Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by JEAN on wo 16/03/2016 at 9:31:36,29. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JEAN\DOWNLOADS\zoek.exe [Scan all users] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-02-15-145521.log 73894 bytes C:\zoek-results2016-03-14-205554.log 105705 bytes C:\zoek-results2016-03-15-135639.log 66960 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ABBYY FineReader 6.0 Sprint Adobe Acrobat XI Pro Adobe AIR Adobe Download Assistant Adobe Flash Player 20 ActiveX Adobe Flash Player 21 NPAPI Adobe Reader 8.1.1 - Nederlands Adobe Refresh Manager Apple Application Support Apple Software Update ArcSoft PhotoStudio 5 AVG AVG Zen BearShare Belgium e-ID middleware 4.1.10 (build 1698) BitTorrent CCleaner Compatibiliteitspakket voor het 2007 Microsoft Office system D3DX10 Debut Video Capture Software Dropbox Express Burn Express Zip FMW 1 Google Drive Google Earth Google Gmail Notifier Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) Intel(R) PRO Network Connections Intel© Matrix Storage Manager Intel© ViivT software Java 8 Update 66 Java 8 Update 72 Java 8 Update 74 Java Auto Updater Lexmark Pro700 Series Logitech Vid HD Logitech Webcam Software MakeDisc MediaShow Mesh Runtime Messenger Companion Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Fix it Center Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word Viewer 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Visual Studio Tools for Applications 2.0 Runtime Mozilla Firefox 44.0.2 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 38.6.0 (x86 nl) MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml Nitro Reader 3 NVIDIA-configuratiescherm 341.92 NVIDIA Drivers NVIDIA Install Application OpenOffice 4.0.1 PC Tools Registry Mechanic 11.1 PDF Reader Photo Notifier and Animation Creator Picasa 3 PowerDVD PrimoPDF -- brought to you by Nitro PDF Software QuickTime 7 RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Recuva Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft .NET Framework 4.5.2 (KB3072310) Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft .NET Framework 4.5.2 (KB3099869) Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085616) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114745) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114900) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114741) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2880510) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114901) 32-Bit Edition Segoe UI Skype Click to Call SkypeT 7.18 Smart Defrag 2 Smart Defrag 4 Software Informer 1.0 BETA Speccy SpeedBit Video Accelerator Spelling Dictionaries Support For Adobe Reader 8 Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD TuneUp Utilities 2013 TuneUp Utilities Language Pack (nl-NL) Ulead VideoStudio SE DVD Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114743) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB2.0 Capture Device VCRedistSetup VideoPad Video Editor Visual Studio 2012 x86 Redistributables VLC media player Winamp Windows 7 Upgrade Advisor Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 5.31 (32-bit) WinZip Self-Extractor X10 Hardware(TM) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\lxeecoms.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\ehome\ehsched.exe C:\Windows\ehome\ehRecvr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\JEAN\DOWNLOADS\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\JEAN\AppData\Roaming\ProductData deleted C:\PROGRA~2\UpdaterLog.txt deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3070 MB CPU Info: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz CPU Speed: 2390,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Realtek HDMI Output (Realtek Hi | Display Adapters: NVIDIA GeForce 8600 GT | NVIDIA GeForce 8600 GT | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: 802.11 n/g/b Wireless LAN USB Adapter | Intel(R) 82562V-2 10/100 Network Connection CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH20NS10 Ports: COM1 | COM2 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 435,8GB | D: 30,0GB | I: 465,8GB Hard Disks - Free: C: 269,1GB | D: 10,5GB | I: 396,6GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 12/26/07 | MEDION - 42302e31 Time Zone: Romance (standaardtijd) Motherboard *: MICRO-STAR INTERNATIONAL CO., LTD MS-7502 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 44.0.2 (x86 nl) Adobe Reader version: 8.1.0.2007051100 Sun Java version: 1.8.0_74 (32-bit) Flash Player version: 21.0.0.182 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-02-18 10:10:42 649FAB7A4EA865886980D4B2FDFA04C1 5067472 ----a-w- C:\Windows\uninst.exe ====== C:\Users\JEAN\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2016-03-15 15:52:46 DC9AB9F08F1A424E6494F52BFEAEBEA5 372736 ----a-w- C:\Windows\System32\LXEEwupd.dll 2016-03-15 15:52:46 037B730EFC501C2EAAA5353CC635A28C 213672 ----a-w- C:\Windows\System32\LXEEwupd.exe 2016-03-15 15:52:15 B481F9B36F94A1D105498A38703C011C 7680 ----a-w- C:\Windows\System32\NativeCall.dll 2016-03-15 15:51:47 EED961264B6E8C82FEE8FEBD2D2D8D91 57344 ----a-w- C:\Windows\System32\lxeejswr.dll 2016-03-15 15:51:47 E904E163497F5110B83377B56B62CBB3 110592 ----a-w- C:\Windows\System32\lxeeinsr.dll 2016-03-15 15:51:47 E64D28F4F9AF510BAA88F9AC9FB03D38 253952 ----a-w- C:\Windows\System32\lxeecu.dll 2016-03-15 15:51:47 D5F54F4B1CA51664E9B200463FF3CD5D 643072 ----a-w- C:\Windows\System32\lxeepmui.dll 2016-03-15 15:51:47 A051BF2B33474436A4EEAEC4D2CD90E6 324264 ----a-w- C:\Windows\System32\lxeeih.exe 2016-03-15 15:51:47 99DB8BA86FAFB4AE9E506E2B7EB7D65C 262144 ----a-w- C:\Windows\System32\lxeeinsb.dll 2016-03-15 15:51:47 812E0B67B46D5FC9CCEACBD4B73F04A3 598696 ----a-w- C:\Windows\System32\lxeecoms.exe 2016-03-15 15:51:47 7EDA0933DCA7E5265F6D307D92D7C690 208896 ----a-w- C:\Windows\System32\lxeegrd.dll 2016-03-15 15:51:47 7E9A589A73E89332B3F2D801A0B1B7F6 847872 ----a-w- C:\Windows\System32\lxeeusb1.dll 2016-03-15 15:51:47 6D615EF27B40EA511FEE7109C00828D1 577536 ----a-w- C:\Windows\System32\lxeelmpm.dll 2016-03-15 15:51:47 5F380A33FE12E6ECF932C2B0366069FC 1048576 ----a-w- C:\Windows\System32\lxeeserv.dll 2016-03-15 15:51:47 54CEDB3800BA79FC77B2D9CE3671CFB4 90112 ----a-w- C:\Windows\System32\lxeecub.dll 2016-03-15 15:51:47 4F1BA1F943D8F51D838396FD3126B70C 36864 ----a-w- C:\Windows\System32\lxeecur.dll 2016-03-15 15:51:47 478B2775651ECB9425E7501DFC109278 344064 ----a-w- C:\Windows\System32\lxeeiesc.dll 2016-03-15 15:51:47 4754359579B3B98D108A1AD54CD0D0C9 331776 ----a-w- C:\Windows\System32\LXEEinst.dll 2016-03-15 15:51:47 329E4743ABA46332E5BDC21A09F87ECB 192812 ----a-w- C:\Windows\System32\LexFiles.ulf 2016-03-15 15:51:47 2DBAD1C00A95674AA34BAE88C3B66DDD 688128 ----a-w- C:\Windows\System32\lxeehbn3.dll 2016-03-15 15:51:47 2934E1252F62AA6CAC935BCA2BF93B2D 323584 ----a-w- C:\Windows\System32\lxeeins.dll 2016-03-15 15:51:47 1A43B16FE11B3B4C2A69777A25D7F876 356352 ----a-w- C:\Windows\System32\LXEEhcp.dll 2016-03-15 15:51:47 018FE7935604F87605026B2448E2722D 364544 ----a-w- C:\Windows\System32\lxeeinpa.dll 2016-03-15 15:51:46 FBCB057E6EFAE9043027F184EFA1B0F9 86183 ----a-w- C:\Windows\System32\LXEEcfg.dll 2016-03-15 15:51:46 C48FD9AD752B6089F4732AEB6A934E63 2052 ----a-w- C:\Windows\System32\lxee.loc 2016-03-15 15:51:46 B66B9471E1399F126A40081E9CF0654F 372736 ----a-w- C:\Windows\System32\lxeecomm.dll 2016-03-15 15:51:46 1596015BC2887EFF9E385B088D8C8F86 373416 ----a-w- C:\Windows\System32\lxeecfg.exe 2016-03-15 15:51:46 0F544B46F9966F29D05E0F998297C7E7 802816 ----a-w- C:\Windows\System32\lxeecomc.dll 2016-03-15 11:52:14 C0CC3CADF562952665625FC11FBCBF1E 40960 ----a-w- C:\Windows\System32\lxeevs.dll 2016-03-15 11:52:13 B17956B916EDCD1450CEA530F550DA6B 442368 ----a-w- C:\Windows\System32\lxeecoin.dll 2016-03-15 11:52:12 EA93FCE68264FF4613F888B626E3DAA0 983121 ----a-w- C:\Windows\System32\lxk_gf.dll 2016-03-15 11:52:12 C2CEAF415006C1E0E77933093D4959A5 66696 ----a-w- C:\Windows\System32\lxeeprpr.chm 2016-03-15 11:52:12 B43A596DE4F8A04D7D03967843F8D4C6 110592 ----a-w- C:\Windows\System32\lxeecuir.dll 2016-03-15 11:52:12 5852F1AE85F597E769DB75EF7CF4A912 86016 ----a-w- C:\Windows\System32\lxeegcfg.dll 2016-03-15 11:52:11 E3A78F8D7292209C08D358020E6C1222 8694 ----a-w- C:\Windows\System32\lxeecommuilogo_rtl.bmp 2016-03-15 11:52:11 CAC98A91AFEF8168178E96CE4C782C35 294912 ----a-w- C:\Windows\System32\lxeecui.dll 2016-03-15 11:52:11 971EAAF6EA633BDC99C4C7F58E4F2659 8694 ----a-w- C:\Windows\System32\lxeecommuilogo.bmp 2016-03-13 18:44:07 B5BBD89417F145107CEAFF60601D0BCC 21122 ----a-w- C:\Windows\System32\cc_20160313_194405.reg 2016-03-12 09:58:14 8EDC2B44DFB0211D9F3E4A1BB7BA93E5 2654 ----a-w- C:\Windows\System32\cc_20160312_105801.reg 2016-03-10 19:03:38 F7DDB6A679C606CD287C3CA01F83B71D 5222 ----a-w- C:\Windows\System32\cc_20160310_200336.reg 2016-03-09 21:27:16 CCE98D5402CA71D4828A32E04F0AF084 802304 ----a-w- C:\Windows\System32\advapi32.dll 2016-03-09 21:27:15 B7A4A5B08CF0791AB6D2A49675794C78 1208776 ----a-w- C:\Windows\System32\ntdll.dll 2016-03-09 21:27:15 9CF68DBA1040236186FFCC824D73027D 49664 ----a-w- C:\Windows\System32\csrsrv.dll 2016-03-09 21:27:15 375B8919DD91DCD041C39857D96E911E 783872 ----a-w- C:\Windows\System32\rpcrt4.dll 2016-03-09 21:27:15 1854BA86D692903CF548D79D2D6B4D1D 64000 ----a-w- C:\Windows\System32\smss.exe 2016-03-09 21:27:15 0782AAFEDAE47EAB1564B74361FF7EA3 3609024 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2016-03-09 21:27:14 02CF2F981A4478D4ECFEA31D41B03D75 3556800 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-03-09 21:25:46 7D7A5D3CB5AB4B394E03BDE27E6114E8 19968 ----a-w- C:\Windows\System32\seclogon.dll 2016-03-09 21:25:31 2C5B452C905D75D88AB0A7421E7CE77D 34304 ----a-w- C:\Windows\System32\atmlib.dll 2016-03-09 21:25:31 293CC0B2FF89E5B535CB7F36D9FDAB72 297472 ----a-w- C:\Windows\System32\atmfd.dll 2016-03-09 21:23:10 B68926B03D0A980EC8365D6220AED640 67072 ----a-w- C:\Windows\System32\asycfilt.dll 2016-03-09 21:23:10 4E5AC2E22DDE7DC39743EB0700F72C1E 89600 ----a-w- C:\Windows\System32\olepro32.dll 2016-03-09 21:23:10 349084B33AE5F6929A2B58CE105390BE 564736 ----a-w- C:\Windows\System32\oleaut32.dll 2016-03-09 21:12:55 6599C3D5E3A5BC9C598D5D71661A93A9 2068992 ----a-w- C:\Windows\System32\win32k.sys 2016-03-09 17:01:23 F29353DDB4F229987310E49FC9879DA4 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2016-03-09 17:01:23 F17D18A3BF191C5CC876EAB0F2D6E442 1140224 ----a-w- C:\Windows\System32\urlmon.dll 2016-03-09 17:01:23 E473E57E42859458256F96728698339E 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2016-03-09 17:01:23 CE3AB861F86C509E3DC4F62C495B02C1 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2016-03-09 17:01:23 CE1EC7EE93F443563095892BACA643FF 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2016-03-09 17:01:23 C64ECB006A43A4F74A2F7F36B02E359B 718848 ----a-w- C:\Windows\System32\jscript.dll 2016-03-09 17:01:23 C01175A6360C3C23FC85DD96F461830D 1804800 ----a-w- C:\Windows\System32\iertutil.dll 2016-03-09 17:01:23 8F2B2F9474D361644F7202EE7385EE56 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2016-03-09 17:01:23 5225AF872B0CD08F27DF2C615ED7B5FC 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-03-09 17:01:23 4BB8BF553CACE8D40540E976FFAFABFD 11776 ----a-w- C:\Windows\System32\mshta.exe 2016-03-09 17:01:23 39A529A58D64E4DE43567043DB1D5EA2 424960 ----a-w- C:\Windows\System32\vbscript.dll 2016-03-09 17:01:22 F31AD5D5E1C10AA54A28CF467A59233C 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2016-03-09 17:01:22 DBB0BCF8C1ACFD3971E02CCF38BFDB14 1129472 ----a-w- C:\Windows\System32\wininet.dll 2016-03-09 17:01:22 5ED26AC79EC65E1502CF7D50B2D93763 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2016-03-09 17:01:22 5401EED8E9C38EEC46BA41B85E783B61 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2016-03-09 17:01:21 6B4B1F951D14994B7CCA9A167F7D5501 1815552 ----a-w- C:\Windows\System32\jscript9.dll 2016-03-09 17:01:21 0771C8E5761FAB5BEF8501C3DFCFEF0F 231936 ----a-w- C:\Windows\System32\url.dll 2016-03-09 17:01:20 E576B836BF28C5FB273BDDA28A364BE1 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2016-03-09 17:01:20 BB63EAD0BEAF3BC3A98D4B4C09E6D877 9753600 ----a-w- C:\Windows\System32\ieframe.dll 2016-03-09 17:01:20 312FF8D601D72384890BCE1E3C007AF1 176640 ----a-w- C:\Windows\System32\ieui.dll 2016-03-09 17:01:19 6605F8BBA3AF3089A18F9564C5ADC4C1 367616 ----a-w- C:\Windows\System32\html.iec 2016-03-09 17:01:18 025363B59A9C2ED09D9B52B2477520A5 12392960 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== 2016-03-09 21:23:53 234F76D9337BBD25D849C3860418723A 71680 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2016-02-29 11:18:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_GeneStor_01009.Wdf ====== C:\Windows\Tasks ====== 2016-03-03 15:29:39 FEB2C7A365CBF650D5D7A2AC0569E4FF 3046 ----a-w- C:\Windows\system32\Tasks\{DF20A77D-BC09-4B88-B5F6-9EAEABC7E078} 2016-03-03 15:28:59 E3E94AF88288DB807D9B3251D2EA5C81 3046 ----a-w- C:\Windows\system32\Tasks\{1D00774E-429C-43CE-B09B-43279E25BB24} 2016-03-03 15:28:17 39D142C9D1B08A49B927C8CF184894C9 3046 ----a-w- C:\Windows\system32\Tasks\{C2B83B9D-F516-43AD-A77F-F5414CA194C1} 2016-02-18 10:10:41 78628CD0BF4F3B2F39E558BF5283D83C 404 ----a-w- C:\Windows\Tasks\pc-dis-upd.job 2016-02-18 10:10:41 28CEDEBF76671196F1206FF7A2C31DAF 3130 ----a-w- C:\Windows\system32\Tasks\pc-dis-upd ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-03-15 18:04:36 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2016-03-15 18:03:14 -------- d-----w- C:\Program Files\Microsoft Visual Studio 2016-03-15 15:52:18 -------- d-----w- C:\Program Files\Lexmark Toolbar 2016-03-15 15:52:15 -------- d-----w- C:\Program Files\Lexmark 2016-03-15 15:51:43 -------- d-----w- C:\Program Files\Lexmark Pro700 Series 2016-03-14 19:07:35 -------- d-----w- C:\Program Files\Lexmark(946) 2016-03-14 19:06:32 -------- d-----w- C:\Program Files\Lexmark Pro700 Series(947) 2016-03-09 20:26:42 -------- d-----w- C:\Program Files\Mozilla Thunderbird 2016-02-29 10:40:06 -------- d-----w- C:\Program Files\Abbyy FineReader 6.0 Sprint 2016-02-28 19:36:12 -------- d-----w- C:\Program Files\Speccy 2016-02-19 10:33:37 -------- d-----w- C:\Program Files\DIFX 2016-02-19 10:33:08 -------- d-----w- C:\Program Files\BeID Minidriver 2016-02-19 10:32:20 -------- d-----w- C:\Program Files\Belgium Identity Card ======= C: ===== 2016-02-15 14:48:57 616BFB46AAC4DF66FEFAC6483F25C10E 203 -c--a-w- C:\folders.txt ====== C:\Users\JEAN\AppData\Roaming ====== 2016-03-15 16:09:02 -------- d-----w- C:\Users\JEAN\AppData\Local\Adobe 2016-03-15 13:41:44 -------- dc----w- C:\Users\JEAN\AppData\Local\Temp 2016-03-15 13:41:44 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-03-15 13:41:44 -------- d-----w- C:\Users\IUSR_NMPR\AppData\Local\Temp 2016-03-15 13:41:44 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-03-15 13:41:44 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-03-14 10:14:26 -------- dc----w- C:\Users\JEAN\AppData\Local\Temp(959) 2016-03-12 09:06:52 473352A823BC3A1E1FE718D23AE23ACD 1356 ----a-w- C:\Users\JEAN\AppData\Local\d3d9caps.dat 2016-03-10 02:20:15 -------- d-----w- C:\Users\JEAN\AppData\Roaming\The Bat! 2016-03-02 17:31:28 -------- d-----w- C:\Users\JEAN\AppData\Roaming\Thunderbird 2016-03-02 17:31:28 -------- d-----w- C:\Users\JEAN\AppData\Local\Thunderbird 2016-02-15 14:49:27 -------- dc----w- C:\Users\JEAN\AppData\Local\Temp(554) ====== C:\Users\JEAN ====== 2016-03-15 15:52:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 2016-03-15 11:46:16 AE3218D9AE36381B1C4F8AF8ED7333BD 55005176 ----a-w- C:\Users\JEAN\DOWNLOADS\LEXMARK_Pro700_wcr_32_du.exe 2016-03-15 11:15:10 564A664E4A997C5F2D69F21D61982831 12887328 ----a-w- C:\Users\JEAN\DOWNLOADS\iobituninstaller(2).exe 2016-03-14 21:11:24 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\JEAN\DOWNLOADS\MicrosoftFixit.Printing.Run.exe 2016-03-14 18:49:33 -------- d-----w- C:\Windows\system32\config\systemprofile\{e69e44a4-48d3-499b-8a26-b677f9c29ca3} 2016-03-14 15:26:11 -------- d-----w- C:\ProgramData\Pro700 Series 2016-03-13 18:24:09 DB1AE175F3C151A644EBD8F28793648F 368392 ----a-w- C:\Users\JEAN\DOWNLOADS\su_8263.exe 2016-03-12 09:39:22 1CB698757D7C855B2868A6EAF2E55A66 5956080 ----a-w- C:\Users\JEAN\DOWNLOADS\avastclear.exe 2016-03-10 01:55:17 5F3EF8951FDB4C451A7BA0E0BDF4FCD2 34177387 ----a-w- C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.35.exe 2016-03-10 01:48:50 64A1F700EA98C213A85A997E4C8BB618 169984 ----a-w- C:\Users\JEAN\DOWNLOADS\seamonkey.exe 2016-03-10 01:34:02 74903248FCD1AA5CB9B394FB82BE8EEC 36502528 ----a-w- C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.39.exe 2016-03-05 16:51:11 7D715DD33C636B4FC22B37F0F7D9D623 34613448 ----a-w- C:\Users\JEAN\DOWNLOADS\Thunderbird Setup 38.5.0(2).exe 2016-03-04 12:03:01 7D715DD33C636B4FC22B37F0F7D9D623 34613448 ----a-w- C:\Users\JEAN\DOWNLOADS\Thunderbird Setup 38.5.0(1).exe 2016-03-03 15:29:16 2D890AD63AB1B8CB4AC9AC1C6E58512F 362088 ----a-w- C:\Users\JEAN\DOWNLOADS\im_dict_fr(1).exe 2016-03-03 15:28:35 0DFBC0A7311900375363ADE3C409B3B5 644712 ----a-w- C:\Users\JEAN\DOWNLOADS\im_dict_de(1).exe 2016-03-03 15:27:43 5AB228A30DDF3BE1451E21E90B5097EB 419944 ----a-w- C:\Users\JEAN\DOWNLOADS\im_dict_uk(1).exe 2016-03-03 15:03:17 6ED78A37F3F5C8A49FB2BC399C272729 41445968 ----a-w- C:\Users\JEAN\DOWNLOADS\IObit-Malware-Fighter-Setup.exe 2016-03-03 15:01:24 9324FD884A417B826FCE0CF3764961CD 41171496 ----a-w- C:\Users\JEAN\DOWNLOADS\advanced-systemcare-setup(1).exe 2016-03-03 15:00:12 564A664E4A997C5F2D69F21D61982831 12887328 ----a-w- C:\Users\JEAN\DOWNLOADS\iobituninstaller(1).exe 2016-03-02 17:30:01 7D715DD33C636B4FC22B37F0F7D9D623 34613448 ----a-w- C:\Users\JEAN\DOWNLOADS\Thunderbird Setup 38.5.0.exe 2016-02-29 11:06:49 -------- d-----w- C:\ProgramData\Ezprint 2016-02-29 11:02:24 -------- d-----w- C:\ProgramData\Lx_cats 2016-02-29 10:40:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint 2016-02-19 10:33:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2016-02-18 10:10:39 -------- d-----w- C:\ProgramData\PC1Data 2016-02-15 13:59:14 -------- d-----w- C:\ProgramData\ProductData(548) ====== C: exe-files == 2016-03-15 15:53:12 A849575C450FA30A58E669354782D489 348840 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeeupd.exe 2016-03-15 15:53:10 A051BF2B33474436A4EEAEC4D2CD90E6 324264 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeeih.exe 2016-03-15 15:53:08 FEE4C19E281CE5EDBD79153E29D452DD 148136 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeeview.exe 2016-03-15 15:53:08 B7D1DDC7700988F546897548812D05B8 135848 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeewbgw.exe 2016-03-15 15:53:08 812E0B67B46D5FC9CCEACBD4B73F04A3 598696 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeecoms.exe 2016-03-15 15:53:08 1596015BC2887EFF9E385B088D8C8F86 373416 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeecfg.exe 2016-03-15 15:53:08 037B730EFC501C2EAAA5353CC635A28C 213672 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeewupd.exe 2016-03-15 15:53:07 F60207C45A81B0C7C07D1CA8D5F75A5F 148136 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeetime.exe 2016-03-15 15:53:07 E83A685C6DB7D0C98778D6BFB73E583B 909992 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeepswx.exe 2016-03-15 15:53:07 CC582A99D637AF4867A72DA386C25793 725672 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeejswx.exe 2016-03-15 15:53:07 A9D8D63C7378DD34E4E19036093A9264 193192 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeeserv.exe 2016-03-15 15:53:07 2429C503B18F3A0C2B04568AAE9A4612 148136 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\I386\lxeeupld.exe 2016-03-15 15:53:06 30268B9324964A9798C58B6A9C156791 119088 ----a-w- C:\Program Files\Lexmark Pro700 Series\Drivers\COMMON\lxeecfgx.exe 2016-03-15 15:52:46 B7D1DDC7700988F546897548812D05B8 135848 ----a-w- C:\Program Files\Lexmark Pro700 Series\LXEEwbgw.exe 2016-03-15 15:52:46 037B730EFC501C2EAAA5353CC635A28C 213672 ----a-w- C:\Program Files\Lexmark Pro700 Series\LXEEwupd.exe 2016-03-15 15:52:29 4B9802A5F30FDCE6978695A8CB1552CB 514664 ----a-w- C:\Program Files\Lexmark Pro700 Series\Diagnostics\lxeediag.exe 2016-03-15 15:52:29 048B6B4B24A5371ECE936B87951DE694 969320 ----a-w- C:\Program Files\Lexmark Pro700 Series\Wireless\lxeewpss.exe 2016-03-15 15:52:27 D175B4768BD93CCE0AA367BA723833F5 3644008 ----a-w- C:\Program Files\Lexmark Pro700 Series\Install\x86\instgui.exe 2016-03-15 15:52:27 B0970902B6156B755F61273C9BFF7324 481896 ----a-w- C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe 2016-03-15 15:52:23 DF9B8D5DD1A3D443BC9818604307643B 772712 ----a-w- C:\Program Files\Lexmark Pro700 Series\lxeemon.exe 2016-03-15 15:52:23 923BDD0630CB9F4A30AA990E12FB15C6 617064 ----a-w- C:\Program Files\Lexmark Pro700 Series\lxeelscn.exe 2016-03-15 15:52:18 99719C55F4CD337C4C0562732037DFD4 266300 ----a-w- C:\Program Files\Lexmark Pro700 Series\lexocr.exe 2016-03-15 15:52:18 2C5BD9845BD9650079D44FA4A8232F5C 150264 ----a-w- C:\Program Files\Lexmark Pro700 Series\ezprint.exe 2016-03-15 15:52:17 8EA79E91E731E44ACA679E3C6BD1C6D9 395880 ----a-w- C:\Program Files\Lexmark Pro700 Series\LXEEHiResScan.exe 2016-03-15 15:52:15 D5A742C25687652F366C7AA44BAB5FCF 137832 ----a-w- C:\Program Files\Lexmark Pro700 Series\AutoPrnt.exe 2016-03-15 15:51:46 B175DFB73EF13CDD0088E1C24B214C17 121448 ----a-w- C:\Program Files\Lexmark Pro700 Series\fxsetutl.exe 2016-03-15 11:52:14 A849575C450FA30A58E669354782D489 348840 ----a-w- C:\Program Files\Lexmark Pro700 Series\Job Status\x86\lxeeupd.exe 2016-03-15 11:48:19 DF73472E40BC971701E6E04AFC77C031 322152 -c--a-w- C:\lexmark\drivers\Pro700\Setup.exe 2016-03-15 11:48:14 D5A742C25687652F366C7AA44BAB5FCF 137832 -c--a-w- C:\lexmark\drivers\Pro700\Apps\Autoprnt\AutoPrnt.exe 2016-03-15 11:48:13 99719C55F4CD337C4C0562732037DFD4 266300 -c--a-w- C:\lexmark\drivers\Pro700\Apps\AIOC\lexocr.exe 2016-03-15 11:48:02 8EA79E91E731E44ACA679E3C6BD1C6D9 395880 -c--a-w- C:\lexmark\drivers\Pro700\Apps\HRS\LXEEHiResScan.exe 2016-03-15 11:48:01 D175B4768BD93CCE0AA367BA723833F5 3644008 -c--a-w- C:\lexmark\drivers\Pro700\install\x86\InstGui.exe 2016-03-15 11:48:01 B0970902B6156B755F61273C9BFF7324 481896 -c--a-w- C:\lexmark\drivers\Pro700\Apps\Dashboard\bin\win32\LX__Dashboard.exe 2016-03-15 11:48:01 67C9E72DCD02F2ABB0097155BE6A2519 754792 -c--a-w- C:\lexmark\drivers\Pro700\Apps\Dashboard\bin\x64\LX__Dashboard.exe 2016-03-15 11:47:58 B7D1DDC7700988F546897548812D05B8 135848 -c--a-w- C:\lexmark\drivers\Pro700\drivers\win_xp2k\i386\LXEEwbgw.exe 2016-03-15 11:47:58 037B730EFC501C2EAAA5353CC635A28C 213672 -c--a-w- C:\lexmark\drivers\Pro700\drivers\win_xp2k\i386\LXEEwupd.exe 2016-03-15 11:47:54 A849575C450FA30A58E669354782D489 348840 -c--a-w- C:\lexmark\drivers\Pro700\drivers\win_xp2k\i386\LXEEupd.exe 2016-03-15 11:47:53 30268B9324964A9798C58B6A9C156791 119088 -c--a-w- C:\lexmark\drivers\Pro700\drivers\win_xp2k\common\LXEEcfgx.exe 2016-03-15 11:46:16 AE3218D9AE36381B1C4F8AF8ED7333BD 55005176 ----a-w- C:\Users\JEAN\DOWNLOADS\LEXMARK_Pro700_wcr_32_du.exe 2016-03-15 11:15:10 564A664E4A997C5F2D69F21D61982831 12887328 ----a-w- C:\Users\JEAN\DOWNLOADS\iobituninstaller(2).exe 2016-03-14 21:11:24 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\JEAN\DOWNLOADS\MicrosoftFixit.Printing.Run.exe 2016-03-13 18:24:09 DB1AE175F3C151A644EBD8F28793648F 368392 ----a-w- C:\Users\JEAN\DOWNLOADS\su_8263.exe 2016-03-12 09:39:22 1CB698757D7C855B2868A6EAF2E55A66 5956080 ----a-w- C:\Users\JEAN\DOWNLOADS\avastclear.exe 2016-03-10 03:04:23 C5B752D53B71C6664A2C85104A5479BC 362672 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2016-03-10 03:04:23 B5F9D1EAF05842C3FAFE198747AE8868 62464 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2016-03-10 03:04:23 8EBBDC77A8DC96272500702FDF7F5350 389808 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2016-03-10 03:04:23 2F48CCBB877A3095925C2C2AFCAF6AA3 310960 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2016-03-10 03:04:23 2F48CCBB877A3095925C2C2AFCAF6AA3 310960 ----a-w- C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe 2016-03-10 01:55:17 5F3EF8951FDB4C451A7BA0E0BDF4FCD2 34177387 ----a-w- C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.35.exe 2016-03-10 01:48:50 64A1F700EA98C213A85A997E4C8BB618 169984 ----a-w- C:\Users\JEAN\DOWNLOADS\seamonkey.exe 2016-03-10 01:34:02 74903248FCD1AA5CB9B394FB82BE8EEC 36502528 ----a-w- C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.39.exe 2016-03-09 21:23:26 DA1487720184CDA39971672C44163830 65536 ----a-w- C:\Program Files\Windows Mail\wabmig.exe 2016-03-09 21:23:26 C60284FCFC95C31015072A1B8670563D 515584 ----a-w- C:\Program Files\Windows Mail\wab.exe 2016-03-09 20:26:43 F4580966F2FDAFBEE11459939CEF56C3 304072 ----a-w- C:\Program Files\Mozilla Thunderbird\updater.exe 2016-03-09 20:26:43 AFAB627B5A5E980E66A7DE11E2752BCB 276936 ----a-w- C:\Program Files\Mozilla Thunderbird\plugin-container.exe 2016-03-09 20:26:43 5A3A47790671D586AB19D787274D64E6 170368 ----a-w- C:\Program Files\Mozilla Thunderbird\maintenanceservice_installer.exe 2016-03-09 20:26:43 53E6358FA2A12E47A2CE41242D2AA558 22984 ----a-w- C:\Program Files\Mozilla Thunderbird\WSEnable.exe 2016-03-09 20:26:43 3357B0E793C8C1C22B4FCD3AF7085B10 146888 ----a-w- C:\Program Files\Mozilla Thunderbird\maintenanceservice.exe 2016-03-09 20:26:43 253066427509C67B106F21FC7F4F38A4 490952 ----a-w- C:\Program Files\Mozilla Thunderbird\thunderbird.exe 2016-03-09 20:26:43 1B4E2C86BF8564A636AD2B21130B9461 955584 ----a-w- C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe 2016-03-09 20:26:42 5E13FEAB7F358A0F17BB49F81848F68A 288200 ----a-w- C:\Program Files\Mozilla Thunderbird\crashreporter.exe 2016-03-09 17:01:23 E23594C0E18B02E3700F3AAD92C61911 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-03-09 17:01:23 7108B4041276CF7F11701BD70970FCE3 758000 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-03-09 17:01:22 44493EA34152A63A22A6026403C5FACD 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2016-03-09 17:01:21 78226D4DB3D520A668A89960587AE26A 474624 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe === C: other files == 2016-03-16 08:15:19 8C69F521E5F5C03AEEDEE1EDE520D535 96 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys 2016-03-15 11:48:18 CAA8A850336697FA0DA83AF9A283134A 1839831 -c--a-w- C:\lexmark\drivers\Pro700\Pubs\LXEEhwsu.zip 2016-03-10 01:36:14 CD71794CA04ADF6E8D37D87B8AF2DCE4 351314 ----a-w- C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default\extensions\inspector@mozilla.org.xpi 2016-03-10 01:36:14 B283F6A5D075764EEC67B709259403B0 394064 ----a-w- C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi 2016-03-09 21:23:53 234F76D9337BBD25D849C3860418723A 71680 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_4cd9e2d9\USBSTOR.SYS 2016-03-09 21:23:53 234F76D9337BBD25D849C3860418723A 71680 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2016-03-09 21:12:55 6599C3D5E3A5BC9C598D5D71661A93A9 2068992 ----a-w- C:\Windows\System32\win32k.sys ==== Orphaned Tasks deleted from Registry ====================== avast Emergency Update deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"="C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"="C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "lxeemon.exe"="C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" "EzPrint"="C:\Program Files\Lexmark Pro700 Series\ezprint.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^JEAN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^StartUp^Dropbox.lnk] "item"="Dropbox" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\JEAN\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2016 10:07] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03/10/2015 14:54] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\pc-dis-upd.job --a------ C:\Program Files\PC Cleaners\PCCleaners.exe [] C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [21/08/2012 14:44] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\Driver Booster Scheduler" [C:\Program Files\IObit\Driver Booster\Scheduler.exe] "C:\Windows\system32\tasks\Driver Booster SkipUAC (JEAN)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\JetCleanLoginCheckUpdate" [C:\Program Files\BlueSprig\JetClean\AutoUpdate.exe] "C:\Windows\system32\tasks\pc-dis-upd" [C:\Program Files\PC Cleaners\PCCleaners.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3978713732-936569717-2525818349-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3978713732-936569717-2525818349-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RMAutoUpdate" [C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe] "C:\Windows\system32\tasks\SmartDefrag4_Startup" [C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe] "C:\Windows\system32\tasks\SmartDefrag4_Update" [C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{967768D1-D14E-4645-A8FF-A2DC5B79E8DA}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\NCH Software\DebutReminder" [C:\Program Files\NCH Software\Debut\Debut.exe] "C:\Windows\system32\tasks\NCH Software\ExpressBurnDowngrade" [C:\Program Files\NCH Software\ExpressBurn\ExpressBurn.exe] "C:\Windows\system32\tasks\NCH Software\ExpressBurnReminder" [C:\Program Files\NCH Software\ExpressBurn\ExpressBurn.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\3ov9jk1c.default-1449582130791 user_pref("browser.search.selectedEngine", ""); ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 user_pref("browser.startup.homepage", "https://www.google.be/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [19/02/2016 11:33] ==== Firefox Extensions ====================== ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - WiseStamp Web - %ProfilePath%\extensions\wisestamp@wisestamp.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default - DOM - %ProfilePath%\extensions\inspector@mozilla.org.xpi - ChatZilla - %ProfilePath%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi ProfilePath: C:\Users\JEAN\AppData\Roaming\Thunderbird\Profiles\03w6l4p4.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\JEAN\AppData\Roaming\Thunderbird\Profiles\1zqg8zaw.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\3ov9jk1c.default-1449582130791 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EBEEC9B1FB8BC809C719713A36640966 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin E18B5B26F41D8C37CCAA7256F29F6A15 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AF238FE4B2943431A6706AA6541A3243 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery C31B6A791FCE695AF17177DB8D82AD4C - C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U66 E968ABF8430AFEF01B69419279F19EFF - C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.660.17 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin CD714A672DD8DEA4332A4D98851B7B10 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 1D8E7E814CF7E0DCBD80005061BBE561 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect Profilepath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EBEEC9B1FB8BC809C719713A36640966 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin E18B5B26F41D8C37CCAA7256F29F6A15 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AF238FE4B2943431A6706AA6541A3243 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In D952747FC759C6078958A436192A63BE - C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U74 2D69A78A3BFE4F66E7C664AFC2F2902D - C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.740.2 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin F627791AB91E01A9829A8D9B6E024D52 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash 4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight CD714A672DD8DEA4332A4D98851B7B10 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 1D8E7E814CF7E0DCBD80005061BBE561 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect Profilepath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\lrhxwxy8.default 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EBEEC9B1FB8BC809C719713A36640966 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin E18B5B26F41D8C37CCAA7256F29F6A15 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AF238FE4B2943431A6706AA6541A3243 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In 1738F94BF1EA8A0F14C0B25C9B470EB8 - C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U72 AE77DD2DFE3D4FF156BC4E0EA9DE05F3 - C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.720.15 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect 1D8E7E814CF7E0DCBD80005061BBE561 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer CD714A672DD8DEA4332A4D98851B7B10 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08/05/2014 14:49] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29/11/2012 20:35] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/04/2012 10:23] Adobe Acrobat - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj RealDownloader - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Skype Click to Call - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} HKCU\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{86790FF3-0E90-4153-835D-69D6DC029309} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 9] "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 9] "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto (User 'Default user') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\Windows\system32\lxeecoms.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Syntek STK1150 Service (StkASSrv) - Syntek America Inc. - C:\Windows\System32\StkASv2K.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VideoAcceleratorService - SPEEDbit - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe O23 - Service: Windows Index Services - Unknown owner - c:\windows\system32\dcomx32.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ==== Empty IE Cache ====================== C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\AppData\Local\VirtualStore\Windows\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Low(1406)\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(1406)\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\JEAN\AppData\Local\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=259 folders=96 162930632 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\IUSR_NMPR\AppData\Local\Temp emptied successfully C:\Users\JEAN\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JEAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehmsdri.log" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehRecvr.log" not found ==== EOF on wo 16/03/2016 at 10:03:28,27 ======================