Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Gebruiker on do 27-03-2014 at 20:16:27,90. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-26-184055.log 59224 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 12 Plugin Adobe Reader X (10.1.9) - Nederlands Adobe Shockwave Player 12.0 ASUS nVidia Driver AutoUpdate Brother MFL-Pro Suite DCP-J315W Citrix Authentication Manager Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) Citrix XenApp Web Plugin Cross Racing Championship 2005 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DiscAPI (Studio 10) DivX DP1819 Dropbox Efteling Tycoon Empire Earth II Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper HTC BMP USB Driver HTC Driver Installer HTC Sync Intel(R) Management Engine Components Java 7 Update 51 Java Auto Updater Java(TM) 6 Update 25 (64-bit) Java(TM) 6 Update 35 M-Downloader version 1.0.0.109 McAfee Security Scan Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Age of Empires Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Miel Monteur - Huis Op Stelten Miel Monteur verkent de Ruimte Mozilla Firefox 27.0.1 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) Norman Security Suite Norton Security Scan NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 266.33 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Grafisch stuurprogramma 311.06 NVIDIA HD Audio-stuurprogramma 1.1.13.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.10.0514 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components Online Plug-in PC Tools Registry Mechanic 11.1 PHOTOfunSTUDIO 8.0 SE Pinnacle Studio 15 Pinnacle videodriver QuickTime RAPID (Studio 10) Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Roblox for Gebruiker RollerCoaster Tycoon 3 Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Self-service Plug-in Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SmartSound Quicktracks Plugin SpongeBob SquarePants - Licht uit, camera aan Studio 10 Surftastic swMSM System Update kb77500 Unity Web Player Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition V1.0 VirtualDJ Home FREE Zoo Tycoon: Complete Collection ==== Running Processes ====================== C:\Program Files\Norman\Npm\Bin\elogsvc.exe C:\Program Files\Norman\Ngs\Bin\Nnf.exe C:\Program Files\Norman\npf\bin\npfsvc32.exe C:\Program Files\Norman\Ngs\Bin\Nprosec.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\Norman\Npm\Bin\Zanda.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Program Files\Norman\Npm\Bin\Njeeves.exe C:\Program Files (x86)\MSR\Privoxy\privoxy.exe C:\Program Files\Norman\Nvc\bin\nhs.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gebruiker\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default ---- Lines extensions.512fb5644faae removed from prefs.js ---- user_pref("extensions.512fb5644faae.epoch", "1396032487"); user_pref("extensions.512fb5644faae.url", "http://jpisyncer.info/sync2/?ext=coup&pid=2024&country=NL®d=130228195204&lsd=140327184711&ver=7&ind=3032 ---- FireFox user.js and prefs.js backups ---- user_27-03-2014_2027_.backup prefs_27-03-2014_2027_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\M-Downloader deleted C:\Users\Gebruiker\AppData\Roaming\MDownloader deleted C:\Users\Gebruiker\AppData\Roaming\M-Downloader deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Downloader deleted C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\staged deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" deleted "C:\Windows\Installer\9169cf.msi" deleted "C:\Windows\Installer\a95da.msi" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8175 MB CPU Info: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz CPU Speed: 2779,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 440 | NVIDIA GeForce GT 440 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH22NS40 Ports: COM1 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 1397,2GB Hard Disks - Free: C: 1177,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/07/11 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI H61M-E33 (MS-7680) Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norman Security Suite On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norman Security Suite disabled (Outdated) Firewall: Norman Security Suite disabled Default Browser: Firefox 27.0.1 Internet Explorer Version: 11.0.9600.16521 Mozilla Firefox version: 27.0.1 (x86 nl) Google Chrome version: 33.0.1750.154 Adobe Reader version: 10.1.9.22 Sun Java version: 1.7.0_51 (32-bit) Sun Java version: 1.6.0_25 (64-bit) Flash Player version: 12.0.0.77 Shockwave Player version: 12.0.4r144 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== 2014-03-27 06:38:08 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-17ce02f2 ====== C:\Windows\SysWOW64 ===== 2014-03-24 19:47:19 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-03-26 17:56:24 7D9CEDC15D0F93EF7C02A60C780C2A79 3144 ----a-w- C:\Windows\Sysnative\Tasks\{502004E1-9A45-488B-B348-98F60C7C470D} 2014-03-04 20:47:00 BA0034CDD2666170110EE7747C10DFB1 372 ----a-w- C:\Windows\Tasks\AmiUpdXp.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-24 21:11:12 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-03-13 18:06:35 -------- d-----w- C:\PROGRA~2\MSR 2014-03-12 21:07:20 -------- d-----w- C:\PROGRA~2\DP1819 ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-03-26 18:36:57 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-03-26 18:36:57 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-03-26 18:36:57 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Temp 2014-03-26 18:36:57 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-03-26 18:36:57 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-03-25 14:30:10 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-03-23 16:40:03 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Unity 2014-03-12 21:06:42 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Wise ====== C:\Users\Gebruiker ====== 2014-03-24 21:09:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-03-24 19:44:48 1AF9E2AA8264B023404A76D3FB6751FE 29141928 ----a-w- C:\Users\Gebruiker\Downloads\jre-7u51-windows-i586.exe ====== C: exe-files == 2014-03-26 17:20:43 E093151047BBFFC0CD78D52F36490206 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe 2014-03-26 17:20:43 398F40FAE5ADA9521544393F1F67A17E 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe 2014-03-26 17:20:42 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe 2014-03-26 17:20:37 7E6B107120108B3A15BFECE0DE3201DB 228744 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe 2014-03-26 17:20:37 6EFC5F64258FE0D9DA3CCFA7FF4D84BD 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe 2014-03-26 17:20:37 0D5CE0E5AEC3ACC7930AB955334B8533 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe 2014-03-26 17:20:36 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe 2014-03-26 17:20:33 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe 2014-03-24 21:11:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-03-24 21:09:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-03-24 19:47:15 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-03-24 19:47:15 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-03-24 19:47:15 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-03-24 19:47:15 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-03-24 19:47:15 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-03-24 19:47:15 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-03-24 19:47:15 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-03-24 19:47:15 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-03-24 19:47:15 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-03-24 19:47:15 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-03-24 19:47:15 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-03-24 19:47:15 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-03-24 19:47:15 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-03-24 19:47:15 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-03-24 19:47:15 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-03-24 19:47:15 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-03-24 19:47:15 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-03-24 19:47:15 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-03-24 19:47:15 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-03-24 19:47:15 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-03-24 19:47:15 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-03-24 19:44:48 1AF9E2AA8264B023404A76D3FB6751FE 29141928 ----a-w- C:\Users\Gebruiker\Downloads\jre-7u51-windows-i586.exe 2014-03-23 16:38:43 57FD01A0DC56FB1ACC1B1F9EBA024755 581192 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\UnityWebPlayerUpdate.exe 2014-03-23 16:38:43 490F1084B74452DB89832BA4D77DE420 740936 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\UnityBugReporter.exe === C: other files == 2014-03-24 19:47:16 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1005\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Norman ZANDA"="C:\Program Files\Norman\Npm\Bin\ZLH.EXE /LOAD /SPLASH" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" ,c:\\progra~2\\citrix\\icacli~1\\rshook.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Windows Mobile-based device management"="%WINDIR%\WindowsMobile\wmdcBase.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConnectionCenter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HTC Sync Loader] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HTC Sync Loader" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\HTC\\HTC Sync 3.0\\htcUPCTLoader.exe\" -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MediaGet2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MediaGet2" "hkey"="HKCU" "command"="C:\\Users\\Gebruiker\\AppData\\Local\\MediaGet2\\mediaget.exe --minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSDMonitor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SSDMonitor" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\PC Tools\\sMonitor\\SSDMonitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TBHostSupport] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TBHostSupport" "hkey"="HKCU" "command"="\"C:\\Windows\\SysWOW64\\Rundll32.exe\" \"C:\\Users\\Gebruiker\\AppData\\Local\\TBHostSupport\\TBHostSupport_0.dll\",DLLRunTBHostSupportPlugin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USBToolTip] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="USBToolTip" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Pinnacle\\Shared Files\\Programs\\USBTip\\USBTip.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 8.0 SE.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\PHOTOfunSTUDIO 8.0 SE.lnk" "backup"="C:\\Windows\\pss\\PHOTOfunSTUDIO 8.0 SE.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\COMMON~1\\PANASO~1\\PHOTOF~1\\AUTOST~1.EXE -e \"C:\\Program Files (x86)\\Panasonic\\PHOTOfunSTUDIO 8.0 SE\\PHOTOfunSTUDIO.exe\"" "item"="PHOTOfunSTUDIO 8.0 SE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\GEBRUI~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PassThru Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PCToolsSSDMonitorSvc] ==== Startup Folders ====================== 2013-12-23 07:04:14 1057 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-03-2014 18:06] C:\Windows\tasks\AmiUpdXp.job --a------ C:\Users\Gebruiker\AppData\Local\SwvUpdater\Updater.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-05-2011 07:38] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-05-2011 07:38] C:\Windows\tasks\Norton Security Scan for Gebruiker.job --ah----- C:-C:\PROGRA2\NORTON2\Engine\4031.24\Nss.exe [] C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe [16-08-2013 06:08] C:\Windows\tasks\RMSchedule.job --a------ C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [16-08-2013 06:08] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe] "C:\Windows\SysNative\tasks\Norton Security Scan for Gebruiker" [C:\PROGRA~2\NORTON~2\Engine\403~1.24\Nss.exe] "C:\Windows\SysNative\tasks\RMAutoUpdate" [C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe] "C:\Windows\SysNative\tasks\RMSchedule" [C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{C99C5120-030F-4698-945E-70FA2A23BCC4}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default - Ask New Tabs - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\{07FF1E21-D805-1061-FF4D-77A7BBC4EB60} - Ask New Tabs - %ProfilePath%\extensions\{07FF1E21-D805-1061-FF4D-77A7BBC4EB60} - CoupoonIty - %ProfilePath%\extensions\v-zad@iiyeaoi-.edu.xpi - Surftastic - %ProfilePath%\extensions\{01531192-f7ef-415f-a549-cfdb11836731}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default F6D12679B9112358AC705A1308156F59 - C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner + 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director 86D3E659AB2D17B12482BC221F742867 - C:\Users\Gebruiker\AppData\Local\Roblox\Versions\version-fb3436d54f9e4598\NPRobloxProxy.dll - Roblox Launcher Plugin 9ED8AA7D69B73EFF77A6D18A2ACFB954 - C:\Users\Gebruiker\AppData\Roaming\Mozilla\plugins\npicaN.dll - Citrix ICA Client ==== Chrome Look ====================== Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:8118;https=127.0.0.1:8118" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140652FF deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120653FF deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416025FF} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216035FF} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF268140652FF deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF238120653FF deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3407540201-4267568511-3557624643-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3407540201-4267568511-3557624643-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: ,c:\progra~2\citrix\icacli~1\rshook.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\elogsvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman Safeground AS - C:\Program Files\Norman\npf\bin\npfsvc32.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: System Update kb77500 - Unknown owner - C:\Windows\Microsoft\System Update kb77500\WindowsUpdater.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\gtdyvlcn.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4533 folders=385 375771017 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\nseswap.def.bbd616b3f6936bc0.tmp" not found "C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\nse_tmp{72E55B001B117BC0}.tmp" not found "C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\nse_tmp{F9497726F9E46161}.tmp" not found ==== EOF on do 27-03-2014 at 20:36:22,79 ======================