Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Leon on ma 10-08-2015 at 21:56:56,35. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leon.LEONAALBURG1\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-08-06-213457.log 131884 bytes C:\zoek-results2015-08-08-204805.log 49644 bytes ==== Empty Folders Check ====================== C:\Users\Leon.LEONAALBURG1\AppData\Roaming\DAEMON Tools Pro deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 18 ActiveX Adobe Refresh Manager Apple Application Support Contr“le ActiveX Windows Live Mesh pour connexions … distance Definition Update for Microsoft Office 2010 (KB3054883) 32-Bit Edition Dropbox Flvto YouTube Downloader Galerie de photos Windows Live Google Chrome Google Drive Google Earth Google Toolbar for Internet Explorer Google Update Helper iCloud Java 8 Update 51 Java Auto Updater Kruidvat fotoservice Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Project MUI (English) 2010 Microsoft Office Project Professional 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Project Professional 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD More Games - WildTangent Mozilla Firefox 39.0.3 (x86 nl) Mozilla Maintenance Service Popcorn Time Prey Anti-Theft Raccolta foto di Windows Live Scherminfotaal van Microsoft Office 2010 - Nederlands Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3023224) Security Update for Microsoft .NET Framework 4.5.1 (KB3035490) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589288) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2863817) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054834) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2965281) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2965283) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3054996) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SkypeT 6.20 Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TOSHIBA Resolution+ Plug-in for Windows Media Player Total Web Unchecky v0.3.9 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2589282) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2965296) 32-Bit Edition Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054964) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3054986) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition Update for Microsoft Project 2010 (KB2553251) 32-Bit Edition Update for Microsoft Project 2010 (KB3054985) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Visual Studio 2010 x64 Redistributables Web Shield Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\Prey\wpxsvc.exe C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe C:\Program Files (x86)\Unchecky\bin\Unchecky_bg.exe C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Users\Leon.LEONAALBURG1\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\Prey\current\bin\node.exe C:\Windows\Prey\versions\1.4.1\node_modules\triggers\bin\lightevt.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Leon.LEONAALBURG1\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"=- ==== Deleting Files \ Folders ====================== C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Program Files\Microsoft Security Client\DbgHelp.dll" not deleted "C:\Program Files\Microsoft Security Client\EppManifest.dll" not deleted "C:\Program Files\Microsoft Security Client\MpAsDesc.dll" not deleted "C:\Program Files\Microsoft Security Client\MpClient.dll" not deleted "C:\Program Files\Microsoft Security Client\MpCmdRun.exe" not deleted "C:\Program Files\Microsoft Security Client\MpCommu.dll" not deleted "C:\Program Files\Microsoft Security Client\mpevmsg.dll" not deleted "C:\Program Files\Microsoft Security Client\MpOAv.dll" not deleted "C:\Program Files\Microsoft Security Client\MpRTP.dll" not deleted "C:\Program Files\Microsoft Security Client\MpSvc.dll" not deleted "C:\Program Files\Microsoft Security Client\MSESysprep.dll" not deleted "C:\Program Files\Microsoft Security Client\MsMpCom.dll" not deleted "C:\Program Files\Microsoft Security Client\MsMpEng.exe" not deleted "C:\Program Files\Microsoft Security Client\MsMpLics.dll" not deleted "C:\Program Files\Microsoft Security Client\MsMpRes.dll" not deleted "C:\Program Files\Microsoft Security Client\msseces.exe" not deleted "C:\Program Files\Microsoft Security Client\msseoobe.exe" not deleted "C:\Program Files\Microsoft Security Client\msseooberes.dll" not deleted "C:\Program Files\Microsoft Security Client\MsseWat.dll" not deleted "C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll" not deleted "C:\Program Files\Microsoft Security Client\NisLog.dll" not deleted "C:\Program Files\Microsoft Security Client\NisSrv.exe" not deleted "C:\Program Files\Microsoft Security Client\NisWFP.dll" not deleted "C:\Program Files\Microsoft Security Client\Setup.exe" not deleted "C:\Program Files\Microsoft Security Client\SetupRes.dll" not deleted "C:\Program Files\Microsoft Security Client\shellext.dll" not deleted "C:\Program Files\Microsoft Security Client\SqmApi.dll" not deleted "C:\Program Files\Microsoft Security Client\SymSrv.dll" not deleted "C:\Program Files\Microsoft Security Client\SymSrv.yes" not deleted "C:\Program Files\Microsoft Security Client\nl-nl\MsMpRes.dll.mui" deleted "C:\Program Files\Microsoft Security Client" not deleted "C:\Program Files\Microsoft Security Client\nl-nl" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8100 MB CPU Info: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz CPU Speed: 2340.2 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC | Realtek PCIe FE Family Controller CD / DVD Drives: 4x (E: | F: | G: | H: | ) E: HL-DT-STDVDRAM GT30N | F: | G: DTSOFT BDROM | H: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 349.3GB | D: 348.9GB Hard Disks - Free: C: 41.5GB | D: 337.3GB Manufacturer *: TOSHIBA BIOS Info: AT/AT COMPATIBLE | 10/04/11 | TOSCPL - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA PWWHA Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 44.0.2403.130 Internet Explorer Version: 11.0.9600.17914 Mozilla Firefox version: 39.0.3 (x86 nl) Google Chrome version: 44.0.2403.130 Adobe Reader version: 15.8.20082.147029 Sun Java version: 1.8.0_51 (32-bit) Sun Java version: 1.8.0_51 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-07-12 07:53:20 42DB3FC4A59F71A5D8FE86C7354F69D3 668389110 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\LEON~1.LEO\AppData\Local\Temp ==== 2015-08-09 06:01:18 BCA0388139FF5F60970FB96E56BC00EB 71168 ----a-w- C:\Users\Leon.LEONAALBURG1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiiofrt.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-07-28 16:08:11 EB59F8712DC56764D88EB495AD5938B3 1085440 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-07-28 16:08:11 DA2054C50EB38C91322D4EEBCE408C5C 765440 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-07-28 16:08:11 9AFFAF544BA8FBA1ABFCCC07F6AB85B8 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-07-28 16:08:11 3CDA55D83D5C9EA09DE82C6E5233C65B 433664 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-07-28 16:08:11 3A87269A74F067EB566813619B4F0CC3 67584 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-07-28 16:08:10 0AC0A45552B403020780DC74FB3BAC95 1145856 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-07-28 16:08:09 BE03A1A1B4DEEFDE3E58834F7584C31F 17856 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-07-28 16:08:09 81E937F890B2F1A410547D6EB6A79572 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll ====== C:\Windows\Sysnative\drivers ===== 2015-07-15 11:04:07 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-07-15 11:04:06 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-07-15 11:04:06 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-07-15 11:04:06 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-07-15 11:04:05 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys ====== C:\Windows\Tasks ====== 2015-07-30 14:51:53 29E8BAC76B4A35314E1F15CE1A08641F 3106 ----a-w- C:\Windows\Sysnative\Tasks\{D1E5B96F-262B-4935-8DBE-50CCC3451566} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-08-08 20:05:15 -------- d-----w- C:\PROGRA~2\Unchecky 2015-08-06 20:52:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-07-30 11:21:44 -------- d-----w- C:\PROGRA~2\GUPlayer ======= C: ===== ====== C:\Users\Leon.LEONAALBURG1\AppData\Roaming ====== 2015-08-08 20:35:00 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Users\TEMP\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Users\TEMP.LEONAALBURG1\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Users\TEMP.leonaalburg\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Users\Leon\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-08-08 20:35:00 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-08-08 20:34:59 -------- d-----w- C:\Users\Leon.LEONAALBURG1\AppData\Local\Temp 2015-07-31 19:05:29 -------- d-----w- C:\Users\Leon.LEONAALBURG1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-07-30 11:27:01 -------- d-----w- C:\Users\Leon.LEONAALBURG1\AppData\Local\Total Web 2015-07-30 11:17:55 -------- d-----w- C:\Users\Leon.LEONAALBURG1\AppData\Local\WebShield 2015-07-30 11:17:40 -------- d-----w- C:\Users\Leon.LEONAALBURG1\AppData\Local\Programs 2015-07-18 15:16:24 -------- d-----w- C:\Users\Leon.LEONAALBURG1\AppData\Local\CEF ====== C:\Users\Leon.LEONAALBURG1 ====== 2015-08-08 20:05:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2015-08-08 20:05:15 -------- d-----w- C:\ProgramData\Unchecky 2015-08-08 20:03:33 435818762F84C20091DCFEB7732314B3 1078576 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\unchecky_setup.exe 2015-08-06 20:51:13 FD5E74BFA85F82E4D6533624E43F9175 562784 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\jxpiinstall.exe 2015-08-06 20:43:23 B9919195F61824F980F4A088D7447A11 43221600 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\jre-8u51-windows-x64.exe 2015-08-03 20:14:42 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\RSITx64.exe 2015-07-30 11:17:41 -------- d-----w- C:\ProgramData\WebShield ====== C: exe-files == 2015-08-08 20:05:15 E7836D47A1C4C15057C396F4E37ABB38 1595640 ----a-w- C:\Program Files (x86)\Unchecky\unchecky.exe 2015-08-08 20:05:15 D29C0DC460F6845833642F916818AAFC 163576 ----a-w- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe 2015-08-08 20:05:15 4E41F80AE740CEE1E1F7B47A3A2CB98C 429304 ----a-w- C:\Program Files (x86)\Unchecky\uninstall.exe 2015-08-08 20:05:15 4DE85CCAD1993358F02B39462159B0A0 401656 ----a-w- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe 2015-08-08 20:03:33 435818762F84C20091DCFEB7732314B3 1078576 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\unchecky_setup.exe 2015-08-06 20:52:20 F52607E7F53DA8FE1C4A3C1F11CE2AE7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\java-rmi.exe 2015-08-06 20:52:20 F3D19B026E09B8150D9FF40D537C8F2A 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\rmid.exe 2015-08-06 20:52:20 EF442149A0502661D49628A66A69F33C 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\policytool.exe 2015-08-06 20:52:20 E7ABC6445E6A2F1EDE5F8BB082ECEEA1 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jabswitch.exe 2015-08-06 20:52:20 D50189686D9D144CB4EC807652640FC0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\ktab.exe 2015-08-06 20:52:20 C4B3393396204E759E6EDFF92A9CAA50 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\tnameserv.exe 2015-08-06 20:52:20 BC66611222047778694C7650B7814978 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe 2015-08-06 20:52:20 B5AA17A9ACE57080909B9CB47CD74C39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\kinit.exe 2015-08-06 20:52:20 A4D1AC4078F1A819ECECC546F64907A1 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\java.exe 2015-08-06 20:52:20 9A474C07C5242EF2AE12FF6BF387F334 273504 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javaws.exe 2015-08-06 20:52:20 8B09EF707CE0895D5478300CC2CE90DB 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\rmiregistry.exe 2015-08-06 20:52:20 8516D08420A7AB22A9B722FAF631E320 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssvagent.exe 2015-08-06 20:52:20 76BD4372DD5C5A316F64D562C2404BF8 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\orbd.exe 2015-08-06 20:52:20 6790CB3F51E280A2A3EEAA3C5BD58EFF 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\keytool.exe 2015-08-06 20:52:20 5E1561548895218973EB5C833D96BD60 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\unpack200.exe 2015-08-06 20:52:20 56C175D9B0D7EE7D1DA92B8D8A12772A 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\servertool.exe 2015-08-06 20:52:20 547F9D4CB6FAAC8E941F1689D5555CDB 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jjs.exe 2015-08-06 20:52:20 4E022C0940633A9538892CB26B65BD0D 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javaw.exe 2015-08-06 20:52:20 46AD9258E9B6EA56AFC8723CEFDF8425 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\pack200.exe 2015-08-06 20:52:20 235015745A6A6FE26BCDA8F227C9132B 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\klist.exe 2015-08-06 20:52:20 0CFCEE90C8711D4DEAD9EC7046918A45 77920 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2launcher.exe 2015-08-06 20:51:13 FD5E74BFA85F82E4D6533624E43F9175 562784 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\jxpiinstall.exe 2015-08-06 20:43:23 B9919195F61824F980F4A088D7447A11 43221600 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\jre-8u51-windows-x64.exe 2015-08-06 10:32:34 1DEEF4A41F33D307E6EE2FBE8B179BE2 959568 ----a-w- C:\Program Files (x86)\Google\Update\Install\{E74CA89A-2800-4B4A-97AA-C8F81EA6490D}\44.0.2403.130_44.0.2403.125_chrome_updater.exe 2015-08-06 10:32:34 1DEEF4A41F33D307E6EE2FBE8B179BE2 959568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.130\44.0.2403.130_44.0.2403.125_chrome_updater.exe 2015-08-06 10:12:08 BC57BF0C34D240412080FFABCA4F4FA1 10816032 ----a-w- C:\Users\Leon.LEONAALBURG1\AppData\Roaming\Azureus\tmp\AZU5279040938248280131.tmp\Vuze_5.6.1.2_win32.exe === C: other files == 2015-08-09 06:00:25 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Leon.LEONAALBURG1\AppData\Local\Temp\_MEI22922\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-08-09 06:00:25 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Leon.LEONAALBURG1\AppData\Local\Temp\_MEI22922\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-08-06 20:52:20 5F7B14A65C88D4AEB0E3DF49C6A0941F 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\lib\deploy\ffjcext.zip 2015-08-06 10:51:44 B1BC8B824BCCFBA37579D194B6AD1B34 31374 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\suits-fifth-season_HI_english-1164103.zip 2015-08-06 10:25:30 91833C2E3223BCE81DF371FE23431585 31328 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\suits-fifth-season_english-1164104(1).zip 2015-08-06 10:22:35 91833C2E3223BCE81DF371FE23431585 31328 ----a-w- C:\Users\Leon.LEONAALBURG1\Downloads\suits-fifth-season_english-1164104.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3541538408-1459528280-1945361666-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Flvto YouTube Downloader"="C:\Users\Leon.LEONAALBURG1\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe /minimize" "Dropbox Update"="C:\Users\Leon.LEONAALBURG1\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "NBAgent"="c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "SVPWUTIL"="C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL" "HWSetup"="C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP" "KeNotify"="C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe LPCM" "ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Flvto YouTube Downloader"="C:\Users\Leon.LEONAALBURG1\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe /minimize" "Dropbox Update"="C:\Users\Leon.LEONAALBURG1\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"="C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 " "TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" "Toshiba Registration"="C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe" "TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe " "TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe " "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" ==== Startup Folders ====================== 2011-03-28 15:06:28 1258 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2011-03-28 15:06:28 1258 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2012-01-27 17:04:23 1060 ----a-w- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-09-02 17:22:14 1183 ----a-w- C:\Users\Leon.LEONAALBURG1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-09-18 18:34:20 1258 ----a-w- C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2014-05-25 07:39:18 1258 ----a-w- C:\Users\TEMP.leonaalburg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2014-07-02 20:57:23 1258 ----a-w- C:\Users\TEMP.LEONAALBURG1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2012-10-11 12:57:13 2476 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk 2013-06-02 20:52:37 773 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-07-2015 13:01] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3541538408-1459528280-1945361666-1000Core.job --a------ C:\Users\Leon.LEONAALBURG1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [20-06-2015 08:35] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3541538408-1459528280-1945361666-1000UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-02-2015 15:59] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-02-2015 15:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\ConfigFree Startup Programs" [C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3541538408-1459528280-1945361666-1000Core" [C:\Users\Leon.LEONAALBURG1\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3541538408-1459528280-1945361666-1000UA" [C:\Users\Leon.LEONAALBURG1\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{27C8DBDD-4CB6-48CE-B217-95E2FA066867}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.3.0.101/nl/go/help.faq.installer?LastError=1638] "C:\Windows\SysNative\tasks\{51BCA067-9DEA-4CF9-A186-6C492BE58B8E}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{BE0F7EF2-7A82-4B43-8BC5-363ABB5A59CA}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{D54471B7-C210-432B-8B1A-E56A0E38CF80}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14-09-2014 13:52] ==== Firefox Extensions ====================== ProfilePath: C:\Users\LEON~1.LEO\AppData\Roaming\Mozilla\Firefox\Profiles\8wca9n4n.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.130 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[14-09-2014 13:52] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\LEON~1.LEO\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[30-09-2014 23:25] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Wallet - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Leon.LEONAALBURG1\AppData\Local\Google\Chrome\User Data\Default\Preferences {"account_tracker_service_last_update":"13082842803660971","browser":{"check_default_browser":true,"window_placement":{"bottom":718,"left":10,"maximized":false,"right":1060,"top":10,"work_area_bottom":728,"work_area_left":0,"work_area_right":1366,"work_area_top":0}},"countryid_at_install":20044,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","959","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","3689","748"],"daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","959","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","3689","748"],"daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"last_update_date":"13082767200000000"},"default_apps_install_state":2,"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"13082747619845898","next_check":"13082856944497290"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"last_chrome_version":"44.0.2403.125"},"gcm":{"check_time":"13082854521693101"},"http_original_content_length":"5396","http_received_content_length":"5396","intl":{"accept_languages":"nl-NL,nl,en-US,en"},"invalidator":{"client_id":"cm9rWhKUHMbX7y2Bdl1Oog=="},"media":{"device_id_salt":"pZwMttppGOOmJxXNlwu5oA=="},"net":{"http_server_properties":{"servers":{"clients2.google.com:443":{"network_stats":{"srtt":39708},"supports_spdy":true},"clients4.google.com:443":{"network_stats":{"srtt":35492},"supports_spdy":true}},"supports_quic":{"address":"192.168.2.181","used_quic":true},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Persoon 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13079527863599538"},"translate_blocked_languages":["nl"],"translate_whitelists":{}} A5A89ABCBA63192A7D966D77CAC34CD34A709E9EF5","prefs":{"preference_reset_time":"A39B26A1E29C15C5A15353BE3AE9B0B876E0D8FCF49D0DB5112E1B8E0E634D86"},"profile":{"reset_prompt_memento":"383E527C57164EA9FDDA35D3B4CA648ED594F30919D6EA20390401D92271E2D6"},"safebrowsing":{"incidents_sent":"000701ABA40722F4642E3E7BF4EE4EC24F8489285AC2ECB7A55295ABC22C1047"},"search_provider_overrides":"02DB19ABF630AFDF9B77D479A8AFAF3B51B1B8203715DEAE4AE9C4384924D66E","session":{"restore_on_startup":"10213FEC704DA7538AFC24AAE964F4A7E068EC5D2E8CBD0F52295C97311A9973","startup_urls":"4AB70D2699715B736458843DA53DF101D3CFBF824C870488989E8F49A6B646B5"},"software_reporter":{"prompt_reason":"D4725C64C39961E46693ADE1C3D73E892E3AA075176724AF5169B76E1A47B3E7","prompt_seed":"0649E19349FB7FABE5063AF97D15384F284623EEAF73613415DF6E6CE543D055","prompt_version":"DD055EAE23195420A2A1606957DC1F5CBDBAE7C1DC7F3797D4DE22568F6D3E95"},"sync":{"remaining_rollback_tries":"08404D7FA6BB9C6CE0197D5617EC7975DCAF72FFCB6553C5853AD3CBF69D784B"}},"super_mac":"D31E6B575708B9C48EC45427FDE9F511352F705FF7237E7A1BD94ACC67952F90"},"session":{"restore_on_startup":4,"startup_urls":["http://www.istartsurf.com/?type=hppp&ts=1438255160&z=863fb15bd5b74d3ac1f9cd7g4zac3b0o9w6wag5e2z&from=tugs&uid=TOSHIBAXMK7575GSX_51GCF2Z3SXX51GCF2Z3S"]}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Flvto YouTube Downloader] "C:\Users\Leon.LEONAALBURG1\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimize O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Leon.LEONAALBURG1\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = Leon.LEONAALBURG1\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Toshiba Places Icon Utility.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file) O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Cron Service (CronService) - Fork, Ltd. - C:\Windows\Prey\wpxsvc.exe O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Leon.LEONAALBURG1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP.leonaalburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP.LEONAALBURG1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Leon.LEONAALBURG1\AppData\Local\Mozilla\Firefox\Profiles\8wca9n4n.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Leon.LEONAALBURG1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=280 folders=90 104282443 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Leon\AppData\Local\Temp emptied successfully C:\Users\Leon.LEONAALBURG1\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Users\TEMP.leonaalburg\AppData\Local\Temp emptied successfully C:\Users\TEMP.LEONAALBURG1\AppData\Local\Temp emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\LEON~1.LEO\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\Microsoft Security Client\DbgHelp.dll" not deleted "C:\Program Files\Microsoft Security Client\EppManifest.dll" not deleted "C:\Program Files\Microsoft Security Client\MpAsDesc.dll" not deleted "C:\Program Files\Microsoft Security Client\MpClient.dll" not deleted "C:\Program Files\Microsoft Security Client\MpCmdRun.exe" not deleted "C:\Program Files\Microsoft Security Client\MpCommu.dll" not deleted "C:\Program Files\Microsoft Security Client\mpevmsg.dll" not deleted "C:\Program Files\Microsoft Security Client\MpOAv.dll" not deleted "C:\Program Files\Microsoft Security Client\MpRTP.dll" not deleted "C:\Program Files\Microsoft Security Client\MpSvc.dll" not deleted "C:\Program Files\Microsoft Security Client\MSESysprep.dll" not deleted "C:\Program Files\Microsoft Security Client\MsMpCom.dll" not deleted "C:\Program Files\Microsoft Security Client\MsMpEng.exe" not deleted "C:\Program Files\Microsoft Security Client\MsMpLics.dll" not deleted "C:\Program Files\Microsoft Security Client\MsMpRes.dll" not deleted "C:\Program Files\Microsoft Security Client\msseces.exe" not deleted "C:\Program Files\Microsoft Security Client\msseoobe.exe" not deleted "C:\Program Files\Microsoft Security Client\msseooberes.dll" not deleted "C:\Program Files\Microsoft Security Client\MsseWat.dll" not deleted "C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll" not deleted "C:\Program Files\Microsoft Security Client\NisLog.dll" not deleted "C:\Program Files\Microsoft Security Client\NisSrv.exe" not deleted "C:\Program Files\Microsoft Security Client\NisWFP.dll" not deleted "C:\Program Files\Microsoft Security Client\Setup.exe" not deleted "C:\Program Files\Microsoft Security Client\SetupRes.dll" not deleted "C:\Program Files\Microsoft Security Client\shellext.dll" not deleted "C:\Program Files\Microsoft Security Client\SqmApi.dll" not deleted "C:\Program Files\Microsoft Security Client\SymSrv.dll" not deleted "C:\Program Files\Microsoft Security Client\SymSrv.yes" not deleted "C:\Program Files\Microsoft Security Client" not deleted ==== EOF on ma 10-08-2015 at 22:28:55,72 ======================