Zoek.exe v5.0.0.0 Updated 13-July-2014 Tool run by Leen on ma 14/07/2014 at 8:50:54,43. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leen\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 14/07/2014 8:53:49 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\ContinueToSave deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\WebSearch deleted successfully C:\Program Files\Common Files\SWF Studio deleted successfully C:\PROGRA~2\CanonEPP deleted successfully C:\PROGRA~2\CanonIJEPPEX2 deleted successfully C:\PROGRA~2\CanonIJScan deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\Users\Leen\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Leen\AppData\Roaming\RavensburgerTipToi deleted successfully C:\Users\Leen\AppData\Roaming\TP deleted successfully C:\Users\Leen\AppData\Roaming\WinRAR deleted successfully C:\Users\Leen\AppData\Local\MigWiz deleted successfully C:\Users\Leen\AppData\Local\PackageAware deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3085450605-2629627131-3274191645-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_USERS\S-1-5-21-3085450605-2629627131-3274191645-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_USERS\S-1-5-21-3085450605-2629627131-3274191645-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D1815368-01F0-4160-BD5C-100FD4E76559} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3085450605-2629627131-3274191645-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully ==== Installed Programs ====================== ABBYY FineReader 11 Acrobat.com Adobe AIR Adobe Flash Player 14 ActiveX Adobe Help Manager Adobe Reader 9.5.5 MUI Apple Application Support Apple Software Update Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver avast Free Antivirus Belgium e-ID middleware 4.0.4 (build 7251) Bing Maps 3D Canon Easy-WebPrint EX Canon MG3500 series MP Drivers Canon MG3500 series On-screen Manual Canon My Image Garden Canon My Image Garden Design Files Canon My Printer Canon Quick Menu CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CorelDRAW Essentials 4 - Content CorelDRAW Essentials 4 - Draw CorelDRAW Essentials 4 - Filters CorelDRAW Essentials 4 - ICA CorelDRAW Essentials 4 - IPM - No VBA CorelDRAW Essentials 4 - Lang BR CorelDRAW Essentials 4 - Lang DE CorelDRAW Essentials 4 - Lang EN CorelDRAW Essentials 4 - Lang ES CorelDRAW Essentials 4 - Lang FR CorelDRAW Essentials 4 - Lang IT CorelDRAW Essentials 4 - Lang NL CorelDRAW Essentials 4 - PHOTO-PAINT CorelDRAW Essentials 4 - Windows Shell Extension CorelDRAW Essentials 4 CyberLink LabelPrint CyberLink MediaShow CyberLink MediaShow Espresso CyberLink PhotoNow CyberLink Power2Go CyberLink PowerDirector CyberLink PowerDVD 9 CyberLink PowerDVD Copy CyberLink PowerProducer D3DX10 Digital Voice Editor 3 Dropbox Gebruikersregistratie voor Canon MG3500 series Gebruikersregistratie voor Canon MP280 series Google Chrome Google Chrome Frame Google Earth Google Toolbar for Internet Explorer Google Update Helper Google+ Auto Backup GPL Ghostscript Haali Media Splitter Intel(R) Graphics Media Accelerator Driver Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Java 7 Update 60 Java Auto Updater Junk Mail filter update Launch Manager Malwarebytes Anti-Malware versie 2.0.2.1012 Medion Home Cinema Mesh Runtime Messenger Companion Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Starter 2010 - Nederlands Microsoft PowerPoint Viewer Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT MSXML 4.0 SP2 (KB973688) Octoshape Streaming Services OGA Notifier 2.0.0048.0 OpenOffice.org 3.2 Picasa 3 PlayReady PC Runtime x86 QuickTime 7 Ravensburger tiptoi Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader REALTEK Wireless LAN Driver Scribus 1.4.2 Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Sitecom MD-020 SIM Editor Skype Click to Call SkypeT 6.11 Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) Synaptics Pointing Device Driver VLC media player 2.0.7 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series WOT for Internet Explorer X10 Hardware(TM) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe C:\Windows\system32\taskhost.exe C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\afasrv32.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Sitecom MD-020 SIM Editor\iconcs266761.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Users\Leen\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Users\Leen\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\Launch Manager\WisLMSvc.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\DllHost.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Leen\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== c:\progra~1\contin~1 not found c:\progra~1\websea~1 not found C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) not found C:\ProgramData\ClearAsky Installer deleted C:\Program Files\Hotspot Shield deleted C:\Users\Leen\AppData\Roaming\SkypEmoticons deleted C:\Users\Leen\AppData\Roaming\NCdownloader deleted C:\PROGRA~2\StarApp deleted C:\PROGRA~2\Searrch-NewwTab deleted C:\PROGRA~2\contionuetosave deleted C:\Users\Leen\AppData\Local\CRE deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Searrch-NewwTab deleted C:\Users\Leen\Searches deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\System32\sho7493.tmp deleted "C:\Windows\Installer\5ed64.msi" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3511 MB CPU Info: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz CPU Speed: 2126.9 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-S083C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 424.7GB | D: 40.0GB | Q: 0.0MB Hard Disks - Free: C: 368.2GB | D: 21.7GB | Q: 0.0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 02/01/10 | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MEDION E6214 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 35.0.1916.153 Internet Explorer Version: 11.0.9600.17207 Google Chrome version: 35.0.1916.153 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-07-10 21:42:09 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Leen\AppData\Local\Temp ==== 2014-07-14 06:40:37 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Leen\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc21mlh.dll 2014-07-13 14:43:52 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\Leen\AppData\Local\temp\{B057D771-A9AC-4A3C-A8D7-E18E6BB4F587}\x86\regsvr32.exe 2014-07-13 14:43:52 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\Leen\AppData\Local\temp\{B057D771-A9AC-4A3C-A8D7-E18E6BB4F587}\x64\regsvr32.exe 2014-07-13 14:43:24 D2D6341A87CC3995ABE80F505B6E112A 1207264 ----a-w- C:\Users\Leen\AppData\Local\temp\LiveSupport_setup.exe 2014-07-13 14:43:10 EF7D5227360E42058D25F27D9DB95DE0 648472 ----a-w- C:\Users\Leen\AppData\Local\temp\sSetup-se.exe 2014-07-13 14:42:41 D5B7D81E7BB67107D0F4EDE4AEAB8151 6298720 ----a-w- C:\Users\Leen\AppData\Local\temp\{B057D771-A9AC-4A3C-A8D7-E18E6BB4F587}\Addons\OpProSetup.exe ====== Java Cache ===== 2014-07-14 06:46:43 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Leen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-62508bf9 2014-07-14 06:46:38 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Leen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-435c2abf 2014-07-14 06:46:38 BF75AEC28927CE441AA69C7481024DF1 425 ----a-w- C:\Users\Leen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-07-14 06:46:37 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Leen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-24a5fc5b 2014-07-14 06:46:38 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Leen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-22d6fba9 ====== C:\Windows\system32 ===== 2014-07-14 06:45:40 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-07-14 06:45:28 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-07-14 06:45:28 B1799EE2C6B8435E7227844C5FC08BCC 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-07-14 06:45:28 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\System32\java.exe 2014-07-09 08:45:10 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-07-09 08:45:10 82C8F94A8DFF5D451E1A81B88E9FB4BD 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-07-09 08:45:09 7115E24471C95AA89422A3625BD10FC3 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-09 08:45:09 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-07-09 08:45:08 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-07-09 08:45:08 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\System32\urlmon.dll 2014-07-09 08:45:07 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-07-09 08:45:07 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-07-09 08:45:06 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\System32\msfeeds.dll 2014-07-09 08:45:06 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-07-09 08:45:06 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-07-09 08:45:06 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-07-09 08:45:06 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-07-09 08:45:05 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-07-09 08:45:05 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-07-09 08:45:04 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-07-09 08:45:04 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\System32\wininet.dll 2014-07-09 08:45:04 3B840119F286743FCFE953C5DEF40136 595968 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-07-09 08:45:04 2D396E0D33817173E7EB7EE1B0AFCA28 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-07-09 08:45:02 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\System32\ieframe.dll 2014-07-09 08:45:02 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\System32\ieui.dll 2014-07-09 08:45:02 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\System32\dxtrans.dll 2014-07-09 08:45:01 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\System32\mshtmled.dll 2014-07-09 08:45:00 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-07-09 08:45:00 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-07-09 08:44:59 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\System32\iertutil.dll 2014-07-09 08:44:58 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-07-09 08:44:58 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\System32\mshtml.dll 2014-07-09 08:44:57 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\System32\vbscript.dll 2014-07-09 08:44:56 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\System32\jscript9.dll 2014-07-09 08:44:41 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\System32\osk.exe 2014-07-09 08:44:41 2A58DBC1BADEA2F496099F8CB068E698 2350080 ----a-w- C:\Windows\System32\win32k.sys 2014-07-09 08:44:31 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\System32\qedit.dll 2014-07-09 08:44:30 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\System32\kerberos.dll 2014-07-09 08:44:29 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\System32\schannel.dll 2014-07-09 08:44:29 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\System32\wdigest.dll 2014-07-09 08:44:29 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\System32\ncrypt.dll 2014-07-09 08:44:29 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2014-07-09 08:44:29 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2014-07-09 08:44:28 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\System32\credssp.dll 2014-07-09 08:44:16 5E4EEC0A6A97D6D211D4589EFC0F24EE 404480 ----a-w- C:\Windows\System32\aepdu.dll 2014-07-09 08:44:14 E3DE0483931C257917CE70A336B9A635 302592 ----a-w- C:\Windows\System32\aeinv.dll 2014-07-09 08:44:09 EA4B76A3E19C7335A61B111E09205098 1059840 ----a-w- C:\Windows\System32\lsasrv.dll 2014-07-08 23:50:09 D8B766CD923ECDE0B98F2DB8AB3EE6CE 5018624 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe ====== C:\Windows\system32\drivers ===== 2014-07-13 15:17:06 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-07-13 15:16:34 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-07-09 08:44:31 D0B388DA1D111A34366E04EB4A5DD156 338944 ----a-w- C:\Windows\System32\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-14 06:46:10 -------- d-----w- C:\Program Files\Common Files\Java 2014-07-13 21:59:02 -------- d-----w- C:\Program Files\trend micro 2014-06-27 12:16:53 -------- d-----w- C:\Program Files\Ravensburger tiptoi ======= C: ===== 2014-07-13 15:11:20 B6548A8C978E589113337F5DABF6098E 1902 ----a-w- C:\AdwCleaner[S2].txt 2014-07-13 15:10:16 EDC78209044131B9C246DB9B1E9880BA 2147 ----a-w- C:\AdwCleaner[R1].txt ====== C:\Users\Leen\AppData\Roaming ====== 2014-06-27 12:16:56 -------- d-----w- C:\Users\Leen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2014-06-21 20:30:18 -------- d-----w- C:\Users\Leen\AppData\Local\Adobe ====== C:\Users\Leen ====== 2014-07-14 06:45:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-14 06:23:24 B1BA71EDE129F3D059571E0B8931E12C 918952 ----a-w- C:\Users\Leen\Downloads\JavaSetup7u60.com 2014-07-13 14:47:48 -------- d-----w- C:\ProgramData\Max Secure 2014-06-27 12:16:53 -------- d-----w- C:\ProgramData\RavensburgerTipToi ====== C: exe-files == 2014-07-14 06:45:40 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-07-14 06:45:28 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-07-14 06:45:28 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\System32\java.exe 2014-07-14 06:45:20 F9DE7324BDF83F5AFE174354F47C2AE0 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-07-14 06:45:20 E0FE8B7BE802F8C4A71317AC35E44B00 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-07-14 06:45:20 C7C5FF4B0E83702EFBC0C886D87E9743 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-07-14 06:45:20 B5C9699AA60F74F144DB5A566F6E58F8 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-07-14 06:45:20 84FB0EC0581C996F445433BD2379A5CC 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-07-14 06:45:20 8140DCC3064BA8ADC407D956BE19D764 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-07-14 06:45:20 3427C247AFEC295CD4A20B53EE445F23 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-07-14 06:45:20 3002E7E937FCB8985320AA807E762845 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-07-14 06:45:20 0595B07F96E4F48784A4B772B887AD68 49576 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-07-14 06:45:19 E87885A59FDC241B6575943A75E495D9 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-07-14 06:45:19 E2C8F178A57D011518785CF75044CD69 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-07-14 06:45:19 AEA4E94FC2A2F88FA5EC7FB6BC349E1B 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-07-14 06:45:19 62CA7ABA57A4FCDB3844F73A156BAE26 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-07-14 06:45:19 235A2E87C34995F1837283FE76CD2E46 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-07-14 06:45:19 1EFC992CA271E6D40034FBE7BCEDB724 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-07-14 06:45:17 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-07-14 06:45:17 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-07-14 06:45:17 96777405AB93AF8FCF6C9B6F5C3F1E51 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-07-14 06:45:17 82517DE5984F3EA3A49E0B5C8825DA63 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-07-14 06:45:17 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-07-14 06:45:17 07643C3AF27179144C9800AF0819DE75 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-07-14 06:44:14 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Leen\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-07-13 21:59:02 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Leen.exe 2014-07-13 21:58:48 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Leen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CH2KX9YD\RSIT.exe 2014-07-13 14:43:52 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\Leen\AppData\Local\temp\{B057D771-A9AC-4A3C-A8D7-E18E6BB4F587}\x86\regsvr32.exe 2014-07-13 14:43:52 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\Leen\AppData\Local\temp\{B057D771-A9AC-4A3C-A8D7-E18E6BB4F587}\x64\regsvr32.exe 2014-07-13 14:43:24 D2D6341A87CC3995ABE80F505B6E112A 1207264 ----a-w- C:\Users\Leen\AppData\Local\temp\LiveSupport_setup.exe 2014-07-13 14:43:10 EF7D5227360E42058D25F27D9DB95DE0 648472 ----a-w- C:\Users\Leen\AppData\Local\temp\sSetup-se.exe 2014-07-13 14:42:41 D5B7D81E7BB67107D0F4EDE4AEAB8151 6298720 ----a-w- C:\Users\Leen\AppData\Local\temp\{B057D771-A9AC-4A3C-A8D7-E18E6BB4F587}\Addons\OpProSetup.exe 2014-07-09 08:45:10 82C8F94A8DFF5D451E1A81B88E9FB4BD 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-07-09 08:45:09 7115E24471C95AA89422A3625BD10FC3 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-09 08:45:08 61FF1A9683EDD471797FE0F56057FD09 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-07-09 08:45:06 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-07-09 08:45:05 2168067C03FADB690B77633104A2E64B 470016 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-07-09 08:45:04 CD900EFB4F8946A2BB1950D9F45915C2 812216 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-07-09 08:45:04 3B840119F286743FCFE953C5DEF40136 595968 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-07-09 08:44:41 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\System32\osk.exe 2014-07-09 08:44:41 74C71D9A908FD48C557CB14B6AE7B061 181760 ----a-w- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 2014-07-09 08:44:33 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Windows\System32\Dism\DismHost.exe 2014-07-09 08:44:15 EBE5E2749BF5748F34D3EED54971B99A 145568 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-07-09 08:44:15 81DEC172661580CFDB2C37F175381DD0 42656 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-07-08 23:50:09 D8B766CD923ECDE0B98F2DB8AB3EE6CE 5018624 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe === C: other files == 2014-07-14 06:45:21 8E29BBCCC8D802D36701633A7842FE74 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip 2014-07-14 06:43:44 B1BA71EDE129F3D059571E0B8931E12C 918952 ----a-w- C:\Users\Leen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OXT0LIB\JavaSetup7u60.com 2014-07-14 06:23:24 B1BA71EDE129F3D059571E0B8931E12C 918952 ----a-w- C:\Users\Leen\Downloads\JavaSetup7u60.com 2014-07-14 06:03:01 E6FA893B5B4C8E3025C349CE0605EB27 108 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys 2014-07-13 15:17:06 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-07-13 15:16:34 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-07-09 08:44:41 2A58DBC1BADEA2F496099F8CB068E698 2350080 ----a-w- C:\Windows\System32\win32k.sys 2014-07-09 08:44:31 D0B388DA1D111A34366E04EB4A5DD156 338944 ----a-w- C:\Windows\System32\drivers\afd.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3085450605-2629627131-3274191645-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" "Octoshape Streaming Services"="C:\Users\Leen\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" "HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" "LMgrVolOSD"="C:\Program Files\Launch Manager\OSD.exe" "Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 " "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "USBestCR"="C:\Program Files\Sitecom MD-020 SIM Editor\iconcs266761.exe RunFromReg" "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" "Bonus.SSR.FR11"="C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun" "CanonQuickMenu"="C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" "Octoshape Streaming Services"="C:\Users\Leen\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun" ==== Startup Folders ====================== 2014-04-02 20:40:43 1051 ----a-w- C:\Users\Leen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27/03/2011 20:58] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27/03/2011 20:58] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{BAFD008B-C34B-4F01-BE3A-2FE014AC8DAF}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{0250E22C-13E5-4417-AF85-B4502E9B5357}" [C:\Program Files\Google\Chrome\Application\chrome.exe] "C:\Windows\system32\tasks\{EDE91450-8CF4-4676-BCBC-8D87D7D6CC86}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [10/07/2014 23:42] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[10/07/2014 23:41] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/04/2012 11:23] YouTube - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf contionuetosave - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbalhklfdbapdgpakblahfmkpkappon avast Online Security - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Skype Click to Call - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Searrch-NewwTab - Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkpbddfkgogcceejlabileifdmhbkoln ==== Chrome Fix ====================== C:\Users\Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpbalhklfdbapdgpakblahfmkpkappon deleted successfully C:\Users\Leen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dpbalhklfdbapdgpakblahfmkpkappon_0.localstorage deleted successfully C:\Users\Leen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkpbddfkgogcceejlabileifdmhbkoln deleted successfully C:\Users\Leen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkpbddfkgogcceejlabileifdmhbkoln_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{CAEF1A06-F164-41F4-BB84-10730FE172DC}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {CAEF1A06-F164-41F4-BB84-10730FE172DC} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\f7c1d84d-92b6-4733-991b-bfcef4015ee3 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8499F911-1106-CDBE-FF3C-099C35B8C972} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [USBestCR] C:\Program Files\Sitecom MD-020 SIM Editor\iconcs266761.exe RunFromReg O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Leen\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - Startup: Dropbox.lnk = Leen\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll O23 - Service: ABBYY FineReader 11 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.11.0) - ABBYY - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\Windows\system32\afasrv32.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OXT0LIB will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Leen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=47 folders=24 13314300 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Leen\AppData\Local\temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Leen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Leen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OXT0LIB" deleted ==== EOF on ma 14/07/2014 at 9:11:55,06 ======================