Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by r on di 05-05-2015 at 11:14:11,85. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\r\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 5-5-2015 11:15:57 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\ATI Technologies deleted successfully C:\Users\r\AppData\Roaming\Publish Providers deleted successfully C:\Users\r\AppData\Local\Wisdom-soft deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 64conftool 7 Sticky Notes Absolute Sound Recorder version 4.7.0 ACP Application Adobe Acrobat XI Pro Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Help Manager Adobe Reader XI - Nederlands Adobe Widget Browser AMD Accelerated Video Transcoding AMD Catalyst Install Manager Apple Application Support Apple Software Update Ashampoo Burning Studio 2010 ASUS Xonar DGX Audio Audacity 2.0.5 Autodesk 360 Autodesk Application Manager Autodesk Design Review 2013 Autodesk DWG TrueView 2015 - English Autodesk Inventor Content Center Libraries 2015 (Desktop Content) Autodesk Inventor Professional 2015 - English Autodesk Inventor Professional 2015 Autodesk Inventor Professional 2015 English Language Pack Autodesk Material Library 2015 Autodesk Material Library Base Resolution Image Library 2015 Autodesk Material Library Low Resolution Image Library 2015 Autodesk ReCap Autodesk Revit Interoperability for Inventor 2015 Autodesk Vault Basic 2015 (Client) Autodesk Vault Basic 2015 (Client) English Language Pack bl Brother MFL-Pro Suite DCP-7055 CameraHelperMsi Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CloneDVD 7 Ultimate 7.0.0.10 Configurator 360 addin DrayTek Smart VPN Client Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) EDIUS EDIUS Codec Option 7.50 EDIUS DVD Menu Style 7.00 EDIUS Manual 7.00 EN erLT Everything 1.2.1.371 EZdok Camera for Microsoft Flight Simulator X FARO LS 1.1.502.0 (64bit) FileZilla Client 3.7.3 Freemake Video Converter versie 4.1.5 Ghost Recon Online (NCSA-Live) Google Chrome Google Toolbar for Internet Explorer Google Update Helper GrabIt 1.7.2 Beta 6 (build 1008) GV LicenseManager 2.50 ImgBurn Intel(R) Management Engine Components Intel© Trusted Connect Service Client Java 7 Update 60 Java Auto Updater KMSpico v9.3.2 Logitech-webcamsoftware Logitech SetPoint 6.61 Logitech Unifying-software 2.50 LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin MediaInfo 0.7.64 Microsoft Access MUI (Dutch) 2013 Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Flight Simulator SimConnect Client v10.0.60905.0 Microsoft Flight Simulator SimConnect Client v10.0.61242.0 Microsoft Flight Simulator SimConnect Client v10.0.61259.0 Microsoft Flight Simulator SimConnect Client v10.0.62613.0 Microsoft Flight Simulator X: Steam Edition Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 32-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft Visual Basic for Applications 7.1 (x64) Microsoft Visual Basic for Applications 7.1 (x64) Dutch Microsoft Visual Basic for Applications 7.1 (x64) English Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Word MUI (Dutch) 2013 Microsoft WSE 3.0 Runtime Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Mockup 360 Addin 2015 Movavi Video Converter 14 MSVCRT Redists MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MyFreeCodec MyHarmony NAVIGON Fresh 3.5.1 Navigraph FMS Data Manager 1.0.11.0603 Nero Burning Core Nero Burning ROM Nero BurningROM 2015 Nero ControlCenter Nero Core Components Nero Info Nero Launcher Nero SharedVideoCodecs Nero Update NewBlue 3D Explosions for Windows NewBlue 3D Transformations for Windows NewBlue Art Blends for Windows NewBlue Art Effects for Windows NewBlue ColorFast for Windows NewBlue Film Effects for Windows NewBlue Light Blends for Windows NewBlue Light Effects for Windows NewBlue Motion Blends for Windows NewBlue Motion Effects for Windows NewBlue Paint Blends for Windows NewBlue Paint Effects for Windows NewBlue Titler Pro 2.0 for Windows NewBlue Video Essentials for Windows NewBlue Video Essentials II for Windows NewBlue Video Essentials III for Windows NewBlue Video Essentials IV for Windows NewBlue Video Essentials V for Windows NewBlue Video Essentials VI for Windows NewBlue Video Essentials VII for Windows OMC ModPack Client versie 1.2.7.0 OpenAL Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais PDF Settings CS6 ph Plan-G v3.1.2 version 3.1.2 PMDG 747-400/400F for FSX PMDG 777-200LR/F Base Package FSX PMDG_744-8F_KLF PMDG_744-8i_KL PMDG744XF_GE_KLF Popcorn Time Prerequisite installer Privacy Eraser Pro QuickPar 0.9 QuickTime 7 Realtek High Definition Audio Driver Revo Uninstaller Pro 3.0.8 Samsung Kies Samsung Kies3 SAMSUNG USB Driver for Mobile Phones SkypeT 6.14 Speccy Spotify Spotnet Spotnet settings v1.0.1 Spotnet Theme05 Installer Stardock Start8 Steam SyncBackFree TeamSpeak 3 Client TeamViewer 10 Thrustmaster Force Feedback Driver Total Commander 64-bit (Remove or Repair) Update Config Tool Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition Update for Microsoft Lync 2013 (KB2760512) 64-Bit Edition Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition Update for Microsoft Office 2013 (KB2760311) 64-Bit Edition Update for Microsoft Office 2013 (KB2760318) 64-Bit Edition Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition Update for Microsoft Office 2013 (KB2767852) 64-Bit Edition Update for Microsoft Office 2013 (KB2767861) 64-Bit Edition Update for Microsoft Office 2013 (KB2767864) 64-Bit Edition Update for Microsoft OneNote 2013 (KB2737968) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition Update for Microsoft SkyDrive Pro (KB2760214) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2767856) 64-Bit Edition Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition Update for Microsoft Word 2013 (KB2767854) 64-Bit Edition VC80CRTRedist - 8.0.50727.6195 Vegas Pro 13.0 (64-bit) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 VLC media player WinRAR 5.00 (64-bit) Wisdom-soft ScreenHunter 6.0 Pro World of Tanks YouTube Downloader Suite V3.2.3 ==== Running Processes ====================== C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\Grass Valley\GV LicenseManager\AppMaintainer.exe C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Pro\ScreenHunter.exe C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Users\r\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AdobeBridge"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\ATI Technologies not found C:\PROGRA~2\PMDG Operations Center deleted C:\PROGRA~2\PrivacyEraser Computing deleted C:\PROGRA~2\WinThruster deleted C:\Users\r\AppData\Roaming\Solvusoft deleted C:\Users\r\AppData\Roaming\pcouffin.log deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Program Files (x86)\Popcorn Time\Updater.exe" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 32688 MB CPU Info: Intel(R) Core(TM) i7-4820K CPU @ 3.70GHz CPU Speed: 3800,0 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: TAP-Win32 Adapter V9 | Intel(R) 82579V Gigabit Network Connection CD / DVD Drives: 2x (H: | I: | ) H: HL-DT-STBD-RE BH16NS40 | I: HL-DT-STDVDRAM GH22LS50 Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 917,1GB | D: 2794,4GB | E: 1863,0GB | F: 1863,0GB | G: 74,5GB Hard Disks - Free: C: 748,6GB | D: 2669,5GB | E: 1489,2GB | F: 671,1GB | G: 58,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/05/13 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. X79-UD3 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 42.0.2311.135 Internet Explorer Version: 11.0.9600.17728 Google Chrome version: 42.0.2311.135 Adobe Reader version: 11.0.0.379 Sun Java version: 1.7.0_67 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-04-28 20:46:48 D1E75542EC8D1B4851765A57AC63618E 1908 ----a-w- C:\Windows\diagwrn.xml 2015-04-28 20:46:48 D1E75542EC8D1B4851765A57AC63618E 1908 ----a-w- C:\Windows\diagerr.xml ====== C:\Users\r\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-05-04 07:15:43 83FBACB8A8E8A3C4CDABE1C000E481E2 238592 ----a-w- C:\Windows\SysWOW64\tmffbcpl.dll 2015-05-04 07:15:43 3C8C3CD72863FFC07422C2FA0FDBA64E 35840 ----a-w- C:\Windows\SysWOW64\tmffbdrv.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-05-04 15:16:27 E4961A967B36E434120C6ADA84B9019D 79766 ----a-w- C:\Windows\Sysnative\cc_20150504_171624.reg 2015-05-04 07:15:49 EDDAD4BC2B7E8C423DEB9F2711FE653B 208304 ----a-w- C:\Windows\Sysnative\isrt.dll 2015-05-04 07:15:49 3CD644F9FE4AB2D566A60D619284A763 41472 ----a-w- C:\Windows\Sysnative\tmffbdrv.dll 2015-05-04 07:15:49 2FE3B759F684B3E000C54A37B9724ABD 264192 ----a-w- C:\Windows\Sysnative\tmffbcpl.dll 2015-05-04 07:15:49 1567EE6F246A364BB407BC079C1B78D8 98816 ----a-w- C:\Windows\Sysnative\_IsRes.dll ====== C:\Windows\Sysnative\drivers ===== 2015-04-15 14:45:39 E87A6D3B8FECD5B93BC0CFBB48C27970 991552 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2015-04-15 14:45:39 8EB7E70C2D348FE2476A2E3F2D585E3D 377152 ----a-w- C:\Windows\Sysnative\drivers\clfs.sys ====== C:\Windows\Tasks ====== 2015-04-22 10:57:48 -------- d-----w- C:\Windows\Sysnative\Tasks\2BrightSparks ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-05-04 07:15:43 -------- d-----w- C:\PROGRA~2\Thrustmaster 2015-05-03 08:27:29 -------- d-----w- C:\PROGRA~2\COMMON~1\TOPCAT 2015-05-03 08:27:20 -------- d-----w- C:\PROGRA~2\TOPCAT 2015-04-25 18:56:16 -------- d-----w- C:\PROGRA~2\2BrightSparks 2015-04-13 19:20:44 -------- d-----w- C:\PROGRA~2\BackUp EZCA-old 2015-04-06 20:04:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam 2015-04-06 20:04:00 -------- d-----w- C:\PROGRA~2\Steam ======= C: ===== ====== C:\Users\r\AppData\Roaming ====== 2015-05-03 08:27:29 -------- d-----w- C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TOPCAT 2015-04-25 18:56:41 -------- d-----w- C:\Users\r\AppData\Roaming\2BrightSparks 2015-04-25 18:56:25 -------- d-----w- C:\Users\r\AppData\Local\2BrightSparks 2015-04-07 06:41:16 -------- d-----w- C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-04-06 20:04:46 -------- d-----w- C:\Users\r\AppData\Local\Steam ====== C:\Users\r ====== 2015-05-05 06:52:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\r\Desktop\RSITx64.exe 2015-05-05 04:03:06 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2015-05-04 07:15:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster 2015-04-25 18:56:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks 2015-04-06 21:57:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-04-06 20:04:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-04-05 11:22:40 -------- d-----w- C:\ProgramData\InstallShield ====== C: exe-files == 2015-05-05 06:52:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\r\Desktop\RSITx64.exe 2015-05-04 07:15:42 F0099620EBF18D3DE62D3BAB8CE430FF 454656 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe 2015-05-01 06:25:46 349311222DAF577F0AD6497B3DF7452E 1659392 ----a-w- C:\Games\World_of_Tanks\Wot Region Changer\[0.9.6] World Of Tanks - Region Changer v3.3.exe 2015-05-01 06:25:45 E4D0A7B19457C793F48D479C2FB66C12 1243087 ----a-w- C:\Games\World_of_Tanks\unins001.exe 2015-04-30 21:48:34 65961F671ED8D7369BE6B0CF95B936B1 1221536 ----a-w- C:\Program Files (x86)\OMC ModPack Client\unins000.exe 2015-04-30 20:45:24 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Install\{39E3B868-4FD2-450F-A0BB-69D15A2D71CB}\42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-04-30 20:45:24 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-04-28 20:47:10 7D510F7D05E0A16A1B6A0643E49213F0 507904 ----a-r- C:\$WINDOWS.~BT\Sources\dlmanifests\MICROSOFT-WINDOWS-IASSERVER-MIGPLUGIN\IASMIGREADER.EXE 2015-04-28 20:47:07 9865548C043CCD1A927A6EABA257B06B 46704 ----a-r- C:\$WINDOWS.~BT\Sources\wicainventory.exe 2015-04-28 20:47:04 F4E9FA7099BA93FB91BFD73C4AACDE4F 6620824 ----a-w- C:\$WINDOWS.~BT\Sources\setupplatform.exe 2015-04-28 20:47:04 6F8D8FD1BF83E8452875D574E726A994 260712 ----a-r- C:\$WINDOWS.~BT\Sources\setupresume.exe 2015-04-28 20:47:02 ED9729D6CA24B4AADACD5123D1BB2067 116328 ----a-r- C:\$WINDOWS.~BT\Sources\QueryAppBlock.exe 2015-04-28 20:47:02 28F66D38E320A443C895A3FE353EDB31 257640 ----a-r- C:\$WINDOWS.~BT\Sources\PostRollback.exe 2015-04-28 20:47:01 ECF429E42C623E435DA179CA7BB361E1 280168 ----a-r- C:\$WINDOWS.~BT\Sources\mighost.exe 2015-04-28 20:47:00 6B354EBA6274926D25F30290F7950F4D 10518632 ----a-r- C:\$WINDOWS.~BT\Sources\InstallPrep.exe 2015-04-28 20:46:59 659DA8B4BC805E2AB7E6280A6CA89F2F 4928616 ----a-r- C:\$WINDOWS.~BT\Sources\Install.exe === C: other files == 2015-05-05 07:53:15 789C73763D685683DB736F3B0D05CA4D 18411950 ----a-w- C:\Users\r\AppData\Local\Temp\Navigraph\dfd445ce-7201-4edd-815c-5f6affd2cc41\MASTER_PMDG_1505.zip 2015-05-05 07:09:14 789C73763D685683DB736F3B0D05CA4D 18411950 ----a-w- C:\Users\r\AppData\Local\Temp\Navigraph\0fe01ec7-8f14-40c5-9354-e51daee2a4b7\MASTER_PMDG_1505.zip 2015-05-04 12:30:59 789C73763D685683DB736F3B0D05CA4D 18411950 ----a-w- C:\Users\r\AppData\Local\Temp\Navigraph\4d57fd4f-897b-42c2-9293-f83e798817e1\MASTER_PMDG_1505.zip 2015-05-04 12:21:45 789C73763D685683DB736F3B0D05CA4D 18411950 ----a-w- C:\Users\r\AppData\Local\Temp\Navigraph\d3483ae9-c1cb-432e-9bd9-78f55369e2ea\MASTER_PMDG_1505.zip 2015-05-04 12:17:11 789C73763D685683DB736F3B0D05CA4D 18411950 ----a-w- C:\Users\r\AppData\Local\Temp\Navigraph\9c7ecef9-26dc-445b-a1b1-013dea77d337\MASTER_PMDG_1505.zip 2015-04-28 20:47:02 2E04BDD813B3A18158F9916AF4210734 5120 ----a-r- C:\$WINDOWS.~BT\Sources\nxquery.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_USERS\S-1-5-21-3461219250-293438672-4018326929-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "Navigraph FMS Data Manager"="C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe -autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Startup Folders ====================== 2014-05-26 05:02:47 2064 ----a-w- C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 6.0 Pro.lnk 2014-05-27 11:57:59 1295 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GV LicenseManager.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2014 11:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2014 11:07] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{CCE0EB80-43EE-4512-8D41-428C37D64E2A}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [23-05-2014 13:12] ==== Chromium Look ====================== Google Docs - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Bookmark Manager - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Google Wallet - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3321538&octid=EB_ORIGINAL_CTID&ISID=MECF93823-6DB8-489E-A332-704BE4852A88&SearchSource=55&CUI=&UM=5&UP=&SSPV=" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GUEA_nlNL584" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Navigraph FMS Data Manager] C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe -autostart O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user') O4 - Startup: ScreenHunter 6.0 Pro.lnk = C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Pro\ScreenHunter.exe O4 - Global Startup: GV LicenseManager.lnk = C:\Program Files (x86)\Grass Valley\GV LicenseManager\AppMaintainer.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Grass Valley Download Agent Service (GVDownloadAgentService) - Grass Valley K.K. - C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=347 folders=9 65538642 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\r\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\r\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 05-05-2015 at 11:26:57,59 ======================