
Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by Wouter on za 25/04/2015 at 14:48:39,54.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wouter\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

25/04/2015 14:53:18 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Does Amazon Ship to deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\CanonEPP deleted successfully
C:\PROGRA~2\CanonIJEPPEX2 deleted successfully
C:\PROGRA~2\Easybits GO deleted successfully
C:\PROGRA~2\NexttCoUp deleted successfully
C:\PROGRA~2\pricecchOp deleted successfully
C:\Users\Wouter\AppData\Roaming\EurekaLog deleted successfully
C:\Users\Wouter\AppData\Roaming\GameXN deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FA4DE819-A31A-47D0-9E4E-75DFCDBC7595} deleted successfully
HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17337b45-2181-4927-92bf-f7a68ad0f8b4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{17337b45-2181-4927-92bf-f7a68ad0f8b4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17337b45-2181-4927-92bf-f7a68ad0f8b4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2597f713-6b74-4ca7-a489-1abc0823ffa4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{2597f713-6b74-4ca7-a489-1abc0823ffa4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2597f713-6b74-4ca7-a489-1abc0823ffa4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44aae15a-4322-43a0-9330-29864c9241d7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{44aae15a-4322-43a0-9330-29864c9241d7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44aae15a-4322-43a0-9330-29864c9241d7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7149ae3-1418-4373-969c-9a7057be70fa} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{a7149ae3-1418-4373-969c-9a7057be70fa} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a7149ae3-1418-4373-969c-9a7057be70fa} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fad7716b-3859-4146-ae38-d5683c8726bd} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{fad7716b-3859-4146-ae38-d5683c8726bd} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fad7716b-3859-4146-ae38-d5683c8726bd} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully
HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{1392b8d2-5c05-419f-a8f6-b9f15a596612} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Launch Manager\WisLMSvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Users\Wouter\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Wouter\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Wouter\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Wouter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Wouter\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Wouter\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\f3cb6cf9 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\f3cb6cf9 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17337b45-2181-4927-92bf-f7a68ad0f8b4}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2597f713-6b74-4ca7-a489-1abc0823ffa4}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44aae15a-4322-43a0-9330-29864c9241d7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a7149ae3-1418-4373-969c-9a7057be70fa}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fad7716b-3859-4146-ae38-d5683c8726bd}] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Program Files\Does Amazon Ship to not found
C:\Program Files\Does Amazon Ship to not found
C:\Users\Wouter\AppData\Roaming\EurekaLog not found
C:\Program Files\AllCheapPRice deleted
C:\Program Files\DiscounTExTenSi deleted
C:\Program Files\HapPy2Save deleted
C:\Program Files\MiennimumPPrice deleted
C:\Program Files\SaaVeLots deleted
C:\Program Files\UniDeeaLLsi deleted
C:\Program Files\youtubeadblocker deleted
C:\Program Files\AVG Web TuneUp deleted
C:\Program Files\LighterEdit deleted
C:\Program Files\BItSaver deleted
C:\Program Files\IE Tab Seamless deleted
C:\Program Files\Image Toolbar beta deleted
C:\Program Files\ReGularDeals deleted
C:\ProgramData\{fd33fdf1-051a-c0bc-fd33-3fdf1051f7c4} deleted
C:\ProgramData\17309206868713796385 deleted
C:\ProgramData\{be1b404f-226f-b35b-be1b-b404f226013c} deleted
C:\ProgramData\{2a70963c-8113-30ec-2a70-0963c81158f2} deleted
C:\Windows\system32\appdata deleted
C:\Users\Wouter\appdata\locallow\Freecorder deleted
C:\Users\Wouter\AppData\LocalLow\{6D56024B-70AE-B491-415C-04AE798DEABC} deleted
C:\Users\Wouter\AppData\LocalLow\Conduit deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Freecorder deleted
C:\PROGRA~2\NeXtCoup deleted
C:\Program Files\SopCast deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Wouter\AppData\Roaming\appdataFr3.bin deleted
C:\PROGRA~2\Ask deleted
C:\PROGRA~2\AVG Security Toolbar deleted
C:\PROGRA~2\Trusted Publisher deleted
C:\PROGRA~2\Supreme AdBlocker deleted
C:\Users\Wouter\AppData\LocalLow\{256A2A91-688D-193A-5710-DAE10DF0F774} deleted
C:\Users\Wouter\AppData\LocalLow\{B6CB423A-B5E0-9C58-DB26-5E630014ADE7} deleted
C:\Users\Wouter\AppData\LocalLow\PriceGong deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
"C:\PROGRA~2\f036a7f0616ff321\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140729211406" deleted
"C:\PROGRA~2\f036a7f0616ff321\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140729211947" deleted
"C:\PROGRA~2\f036a7f0616ff321\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}.20140729212002" deleted
"C:\PROGRA~2\f036a7f0616ff321\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140721221157" deleted
"C:\PROGRA~2\f036a7f0616ff321\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140721221208" deleted
"C:\PROGRA~2\f036a7f0616ff321\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140729211347" deleted
"C:\PROGRA~2\f036a7f0616ff321\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140729211408" deleted
"C:\Program Files\Freecorder\FLVSrvc.exe" deleted
"C:\Program Files\Freecorder\FLVSrvc.exe" deleted
"C:\Program Files\Freecorder\FLVSrvc.exe" deleted
"C:\PROGRA~2\f036a7f0616ff321" deleted
"C:\Program Files\Freecorder" deleted
"C:\Program Files\Freecorder" deleted
"C:\Program Files\Freecorder" deleted
"C:\Users\Wouter\AppData\Local\Conduit" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3511 MB
CPU Info: Intel(R) Core(TM) i3 CPU       M 330  @ 2.13GHz
CPU Speed: 2129.2 MHz
Sound Card: Speakers (Realtek High Definiti | 
Realtek Digital Output (Realtek | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-S083C
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  424.7GB | D:  40.0GB
Hard Disks - Free: C:  209.6GB | D:  21.8GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/01/10 | MEDION - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: MEDION          E6214
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)
Internet Explorer Version: 11.0.9600.17728 
Google Chrome version: 39.0.2171.99
Adobe Reader version: 9.5.5.316
Sun Java version: 1.8.0_45 (32-bit) 
Flash Player version: 15.0.0.223

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Wouter\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2015-04-15 06:59:45	E51E2C5EED4CE667D2CF06E56AC6FF1C	896000	----a-w-	C:\Windows\System32\aeinv.dll
2015-04-15 06:59:45	98F09936B1C397987268D6F2F3D869DB	26112	----a-w-	C:\Windows\System32\acmigration.dll
2015-04-15 06:59:45	76F800C6046B439799C3A4120A0B398A	576000	----a-w-	C:\Windows\System32\generaltel.dll
2015-04-15 06:59:45	5F823C55FB9761F1236AF48DFF630353	860160	----a-w-	C:\Windows\System32\appraiser.dll
2015-04-15 06:59:44	90D6FA9DB9502FC992D260DE4CB944C7	331264	----a-w-	C:\Windows\System32\devinv.dll
2015-04-15 06:59:44	87D7FF1217B32CD069DAF079686F43AE	630784	----a-w-	C:\Windows\System32\invagent.dll
2015-04-15 06:59:43	EF63EDC07D444AC4B6E88CA6E2841737	159744	----a-w-	C:\Windows\System32\aepic.dll
2015-04-15 06:59:43	D824C1C235349B67E652A5CA70D1AA49	58880	----a-w-	C:\Windows\System32\clfsw32.dll
2015-04-15 06:59:43	896850F7D6E6E95DC5BE0F192E05CD0E	202752	----a-w-	C:\Windows\System32\aepdu.dll
2015-04-15 06:59:43	33A60554882FDF59CDA3E1806370BBA1	249784	----a-w-	C:\Windows\System32\clfs.sys
2015-04-15 06:59:41	2E5F8CB2EDB36F404D0111471D934B70	1306112	----a-w-	C:\Windows\System32\ntdll.dll
2015-04-15 06:59:41	11896E75E1A118ABFAD126BEB650A189	3920824	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-04-15 06:59:39	A6A644BFAE31F111F35F8C3C7BA2A8A0	3976632	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-04-15 06:59:38	FFE76FCFE98544EAD36591569E6E31AD	15872	----a-w-	C:\Windows\System32\sspisrv.dll
2015-04-15 06:59:38	DB7CFA08957C94F6CFAA0DBB8BE4B906	550912	----a-w-	C:\Windows\System32\kerberos.dll
2015-04-15 06:59:38	CC1253300191D95BD97DFAFEFF2DF448	1061376	----a-w-	C:\Windows\System32\lsasrv.dll
2015-04-15 06:59:38	C557EB6CD735B4EE5076EA289B02CEAC	6656	----a-w-	C:\Windows\System32\apisetschema.dll
2015-04-15 06:59:38	BC09159AFF6639DB2CB28058731199F0	248832	----a-w-	C:\Windows\System32\schannel.dll
2015-04-15 06:59:38	B68B44D003D3FF5E245F6B3761496082	38912	----a-w-	C:\Windows\System32\csrsrv.dll
2015-04-15 06:59:38	A169307F0105183092F2AEDA9A8BD15D	43008	----a-w-	C:\Windows\System32\srclient.dll
2015-04-15 06:59:38	A057B61F8A553F6DA38563597FA3676B	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2015-04-15 06:59:38	981CE3E3A653511799F4A862494B66A8	22528	----a-w-	C:\Windows\System32\lsass.exe
2015-04-15 06:59:38	6F8CEB8115737D2E049804B191AE41A9	50176	----a-w-	C:\Windows\System32\auditpol.exe
2015-04-15 06:59:38	6A9FFEF19C4F8F2E9082A50BB07ECDF1	22016	----a-w-	C:\Windows\System32\secur32.dll
2015-04-15 06:59:38	655C88135254C78E6FB66B6C2F6AC5DA	172032	----a-w-	C:\Windows\System32\wdigest.dll
2015-04-15 06:59:38	56977F27A96383E2A6C8BACEFC17E9CA	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2015-04-15 06:59:38	485436C2A90318218777401FB973558C	69632	----a-w-	C:\Windows\System32\smss.exe
2015-04-15 06:59:38	47A1F23EE40C2389FCD53E9D5CEA3430	17408	----a-w-	C:\Windows\System32\credssp.dll
2015-04-15 06:59:38	4611A40E1A94E6EBE9885EA609F3D13E	400896	----a-w-	C:\Windows\System32\srcore.dll
2015-04-15 06:59:38	2DE438AE95C59FB33B3E4E34827C1100	221184	----a-w-	C:\Windows\System32\ncrypt.dll
2015-04-15 06:59:38	10214DD52E67433BEF72E1D75AE0F32F	100352	----a-w-	C:\Windows\System32\sspicli.dll
2015-04-15 06:59:38	0C01746013943D7E7EE86B920ADFB50D	262656	----a-w-	C:\Windows\System32\rstrui.exe
2015-04-15 06:59:37	C0693456929F40833B9CC36C9CF7E3A8	146432	----a-w-	C:\Windows\System32\msaudite.dll
2015-04-15 06:59:37	4B21D227B191A6305087BDD6BB19220F	60416	----a-w-	C:\Windows\System32\msobjs.dll
2015-04-15 06:59:37	2E0F849B7BF17969E45881FA4EB9B487	686080	----a-w-	C:\Windows\System32\adtschema.dll
2015-04-15 06:59:29	9A2B138118A27A2EB3FE71EDB55ED142	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-04-15 06:59:29	92CF8BC1B198C01CDC55A1A91E510700	60416	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-04-15 06:59:29	8CD57250F538CFFA0D5DCA9773AEDCAB	47616	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2015-04-15 06:59:29	172D2960EF38795D2819A35268672F3D	305152	----a-w-	C:\Windows\System32\gdi32.dll
2015-04-15 06:59:28	EEC060949BC1863A30F72EB28D2C1E2F	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-04-15 06:59:28	D9E187C07D2E847B38A07EEDD4CC7967	685568	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-04-15 06:59:28	BA897AB3BC3DBC25829946EBA487496C	30720	----a-w-	C:\Windows\System32\iernonce.dll
2015-04-15 06:59:28	B7BFB7C2970DF5E779FF729C037BD8E4	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-04-15 06:59:28	89CACDF654626F1948BF6C19A6D610BE	342704	----a-w-	C:\Windows\System32\iedkcs32.dll
2015-04-15 06:59:28	8127C2EE2E287BB3AB7843F9923B62BD	1311232	----a-w-	C:\Windows\System32\urlmon.dll
2015-04-15 06:59:28	1DFA1B4968C4E9E23CD6E68AF9CC063F	47104	----a-w-	C:\Windows\System32\jsproxy.dll
2015-04-15 06:59:27	EC442CB6F2D08F4FAA6BA68A23B82383	689152	----a-w-	C:\Windows\System32\msfeeds.dll
2015-04-15 06:59:27	CA4F96D21BEF43DE9407210CFF76FCEA	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2015-04-15 06:59:27	A305BEDA0CD8304102BFBBA0EB2A48CA	620032	----a-w-	C:\Windows\System32\jscript9diag.dll
2015-04-15 06:59:27	2B5DD86A4B6E92E5A79C479C0652E727	418304	----a-w-	C:\Windows\System32\dxtmsft.dll
2015-04-15 06:59:27	01C2BB4C13E6E0AF50867BCE8EE8A03E	710144	----a-w-	C:\Windows\System32\ieapfltr.dll
2015-04-15 06:59:26	8E30C9B4E16C23211F1DD02B517E4FA8	62464	----a-w-	C:\Windows\System32\iesetup.dll
2015-04-15 06:59:26	8A083313C1F7F50098D1D4F2FC092BD1	2052608	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-04-15 06:59:26	2396395B6F563158BEC2E0526D7F6CD2	168960	----a-w-	C:\Windows\System32\msrating.dll
2015-04-15 06:59:24	C46904F2E9E121A91DDDABB48D7648C3	1888256	----a-w-	C:\Windows\System32\wininet.dll
2015-04-15 06:59:24	2CBD6D22499EB13A2666F62EF33D00E2	16303	----a-w-	C:\Windows\System32\ieuinit.inf
2015-04-15 06:59:24	0A5B7C0B5A754BBACD53DFFA53A0E47B	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2015-04-15 06:59:23	CD91FE4F2718A88FC1C9C9C2E73EABB2	285696	----a-w-	C:\Windows\System32\dxtrans.dll
2015-04-15 06:59:23	94D64C343FE6341430A4C61BC490FEBF	478208	----a-w-	C:\Windows\System32\ieui.dll
2015-04-15 06:59:22	AE8A9FCDC135F681EFE9135929CF4A7B	12825600	----a-w-	C:\Windows\System32\ieframe.dll
2015-04-15 06:59:21	D730BA653F9F95EC044F6636E6E45905	76288	----a-w-	C:\Windows\System32\mshtmled.dll
2015-04-15 06:59:21	B55293D48979DADE6049944C252A3BDB	340992	----a-w-	C:\Windows\System32\html.iec
2015-04-15 06:59:20	DC155C2C14DC69EA400020CF92895873	64000	----a-w-	C:\Windows\System32\MshtmlDac.dll
2015-04-15 06:59:20	BDE9AA78B575CDA7C946A725926021F7	1155072	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2015-04-15 06:59:19	77104FDBBD821F2D73338D9370675EF3	2278400	----a-w-	C:\Windows\System32\iertutil.dll
2015-04-15 06:59:18	2F42037DD6F2831332653EB7F35D7E9A	19695616	----a-w-	C:\Windows\System32\mshtml.dll
2015-04-15 06:59:17	7776F3DA2B1AEDC2DA226F726B1E9A01	503296	----a-w-	C:\Windows\System32\vbscript.dll
2015-04-15 06:59:17	43A5A38E45F0D4FA02A0CCD51244AA17	4305408	----a-w-	C:\Windows\System32\jscript9.dll
2015-04-15 06:58:59	E981C27FA6C2F45C135DB4AF78D6FE1F	92672	----a-w-	C:\Windows\System32\wudriver.dll
2015-04-15 06:58:59	CFF96E0CE6F81F5968A6D61786642855	131584	----a-w-	C:\Windows\System32\wuauclt.exe
2015-04-15 06:58:59	C7E498E41D92CF8C2EAED9995781A7F7	29696	----a-w-	C:\Windows\System32\wups.dll
2015-04-15 06:58:59	9D68CE45935C439D5082ECB56902124D	566784	----a-w-	C:\Windows\System32\wuapi.dll
2015-04-15 06:58:59	7E5C454A3F986FEBAD075DB8D915917E	2020864	----a-w-	C:\Windows\System32\wuaueng.dll
2015-04-15 06:58:59	751C4859FD46A1461B3FB57252F541D8	33792	----a-w-	C:\Windows\System32\wuapp.exe
2015-04-15 06:58:59	3096CA2455ECDEF83A90F2384BD305D3	3088384	----a-w-	C:\Windows\System32\wucltux.dll
2015-04-15 06:58:59	131BDD454DD1AA5BF732886DA6A3B0FA	11776	----a-w-	C:\Windows\System32\wu.upgrade.ps.dll
2015-04-15 06:58:59	124FD729FB2B621EB32E9B34B8D49A34	50176	----a-w-	C:\Windows\System32\WinSetupUI.dll
2015-04-15 06:58:59	0430D8CE2C251BAD25CF809CEA3D2153	35328	----a-w-	C:\Windows\System32\wups2.dll
2015-04-15 06:58:59	031C03C9639CE0D294695968C68A5775	173056	----a-w-	C:\Windows\System32\wuwebv.dll
2015-04-15 06:58:57	DA5B856A037872BE089CA6967C7050C5	1237504	----a-w-	C:\Windows\System32\msxml3.dll
2015-04-15 06:58:57	78492CF3C3697FB5AF4EAABB2BAF8595	2048	----a-w-	C:\Windows\System32\msxml3r.dll
====== C:\Windows\system32\drivers =====
2015-04-15 06:59:38	D800E1EAF33630A1636BB21E8256AA92	137656	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-04-15 06:59:38	746F89CE0C6569C589E6AC4D3DA82D41	67512	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-04-15 06:58:57	487569E5DA56A5A432FF8AF6D3599CF9	514560	----a-w-	C:\Windows\System32\drivers\http.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-25 12:44:43	--------	d-----w-	C:\Program Files\Common Files\Java
2015-04-14 09:13:05	--------	d-----w-	C:\Program Files\trend micro
======= C: =====
====== C:\Users\Wouter\AppData\Roaming ======
====== C:\Users\Wouter ======
2015-04-25 12:40:05	E36FFBEB75C06440A1678D4DE5218860	561576	----a-w-	C:\Users\Wouter\Downloads\chromeinstall-8u45.exe

====== C: exe-files ==
2015-04-25 12:43:25	6045943DD4B9731735DB0774B25AE114	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-04-25 12:43:25	6045943DD4B9731735DB0774B25AE114	0	----a-we	C:\Backup My Data\All Users\Oracle\Java\javapath\javaw.exe
2015-04-25 12:43:25	12F3D9FC2D1D68BB1C9AF782F94E4CF8	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-04-25 12:43:25	12F3D9FC2D1D68BB1C9AF782F94E4CF8	0	----a-we	C:\Backup My Data\All Users\Oracle\Java\javapath\javaws.exe
2015-04-25 12:43:24	B175AD07294EB83FD12947B47B009D66	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-04-25 12:43:24	B175AD07294EB83FD12947B47B009D66	0	----a-we	C:\Backup My Data\All Users\Oracle\Java\javapath\java.exe
2015-04-25 12:43:00	F65FA872AB42C3F0DBDDE26DF9609F5C	159656	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe
2015-04-25 12:42:59	EEF1E60EE8CD91EB27B465DF7D97D747	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-04-25 12:42:59	D7168BCC2877E533EB32E0E00DCEEAE6	51112	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe
2015-04-25 12:42:59	B406B32BDFDE96384C5F0A93D0090403	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe
2015-04-25 12:42:59	B2ED82B1A6ACCED29498BB9BA43D430F	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe
2015-04-25 12:42:59	6EE11615820FCCBC8879FD86DD033515	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe
2015-04-25 12:42:58	E830232219E9156AF3E7F0ACB1B85FC8	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe
2015-04-25 12:42:58	BDFE80354D388518D8C4E71F2734796D	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe
2015-04-25 12:42:58	9A78F5C33E24C55B7025416C79658759	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe
2015-04-25 12:42:58	90D8F0F8665DFE0F5616902F8A0E8561	76712	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-04-25 12:42:58	7AEB4F5D482E1167E1FE9A726584BCD6	68520	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
2015-04-25 12:42:58	6045943DD4B9731735DB0774B25AE114	191400	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe
2015-04-25 12:42:58	57631CADE6FE87A131913D6241A5343A	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe
2015-04-25 12:42:58	3C07B66A8BB9F028DC8EB87F84915DF0	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe
2015-04-25 12:42:58	33EF14CDCDD35CB53D3C3FCB3C2819CC	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe
2015-04-25 12:42:58	12F3D9FC2D1D68BB1C9AF782F94E4CF8	272296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe
2015-04-25 12:42:58	11EEA5DB4A0B073867E3DCBCDBF12118	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\klist.exe
2015-04-25 12:42:58	01E2DB324E5D3C31D1C31D7E3B9748CF	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe
2015-04-25 12:42:57	EECA4389069973E098AC4A167D58DC47	30632	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe
2015-04-25 12:42:57	C885370364208460FD31001113F2B2A2	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe
2015-04-25 12:42:57	B175AD07294EB83FD12947B47B009D66	190888	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\java.exe
2015-04-21 07:43:43	74EF7C99211EC2312B37ACD17A32ED1D	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1212222149-2359288067-2411751224-1000\$IV2RO46.exe
=== C: other files ==
2015-04-25 12:43:01	34AD992DE8D6023490DB5C9017FAE6E8	14130	----a-w-	C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip
2015-04-21 19:03:58	A28D4516A02BDF6A133A5D916F9CAB6C	84	---ha-w-	C:\Program Files\Common Files\X10\Common\x10prod.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1212222149-2359288067-2411751224-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"Spotify Web Helper"="C:\Users\Wouter\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"GameXN GO"="C:\ProgramData\GameXN\GameXNGO.exe /startup"
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Spotify"="C:\Users\Wouter\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe"
"LMgrVolOSD"="C:\Program Files\Launch Manager\OSD.exe"
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 "
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"Freecorder FLV Service"="C:\Program Files\Freecorder\FLVSrvc.exe /run"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"Spotify Web Helper"="C:\Users\Wouter\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"GameXN GO"="C:\ProgramData\GameXN\GameXNGO.exe /startup"
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Spotify"="C:\Users\Wouter\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~1\\pc_boo~1\\assist~1.dll"

==== Startup Folders ======================

2011-04-04 09:46:37	1288	----a-w-	C:\Users\Wouter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26/11/2014 16:55]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/11/2014 12:57]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/11/2014 12:57]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212222149-2359288067-2411751224-1000Core.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212222149-2359288067-2411751224-1000UA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1212222149-2359288067-2411751224-1000Core" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1212222149-2359288067-2411751224-1000UA" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\{45BBD58F-3614-4A6E-8FB6-37273ADC6C1E}" ["c:\users\wouter\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\system32\tasks\{A425982F-FF63-4A79-97AA-E1A8CEDC87FD}" ["c:\users\wouter\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\system32\tasks\{D2B045AD-B83B-4916-80C8-AB62BA9A4779}" [C:\Program Files\Skype\\Phone\Skype.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [03/09/2012 17:11]

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Gast\AppData\Local\Torch deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Gast\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Wouter\AppData\Local\Torch deleted
Fake profile C:\Users\Wouter\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Wouter\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Wouter\AppData\Local\Chromatic Browser deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.99 (Possible outdated, latest Stable version: 42.0.2311.90) [z-db]

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 15:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Wouter\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[06/08/2014 20:16]

Google Drive - Wouter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Wouter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Wouter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Wouter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Wouter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://search.gboxapp.com/",
"startup_urls": [ "http://www.google.be/" ],


==== Chromium Fix ======================

C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage-journal deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.gboxapp.com/"
"Default_Page_URL"="http://www.aldi.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.gboxapp.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{B1E17818-AF25-4F6D-A301-A3DEB43AA53E}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{B1E17818-AF25-4F6D-A301-A3DEB43AA53E} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox"

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5876ba90-c073-4f93-87e4-d9834d995a60} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{5876ba90-c073-4f93-87e4-d9834d995a60} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5876ba90-c073-4f93-87e4-d9834d995a60} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f3cb6cf9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{32148148} deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5A1D3F9E-73B5-95EC-1233-6646E1358965} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder5.11 deleted successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Wouter\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify] "C:\Users\Wouter\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\pc_boo~1\assist~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=542 folders=136 62453419 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Wouter\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Wouter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Wouter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QNPKHJC9\a248.e.akamai.net"  not found
"C:\Users\Wouter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QNPKHJC9\pervclips.com"  not found
"C:\Users\Wouter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QNPKHJC9\www.alphaporno.com"  not found
"C:\Users\Wouter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QNPKHJC9\www.flickr.com"  not found
"C:\Users\Wouter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QNPKHJC9\www.ikea.com"  not found

==== EOF on za 25/04/2015 at 18:42:39,65 ======================