Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Griet on za 26/04/2014 at 20:13:10,76. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Griet\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-03-26-193042.log 55529 bytes C:\zoek-results2014-03-27-160428.log 56001 bytes C:\zoek-results2014-03-28-142628.log 46943 bytes ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\RunDll32.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\klwtblfs.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_182_ActiveX.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Users\Griet\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe C:\Windows\system32\wbem\wmiprvse.exe ==== Empty Folders Check ====================== C:\PROGRA~3\Oracle deleted successfully C:\Users\Griet\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Griet\AppData\Local\Secunia PSI deleted successfully C:\Users\Griet\AppData\Local\Windows Live deleted successfully C:\Users\Rudi\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Adblock Plus for IE Adblock Plus for IE (32-bit and 64-bit) Adobe AIR Adobe Flash Player 13 ActiveX Adobe Reader XI (11.0.06) - Nederlands Adobe Shockwave Player 12.1 Ashampoo Burning Studio Ashampoo Photo Commander Ashampoo Photo Optimizer Ashampoo Snap Asmedia ASM104x USB 3.0 Host Controller Driver Belgium e-ID middleware 4.0.3 (build 7196) CCleaner Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 64 Bit CorelDRAW Essentials X5 - Common CorelDRAW Essentials X5 - Connect CorelDRAW Essentials X5 - Custom Data CorelDRAW Essentials X5 - DE CorelDRAW Essentials X5 - Draw CorelDRAW Essentials X5 - EN CorelDRAW Essentials X5 - ES CorelDRAW Essentials X5 - Extra Content CorelDRAW Essentials X5 - Filters CorelDRAW Essentials X5 - FR CorelDRAW Essentials X5 - IPM CorelDRAW Essentials X5 - IT CorelDRAW Essentials X5 - PHOTO-PAINT CorelDRAW Essentials X5 - Redist CorelDRAW Essentials X5 - Setup Files CorelDRAW Essentials X5 - WT CorelDRAW Essentials X5 CyberLink LabelPrint CyberLink MediaEspresso CyberLink PhotoDirector 2011 CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover De Sims 2 De Sims 2 Glamour - Accessoires De Sims 2 Nachtleven De SimsT 2 Huisdieren De SimsT 2 Op Reis De SimsT 2 Seizoenen Defraggler DJ3520FWUpdateAlert FreeCommander 2009.02b Google Toolbar for Internet Explorer Google Update Helper HP Deskjet 3520 series Basissoftware van het apparaat HP Deskjet 3520 series Help HP Deskjet 3520 series Productverbeteringsonderzoek HP Deskjet 3520 series Setup Guide HP FWUpdateEDO2 HP Photo Creations HP Update HPDiagnosticAlert HPSSupply Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Java 7 Update 55 Java Auto Updater Junk Mail filter update Kaspersky Internet Security Malwarebytes Anti-Malware versie 2.0.1.1004 Medion Home Cinema Memeo Instant Backup Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 MSVCRT MSXML 4.0 SP2 (KB973688) NVIDIA-configuratiescherm 331.65 NVIDIA 3D Vision stuurprogramma 331.65 NVIDIA Grafisch stuurprogramma 331.65 NVIDIA HD Audio Driver 1.3.9.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.11.1111 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.15.2 NVIDIA Update Components PCSUITE SHREDDER Picasa 3 PlayReady PC Runtime amd64 Realtek High Definition Audio Driver Revo Uninstaller 1.95 Secunia PSI (3.0.0.9016) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition Shop for HP Supplies Sibelius 7 OpenType Fonts Sibelius 7.0.1.45 Sibelius Scorch (ActiveX Only) Speccy Spelling Dictionaries Support For Adobe Reader X Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) SUPERAntiSpyware swMSM TeamViewer 9 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VLC media player 2.1.3 Windows Live Call Windows Live Communications Platform Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Toolbar Windows Live Writer WOT for Internet Explorer ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Griet\AppData\Roaming\Systweak deleted C:\Users\Jolien\AppData\Roaming\Systweak deleted C:\Users\Rudi\AppData\Roaming\Systweak deleted C:\Windows\SysNative\roboot64.exe deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4078 MB CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz CPU Speed: 2968,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: NVIDIA GeForce GT 530 | NVIDIA GeForce GT 530 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-216AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 880,4GB | D: 50,0GB Hard Disks - Free: C: 812,0GB | D: 27,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/22/11 | MEDION - 7292010 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDIONPC MS-7728 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Kaspersky Internet Security disabled Internet Explorer Version: 11.0.9600.17041 Adobe Reader version: 11.0.06.70 Sun Java version: 1.7.0_55 (32-bit) Shockwave Player version: 12.1r150 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-03-28 14:58:53 F9F4905664C5B42B49E78EFA12D1A6B6 20 ----a-w- C:\Windows\ŒóÖ ====== C:\Users\Griet\AppData\Local\Temp ==== 2014-04-16 09:06:48 45922155C9628E11441AA869C6287BB7 10372136 ----a-w- C:\Users\Jolien\AppData\Local\Temp\BackupSetup.exe 2014-04-16 09:06:43 715652A32ED8ABB89492445A38FC20D0 5484016 ----a-w- C:\Users\Jolien\AppData\Local\Temp\PCSpeedUp\pcspeedup.exe 2014-04-16 09:06:37 6642079F6D3501BEAFD9B0F7310E513D 4361551 ----a-w- C:\Users\Jolien\AppData\Local\Temp\RegCelanPro\RegCleanSetup9.exe 2014-04-16 09:06:31 42ED3541FFCA847F72DD490C56231D55 6338024 ----a-w- C:\Users\Jolien\AppData\Local\Temp\nst9504\SpSetup.exe 2014-04-16 09:06:24 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\Jolien\AppData\Local\Temp\ConduitSP\sp-downloader.exe ====== Java Cache ===== 2014-04-21 12:03:35 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-10cf7ee5 2014-04-21 12:03:28 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-29675783 2014-04-21 12:03:29 99B3AE7ABAEE0D4DE53331207B725729 425 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-04-21 12:03:26 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-1f47db7f 2014-04-21 12:03:29 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-7da23710 2014-03-28 14:50:20 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-38f879ff 2014-04-17 11:23:12 41D92BF51204BC0A97199A8F5FC61442 95 ----a-w- C:\Users\Jolien\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\469e3201-6.0.lap 2014-04-16 09:03:25 9B1D22E5A01C525AAF753F507F846CEA 84 ----a-w- C:\Users\Jolien\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\2c16050e-6.0.lap 2014-04-16 09:03:40 F098D612CE5CDCA7D286137D22DD8994 1548222 ----a-w- C:\Users\Jolien\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\42d8c7c2-43750d04-0.2.0.5- 2014-04-17 11:23:21 904F9440FF77FC9E38A7F7DF1F288CE1 2129007 ----a-w- C:\Users\Jolien\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\1ba8977c-10bea940 2014-03-31 19:01:42 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jolien\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-71df5e0d 2014-04-21 13:49:42 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Lotte\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-56cc7a41 2014-03-29 18:25:09 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Rudi\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-536dbed9 ====== C:\Windows\SysWOW64 ===== 2014-04-21 12:58:05 204882085A7D984D455AA4DE7B7074C6 5694464 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-04-21 12:45:13 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll 2014-04-21 12:45:13 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2014-04-21 12:45:13 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2014-04-21 12:45:13 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-04-21 12:45:13 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-04-21 12:43:46 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-04-21 12:43:43 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-04-21 12:43:40 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-21 12:43:38 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-21 12:43:38 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-21 12:43:38 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-04-21 12:43:38 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-04-21 12:43:38 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-04-21 12:43:37 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-21 12:43:37 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-21 12:43:37 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-21 12:43:37 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-21 12:43:36 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-04-21 12:43:36 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-21 12:43:36 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-04-21 12:43:35 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-21 12:43:35 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-21 12:43:34 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-04-21 12:43:34 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-21 12:43:33 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-04-21 12:43:33 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-21 12:43:32 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-04-21 12:39:08 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll 2014-04-21 12:36:25 AAB5D8C5ABE71873DC19ED004EF25009 792576 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll 2014-04-21 12:36:23 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2014-04-21 12:07:21 C77F0FDB6959817744061FC6B814E76C 692400 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-21 12:07:21 152CAF75D55713D2B8D240B4DA8CF7FE 70832 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-21 11:53:12 6EA69D2312F3571F6F8BEADD224165E8 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-04-21 11:53:07 9533FE0A942E00114047140B42DF8E3D 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2014-04-21 11:53:07 3B10B54F50CD362537B9F2186267EDF8 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-21 11:53:07 37C15684482B4D596316735DCEEE939A 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-21 12:58:05 879A3F94118D686E63041A386FE91EBE 6574592 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-04-21 12:45:15 DDED7C5558B3AE09F568945281A9A6D1 44544 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll 2014-04-21 12:45:14 FEC6178962DFF33074D39CA907971405 12800 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll 2014-04-21 12:45:14 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe 2014-04-21 12:45:13 A4420969E5AB94856E5C0C02E6099D3F 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2014-04-21 12:45:13 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe 2014-04-21 12:45:13 7BD2E6E2458A5B95F8341244C7FC7DD4 18944 ----a-w- C:\Windows\Sysnative\wksprtPS.dll 2014-04-21 12:45:13 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\Sysnative\wksprt.exe 2014-04-21 12:45:13 5289A00E2D21BB3A7D6761646543ED5C 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2014-04-21 12:45:13 149A388C17F04AD1F99B477A43BE1A9F 56832 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll 2014-04-21 12:45:13 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2014-04-21 12:43:46 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-04-21 12:43:43 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-04-21 12:43:40 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-21 12:43:39 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-21 12:43:39 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-04-21 12:43:39 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-04-21 12:43:39 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-21 12:43:38 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-21 12:43:38 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-04-21 12:43:38 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-04-21 12:43:38 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-21 12:43:38 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-21 12:43:38 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-04-21 12:43:37 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-21 12:43:37 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-04-21 12:43:37 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-04-21 12:43:36 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-04-21 12:43:35 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-04-21 12:43:35 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-04-21 12:43:35 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-04-21 12:43:35 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-21 12:43:34 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-21 12:43:34 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-21 12:43:34 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-21 12:43:34 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-04-21 12:43:32 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-04-21 12:42:08 5CD98806151EE8633505CEF3A5AEF4E1 3426956 ----a-w- C:\Windows\Sysnative\nvcoproc.bin 2014-04-21 12:39:09 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-04-21 12:39:08 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll 2014-04-21 12:39:08 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2014-04-21 12:39:07 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-04-21 12:36:26 9E2EDE952A3EC44754A829F048CE93A0 1030144 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll 2014-04-21 12:36:23 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll ====== C:\Windows\Sysnative\drivers ===== 2014-04-21 12:46:10 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-04-21 12:45:13 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-04-21 12:39:08 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-04-21 12:39:08 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-04-10 07:36:39 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-04-10 07:36:39 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-04-10 07:36:39 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-10 07:36:36 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-04-05 05:00:27 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\005835B7.sys 2014-04-03 11:32:47 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\291A2ECA.sys 2014-04-01 07:00:18 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\48230029.sys 2014-03-29 11:31:34 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\0D237988.sys 2014-03-28 15:00:57 2BF3B36B96D015AF666B6AA63AE2E38F 61288 ----a-w- C:\Windows\Sysnative\drivers\fssfltr.sys ====== C:\Windows\Tasks ====== 2014-04-21 12:07:22 878509CBE1754CB82B3BDDDA4BAFA7BD 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-21 12:07:22 735E68DE9C250F8375B9FBE009BDBD09 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-21 12:57:25 -------- d-----w- C:\Program Files\Speccy 2014-04-21 12:56:04 -------- d-----w- C:\Program Files\Defraggler ======= C:\PROGRA~2 ===== 2014-04-21 12:29:33 -------- d-----w- C:\PROGRA~2\VideoLAN 2014-04-21 12:21:24 -------- d-----w- C:\PROGRA~2\Secunia 2014-04-21 12:04:48 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-03-28 15:24:28 -------- d-----w- C:\PROGRA~2\VS Revo Group 2014-03-28 14:58:10 -------- d-----w- C:\PROGRA~2\Microsoft 2014-03-28 14:03:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-03-28 14:03:16 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Griet\AppData\Roaming ====== 2014-04-21 17:35:18 -------- d-sh--w- C:\Users\Jolien\AppData\Local\EmieUserList 2014-04-21 17:35:18 -------- d-sh--w- C:\Users\Jolien\AppData\Local\EmieSiteList 2014-04-21 16:51:06 -------- d-sh--w- C:\Users\Rudi\AppData\Locallow\EmieSiteList 2014-04-21 13:45:14 -------- d-sh--w- C:\Users\Lotte\AppData\Locallow\EmieUserList 2014-04-21 13:45:14 -------- d-sh--w- C:\Users\Lotte\AppData\Local\EmieUserList 2014-04-21 13:45:14 -------- d-sh--w- C:\Users\Lotte\AppData\Local\EmieSiteList 2014-04-21 13:44:56 -------- d-sh--w- C:\Users\Lotte\AppData\Locallow\EmieSiteList 2014-04-21 12:53:01 -------- d-sh--w- C:\Users\Griet\AppData\Locallow\EmieUserList 2014-04-21 12:53:01 -------- d-sh--w- C:\Users\Griet\AppData\Local\EmieUserList 2014-04-21 12:53:01 -------- d-sh--w- C:\Users\Griet\AppData\Local\EmieSiteList 2014-04-21 12:52:47 -------- d-sh--w- C:\Users\Griet\AppData\Locallow\EmieSiteList 2014-04-21 12:43:14 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft Help 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-21 12:37:26 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Adobe 2014-04-21 12:37:26 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Adobe 2014-04-21 12:30:07 -------- d-----w- C:\Users\Griet\AppData\Roaming\vlc 2014-04-17 07:15:47 622C5D773B7C1C76563E55383450B07F 155936 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-16 09:07:26 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-04-16 09:07:26 -------- d-----w- C:\Users\Jolien\AppData\Roaming\QuickScan 2014-04-16 09:07:00 -------- d-----w- C:\Users\Jolien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2014-04-16 09:06:44 -------- d-----w- C:\Users\Jolien\AppData\Local\Programs 2014-03-28 15:24:28 -------- d-----w- C:\Users\Griet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2014-03-28 14:38:10 -------- d-----w- C:\Users\Griet\AppData\Local\Windows Live Writer 2014-03-28 14:23:47 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp 2014-03-28 14:23:47 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-03-28 14:23:47 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\vaste PC\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\Rudi\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\Lotte\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\Jolien\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\Griet\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-03-28 14:23:46 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-03-28 13:10:43 -------- d-----w- C:\Users\Lotte\AppData\Local\HP ====== C:\Users\Griet ====== 2014-04-21 12:57:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-04-21 12:56:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2014-04-21 12:51:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-04-21 12:43:20 -------- d-----w- C:\Users\UpdatusUser\Searches 2014-04-21 12:43:20 -------- d-----w- C:\Users\UpdatusUser\Contacts 2014-04-21 12:43:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\Searches 2014-04-21 12:43:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\Contacts 2014-04-21 12:43:17 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini 2014-04-21 12:43:14 -------- d--h--w- C:\Users\UpdatusUser\AppData 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\Saved Games 2014-04-21 12:43:14 -------- d-----w- C:\Users\UpdatusUser\Favorites 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Videos 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Pictures 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Music 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Links 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Downloads 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Documents 2014-04-21 12:43:14 -------- d-----r- C:\Users\UpdatusUser\Desktop 2014-04-21 12:29:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-21 12:15:32 F94744B5E3D646E2184DF82215D72F05 1322687 ----a-w- C:\Users\Griet\Desktop\AdwCleaner.exe 2014-04-21 11:53:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-03-28 15:10:13 -------- d-----w- C:\Users\Griet\Tracing ====== C: exe-files == 2014-04-22 10:35:32 15B48EEB345B30238FC5C691B538136B 302816 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000059ae\drsupdate.18123861_RUNASUSER.exe 2014-04-21 12:45:14 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2014-04-21 12:45:13 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\System32\mstsc.exe 2014-04-21 12:45:13 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\System32\wksprt.exe 2014-04-21 12:45:13 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-04-21 12:45:13 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2014-04-21 12:43:42 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-04-21 12:43:42 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-21 12:43:42 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-21 12:43:42 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-04-21 12:43:39 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-21 12:43:37 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-21 12:43:37 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-21 12:43:35 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-21 12:43:35 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-21 12:43:34 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-04-21 12:43:34 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-04-21 12:43:27 72F6FCE4B94D676D843705DA4A882027 124992 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\043a8018\drsupdate.11081599_RUNASUSER.exe 2014-04-21 12:43:09 AA130938A27BB80A8B6438EF83232275 1364256 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 2014-04-21 12:43:09 52174D3DB15275ED118C973D9A950919 1164576 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe 2014-04-21 12:43:09 3881796DEC594ABB034CD032794122B8 190752 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\WLMerger.exe 2014-04-21 12:42:02 9F778BA5129A23C7AEBCE965C69F5EA3 1196832 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\nvxdsync.exe 2014-04-21 12:42:02 8BCC26DF9D805D939F7E861F1FE22826 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\setup.exe 2014-04-21 12:42:01 415695F5A54E91E869EEBFEA261361A6 922912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\nvvsvc.exe 2014-04-21 12:42:01 10E1BFE28D8C261646C1815A49C37639 2450208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\NvTray.exe 2014-04-21 12:42:00 F1EACFB34EB8AAE53384F08E678C5C7E 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\nvSmartMaxapp.exe 2014-04-21 12:42:00 18E3451E0EE37240E6FAA6430E913EF2 6866208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\nvcplui.exe 2014-04-21 12:42:00 0017671F7E15F327B9CD4216F023E2F7 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{DC1AB2CC-7026-4642-ACE8-977CA009D975}\nvSmartMaxapp64.exe 2014-04-21 12:41:58 8BCC26DF9D805D939F7E861F1FE22826 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{8F418D78-A0C3-4F1E-B286-1F6C8311EF38}\setup.exe 2014-04-21 12:41:47 AA130938A27BB80A8B6438EF83232275 1364256 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{769466CC-67B4-4C7B-948C-6B549F1D99E6}\daemonu.exe 2014-04-21 12:41:47 52174D3DB15275ED118C973D9A950919 1164576 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{769466CC-67B4-4C7B-948C-6B549F1D99E6}\ComUpdatus.exe 2014-04-21 12:41:47 3881796DEC594ABB034CD032794122B8 190752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{769466CC-67B4-4C7B-948C-6B549F1D99E6}\WLMerger.exe 2014-04-21 12:41:47 0AE04E5F2710DB65B5630044D95220DD 23771152 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{6F498686-9B38-455C-8D68-E60DFDEDBF88}\3DVision_331.65.exe 2014-04-21 12:41:46 69D9D89B98086A9DFC0E36FEF3362B3B 74327296 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2AB2BC8-09E6-4F74-8509-D23DE4CC903E}\NvCplSetupInt.exe 2014-04-21 12:41:45 467B9304C6955F736BDE5EC48CB83D27 250144 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2AB2BC8-09E6-4F74-8509-D23DE4CC903E}\dbInstaller.exe 2014-04-21 12:41:41 0ED4521CB66A7AE6A0813F634AFF5569 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{6C14FB57-59F5-407A-ADCC-82ECDDEA7CCC}\setup.exe 2014-04-21 12:37:24 47C8528A9B1C5B2A5136A67C509E5144 96768 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2014-04-21 12:37:24 29A66B02C9F3A355FAE48B6F2FC025B1 54432 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2014-04-21 12:37:24 29A66B02C9F3A355FAE48B6F2FC025B1 54432 ----a-w- C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe 2014-04-21 12:37:24 1BB553EC21E06CD363F0A24A92D67E6A 130208 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2014-04-21 12:37:24 045D0A219E0F6970EABDA290940A0EAA 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2014-04-21 12:31:48 1F7A962D0447CEDE7999696C0CB699A9 88541 ----a-w- C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe 2014-04-21 12:29:53 C7381EEC1332559C3582B40A41221904 233566 ----a-w- C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe 2014-04-21 12:21:26 7D26205608B992B4BB2FD047AA0F61A9 485208 ----a-w- C:\Program Files (x86)\Secunia\PSI\Uninstall.exe 2014-04-21 12:15:32 F94744B5E3D646E2184DF82215D72F05 1322687 ----a-w- C:\Users\Griet\Desktop\AdwCleaner.exe 2014-04-21 12:07:21 C77F0FDB6959817744061FC6B814E76C 692400 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-21 11:53:12 6EA69D2312F3571F6F8BEADD224165E8 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-04-21 11:53:07 9533FE0A942E00114047140B42DF8E3D 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2014-04-21 11:53:07 37C15684482B4D596316735DCEEE939A 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-04-21 11:52:01 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Griet\AppData\LocalLow\Sun\Java\jre1.7.0_55\lzma.exe === C: other files == 2014-04-21 12:46:10 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-04-21 12:45:13 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2014-04-21 12:39:08 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys 2014-04-21 12:39:08 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1005\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AS1C08C05SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1008\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AS1C08C05SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN64C~1.DLL" ==== Startup Folders ====================== 2013-03-09 11:20:57 1940 ----a-w- C:\Users\Griet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk 2014-04-16 09:07:00 1105 ----a-w- C:\Users\Jolien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\{B485632D-7A74-481D-82E0-1A56D43F2C44}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{BE5FE6CB-CAB5-485A-B7D5-ED5FCEB9A684}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com" [24/04/2014 19:04] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx[21/10/2013 20:49] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx[21/10/2013 20:49] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx[21/10/2013 20:49] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx[25/03/2014 22:18] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx[21/10/2013 20:49] Google Docs - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jolien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{622E484F-32EF-4467-8A51-8BFA5D6D6268}" {622E484F-32EF-4467-8A51-8BFA5D6D6268} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4219386834-4240703508-4099736358-1005\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe, O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2AS1C08C05SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4219386834-4240703508-4099736358-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-4219386834-4240703508-4099736358-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file) O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file) O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Griet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Griet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jolien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jolien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Lotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Rudi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rudi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\vaste PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\vaste PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Jolien\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\vaste PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2638 folders=372 263758425 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Griet\AppData\Local\Temp will be emptied at reboot C:\Users\Jolien\AppData\Local\Temp emptied successfully C:\Users\Lotte\AppData\Local\Temp emptied successfully C:\Users\Rudi\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\vaste PC\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Griet\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 26/04/2014 at 20:38:33,49 ======================