Zoek.exe v5.0.0.0 Updated 20-September-2014 Tool run by Gebruiker on zo 21-09-2014 at 10:00:50,46. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 21-9-2014 10:04:09 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent 64 Bit HP CIO Components Installer Acrobat.com Adobe AIR Adobe Digital Editions 2.0 Adobe Flash Player 10 Plugin Adobe Flash Player 15 ActiveX Adobe Reader 9.5.5 MUI Alcor Micro USB Card Reader ASUS AI Recovery ASUS AP Bank ASUS LifeFrame3 ASUS MultiFrame ASUS Virtual Camera ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Avery Wizard 5.0 B110 Bing Bar BufferChm Chicken Invaders 2 Citrix XenApp Web Plugin Computer Security 12.71.105.0 (release) ControlDeck CyberLink LabelPrint CyberLink Power2Go D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition DesignPro 5 Destinations DeviceDiscovery Disketch Disc Label Software DVD Shrink 3.2 ETDWare PS/2-x64 7.0.5.9_WHQL F-Secure CCF Reputation F-Secure CCF Scanning 1.43.102.193 (release) F-Secure Network CCF 1.02.126 Fast Boot Game Park Console Garmin Communicator Plugin x64 Google Chrome Google Drive Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 Hewlett-Packard ACLM.NET v1.1.0.0 HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPAppStudio HPDiagnosticAlert HPPhotoGadget HPProductAssistant HPSSupply ImgBurn Intel(R) Control Center Intel(R) Graphics Media Accelerator Driver Java 7 Update 67 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 9.9.0 (Full) Kobo MarketResearch MediaFACE 4.01 MediaFACE 4.01 Image Library Medieval CUE Splitter Mesh Runtime Messenger Companion Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office Home and Student 2010 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 32-bit Components 2010 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Nero 2014 Nero 2014 Content Pack Nero Abstract Themes Nero Audio Pack 1 Nero Blu-ray Player Nero Blu-ray Player Help (CHM) Nero Burning Core Nero Burning ROM Nero Burning ROM Help (CHM) Nero Cliparts Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero CoverDesigner Nero CoverDesigner Help (CHM) Nero Device Updates Nero Disc Menus 1 Nero Disc Menus 2 Nero Disc Menus 3 Nero Disc Menus Basic Nero Disc to Device Nero Effects Basic Nero Express Nero Express Help (CHM) Nero Family and Events Themes Nero Football (Soccer) Themes Nero Holiday and Sports Themes Nero Image Samples Nero Info Nero Kwik Themes Basic Nero Launcher Nero MediaHome Nero MediaHome Help (CHM) Nero PiP Effects 1 Nero PiP Effects Basic Nero Platinum Effects 12 Nero Prerequisite Installer 2.0 Nero Recode Nero Recode Help (CHM) Nero RescueAgent Nero RescueAgent Help (CHM) Nero Retro Film Themes Nero SharedVideoCodecs Nero Update Nero Video Nero Video Help (CHM) Nero Video Samples Nero Video Transitions 1 Network64 Newzbin Online Safety 2.71.966.47 Platform Prerequisite installer PS_AIO_07_B110_SW_Min QuickPar 0.9 QuickTransfer SABnzbd 0.7.16 Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Shop for HP Supplies Skype Click to Call SkypeT 6.16 SmartWebPrinting Smileyville FREE SolutionCenter Spotify SpotLite Spotnet SRS Premium Sound Control Panel Start Menu Status Toolbox TrayApp Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB 2.0 1.3M UVC WebCam VIA Platform Device Manager Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables VSO ConvertXToDVD WebReg Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash WinRAR 4.20 (64-bit) WinZip 17.0 Wireless Console 3 ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\PC Veilig\fshoster32.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\PC Veilig\apps\CCF_Reputation\fsorsp.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSMA32.EXE C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\SABnzbd\SABnzbd.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\PC Veilig\fshoster32.exe C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSM32.EXE C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\Gebruiker\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3038 MB CPU Info: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz CPU Speed: 331,7 MHz Sound Card: Speakers (VIA High Definition A | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT30N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 74,5GB | D: 208,9GB Hard Disks - Free: C: 11,0GB | D: 56,8GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/04/09 | _ASUS_ - 20091204 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K50IJ Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Computer Beveiliging On-access scanning disabled (Outdated) Anti-Spyware: Computer Beveiliging disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17280 Google Chrome version: 37.0.2062.120 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_67 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-09-18 15:24:55 CED7EE72D5F05FE98A96806B4D1AA5FF 19637 ----a-w- C:\Windows\prodsett_copy.ini ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== 2014-09-08 23:52:03 6C511038DD36CCD2B85DD28928315CC1 29931 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\11a4eb14-427d9e36 2014-09-08 23:51:57 7D8BC156DD0B86517B95B097596F247B 424 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\59eb95e2-ae1833d3928485524e9bb7042b0d20c6a9251a56758ca7382cc86fe1d0afde17-6.0.lap 2014-09-08 23:51:58 18623C2AC93D69709A9A47106CF06501 216111 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\5995df63-2f8cfd43 2014-09-08 23:51:59 69E8AE46823B52DCDDA3722FAFEE367B 16337 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-7315c4c3 2014-09-08 23:52:03 6C511038DD36CCD2B85DD28928315CC1 29931 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\18448928-6fe7cdb1 2014-09-08 23:42:59 E8C80BF60938EE72EE77AB866EA40E2B 282048 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-1311bc8c 2014-09-08 23:42:57 0B23B3044AE9E02DCE26DB4D5E007252 848 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-2b0c7b5a 2014-09-08 23:42:59 0B23B3044AE9E02DCE26DB4D5E007252 848 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-16597e96 2014-09-08 23:42:59 32BDB8ED7CE3F2941B263E5BE1612DD8 445 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap 2014-09-10 08:56:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4aed86e3 ====== C:\Windows\SysWOW64 ===== 2014-09-11 11:52:59 07EF2978A5BC36720378F95566697FD8 272808 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-09-11 11:52:27 3BDEB17FE6390BFF1BF3A2D964DE8E48 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-09-11 11:52:27 11FD45A41DF45298686ED39062AABE2A 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-09-11 11:52:27 0F70F4DAF2BC5613EE75C9B2585CE67E 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-09-11 01:38:15 297EF1AB73B8FCE76BCA1365C2E49AFC 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-09-11 01:38:14 E3D7B3F64C30994409BDF8E48048A854 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 01:38:13 6DD476318F524D2DCB73AFEB2EE27B4A 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 01:38:13 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 01:38:12 CC8F34B345DA638D77BB48C035DA628D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-09-11 01:38:12 84E96F4AF8A7748A3DE7C3EBBC6768E5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 01:38:12 4F2EDC301EC63F803C0FDB6CC87EDA24 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-09-11 01:38:12 010DFAF3EF93994B805BAA1493D47973 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 01:38:11 D603AC77E17E5B9583E382F2EE0381A7 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 01:38:11 AA595171932ACC79DA9851067DCBDABF 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-09-11 01:38:11 8D4FCAB2643DFEF68040B70F1EDCCBC5 327872 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 01:38:11 7C3D593AB1E2F5E5687D97772EF99AC7 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-09-11 01:38:11 13C2C87C35E52AAB1B439FB2E26DF2DE 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 01:38:11 074646C5A979DE79133DE4A8530A9C5D 603136 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 01:38:10 77F79126444896B5867E6761490735B8 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 01:38:10 2E2E40E5D92EEA979548E307C5781038 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 01:38:08 5074835337862817DB3726558D0908DE 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 01:38:08 1D8C086A39B9794D7131384586811B25 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 01:38:07 88EBB8526981D03C5777AB0A4AEBA8B4 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 01:38:04 FD96C05DE700F5FD26273D6DDB6495A7 2185728 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-09-11 01:38:03 D58988722C72D265B51A54103DFC2C6F 1812992 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-09-11 01:38:02 77B7DDF91F3ED2CDB6CF60224EE13433 4232704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-09-11 01:38:02 6A3A809CA7A8F40C89E6F1D301898A66 2014208 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 01:38:02 41010A88B70A2168F801DC19EBD4CB4F 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-09-11 01:38:00 7BF1CE9240CB9DD27C3E30733176EB8E 17455104 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-09-11 01:37:58 A3560FAFC1686D5EE9830B33B5C74B66 11769856 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-09-11 01:07:09 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 09:12:03 A8DDB7ACB122FC36FF0D7C9B3099A380 793600 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 09:11:15 79896A78039C9A63C56197843CFBAD0B 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 09:10:12 1B85FA0D0A93C011B76678733F39DB6C 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-09-10 09:10:11 B094390B6B2D0456821384771020870B 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-09-10 09:10:11 10826DA2FC073702AEAB93AF3D73B066 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== 2014-09-18 15:25:25 FCC27D6498B065AC2B7397623563A200 41024 ----a-w- C:\Windows\SysWOW64\drivers\fsbts.sys ====== C:\Windows\Sysnative ===== 2014-09-11 01:38:15 9EFF09364ABDC86770FA0B1BCC9CA3C3 596480 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-09-11 01:38:14 1BE1D1942825BE2146941DA274D2B92F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-09-11 01:38:13 EF79F0B9E0F277F5797C475DF4248B97 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-09-11 01:38:13 EE6B22396FA99639A163B1B7E9736669 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-09-11 01:38:13 A0600300428AB73664050659E738F11F 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-09-11 01:38:13 305D5395A65D00C74A94AEA40E9909E9 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-09-11 01:38:13 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-09-11 01:38:13 0113777A28BEC88A50C2566F346E4B58 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-09-11 01:38:12 E76C23C71345ACBC65ED8F6E87AD01D1 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-09-11 01:38:12 786ECD92C9D77F571134283E0FABAF1A 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-09-11 01:38:12 641068C626DE3AD348871D0D7931A3FA 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-09-11 01:38:12 4CF33E458BAEDA917CAE9F2E8338479C 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-09-11 01:38:11 C07D636B0237172345E68AE8B70A2984 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-09-11 01:38:11 C067D863FCD53B91A5BF78AE1CE88E54 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-09-11 01:38:11 A1BB4CFB25F7CE1D4F67DD71111823AA 374968 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-09-11 01:38:11 68B0077C0D09D1B669A260F2921FD6B9 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-09-11 01:38:11 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-09-11 01:38:11 2AEFBA4339A34C8EF021B49D23D1F1DF 727040 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-09-11 01:38:09 920BD93A0B64657A20CA66C2EBB167EA 23591424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-09-11 01:38:08 4C8838D7C13E9080AF4B548CA791896B 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-09-11 01:38:08 227303FC6E95547EA274F4337BBC7278 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-09-11 01:38:08 1439630B47D717960D59423958754394 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-09-11 01:38:07 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-09-11 01:38:06 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-09-11 01:38:04 75498A52C2AE248DEE5BDF5209768963 2793984 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-09-11 01:38:04 39EBB9708453036A74C30C9A294023FF 2310656 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-09-11 01:38:03 F6304AACC5744016770C8C797CAA2AF7 5833728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-09-11 01:38:02 FECA80905D551074E1A9298BD98103B7 1447424 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-09-11 01:38:02 97752927B6E2401011A96E0D6082E403 2104832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-09-11 01:37:59 BA56C68CCB912C4C08C97DD32C47AD31 13588480 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-09-11 01:07:09 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll 2014-09-10 09:12:03 EFF3FF9D9E5BFD2A05390D959A1C3AD0 1031168 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll 2014-09-10 09:11:16 224C2EEBAAF39CD93DE5332DBE5E5A95 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-09-10 09:10:12 33EF550DCCC58C93F5B65FD75BAD9832 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-09-10 09:10:11 EE4B105F1DBE1E864AFC72E7F0315432 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-09-10 09:09:10 E2BCB58869598B392D6A78953F61A2D9 578048 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-09-10 09:08:58 88BC88D0BDFB6BBE5765D5ABB233C110 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-09-18 15:42:03 F59F2C574AA5D84477EB89F87C938F16 56016 ----a-w- C:\Windows\Sysnative\drivers\fsbts.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-09-13 16:21:16 -------- d-----w- C:\PROGRA~2\Avery 2014-09-11 11:53:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-09-11 11:51:46 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-09-12 01:10:09 3ABDB56F109E3D3DC3D7A56942F51AE5 1790696 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat~ 2014-09-08 23:44:43 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Oracle 2014-09-08 23:38:11 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Sun ====== C:\Users\Gebruiker ====== 2014-09-20 19:46:39 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-09-13 16:21:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery 2014-09-13 16:21:19 -------- d-----w- C:\ProgramData\Avery 2014-09-11 11:52:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-08 23:42:33 -------- d-----w- C:\ProgramData\Oracle 2014-09-08 23:42:22 -------- d-----w- C:\ProgramData\Sun ====== C: exe-files == 2014-09-20 19:46:39 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2014-09-20 19:36:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XIN8EOT\RSITx64.exe 2014-09-18 15:32:47 C2C92C80B46D3DCEB5EB0DF651798B7B 681000 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\fsgk32.exe 2014-09-18 15:32:47 A6756A26F392920EF0CB05144B1969EB 568360 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\upd_fsav32.exe 2014-09-18 15:32:47 3ADA03191CE642DA0D50BA8016087A31 1229864 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\fssm32.exe 2014-09-18 14:52:56 D445DA8502E01F8051D22A99BDDEF892 80832 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\orsp-win-v2\1370467978\orspdiag.exe 2014-09-18 14:52:56 729C7B60899FC70AE21137ED1BBE03B5 203712 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\orsp-win-v2\1370467978\orspupd.exe 2014-09-18 14:52:56 45303CDBC1FD8F8D371E726BF126F771 60352 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\orsp-win-v2\1370467978\fsorsp.exe 2014-09-18 14:52:43 528492B58124CEDF1CA2E7DCC5649C13 392760 ----a-w- C:\Program Files (x86)\PC Veilig\_fs_se_hotfix.exe === C: other files == 2014-09-21 07:24:41 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\_MEI39523\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2014-09-21 07:24:41 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\_MEI39523\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2014-09-18 15:42:03 F59F2C574AA5D84477EB89F87C938F16 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys 2014-09-18 15:32:53 F59F2C574AA5D84477EB89F87C938F16 56016 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\mlcwin\1409145813\fsbts_x64.sys 2014-09-18 15:32:53 18DA737DD5122A475DA4948ED4643675 44240 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\mlcwin\1409145813\fsbts.sys 2014-09-18 15:32:48 7E1DF1A6EFF6217CB1D58E600DCDFFF7 73896 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\upd_fshs32.sys 2014-09-18 15:32:48 5BD34B7056EDA4C4EEA0A690384DD4B9 69960 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\upd_fshs64.sys 2014-09-18 15:32:47 E4DBFEF4D02901F4EEE17459B11CA827 203304 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\upd_fsgk_x64.sys 2014-09-18 15:32:47 CE5EF473D33786A7B827534AFA297F88 146472 ----a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1403511452\upd_fsgk.sys 2014-09-18 15:25:37 D6D7CE61CE02664FA643C3096C20B6DE 6399 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\5\settings.zip 2014-09-18 15:25:36 005DBA1D095BCE3843C2F93EE72DD5A9 52039 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\5\help.zip 2014-09-18 15:25:34 31C21F58715B78F94CC15D2759FE1741 24761 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\5\localization.zip 2014-09-18 15:25:33 A2C48B93261F775F2EC6385408B31695 103417 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\5\customization.zip 2014-09-18 15:25:25 FCC27D6498B065AC2B7397623563A200 41024 ----a-w- C:\Windows\SysWOW64\drivers\fsbts.sys 2014-09-18 15:24:28 28B8968CB3DCFB5C81490BB9A7F1CA99 99195 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\4\help.zip 2014-09-18 15:24:28 10B6DFA8B701148B429AD29E4E35ED13 38719 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\4\settings.zip 2014-09-18 15:24:27 E7A75862AAE28FA56104A6BB89511596 214269 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\4\customization.zip 2014-09-18 15:24:27 1EF48013FBA6E67FD069F830C06582BC 140997 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\4\localization.zip 2014-09-18 15:24:10 291570E8E302C9EDA9418FED26B8C271 29421 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\8\help.zip 2014-09-18 15:10:12 3D7F8D01EF9F3635DFA74C6CA0C612B1 493724 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\4\preInstallTool.zip 2014-09-18 15:08:11 13C958E96161883C38D6E868D0A314C6 17224621 ----a-w- C:\ProgramData\f-secure\MySA\temp\download\download_service_4582601_latebound_sidegrade_sidegrade.zip 2014-09-18 14:52:43 E5201EEEA11D2EB4CB88E9EDC0BF4072 5489 ----a-w- C:\ProgramData\f-secure\MySA\temp\hotfixes_4582601.zip 2014-09-18 14:52:32 ED96EDAEF778A45AF54DB8562881B92A 41471 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\1\help.zip 2014-09-18 14:52:32 DF69FD66B0BCDB2D1CF39A4C1FBA929B 35398 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\1\localization.zip 2014-09-18 14:52:32 475DA98BDD5E599BF8A9C1558CB2D9A3 72304 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\1\customization.zip 2014-09-18 14:52:32 27D6E52DF250ADB3AF5D5F2256B36221 7726 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\1\settings.zip 2014-09-18 14:52:23 DF69FD66B0BCDB2D1CF39A4C1FBA929B 35398 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\1\localizations.zip 2014-09-18 14:52:20 475DA98BDD5E599BF8A9C1558CB2D9A3 72304 ----a-w- C:\ProgramData\f-secure\MySA\latebound\4582601\1\customizations.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4267032647-4230176089-2303849188-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "MediaFace Integration"="C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "F-Secure Hoster (4582601)"="C:\Program Files (x86)\PC Veilig\fshoster32.exe -app -hosterid:1" "F-Secure Manager"="C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSM32.EXE /splash" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Setwallpaper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Setwallpaper" "hkey"="HKLM" "command"="c:\\programdata\\SetWallpaper.cmd" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateLBPShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateP2GoShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SRS Premium Sound.lnk" "backup"="C:\\Windows\\pss\\SRS Premium Sound.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Windows\\Installer\\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h" "item"="SRS Premium Sound" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Partner Service] ==== Startup Folders ====================== 2013-10-26 22:06:23 1041 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk 2011-10-11 20:17:08 2101 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ \C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\Windows\tasks\DriverToolkit Autorun.job --a------ C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-04-2010 05:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{7E458B57-284B-4A22-B991-67DD9091951C}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11-10-2011 22:18] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11-10-2011 22:18] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17-01-2012 11:45] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\GEBRUI~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[31-05-2014 21:28] Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Skype Click to Call - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Hangouts - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hangouts.nl.softonic.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hangouts.nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="https://www.google.com/search?q={searchTerms}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files (x86)\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [F-Secure Hoster (4582601)] "C:\Program Files (x86)\PC Veilig\fshoster32.exe" -app -hosterid:1 O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSM32.EXE" /splash O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: SABnzbd.lnk = C:\Program Files (x86)\SABnzbd\SABnzbd.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/BE/Core/Player/2020PlayerAX_Win32.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\fshoster32.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\apps\CCF_Reputation\fsorsp.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=761 folders=81 49115879 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 21-09-2014 at 12:09:52,77 ======================