Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Griet on do 27/03/2014 at 16:42:49,85. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Griet\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-26-193042.log 55529 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Adblock Plus for IE Adblock Plus for IE (32-bit and 64-bit) Adobe AIR Adobe Flash Player 12 ActiveX Adobe Flash Player 12 Plugin Adobe Reader X (10.1.9) MUI Adobe Shockwave Player 11.6 Ashampoo Burning Studio Ashampoo Photo Commander Ashampoo Photo Optimizer Ashampoo Snap Asmedia ASM104x USB 3.0 Host Controller Driver Belgium e-ID middleware 4.0.3 (build 7196) CCleaner Control ActiveX de Windows Live Mesh para conexiones remotas Contr“le ActiveX Windows Live Mesh pour connexions … distance Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 64 Bit CorelDRAW Essentials X5 - Common CorelDRAW Essentials X5 - Connect CorelDRAW Essentials X5 - Custom Data CorelDRAW Essentials X5 - DE CorelDRAW Essentials X5 - Draw CorelDRAW Essentials X5 - EN CorelDRAW Essentials X5 - ES CorelDRAW Essentials X5 - Extra Content CorelDRAW Essentials X5 - Filters CorelDRAW Essentials X5 - FR CorelDRAW Essentials X5 - IPM CorelDRAW Essentials X5 - IT CorelDRAW Essentials X5 - PHOTO-PAINT CorelDRAW Essentials X5 - Redist CorelDRAW Essentials X5 - Setup Files CorelDRAW Essentials X5 - WT CorelDRAW Essentials X5 CyberLink LabelPrint CyberLink MediaEspresso CyberLink PhotoDirector 2011 CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover D3DX10 De Sims 2 De Sims 2 Glamour - Accessoires De Sims 2 Nachtleven De SimsT 2 Huisdieren De SimsT 2 Op Reis De SimsT 2 Seizoenen DJ3520FWUpdateAlert Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live FreeCommander 2009.02b Galeria de Fotografias do Windows Live Galerˇa fotogr fica de Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Google Toolbar for Internet Explorer Google Update Helper HP Deskjet 3520 series Basissoftware van het apparaat HP Deskjet 3520 series Help HP Deskjet 3520 series Productverbeteringsonderzoek HP Deskjet 3520 series Setup Guide HP FWUpdateEDO2 HP Photo Creations HP Update HPDiagnosticAlert HPSSupply Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Java Auto Updater Java(TM) 7 Update 2 Java(TM) 7 Update 2 (64-bit) Junk Mail filter update Kaspersky Internet Security Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Malwarebytes Anti-Malware versie 2.00.0.1000 Medion Home Cinema Memeo Instant Backup Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB973688) NVIDIA Control Panel 285.93 NVIDIA Graphics Driver 285.93 NVIDIA HD Audio Driver 1.3.9.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.11.1111 NVIDIA Update 1.5.20 NVIDIA Update Components PCSUITE SHREDDER Picasa 3 PlayReady PC Runtime amd64 Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live Raccolta foto di Windows Live Realtek High Definition Audio Driver S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition Shop for HP Supplies Sibelius 7 OpenType Fonts Sibelius 7.0.1.45 Sibelius Scorch (ActiveX Only) Spelling Dictionaries Support For Adobe Reader X St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?ća???sć??e? s??d?se?? Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) SUPERAntiSpyware swMSM TeamViewer 9 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Uzak BaglantŐlar I‡in Windows Live Mesh ActiveX Denetimi Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Fot˘t r Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vez‚rlo t voli kapcsolatokhoz Windows Live Mesh ActiveX control for remote connections Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WOT for Internet Explorer ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe C:\Users\Griet\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\ProgramData\BrowserProtect not found "C:\Windows\Installer\598c5.msi" deleted "C:\Windows\Installer\5975a.msi" deleted "C:\Windows\Installer\59740.msi" deleted "C:\Windows\Installer\59726.msi" deleted "C:\Windows\Installer\596be.msi" deleted "C:\Windows\Installer\598e1.msi" deleted "C:\Windows\Installer\595d0.msi" deleted "C:\Windows\Installer\59443.msi" deleted "C:\Windows\Installer\595f6.msi" deleted "C:\Windows\Installer\596f2.msi" deleted "C:\Windows\Installer\59670.msi" deleted "C:\Windows\Installer\59864.msi" deleted "C:\Windows\Installer\59774.msi" deleted "C:\Windows\Installer\59960.msi" deleted "C:\Windows\Installer\598a9.msi" deleted "C:\Windows\Installer\59871.msi" deleted "C:\Windows\Installer\59857.msi" deleted "C:\Windows\Installer\598a9.msi" deleted "C:\Windows\Installer\59871.msi" deleted "C:\Windows\Installer\59857.msi" deleted "C:\Windows\Installer\594ca.msi" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4078 MB CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz CPU Speed: 2982,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: NVIDIA GeForce GT 530 | NVIDIA GeForce GT 530 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-216AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 880,4GB | D: 50,0GB Hard Disks - Free: C: 810,9GB | D: 27,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/22/11 | MEDION - 7292010 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDIONPC MS-7728 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Kaspersky Internet Security disabled Internet Explorer Version: 11.0.9600.16521 Adobe Reader version: 10.1.9.22 Sun Java version: 1.7.0_02 (32-bit) Sun Java version: 1.7.0_02 (64-bit) Flash Player version: 12.0.0.77 Shockwave Player version: 11.6.3r633 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Griet\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-03-13 17:01:25 8B521873651E62EF5868DC7B339959DB 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-03-13 17:01:24 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-03-13 17:01:24 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-03-13 17:01:24 7EDA015D4E74177A1B187326EDB14670 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-13 17:01:24 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-03-13 17:01:24 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-03-13 17:01:23 E23497E11866154A97BA9877656113FE 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-03-13 17:01:23 B0CBC5A7D9278DCD5B230E1E50CCA5F6 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-03-13 17:01:23 2CF6CF90BF7FE0E616C363343FFA686B 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-03-13 17:01:22 E84073A2F2D3A9448CA02F48B0360490 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-03-13 17:01:22 5C207FABA707CE496E1E0A304925D1E5 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-03-13 17:01:22 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-03-13 17:01:22 1CEE521E90703BB8A01211C77747E727 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-03-13 17:01:21 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-03-13 17:01:21 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-03-13 17:01:21 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-03-13 17:01:21 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-03-13 17:01:20 B61F47EB8CACBE09C8117E4FF7D9656D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-03-13 17:01:00 B0BE998802DEDEE1FD8F5E5F9F207A30 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-03-13 17:01:00 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-13 17:01:00 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\SysWOW64\wer.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-03-25 20:14:43 48BA9C6110A5EBA910E7FB2E7D23CFC1 110176 ----a-w- C:\Windows\Sysnative\klfphc.dll 2014-03-13 17:01:25 76862AAF77C049EC20217FDC209F7F13 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-03-13 17:01:24 10B2786774CC43D835FE8303D1970874 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-03-13 17:01:23 F6BA9A0266DA93AFB8EA9BA12BF81367 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-03-13 17:01:23 BA0A21F761CE5001DF712C51BF11F953 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-03-13 17:01:23 0A5996995F33967A46E3D5A3D9F1433D 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-03-13 17:01:22 E6ACA421DA3E50D7F0A31228F0C547B0 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-03-13 17:01:22 8BA97E7747A53F80873431178889911A 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-03-13 17:01:21 D378AB3C9178424588B55AC7B652D7F9 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-03-13 17:01:21 B3DFA392735A5FBE2896BAB67950123A 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-03-13 17:01:21 8EA01E83528503D312224FC63D40BC2B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-03-13 17:01:21 4F131DB206096854505AFEDD2153FD83 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-03-13 17:01:20 D3CAA61DE060BC74B4EFC638679DFE7A 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-03-13 17:01:20 A0B690402E33DC9C78F22CB41F4FDC09 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-03-13 17:01:20 9C5ADB26632D46919ABB231CF7DE98B9 13051904 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-03-13 17:01:20 8D46ACDFA065C423BED405702F075B54 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-03-13 17:01:20 422106B7565350885D0930DFA5BA21A1 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-03-13 17:01:19 E97FFE2D37F01DD8B52BE81E1B91A7C0 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-03-13 17:01:19 DF79CE9B950C62677D232154E93A81C7 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-03-13 17:01:19 CF1C73DE1FADE3D3C44FCAF254F57DB2 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-03-13 17:01:19 4E0709D9BB951AD1C22E4FF519B90839 23133696 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-03-13 17:01:19 48ED94DA88F65684B28FCD87C01288A7 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-03-13 17:01:19 262B8883ECFD0C7CB303B56F9D9F210E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-03-13 17:01:01 E918C0DE5CF2AE6BEDBF387C09627D93 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-03-13 17:01:00 AFCA5C1ECEAF948FC815178BC077680E 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2014-03-13 17:01:00 2C619F6023E3F7A3ABF3475ED2223359 624128 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-03-13 17:01:00 1075AB2C077B415760C0E948856B5126 484864 ----a-w- C:\Windows\Sysnative\wer.dll 2014-03-13 17:01:00 04F82965C09CBDF646B487E145060301 228864 ----a-w- C:\Windows\Sysnative\wwansvc.dll ====== C:\Windows\Sysnative\drivers ===== 2014-03-25 20:13:38 D0C3AEF67932D2A80736FBCB956C017D 115296 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys 2014-03-25 20:13:38 41DF293A7F0418F5DDED9F0297DC68F3 625248 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-03-25 18:36:44 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-03-25 18:35:54 EF3B71BD5920BD4C02302AFBABE210A6 88280 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-03-25 18:35:54 92008BFC4A409AD92DFBB50AF392AECC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-03-25 18:35:54 5F779F8A5599F2DDA479157088E3836E 63192 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-03-18 21:15:18 05A0C2744CEAC6F1B723EC469B650EF0 47632 ----a-w- C:\Windows\Sysnative\drivers\PSKMAD.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-26 13:28:52 -------- d-----w- C:\Program Files\Adblock Plus for IE 2014-03-25 20:43:46 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2014-03-25 18:43:10 -------- d-----w- C:\Program Files\WOT ======= C:\PROGRA~2 ===== 2014-03-25 21:35:21 -------- d-----w- C:\PROGRA~2\TeamViewer 2014-03-25 20:13:44 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2014-03-25 18:43:10 -------- d-----w- C:\PROGRA~2\WOT ======= C: ===== ====== C:\Users\Griet\AppData\Roaming ====== 2014-03-27 15:28:38 -------- d-----w- C:\Users\Griet\AppData\Roaming\TeamViewer 2014-03-26 20:53:32 -------- d-----w- C:\Users\Rudi\AppData\Local\VirtualStore 2014-03-26 19:28:17 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp 2014-03-26 19:28:17 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-03-26 19:28:17 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-03-26 19:28:17 -------- d-----w- C:\Users\vaste PC\AppData\Local\Temp 2014-03-26 19:28:16 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-03-26 19:28:16 -------- d-----w- C:\Users\Rudi\AppData\Local\Temp 2014-03-26 19:28:15 -------- d-----w- C:\Users\Lotte\AppData\Local\Temp 2014-03-26 19:28:15 -------- d-----w- C:\Users\Jolien\AppData\Local\Temp 2014-03-26 19:28:14 -------- d-----w- C:\Users\Griet\AppData\Local\Temp 2014-03-26 19:28:14 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-03-26 19:28:14 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-03-26 13:28:53 -------- d-----w- C:\Users\Griet\AppData\Locallow\Adblock Plus for IE 2014-03-25 20:44:11 -------- d-----w- C:\Users\Griet\AppData\Roaming\SUPERAntiSpyware.com 2014-03-25 20:43:48 -------- d-----w- C:\Users\Griet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2014-03-09 09:59:12 CF68DB82E1C48B104D1131693FB810CF 3584 ----a-w- C:\Users\Lotte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ====== C:\Users\Griet ====== 2014-03-25 21:33:11 28442F96F981F96ED2DA5A8ACE503CD0 6126056 ----a-w- C:\Users\Griet\Downloads\TeamViewer_Setup_nl.exe 2014-03-25 20:51:27 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Griet\Downloads\ccsetup412.exe 2014-03-25 20:43:46 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2014-03-25 20:43:10 43671D1B90B7D294E5183349D83E4918 18460840 ----a-w- C:\Users\Griet\Downloads\SUPERAntiSpyware.exe 2014-03-25 20:13:43 -------- d-----w- C:\ProgramData\Kaspersky Lab 2014-03-25 20:06:57 7C391CD86A6050F8A571177852D43527 257969360 ----a-w- C:\Users\Griet\Downloads\kis14.0.0.4651nl-nl.exe 2014-03-25 18:34:42 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Griet\Downloads\mbam-setup-2.0.0.1000.exe ====== C: exe-files == 2014-03-26 07:36:23 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe 2014-03-26 07:36:06 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2014-03-26 07:36:02 4C401FCC6D0C95E1A5D989E403E18F2F 1072072 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe 2014-03-26 07:34:53 107A176FF25E2BA8016A92C301844839 532312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.5111.1712\GoogleToolbarInstaller_updater_signed.exe 2014-03-25 21:35:22 E849218177EC8F7541EC3FAA693EE21A 4971840 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 2014-03-25 21:35:22 CE2EE5E7311974259C36C599C11B2654 4528960 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe 2014-03-25 21:35:22 C2658CF4C2CEBEF36C09A141FA8ADDB5 273216 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe 2014-03-25 21:35:22 8DC18C564667CEFA62888234ED28C7F4 462448 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\uninstall.exe 2014-03-25 21:35:22 55C6E745C8F4A58A96FA173F47B43751 238400 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe 2014-03-25 21:35:21 E5F5EB723FEC70FFEC5D88D31BECEF4F 12916544 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe 2014-03-25 21:33:11 28442F96F981F96ED2DA5A8ACE503CD0 6126056 ----a-w- C:\Users\Griet\Downloads\TeamViewer_Setup_nl.exe 2014-03-25 20:51:27 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Griet\Downloads\ccsetup412.exe 2014-03-25 20:43:10 43671D1B90B7D294E5183349D83E4918 18460840 ----a-w- C:\Users\Griet\Downloads\SUPERAntiSpyware.exe 2014-03-25 20:06:57 7C391CD86A6050F8A571177852D43527 257969360 ----a-w- C:\Users\Griet\Downloads\kis14.0.0.4651nl-nl.exe 2014-03-25 18:40:47 6E42CF0D47AF25DEA4CECDBE093D521C 10134 ----a-r- C:\Users\Griet\AppData\Roaming\Microsoft\Installer\{42812A46-01AB-466D-A5DB-03050C64AF82}\ARPPRODUCTICON.exe 2014-03-25 18:34:42 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Griet\Downloads\mbam-setup-2.0.0.1000.exe === C: other files == 2014-03-25 20:14:09 5E6B96CAE1C647C13C1815D02CFA1BD8 785 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\Kaspersky14.Gadget\js\alert.vbs 2014-03-25 20:13:38 D0C3AEF67932D2A80736FBCB956C017D 115296 ----a-w- C:\Windows\System32\drivers\klflt.sys 2014-03-25 20:13:38 41DF293A7F0418F5DDED9F0297DC68F3 625248 ----a-w- C:\Windows\System32\drivers\klif.sys 2014-03-25 18:36:44 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-03-25 18:35:54 EF3B71BD5920BD4C02302AFBABE210A6 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-03-25 18:35:54 92008BFC4A409AD92DFBB50AF392AECC 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-03-25 18:35:54 5F779F8A5599F2DDA479157088E3836E 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-03-24 08:27:26 C581E60E67B83FC640741DF7197EAD86 3007700 ----a-w- C:\Users\vaste PC\Downloads\revouninstaller.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1005\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AS1C08C05SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AS1C08C05SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN64C~1.DLL" ==== Startup Folders ====================== 2013-03-09 11:20:57 1940 ----a-w- C:\Users\Griet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2014 08:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/04/2012 18:24] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/04/2012 18:24] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\{B485632D-7A74-481D-82E0-1A56D43F2C44}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{BE5FE6CB-CAB5-485A-B7D5-ED5FCEB9A684}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com" [25/03/2014 21:33] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx[21/10/2013 19:49] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx[21/10/2013 19:49] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx[21/10/2013 19:49] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx[25/03/2014 21:18] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx[21/10/2013 19:49] Google Docs - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{622E484F-32EF-4467-8A51-8BFA5D6D6268}" {622E484F-32EF-4467-8A51-8BFA5D6D6268} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F2E0A40BC4E116E41BE8B3B26D77C97A deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AE96995EB5B342B4B8493448A2F7FB9E deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\675B0CE09F093C34F8DA4A09D24F8B4F deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BB95F3BC85871A147AAEB4A8F67C4D13 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7430F8847A4C4734197A0318B8DE7A01 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D9A722ACEB90BFB4794684EF2DAD4545 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\019673460681FEC4B843AAD502F55C1F deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB74D9A705D6780468F680008D8B3938 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\81891AB7717FBFD4CB11AF1FB7B2A8EE deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\007B61DEF19D0B4468C7E75B52C33AD8 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19A2C00C3BC6F384083B92852E49861F deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B3F566F4B109A64E874FFD82C02C8F9 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F2C596DB0AE34AD4295D510427647812 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84102275B2B3A2142A0E289BFD246369 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\06E1A36C4A6BB044985AF16C4ECAC149 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\389F20921C4BAB448BD5C5D6252E4C14 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\98A8935CC615FAD4AB70EE979490E065 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\06CD3021DB9D9F443B27B2F822E70649 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{488F0347-C4A7-4374-91A7-30818BEDA710} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA227A9D-09BE-4BFB-9764-48FED2DA5454} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64376910-1860-4CEF-8B34-AA5D205FC5F1} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7A9D47BA-6D50-4087-866F-0800D8B89383} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED16B700-D91F-44B0-867C-7EB5253CA38D} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C00C2A91-6CB3-483F-80B3-2958E29468F1} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD695C2F-3EA0-4DA4-92D5-154072468721} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{57220148-3B2B-412A-A2E0-82B9DF423696} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C5398A89-516C-4DAF-BA07-EE7949090E56} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1203DC60-D9BD-44F9-B372-2B8F227E6094} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F2E0A40BC4E116E41BE8B3B26D77C97A deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\AE96995EB5B342B4B8493448A2F7FB9E deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\675B0CE09F093C34F8DA4A09D24F8B4F deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\BB95F3BC85871A147AAEB4A8F67C4D13 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7430F8847A4C4734197A0318B8DE7A01 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D9A722ACEB90BFB4794684EF2DAD4545 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\019673460681FEC4B843AAD502F55C1F deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\AB74D9A705D6780468F680008D8B3938 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\81891AB7717FBFD4CB11AF1FB7B2A8EE deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\007B61DEF19D0B4468C7E75B52C33AD8 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\19A2C00C3BC6F384083B92852E49861F deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8B3F566F4B109A64E874FFD82C02C8F9 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F2C596DB0AE34AD4295D510427647812 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\84102275B2B3A2142A0E289BFD246369 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\06E1A36C4A6BB044985AF16C4ECAC149 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\389F20921C4BAB448BD5C5D6252E4C14 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\98A8935CC615FAD4AB70EE979490E065 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\06CD3021DB9D9F443B27B2F822E70649 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe, O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2AS1C08C05SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4219386834-4240703508-4099736358-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-4219386834-4240703508-4099736358-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Griet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Griet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jolien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jolien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Lotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Rudi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rudi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\vaste PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\vaste PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Jolien\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\vaste PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2625 folders=361 262807526 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Griet\AppData\Local\Temp will be emptied at reboot C:\Users\Jolien\AppData\Local\Temp emptied successfully C:\Users\Lotte\AppData\Local\Temp emptied successfully C:\Users\Rudi\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\vaste PC\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Griet\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 27/03/2014 at 17:04:28,09 ======================