM" "command"="C:\\Windows\\cmiboot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CmUCRRun] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CmUCRRun" "hkey"="HKLM" "command"="C:\\Windows\\system32\\CmUCReye.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30/05/2014 16:10] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [01/03/2012 21:43] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [01/03/2012 21:43] C:\Windows\tasks\update-S-1-5-21-3766965112-3222834027-1711910579-1003.job --a------ C:y1C:\ProgramC:Files\Skillbrains\Updater\Updater.exe [] C:\Windows\tasks\update-sys.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [27/09/2013 14:37] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\Express Files Updater" [C:\Program Files\ExpressFiles\EFupdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RegistryBooster" [C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe] "C:\Windows\system32\tasks\update-S-1-5-21-3766965112-3222834027-1711910579-1003" [C:\Program Files\Skillbrains\Updater\Updater.exe] "C:\Windows\system32\tasks\update-sys" [C:\Program Files\Skillbrains\Updater\Updater.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{AB794A2B-9602-4BEF-9FB5-C626E7298CDD}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{A16125FE-A559-4B74-A415-37E1A7CC8886}" [C:\Program Files\EpicBot\EpicBot.exe] "C:\Windows\system32\tasks\{A4E4F016-82E5-4A79-9161-09B71384B25A}" [C:\Program Files\EpicBot\EpicBot.exe] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3314136&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP6BE0C1A9-C119-4A5E-BD51-C392BC5E488B&SSPV=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{261F2E70-7D89-2754-D8EA-8552937CB5A2} deleted successfully HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91339493-4E1E-8D6A-6D42-423700C8DC6C} deleted successfully HKEY_USERS\S-1-5-21-3766965112-3222834027-1711910579-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F02D68F7-A8F5-2A0A-FAEB-563B926AA215} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{261F2E70-7D89-2754-D8EA-8552937CB5A2} deleted successfully HKEY_CLASSES_ROOT\CLSID\{261F2E70-7D89-2754-D8EA-8552937CB5A2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{261F2E70-7D89-2754-D8EA-8552937CB5A2} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{91339493-4E1E-8D6A-6D42-423700C8DC6C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{91339493-4E1E-8D6A-6D42-423700C8DC6C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91339493-4E1E-8D6A-6D42-423700C8DC6C} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02D68F7-A8F5-2A0A-FAEB-563B926AA215} deleted successfully HKEY_CLASSES_ROOT\CLSID\{F02D68F7-A8F5-2A0A-FAEB-563B926AA215} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F02D68F7-A8F5-2A0A-FAEB-563B926AA215} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C637A71C-A4B2-4B47-1B2A-1042A8D525A3} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F} deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Erazer MEDION] C:\Program Files\Erazer\MEDION Gaming Mouse\Hid.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Brent\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [LightShot] C:\Users\Brent\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C3EB25B7-EDD3-4462-95B8-0BEAB85AD7F3}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{C3EB25B7-EDD3-4462-95B8-0BEAB85AD7F3}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{C3EB25B7-EDD3-4462-95B8-0BEAB85AD7F3}: NameServer = 192.168.1.1 O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Free YouTube to MP4 Converter - Unknown owner - C:\Users\Brent\AppData\Roaming\GVU Technologies\Free YouTube to MP4 Converter\CertifiedBrowserService.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ==== Empty IE Cache ====================== C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Brent\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=394 folders=134 69573318 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Brent\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Brent\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\SearchProtect" not found "C:\Program Files\SearchProtect" not found "C:\Users\Brent\AppData\Roaming\GVU Technologies" not found ==== EOF on za 31/05/2014 at 13:55:47,92 ======================