Zoek.exe v5.0.0.0 Updated 22-06-2014 Tool run by Jolanda on do 26-06-2014 at 16:00:13,01. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK6HGO8S\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26-6-2014 16:01:39 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\NCSOFT deleted successfully C:\PROGRA~2\NCWest deleted successfully C:\PROGRA~3\HitmanPro deleted successfully C:\PROGRA~3\Windows deleted successfully C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Jolanda\AppData\Roaming\Ciidok deleted successfully C:\Users\Jolanda\AppData\Roaming\HpUpdate deleted successfully C:\Users\Jolanda\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Jolanda\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Jolanda\AppData\Roaming\WinRAR deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} deleted successfully HKEY_CLASSES_ROOT\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully HKEY_CLASSES_ROOT\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{22C7F6C6-8D67-4534-92B5-529A0EC09405} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Adobe Digital Editions 2.0 Adobe Flash Player 13 ActiveX Adobe Reader X (10.1.10) - Nederlands Adobe Shockwave Player 11.6 Advertising Center AMD APP SDK Runtime AMD Drag and Drop Transcoding ATI Catalyst Install Manager Basissoftware voor HP Deskjet 1050 J410 series Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy ccc-utility64 CCC Help English Compl‚ment Messenger Contr“le ActiveX Windows Live Mesh pour connexions … distance CyberLink PowerDVD 9 D3DX10 DolbyFiles Dropbox Facebook Messenger 2.1.4814.0 Galerie de photos Windows Live Google Chrome Google Toolbar for Internet Explorer Google Update Helper HP Deskjet 1050 J410 series Haelp HP Photo Creations HP Update ImagXpress Java Auto Updater Java(TM) 6 Update 35 Junk Mail filter update K-Lite Codec Pack 7.0.4 (Full) Mesh Runtime Messenger Companion Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MPC-HC 1.7.5 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero Disc Copy Gadget Nero Disc Copy Gadget Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero PhotoSnap Nero PhotoSnap Help Nero Recode Nero Recode Help Nero ShowTime Nero StartSmart Nero StartSmart Help Nero StartSmart OEM Nero Vision Nero Vision Help NeroExpress neroxml Productverbeteringonderzoek HP Deskjet 1050 J410 series Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition SkypeT 6.3 STDU Viewer version 1.6.62.0 swMSM Tibia Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WMV9/VC-1 Video Playback ==== Running Processes ====================== C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\242909a264524de.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\WinUpd\WinUpd.exe C:\Users\Jolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Jolanda\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\8e91ec146fa687b.exe C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK6HGO8S\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\242909a264524de.exe deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\242909a264524de.exe deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\30ebdf09de6824e.exe deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\30ebdf09de6824e.exe deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Jolanda\AppData\Local\8a96c2807ddc45c8161e296b6f20db05 not found C:\Users\Jolanda\AppData\Local\Rich Media Player not found C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\Program Files (x86)\DownBooster deleted C:\Users\Jolanda\AppData\Roaming\systweak deleted C:\PROGRA~3\QuickSet deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\Trymedia deleted C:\Users\Jolanda\AppData\Local\adawarebp deleted C:\Users\Jolanda\Searches deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\prefs.js deleted "C:\Users\Jolanda\AppData\Roaming\Hawo\libnspr4.dll" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\242909a264524de.exe" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\8e91ec146fa687b.exe" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\libgcc_s_dw2-1.dll" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\libstdc++-6.dll" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\libwinpthread-1.dll" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\QtCore4.dll" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2\QtNetwork4.dll" deleted "C:\Users\Jolanda\AppData\Roaming\Hawo" deleted "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4024 MB CPU Info: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz CPU Speed: 3059,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output(Optical) | Display Adapters: ATI Radeon HD 4550 | ATI Radeon HD 4550 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller #2 CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-S223C Ports: COM1 | COM2 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 921,3GB Hard Disks - Free: C: 819,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/16/32 | 012110 - 20100121 Time Zone: West-Europa (standaardtijd) Motherboard *: Foxconn P55MX Series Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Google Chrome 35.0.1916.153 Internet Explorer Version: 11.0.9600.17126 Google Chrome version: 35.0.1916.153 Adobe Reader version: 10.1.10.18 Sun Java version: 1.6.0_35 (32-bit) Shockwave Player version: 11.6.8r638 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Jolanda\AppData\Local\Temp ==== 2014-06-26 07:47:19 CC40FDD59A832E27F146A62A67FDE75E 41984 ----a-w- C:\Users\Jolanda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdfn7a5.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-06-11 18:06:18 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 18:06:18 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2014-06-26 05:49:29 62B40B548C6FFADCFAEB3344DA26AAAD 4054 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-06-26 05:49:29 105E3A8974C6959AD2FC5187D3301F7B 1058 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-26 05:49:28 DB58E19C770566BA05192D16E3624D92 3802 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-06-26 05:49:28 3316AF6C3D05E90E6FA7936D56ECE7DF 1054 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-26 06:51:14 -------- d-----w- C:\Program Files\trend micro 2014-06-26 05:50:03 -------- d-----w- C:\Program Files\Google ======= C:\PROGRA~2 ===== 2014-06-26 06:22:10 -------- d-----w- C:\PROGRA~2\WinUpd ======= C: ===== ====== C:\Users\Jolanda\AppData\Roaming ====== 2014-06-26 07:47:13 -------- d-----r- C:\Users\Jolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 2014-06-26 06:22:13 -------- d-----w- C:\Users\Jolanda\AppData\Local\DownBooster 2014-06-01 15:19:04 -------- d-----w- C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2 ====== C:\Users\Jolanda ====== 2014-06-26 07:39:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jolanda\Downloads\RSITx64.exe 2014-06-26 06:07:35 DC2D4C0858CE92E4ACDDD0095A8606C4 623936 ----a-w- C:\Users\Jolanda\Downloads\uplayermediaplayer-setup.exe 2014-06-26 05:50:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-21 13:32:59 470B6FC2DB4C5FC196FCF8526C1C5597 6240112 ----a-w- C:\Users\Jolanda\Downloads\UnityWebPlayerFull.exe ====== C: exe-files == 2014-06-26 07:39:54 9B5F03B6F124DBFCB3411869247C49F7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$IC9HKGO.exe 2014-06-26 07:39:54 913446BBD76F0621E82BA4BF8C8D8576 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$I9X0WLZ.exe 2014-06-26 07:39:54 77A6DA637D4E97AF94A4F1DFF3041E89 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$IVW0IKE.exe 2014-06-26 07:39:54 44A1AC9269401CFF0720FDE0EA5C734D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$IS0HQ9W.exe 2014-06-26 07:39:40 BCFBC02094EFA29F240A805377FB0772 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$I0E7EJH.exe 2014-06-26 07:39:35 420E9BB2B1CE15EC7F1A21805A371CB5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$IT559Y2.exe 2014-06-26 07:39:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jolanda\Downloads\RSITx64.exe 2014-06-26 06:51:14 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jolanda.exe 2014-06-26 06:51:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT6S9331\RSITx64.exe 2014-06-26 06:22:33 4B0659574189667B5D6B65D1F2759BCD 11181544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$RC9HKGO.exe 2014-06-26 06:22:10 91BC7AF269C7AAB672CCE3607719B6E7 59904 ----a-w- C:\Program Files (x86)\WinUpd\WinUpd.exe 2014-06-26 06:21:53 AA86DCFE35EB5B6EDEBA279FD2679A9C 49502 ----a-w- C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93XXTTPN\REDChecker[1].exe 2014-06-26 06:21:46 42872E3D3A8CD476D4F59AF6A1DB7CDB 52204 ----a-w- C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT6S9331\BlockNSurfChecker[1].exe 2014-06-26 06:21:43 FB96F5A62E3487329225B93C27EEDDBF 45727 ----a-w- C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93XXTTPN\WajamChecker[1].exe 2014-06-26 06:21:10 D0125B3843389C7326375B885C16809C 707448 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$RT559Y2.exe 2014-06-26 06:20:50 D0125B3843389C7326375B885C16809C 707448 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$R0E7EJH.exe 2014-06-26 06:17:40 A4AB38F6C1DC7A357F688E1ADCCEACFA 10274632 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$R9X0WLZ.exe 2014-06-26 06:17:27 A4AB38F6C1DC7A357F688E1ADCCEACFA 10274632 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$RVW0IKE.exe 2014-06-26 06:15:24 A4AB38F6C1DC7A357F688E1ADCCEACFA 10274632 ----a-w- C:\$Recycle.Bin\S-1-5-21-2222692359-2605595293-2164721788-1000\$RS0HQ9W.exe 2014-06-26 06:07:35 DC2D4C0858CE92E4ACDDD0095A8606C4 623936 ----a-w- C:\Users\Jolanda\Downloads\uplayermediaplayer-setup.exe 2014-06-26 05:54:29 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe 2014-06-26 05:54:29 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe 2014-06-26 05:54:29 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe 2014-06-26 05:54:23 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe 2014-06-26 05:54:23 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe 2014-06-26 05:54:23 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe 2014-06-26 05:54:22 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe 2014-06-26 05:54:21 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe 2014-06-26 05:50:41 EDAC53E2964C7ACE868208C3B6C5C8F1 39078480 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.153\35.0.1916.153_chrome_installer.exe 2014-06-26 05:50:03 5D61BE7DB55B026A5D61A3EED09D0EAD 39408 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2014-06-26 05:50:02 5D4BC124FAAE6730AC002CDB67BF1A1C 194032 ----a-w- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 2014-06-26 05:49:58 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe 2014-06-26 05:49:58 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe 2014-06-26 05:49:57 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe 2014-06-26 05:49:56 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2014-06-26 05:49:56 4C401FCC6D0C95E1A5D989E403E18F2F 1072072 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe 2014-06-26 05:49:56 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe 2014-06-26 05:49:56 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe 2014-06-26 05:49:56 1F2AFAB903C0D48480561F3BBD4539C2 739640 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdateSetup_5CC4B0F53D73AD88.exe 2014-06-26 05:49:52 5A6381E0AFB4E0B9FD318C1C76EFE9DC 5030744 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_en_signed.exe 2014-06-26 05:49:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2014-06-21 13:32:59 470B6FC2DB4C5FC196FCF8526C1C5597 6240112 ----a-w- C:\Users\Jolanda\Downloads\UnityWebPlayerFull.exe === C: other files == 2014-06-26 08:35:52 CDE763452DE4D35AC2AD181C693806DD 7 ----a-w- C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WUG48HHV\about[1].com ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2222692359-2605595293-2164721788-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Jolanda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "RemoteControl9"="C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" "PDVD9LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" "BDRegion"="C:\Program Files (x86)\Cyberlink\Shared files\brs.exe" "NCUpdateHelper"="C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Jolanda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" "Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" "VizorHtmlDialog.exe"="C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe DEF EULA C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html DEF DEF DEF" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "HP Software Update"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2013-05-18 15:28:25 1061 ----a-w- C:\Users\Jolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-08-19 18:45:45 1332 ----a-w- C:\Users\Jolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk 2013-07-20 21:03:43 1371 ----a-w- C:\Users\Jolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2222692359-2605595293-2164721788-1000Core.job --a------ C:\Users\Jolanda\AppData\Local\Facebook\Update\FacebookUpdate.exe [19-08-2013 20:49] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2222692359-2605595293-2164721788-1000UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2222692359-2605595293-2164721788-1000Core" [C:\Users\Jolanda\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2222692359-2605595293-2164721788-1000UA" [C:\Users\Jolanda\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1050 J410 series" ["C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Chrome Look ====================== Google Docs - Jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Jolanda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Jolanda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:16010" "ProxyOverride"=";*origin.com;*ea.com;*akamaihd.net" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Run: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jolanda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Jolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Facebook Messenger.lnk = Jolanda\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (file missing) O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Unknown owner - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (file missing) O23 - Service: MBAMService - Unknown owner - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WinUpd - Unknown owner - C:\Program Files (x86)\WinUpd\WinUpd.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK6HGO8S will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Jolanda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=147 folders=23 55557078 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jolanda\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jolanda\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Jolanda\AppData\Local\e0241ff46e59c0cd941aaac908f135c2" not found "C:\Users\Jolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK6HGO8S" not found ==== EOF on do 26-06-2014 at 16:19:04,15 ======================