Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by Thomas on zo 19/04/2015 at 11:44:13,55. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Thomas\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19/04/2015 11:45:52 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\DAP deleted successfully C:\PROGRA~2\Nokia deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\Nitro deleted successfully C:\PROGRA~3\Nokia deleted successfully C:\PROGRA~3\SpeedBit deleted successfully C:\Users\Thomas\AppData\Roaming\dlg deleted successfully C:\Users\Thomas\AppData\Roaming\EncryptStick deleted successfully C:\Users\Thomas\AppData\Roaming\QuickScan deleted successfully C:\Users\Thomas\AppData\Local\ms-drivers deleted successfully C:\Users\Thomas\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Thomas\AppData\Local\PackageStaging deleted successfully C:\Users\Thomas\AppData\Local\w6AxfW0HgqzHxCw deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 9.38 (x64 edition) Adobe AIR Adobe Reader XI (11.0.10) Apple Application Support (32-bit) Apple Mobile Device Support Apple Software Update ATK Package Audacity 2.1.0 Auslogics DiskDefrag Bitdefender Internet Security 2015 BitTorrent Bluefish 2.2.7 Bonjour CCleaner CDBurnerXP Contents Corel VideoStudio Pro X6 Dropbox Exact Audio Copy 1.0beta2 FileHippo App Manager FileZilla Client 3.10.3 FormatFactory 3.6.0.0 FreeFileSync 6.15 GeoGebra 5 GIMP 2.8.14 Google Chrome Google Update Helper ICA inSSIDer IPM_VS_Pro IrfanView (remove only) iTunes Java 8 Update 45 (64-bit) Java Auto Updater JMicron Flash Media Controller Driver Malwarebytes Anti-Malware versie 2.1.4.1018 Microsoft Mathematics (64-bit) Microsoft Mathematics Add-In for Word and OneNote Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 Mp3tag v2.66 MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Pixel Ruler Popcorn Time QuickTime 7 Samsung ML-1640 Series Setup Share Share64 SkypeT 7.3 SmartSound Common Data SmartSound Quicktracks 5 Software Updater Spotify SUPERAntiSpyware Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD USB 2.0 VGA UVC WebCam VLC media player VSClassic VSHelp VSPro Winamp Windows Media Encoder 9 Series ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\bdwtxapps.exe C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe C:\Windows\Samsung\PanelMgr\ssmmgr.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\DAP not found C:\PROGRA~2\Nokia not found C:\Program Files (x86)\Popcorn Time deleted C:\Users\Thomas\AppData\Roaming\73F49300-1425671870-81DF-3FDF-BCAEC510C4B2 deleted C:\PROGRA~3\Package Cache deleted C:\Users\Thomas\AppData\Local\73F49300-1425675704-81DF-3FDF-BCAEC510C4B2 deleted C:\Users\Thomas\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted "C:\ProgramData\.tv5" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\PROGRA~2\COMMON~1\Wondershare" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3885 MB CPU Info: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz CPU Speed: 2544,2 MHz Sound Card: Luidsprekers (Conexant SmartAud | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (D: | ) D: HL-DT-STBDDVDRW CT21N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 118,9GB Hard Disks - Free: C: 52,9GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 10/30/09 | _ASUS_ - 6222004 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K52Jc Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Bitdefender Antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Bitdefender Firewall disabled Default Browser: Google Chrome 42.0.2311.90 Internet Explorer Version: 11.0.9600.17728 Google Chrome version: 42.0.2311.90 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-03-21 11:27:05 C10A66189DC8C090E7C84873EDCEBC88 2501368 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Thomas\AppData\Local\Temp ==== 2015-04-19 09:40:39 EB3F8534322D883F4A61274210551662 43008 ----a-w- C:\Users\Thomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tpjif.dll 2015-04-19 09:35:35 EB3F8534322D883F4A61274210551662 43008 ----a-w- C:\Users\Thomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1x_qyx.dll 2015-04-17 13:53:26 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\Thomas\AppData\Local\Temp\jna--1790657756\jna1462595165942324275.dll 2015-04-17 13:53:24 9DA972BD67D04EEE55F3E0C10D5CD5DD 570880 ----a-w- C:\Users\Thomas\AppData\Local\Temp\jogamp_0000\file_cache\jln9025800430430300693\jln9145786112258354827\jogl_desktop.dll 2015-04-17 13:53:24 859A4F810FEAD14E2BD7A39512736FAB 16896 ----a-w- C:\Users\Thomas\AppData\Local\Temp\jogamp_0000\file_cache\jln9025800430430300693\jln9145786112258354827\gluegen-rt.dll 2015-04-17 13:53:24 80895A8CDA38852DB5BB16524A69B3DF 270336 ----a-w- C:\Users\Thomas\AppData\Local\Temp\jogamp_0000\file_cache\jln9025800430430300693\jln9145786112258354827\jogl_mobile.dll 2015-04-17 13:53:24 7B4E0376EEC1C9A126E9578A79462C87 13824 ----a-w- C:\Users\Thomas\AppData\Local\Temp\jogamp_0000\file_cache\jln9025800430430300693\jln9145786112258354827\nativewindow_awt.dll 2015-04-17 13:53:24 52F9DCA8FFF9DDD80D97D90F1C8FAF41 32768 ----a-w- C:\Users\Thomas\AppData\Local\Temp\jogamp_0000\file_cache\jln9025800430430300693\jln9145786112258354827\newt.dll 2015-04-17 13:53:24 4C0DD49F8AA8584280FBD2C77218693E 27136 ----a-w- C:\Users\Thomas\AppData\Local\Temp\jogamp_0000\file_cache\jln9025800430430300693\jln9145786112258354827\nativewindow_win32.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-04-16 15:05:13 AF8B7B22592C5AC6319102D5AED5EF84 178168 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-16 15:05:13 14D380006B9105D2E75033566559C593 792056 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-04-14 20:04:39 374FD87A72F8FEFF75B8AD7BBBF7A7D0 1498872 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-04-14 20:04:39 1663E8E480EDD51FEEFDAF46E3949A9C 749568 ----a-w- C:\WINDOWS\SysWOW64\tdh.dll 2015-04-14 20:04:38 C1A8175D03884045F1D266D3D8B902DC 369152 ----a-w- C:\WINDOWS\SysWOW64\tracerpt.exe 2015-04-14 20:04:38 A2AE5C4AE0E64B39687EBD015293A531 257216 ----a-w- C:\WINDOWS\SysWOW64\sechost.dll 2015-04-14 20:04:31 5E88986E655935B4D68B964A47A9BFB7 208896 ----a-w- C:\WINDOWS\SysWOW64\pku2u.dll 2015-04-14 20:04:28 2F42037DD6F2831332653EB7F35D7E9A 19695616 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-04-14 20:04:26 43A5A38E45F0D4FA02A0CCD51244AA17 4305408 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-04-14 20:04:25 AE8A9FCDC135F681EFE9135929CF4A7B 12825600 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-04-14 20:04:24 C46904F2E9E121A91DDDABB48D7648C3 1888256 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-04-14 20:04:24 77104FDBBD821F2D73338D9370675EF3 2278400 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-04-14 20:04:23 8127C2EE2E287BB3AB7843F9923B62BD 1311232 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-04-14 20:04:23 65296F27564BFA862B12D8E42B11D14E 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2015-04-14 20:04:22 EC442CB6F2D08F4FAA6BA68A23B82383 689152 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-04-14 20:04:22 9DE502561C39D71B174FE24541449F82 664064 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-04-14 20:04:22 7776F3DA2B1AEDC2DA226F726B1E9A01 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-04-14 20:04:22 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\WINDOWS\SysWOW64\ieuinit.inf 2015-04-14 20:04:22 01C2BB4C13E6E0AF50867BCE8EE8A03E 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-04-14 20:03:40 3E8FCF4A26FA1A75AEE64FBDE19A2290 58880 ----a-w- C:\WINDOWS\SysWOW64\clfsw32.dll 2015-04-14 20:03:39 A7964350B8F9E26679225CB897A522A4 124928 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2015-04-14 20:03:39 9C8D7CE66075A93954F3082CD6896F0D 81920 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2015-04-14 20:03:39 307FED3A389198547D6446693E8FEFAA 27136 ----a-w- C:\WINDOWS\SysWOW64\wups.dll 2015-04-14 20:03:39 1F457FACEBEE5F9C3882163FF9A51AFC 721920 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2015-04-14 20:03:39 1DAD87D13FE06EF4ECD873A1DDF445E3 29696 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-04-17 11:44:23 9CD922338DC8C35973D4C88A0D1E21CA 111016 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll 2015-04-16 08:31:07 8D2AC3DA6A1C87CE1A0DE3D5FEE72250 5121864 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT 2015-04-14 20:04:39 9E23ACF90477AA76857130FD01EAE09B 950784 ----a-w- C:\WINDOWS\Sysnative\tdh.dll 2015-04-14 20:04:39 7DB50C244AE8F15D62AD044B84824B69 7476032 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-04-14 20:04:39 18F7A5A02CB66AC3E08B3B5DCD5BDBF4 1733952 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-04-14 20:04:38 DB2A64D1A82226DCEFF4076725BD5577 13312 ----a-w- C:\WINDOWS\Sysnative\wow64cpu.dll 2015-04-14 20:04:38 D2451F8CF7EAA14531E3731C06D6D27E 246272 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2015-04-14 20:04:38 AF4309E729C1943908E1E10DAEE42413 285184 ----a-w- C:\WINDOWS\Sysnative\wow64.dll 2015-04-14 20:04:38 50C5F7952F821EED8253BDC4203DECDB 360480 ----a-w- C:\WINDOWS\Sysnative\sechost.dll 2015-04-14 20:04:38 168ECAC2C72695D6F827050BE5386206 411648 ----a-w- C:\WINDOWS\Sysnative\tracerpt.exe 2015-04-14 20:04:31 31E9837295401C2470027AF7DD75C4D2 259072 ----a-w- C:\WINDOWS\Sysnative\pku2u.dll 2015-04-14 20:04:29 DBC0C4554A8B2A81F68690D30F12C99E 24980480 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-04-14 20:04:26 AA0640B3252BB6E9F90715F79EE77399 6025216 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-04-14 20:04:25 FA10EC0F44A75511D13F9D93184CFC90 14397440 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-04-14 20:04:24 77B35D0FC22A2D2EAC8D07C3F9784DBF 2358784 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-04-14 20:04:24 7571102ACD8A82A55D1657CDF96A1A0E 720384 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2015-04-14 20:04:24 50B2A19B2FBFEFE0FFC537C1BA6C5DD9 2886144 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-04-14 20:04:23 EF1A03145BC0F28BC7604207A4CE29AB 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-04-14 20:04:23 E593E891B374088572AD021431EBC38B 584192 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-04-14 20:04:23 9171D1A18B1185A78BA33FEE884B8912 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-04-14 20:04:23 3C9D34F1F5A2C6867ECC60026F1F6CB7 1548288 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-04-14 20:04:23 3457A873B2246B36F1FF58876841D7FE 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-04-14 20:04:23 2FB7437C878ED672C00C5EC8109411F4 816128 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-04-14 20:04:22 3408F27ABC8B2426481306336F747949 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-04-14 20:04:22 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\WINDOWS\Sysnative\ieuinit.inf 2015-04-14 20:03:40 EFC011253AE4F21DE600907AD9F0263D 75264 ----a-w- C:\WINDOWS\Sysnative\clfsw32.dll 2015-04-14 20:03:39 DDFFE37C690F8D0AB05309C11AE8A740 52224 ----a-w- C:\WINDOWS\Sysnative\wups2.dll 2015-04-14 20:03:39 BF5F10811E8249075D48153E8766184D 35840 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2015-04-14 20:03:39 A6D023786B16C2C6FEC235A69F60A5B2 15360 ----a-w- C:\WINDOWS\Sysnative\wu.upgrade.ps.dll 2015-04-14 20:03:39 A6B426B5502174F2FDC5D2CA174E6B6C 95744 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2015-04-14 20:03:39 A40A005B63E305A0509A69A604659944 133256 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2015-04-14 20:03:39 8DE0A3EC9024DC2AF1DE8BDCE4AEA2C6 2373632 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2015-04-14 20:03:39 5F3D70B19BCAC985DA90F22CA2FF45E4 3678720 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2015-04-14 20:03:39 4C6D7A1AA4EB4DA0382484ECF38040A7 140288 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2015-04-14 20:03:39 49B0AE13918B1456C1EFB284E4DC52D1 408064 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2015-04-14 20:03:39 47C04EEA5C1C3D27744E123F3AF25E57 891392 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2015-04-14 20:03:39 3BAAE060A97C0F9AD48AFE3330B577E5 267264 ----a-w- C:\WINDOWS\Sysnative\WinSetupUI.dll 2015-04-14 20:03:39 35FAB05339F7083611B12ED7143AFA81 200192 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2015-04-14 20:03:39 1EB1732C67D40598222103776F7AF829 66048 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2015-04-11 08:54:13 BC260745D3709703F943980B41E20632 57856 ----a-w- C:\WINDOWS\Sysnative\nmwcdclsX64.dll 2015-04-10 13:52:37 BA93F0E6B27510746864DA8D26DD3852 30720 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2015-04-10 13:52:37 9B8BE8DDC0D9CD6A4D2182196ABE99E2 419328 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2015-04-10 13:52:37 813906D7D0A35CB7158C45E6568FA3DD 227328 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll 2015-04-10 13:52:37 7F6FF3CFCE8A174BA6635FC1617E0F02 957440 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-04-10 13:52:37 1588D38241818380E156613D29C1C303 726528 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2015-04-10 13:52:36 EE5ED8E6998D7E686F614BA8D876829B 192000 ----a-w- C:\WINDOWS\Sysnative\aepic.dll 2015-04-10 13:52:36 1C6716A453FEB8DB6EE7A05E02CF5C6A 769024 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2015-04-10 13:52:36 150416EB645442AB9AF3ECC0AA183A92 1111552 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2015-04-10 13:52:35 9A7A7E45DAED2E8C2816716D8D28236A 780800 ----a-w- C:\WINDOWS\Sysnative\lsm.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-04-14 20:03:40 E87A6D3B8FECD5B93BC0CFBB48C27970 991552 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2015-04-14 20:03:40 8EB7E70C2D348FE2476A2E3F2D585E3D 377152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2015-04-11 09:15:00 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf 2015-04-11 09:04:14 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-04-06 18:45:04 CF12E148C6FC151335B7D7FE03F1C7A2 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-04-06 18:45:04 7FD0FDFB97D80B21195273C4C3810FE1 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-04-06 18:45:04 68C3B11D1ED8C97648BEEFEC37E93E74 107736 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-03-25 14:21:58 1517FBA8213F75ECCD9311DE493DD8C9 1306464 ----a-w- C:\WINDOWS\Sysnative\drivers\avc3.sys 2015-03-25 14:21:56 075AE98458B00E98F3104D777C062032 262544 ----a-w- C:\WINDOWS\Sysnative\drivers\avchv.sys 2015-03-25 14:21:54 397307349A31F530718DAE781825A8EB 82824 ----a-w- C:\WINDOWS\Sysnative\drivers\bdsandbox.sys 2015-03-25 14:21:50 D1A0A4A314FCE6478F2E8C05D8DABC5B 677104 ----a-w- C:\WINDOWS\Sysnative\drivers\avckf.sys 2015-03-21 11:27:43 D296D0F0DB2CD1504F90405603664493 264000 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2015-03-21 11:27:43 9F4DF0043965808973023A9B51A11136 114496 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2015-03-21 11:27:43 1751F6B031ADAC34724511057D2E455D 44024 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2015-03-21 11:27:03 6D3A2565E01B3E4B0F1BEDB0D4B00B3F 1113920 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2015-03-21 11:27:02 42F88B57CAE42FC10059C887B3FCFCEA 97792 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidbth.sys ====== C:\WINDOWS\Tasks ====== 2015-04-19 09:46:29 074CB3971EA932F1C4970AE976359317 5058 ----a-w- C:\WINDOWS\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for THOMAS-PC-Thomas Thomas-PC ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-04-18 11:27:46 -------- d-----w- C:\Program Files\trend micro 2015-04-17 11:42:49 -------- d-----w- C:\Program Files\iTunes 2015-04-17 11:42:49 -------- d-----w- C:\Program Files\iPod 2015-04-11 08:54:31 -------- d-----w- C:\Program Files\DIFX 2015-04-08 09:20:28 -------- d-----w- C:\Program Files\Desktops 2015-04-06 18:45:19 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2015-04-06 18:44:37 -------- d-----w- C:\Program Files\Microsoft Mathematics Add-in ======= C:\PROGRA~2 ===== 2015-04-17 11:44:42 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-04-17 11:42:49 -------- d-----w- C:\PROGRA~2\iTunes 2015-04-16 08:41:02 -------- d-----w- C:\PROGRA~2\MetaGeek 2015-03-21 16:48:53 -------- d-----w- C:\PROGRA~2\COMMON~1\xing shared 2015-03-21 16:48:39 -------- d-----w- C:\PROGRA~2\Real ======= C: ===== ====== C:\Users\Thomas\AppData\Roaming ====== 2015-04-19 09:44:02 -------- d-----w- C:\Users\Thomas\AppData\Local\Diagnostics 2015-04-16 13:14:25 85EDDE556EC5C0A5BAD2478D4C4E8C08 293 ----a-w- C:\Users\Thomas\AppData\Local\618015D5_stp.CIS.part 2015-04-16 13:14:25 -------- d-----w- C:\Users\Thomas\AppData\Local\618015D5_stp 2015-04-16 13:14:25 -------- d-----w- C:\Users\Thomas\AppData\Local\39587C67_stp 2015-04-16 13:14:24 DB324C82EDD57E53053B298AD092E66B 204 ----a-w- C:\Users\Thomas\AppData\Local\39587C67_stp.CIS.part 2015-04-16 13:14:23 AA938919F6A67CEE8C22F1D98C6AE2E9 69441 ----a-w- C:\Users\Thomas\AppData\Local\618015D5_stp.CIS 2015-04-16 13:14:23 83FC375CF199ED35BD27A27F506B831F 385602 ----a-w- C:\Users\Thomas\AppData\Local\39587C67_stp.CIS 2015-04-16 08:41:03 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek 2015-04-12 11:46:22 -------- d-----w- C:\Users\Thomas\AppData\Local\Spotify 2015-04-12 11:45:48 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Spotify 2015-04-12 10:25:19 -------- d-----w- C:\Users\Thomas\AppData\Local\NokiaAccount 2015-04-11 08:55:03 -------- d-----w- C:\Users\Thomas\AppData\Local\Nokia 2015-04-11 08:55:02 -------- d-----w- C:\Users\Thomas\AppData\Roaming\PC Suite 2015-04-10 09:29:24 -------- d-----w- C:\Users\Thomas\AppData\Roaming\GeoGebra 5.0 2015-04-08 12:01:07 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Nitro 2015-04-08 12:00:44 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Downloaded Installations 2015-04-07 17:46:59 -------- d-----w- C:\Users\Thomas\AppData\Local\Facebook 2015-04-07 17:11:37 7AE557CD78D646A76A48EACC7704CDDC 11509 ----a-w- C:\Users\Thomas\AppData\Local\recently-used.xbel 2015-04-07 15:15:24 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2015-04-07 15:14:33 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2015-04-07 08:52:47 -------- d-----w- C:\Users\Thomas\AppData\Local\ContentManager 2015-04-07 08:52:46 -------- d-----w- C:\Users\Thomas\AppData\Local\BeckerContentManager 2015-04-07 08:44:02 -------- d-----w- C:\Users\Thomas\AppData\Roaming\unav 2015-04-06 18:02:51 F5C6D4D3E5BAA94CB9F4B663CD90094F 38 --sh--w- C:\Users\Thomas\AppData\Local\69ff07055291669bb2b218.72821112 2015-04-06 18:02:49 -------- d-----w- C:\Users\Thomas\AppData\Local\MetaGeek,_LLC 2015-03-21 16:48:22 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Real ====== C:\Users\Thomas ====== 2015-04-17 11:43:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-04-17 11:42:49 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-04-16 13:14:49 -------- d-----w- C:\Users\Thomas\.thumb 2015-04-11 08:55:02 -------- d-----w- C:\ProgramData\PC Suite 2015-04-11 08:53:47 -------- d-----w- C:\ProgramData\NokiaInstallerCache 2015-04-08 12:00:49 -------- d-----w- C:\ProgramData\Nitro 2015-04-06 18:45:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-03-26 16:19:56 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2015-03-21 16:47:05 -------- d-----w- C:\ProgramData\Real ====== C: exe-files == 2015-04-18 11:27:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Thomas.exe 2015-04-17 11:44:23 84A8EB74BE8562F6C635F2333FE08E8C 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-04-17 11:44:23 7ED9FC5743D42EFA8D2265A868EC98F5 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-04-17 11:44:23 03F3CC162812BD1F007FD5A9601C5C20 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-04-17 11:43:45 F20D09EECDD420E8DA72DECF1D3EC7C3 16808 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-04-17 11:43:45 E94688906AAEBF41D1CFA933F3A2359A 34216 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-04-17 11:43:45 E4035085164887C82AD4FE42C8E651D1 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-04-17 11:43:45 E37F13789B1A4A07F1899AD26F9F3A49 16808 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-04-17 11:43:45 DF8FC30233F3DB1BA5A7448BF089D781 15784 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-04-17 11:43:45 D3687FBDA125FE3A3D850C47D8F12EEC 197544 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-04-17 11:43:45 CF05CC9FFD3AF5CF9158EDD1E7648348 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-04-17 11:43:45 C9A0BAB4D629B048C84DC276EAEEE16A 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-04-17 11:43:45 C053E710928A2F84AE7ED657A0D3B06C 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-04-17 11:43:45 A23356A87A3533AB88084FE82DC7CB95 66472 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-04-17 11:43:45 9C3CFD3363A002030890900E37B91B27 15784 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-04-17 11:43:45 978753D4042800BBEDA7D857FE3CE1FA 16808 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-04-17 11:43:45 84A8EB74BE8562F6C635F2333FE08E8C 207272 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-04-17 11:43:45 83CAAA533B706C6F663598CD4BC35218 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-04-17 11:43:45 7ED9FC5743D42EFA8D2265A868EC98F5 206760 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-04-17 11:43:45 6F0C3490CBDFD619A0EED88C781D8679 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-04-17 11:43:45 693376C701A467C659AB4080931FCAA8 15784 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-04-17 11:43:45 35263D0520F07865CDE935D59C1B925B 16296 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-04-17 11:43:45 236E1297BD2B2FA9F5E42B411F8896C9 99752 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-04-17 11:43:45 0684B0B564F8C696D72C52602CA5AC5E 77224 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-04-17 11:43:45 03F3CC162812BD1F007FD5A9601C5C20 319912 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-04-17 11:35:23 95D07734297EC0F78D43DF21490EF304 43159464 ----a-w- C:\Users\Thomas\Documents\Schijf\jre-8u45-windows-x64.exe 2015-04-17 11:35:19 B619EC20BCA3701F322010AF0826CA47 121283888 ----a-w- C:\Users\Thomas\Documents\Schijf\itunes64setup.exe 2015-04-17 11:35:10 B8C997E772BE343E1664FEE14C1FB9B7 28849904 ----a-w- C:\Users\Thomas\Documents\Schijf\vlc-2.2.1-win32.exe 2015-04-17 11:29:35 C581EE6EED7BC92A0826C366155DBE1A 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2015-04-17 11:29:35 A2A21CBB4761FC455D5509591C34CA80 96768 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2015-04-17 11:29:35 8E36C30AA3A112A756424A7E70FC27E6 130208 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2015-04-17 11:29:35 5B80D671D6257ED14705639ECC339E55 54432 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2015-04-17 11:29:35 5B80D671D6257ED14705639ECC339E55 54432 ----a-w- C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe 2015-04-17 11:26:29 F07B83D22A9F2784272C27AE4F1F50BA 29833438 ----a-w- C:\Users\Thomas\Documents\Schijf\vlc-2.2.1-win64.exe 2015-04-17 11:25:38 192646403FE0A97BD601EE817E7238C9 12004384 ----a-w- C:\Users\Thomas\Documents\Schijf\FreeFileSync_6.15_Windows_Setup.exe 2015-04-17 11:25:37 1760333B2A6C2D160F0122DD95A35755 17722392 ----a-w- C:\Users\Thomas\Documents\Schijf\AdobeAIRInstaller.exe 2015-04-16 15:05:13 14D380006B9105D2E75033566559C593 792056 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-16 14:15:12 AE9CAA49FA4A59A70ED3E4912BF96547 133139 ----a-w- C:\Program Files\VideoLAN\VLC\vlc.exe 2015-04-16 14:15:12 1E6889BD53E5E51D17280DEBF6B4D51D 120851 ----a-w- C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe 2015-04-16 09:09:22 0D423A0CBEC984F3C08354C72E999FB1 11017296 ----a-w- C:\Program Files (x86)\Google\Update\Install\{0197DDC6-8A53-42E7-B904-CAD6627FC825}\42.0.2311.90_41.0.2272.118_chrome_updater.exe 2015-04-16 09:09:22 0D423A0CBEC984F3C08354C72E999FB1 11017296 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.90\42.0.2311.90_41.0.2272.118_chrome_updater.exe 2015-04-16 08:41:03 A3558BE4E9FF59CC497E68CE26CB9A2F 45126 ----a-r- C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{65A5E87D-7A3F-4819-807D-B86990D5F369}\_FD15B99E6CE000CD03B943.exe 2015-04-16 08:41:03 A3558BE4E9FF59CC497E68CE26CB9A2F 45126 ----a-r- C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{65A5E87D-7A3F-4819-807D-B86990D5F369}\_853F67D554F05449430E7E.exe 2015-04-16 08:41:03 A3558BE4E9FF59CC497E68CE26CB9A2F 45126 ----a-r- C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{65A5E87D-7A3F-4819-807D-B86990D5F369}\_31C4DF10F97CAD109B0094.exe 2015-04-14 20:04:39 7DB50C244AE8F15D62AD044B84824B69 7476032 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-04-14 20:04:38 C1A8175D03884045F1D266D3D8B902DC 369152 ----a-w- C:\Windows\SysWOW64\tracerpt.exe 2015-04-14 20:04:38 168ECAC2C72695D6F827050BE5386206 411648 ----a-w- C:\Windows\System32\tracerpt.exe 2015-04-14 20:04:24 7571102ACD8A82A55D1657CDF96A1A0E 720384 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-04-14 20:03:39 BF5F10811E8249075D48153E8766184D 35840 ----a-w- C:\Windows\System32\wuapp.exe 2015-04-14 20:03:39 A40A005B63E305A0509A69A604659944 133256 ----a-w- C:\Windows\System32\wuauclt.exe 2015-04-14 20:03:39 1DAD87D13FE06EF4ECD873A1DDF445E3 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-04-12 11:46:21 E74BF46DE94E62FA01C61EF084F7A7DD 2018360 ----a-w- C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe 2015-04-12 11:46:21 736DAAB0BF7A62B013BD196D3B4D2BF3 124472 ----a-w- C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyLauncher.exe 2015-04-12 11:46:21 4D23BC37D675B0473E47A9672D2A0938 762424 ----a-w- C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyCrashService.exe 2015-04-12 11:46:21 37B7C7905ADEADA0A3DEB48BEA4ADFF1 73272 ----a-w- C:\Users\Thomas\AppData\Roaming\Spotify\wow_helper.exe 2015-04-12 11:46:20 C6D47B4367DFCE8480F58E9B28D4C782 7112248 ----a-w- C:\Users\Thomas\AppData\Roaming\Spotify\Spotify.exe === C: other files == 2015-04-17 11:43:45 547213453B9C592F74696B1FF4511924 14130 ----a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-04-14 20:03:40 E87A6D3B8FECD5B93BC0CFBB48C27970 991552 ----a-w- C:\Windows\System32\drivers\http.sys 2015-04-14 20:03:40 8EB7E70C2D348FE2476A2E3F2D585E3D 377152 ----a-w- C:\Windows\System32\drivers\clfs.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2558456911-1305783638-1310814958-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "Samsung PanelMgr"="C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" ==== Startup Folders ====================== 2015-04-06 18:45:49 1150 ----a-w- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\WINDOWS\SysNative\tasks\Abelssoft\CheckDriveBackgroundGuard" [C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "bdwteff@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff" [31/10/2014 08:47] ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.90 (Possible outdated, latest Stable version: 41.0.2272.118) [z-db] HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fabcmochhfpldjekobfaaggijgohadih - No path found[] selector is not a valid CSS selector - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Bitdefender Wallet - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih Bookmark Manager - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Google Wallet - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda undetermined - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\Config.json ==== Chromium Startpages ====================== C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.be/", "startup_urls": [ "https://www.google.be/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFF_nlBE627" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" O4 - Startup: Dropbox.lnk = C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Thomas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Thomas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Thomas\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Thomas\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2097 folders=370 214253501 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Thomas\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Thomas\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 19/04/2015 at 12:14:15,48 ======================