Zoek.exe v5.0.0.0 Updated 06-February-2015 Tool run by Louise on za 07-02-2015 at 17:19:57,73. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Louise\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-07-20-181751.log 22390 bytes C:\zoek-results2014-08-09-164348.log 6636 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\DeaLeExxprEss deleted successfully C:\PROGRA~3\gaegnjahknpdeofahmcaelmfnkmhdgdh deleted successfully C:\PROGRA~3\hnhhpfpodacpcjgnlpeincobanlepfec deleted successfully C:\PROGRA~3\Isolated Storage deleted successfully C:\PROGRA~3\Trusted Publisher deleted successfully C:\Users\Louise\AppData\Roaming\Awesomium deleted successfully C:\Users\Louise\AppData\Roaming\Samsung deleted successfully C:\Users\Martijn\AppData\Roaming\Awesomium deleted successfully C:\Users\Martijn\AppData\Roaming\Imminent deleted successfully C:\Users\Martijn\AppData\Roaming\Mozilla deleted successfully C:\Users\Martijn\AppData\Roaming\Publish Providers deleted successfully C:\Users\Martijn\AppData\Roaming\System Management deleted successfully C:\Users\Martijn\AppData\Local\Auto Clicker deleted successfully C:\Users\Martijn\AppData\Local\{09D3CA93-E34F-4882-B924-2626BBE69A4D} deleted successfully C:\Users\Martijn\AppData\Local\{3DDBC73C-8496-4631-916E-93A9F466A537} deleted successfully C:\Users\Martijn\AppData\Local\{51C1FE3A-8AF4-423D-BE8B-3549631EA938} deleted successfully C:\Users\Martijn\AppData\Local\{57862CC7-889E-46AD-956C-A2A83D78B206} deleted successfully C:\Users\Martijn\AppData\Local\{7173856C-A048-4D42-8A43-41C222F65FEE} deleted successfully C:\Users\Martijn\AppData\Local\{8A2141F4-CA65-4498-BB32-C7F90765D94F} deleted successfully C:\Users\Martijn\AppData\Local\{AA3C2EF1-D749-4364-A6F1-5E921AA6AF26} deleted successfully C:\Users\Martijn\AppData\Local\{BC92DBB2-8832-4BB5-9CC8-DAD2D0EAA0AE} deleted successfully C:\Users\Martijn\AppData\Local\{EF089009-F31F-48D3-B446-64C62FAB30C7} deleted successfully C:\Users\Martijn\AppData\Local\{FED6A637-B812-4D90-906D-E63533FE5948} deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_CLASSES_ROOT\CLSID\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_CLASSES_ROOT\CLSID\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50a6bc53-19e5-4bae-9289-71033846422b} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_CLASSES_ROOT\CLSID\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50a6bc53-19e5-4bae-9289-71033846422b}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50a6bc53-19e5-4bae-9289-71033846422b}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\hnhhpfpodacpcjgnlpeincobanlepfec not found C:\ProgramData\RRandomPirIcE deleted C:\Program Files (x86)\YouttubeiAdBBlockEa deleted C:\ProgramData\DDIgaiiSaaver deleted C:\Program Files (x86)\uinisaless deleted C:\Program Files (x86)\GreeatSave4U deleted C:\Program Files (x86)\WasteNoTime deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Louise\AppData\Local\Temp ==== 2015-02-07 16:12:04 DD2212A3FC308D2B4BB4D065CAB61A52 662936 -c--a-w- C:\Users\Louise\AppData\Local\Temp\APNSetup.exe 2015-02-07 14:06:43 97511FE2CA09CC2E06C3CD6519C3494E 43008 -c--a-w- C:\Users\Louise\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb0anok.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-01-15 15:34:19 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-02-07 16:14:12 -------- d-----w- C:\PROGRA~2\AskPartnerNetwork 2015-01-21 19:52:01 -------- d-----w- C:\PROGRA~2\Hi-Rez Studios ======= C: ===== ====== C:\Users\Louise\AppData\Roaming ====== 2015-02-07 16:14:16 -------- d-----w- C:\Users\Louise\AppData\Local\AskPartnerNetwork 2015-02-07 14:43:11 86326FC4A36D62F8E5A0D1FF062F7995 20 ----a-w- C:\Users\Louise\AppData\Roaming\appdataFr3.bin 2015-02-01 08:09:26 -------- d-----w- C:\Users\Martijn\AppData\Local\PunkBuster 2015-01-21 19:08:31 -------- d-----w- C:\Users\Martijn\AppData\Roaming\PDAppFlex 2015-01-21 14:24:36 -------- d-----w- C:\Users\Martijn\AppData\Local\Geckofx 2015-01-21 14:24:00 -------- d-----w- C:\Users\Martijn\AppData\Roaming\xulrunner 2015-01-21 14:23:56 15287EC687D7A88BBF1162E1449A6614 10124389 ----a-w- C:\Users\Martijn\AppData\Roaming\xulrunner.zip 2015-01-17 10:30:44 -------- d-----w- C:\Users\Martijn\AppData\Roaming\Azureus ====== C:\Users\Louise ====== 2015-02-07 16:14:12 -------- d-----w- C:\ProgramData\AskPartnerNetwork 2015-02-07 16:14:06 -------- d-----w- C:\ProgramData\APN 2015-02-07 16:11:09 -------- d-----w- C:\ProgramData\Oracle 2015-02-07 15:24:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Louise\Downloads\RSITx64 (1).exe 2015-02-07 14:43:11 -------- d-----w- C:\ProgramData\Yellow AdBlocker 2015-02-05 16:39:15 8A084F101E2ADBF09D0B6052298E0BD5 662 ----a-w- C:\Users\Martijn\Desktop\NockOff.bat 2015-01-21 19:52:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2015-01-21 19:52:32 -------- d-----w- C:\ProgramData\Hi-Rez Studios ====== C: exe-files == 2015-02-07 16:14:16 3C687DD6308FC92BE60B3E366308F98B 157080 ----a-w- C:\Users\Louise\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe 2015-02-07 16:14:16 3B8B66216871991E4DEB09D6BB1016D6 164248 ----a-w- C:\Users\Louise\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe 2015-02-07 16:14:13 F99218793560B339C053484E4E05C326 156056 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe 2015-02-07 16:14:13 F332813CC013D6AF5C5A0C32A3AED725 1934744 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe 2015-02-07 16:14:13 F22A3AE791C78A31763499585180E46A 177560 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe 2015-02-07 16:14:13 D918A8BD188C5D6D0F6645F53E734C9D 196504 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT\vntldr.exe 2015-02-07 16:14:13 A5BC93782CB9878183273DFE4E9A0FED 391064 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe 2015-02-07 16:14:13 9882E67A4555EA41CF177051C2BA8ACC 106392 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe 2015-02-07 16:14:13 3C687DD6308FC92BE60B3E366308F98B 157080 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe 2015-02-07 16:14:13 3B8B66216871991E4DEB09D6BB1016D6 164248 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe 2015-02-07 16:14:13 265DF1773951AC9FD16F034151157BE3 115608 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe 2015-02-07 16:12:06 FA78A9BBAF7352401B7F982464160448 16808 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-02-07 16:12:06 F951A8D249C943E7ECDF66D2FE16CDCD 191400 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe 2015-02-07 16:12:06 F40410CE27DE0823A93B2BD4BFE4F3F6 319912 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\javaws.exe 2015-02-07 16:12:06 F37694550A132DB95F52A14D65C3BF7D 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\kinit.exe 2015-02-07 16:12:06 F1D678998EDEAE9DF3300E6521A119F2 77224 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe 2015-02-07 16:12:06 CB836597AE26F0D031CF7A0C934EC218 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\pack200.exe 2015-02-07 16:12:06 C7FDEF85040A4602C3547E4C5B700CF9 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\keytool.exe 2015-02-07 16:12:06 B9BAB51EDBBF27E480A07F904124F810 197544 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\unpack200.exe 2015-02-07 16:12:06 B53F3B97AA13A200F8DB5BFA2684F953 16808 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\servertool.exe 2015-02-07 16:12:06 B4614F21174A2F1DAA5394062885C8E5 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\ktab.exe 2015-02-07 16:12:06 886C21FEA39553EA786355C58379AB75 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\tnameserv.exe 2015-02-07 16:12:06 713DBD861EC396B286A1970A4F0F6951 16808 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\policytool.exe 2015-02-07 16:12:06 6E23278A38DCB78C29B19386B1D509DC 34216 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\jabswitch.exe 2015-02-07 16:12:06 5657E104B156F043BC002C3EDC1C79E4 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\orbd.exe 2015-02-07 16:12:06 4AE110AC85558EF04CB3677754A98427 66472 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\ssvagent.exe 2015-02-07 16:12:06 3B65C09A8A823334CE0EB9AA3F9BDFE5 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\rmid.exe 2015-02-07 16:12:06 12B174AA182C0C98ACAE637EEA9C52A0 190888 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\java.exe 2015-02-07 16:12:06 1125B37F1D6BAF143AF129831B06D1BD 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\java-rmi.exe 2015-02-07 16:12:06 0F19A5EE1E440C0F05554FA3A48EF000 100264 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-02-07 16:12:06 06CE06172AA1185E701647429A9C18C9 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\jjs.exe 2015-02-07 16:12:06 03597BDF891C9FDB3A4F1C2DA591A4C4 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_31\bin\klist.exe 2015-02-07 16:12:05 DD2212A3FC308D2B4BB4D065CAB61A52 662936 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe 2015-02-07 16:12:04 DD2212A3FC308D2B4BB4D065CAB61A52 662936 -c--a-w- C:\Users\Louise\AppData\Local\Temp\APNSetup.exe 2015-02-07 16:11:26 F951A8D249C943E7ECDF66D2FE16CDCD 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-02-07 16:11:26 F40410CE27DE0823A93B2BD4BFE4F3F6 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-02-07 16:11:26 12B174AA182C0C98ACAE637EEA9C52A0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-02-07 16:11:16 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe 2015-02-07 16:11:16 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe 2015-02-07 16:11:16 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe 2015-02-07 16:11:16 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-02-07 16:11:16 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe 2015-02-07 16:11:16 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe 2015-02-07 16:11:16 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe 2015-02-07 16:11:16 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe 2015-02-07 16:11:16 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe 2015-02-07 16:11:15 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe 2015-02-07 16:11:15 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe 2015-02-07 16:11:15 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe 2015-02-07 16:11:15 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe 2015-02-07 16:11:15 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-02-07 16:11:15 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe 2015-02-07 16:11:15 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe 2015-02-07 16:11:15 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe 2015-02-07 16:11:15 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe 2015-02-07 16:11:15 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe 2015-02-07 16:11:15 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe 2015-02-07 16:11:15 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe 2015-02-07 15:24:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Louise\Downloads\RSITx64 (1).exe 2015-02-07 14:43:11 79F9311AC6A5009FEF1A5756A0A529D3 381799 ----a-w- C:\ProgramData\Yellow AdBlocker\Yellow AdBlocker.exe 2015-02-07 14:38:14 B8AA392D11793C4F17D85D35D23C0908 1414472 -c--a-w- C:\Users\Louise\AppData\Local\Google\Chrome\User Data\recovery\101.3.26.8\ChromeRecovery.exe 2015-02-05 17:01:29 B8AA392D11793C4F17D85D35D23C0908 1414472 ----a-w- C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\recovery\101.3.26.8\ChromeRecovery.exe === C: other files == 2015-02-07 16:14:13 93A482D58F032B7B85570BDB95A9FCEE 251354 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT\content.zip 2015-02-07 16:14:13 856F22E438C1E3970ED82E41C2B14E0A 569592 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_ORJ-SPE@apn.ask.com.xpi 2015-02-07 16:14:13 5BF9BA2C80D7E7D8679E60890F1415D0 483161 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\common appdata\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx 2015-02-07 16:14:13 5011FBF5352FB73CF0C1BF5724B981C9 563943 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx 2015-02-07 16:12:06 CE38122121C784E6380EF424637DBC3F 14130 -c--a-w- C:\Program Files\Java\jre1.8.0_31\lib\deploy\ffjcext.zip 2015-02-07 16:11:16 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip 2015-02-05 16:39:15 8A084F101E2ADBF09D0B6052298E0BD5 662 ----a-w- C:\Users\Martijn\Desktop\NockOff.bat 2015-02-02 21:03:22 4CE3D20B90718BFF7BB46BAEB9171379 14 ----a-w- C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6GCOM1LH\bol[1].com 2015-02-02 21:01:38 4CE3D20B90718BFF7BB46BAEB9171379 14 ----a-w- C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2RM552FW\bol[2].com ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Louise\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Louise\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "Lightshot"="C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe" "ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Louise\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Louise\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" ==== Startup Folders ====================== 2014-02-25 19:18:04 1143 ----a-w- C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2013 17:59] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\update-S-1-5-21-3738499137-2101096346-1165907778-1003.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [28-11-2014 13:29] C:\Windows\tasks\update-sys.job --a------ C:7C:\ProgramC:FilesC:x86\Skillbrains\Updater\Updater.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Louise-PC-Martijn" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - e82353b7bf0e487db1116a779fa4254ec29882fc8f4f4ec8b99b8d2125929322" [C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\update-S-1-5-21-3738499137-2101096346-1165907778-1003" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe] "C:\Windows\SysNative\tasks\update-sys" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF" [14-12-2013 15:21] ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully HKEY_USERS\S-1-5-21-3738499137-2101096346-1165907778-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3836 folders=657 400149659 bytes) ==== EOF on za 07-02-2015 at 17:31:46,14 ======================