Zoek.exe v5.0.0.0 Updated 27-08-2014 Tool run by OpenWindows on do 28-08-2014 at 18:33:48,75. Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\OpenWindows\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 28-8-2014 18:35:27 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Babylon deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\Trusted Publisher deleted successfully C:\PROGRA~2\Validity deleted successfully C:\Users\extra\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-509793778-43246264-1051348300-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} deleted successfully HKEY_USERS\S-1-5-21-509793778-43246264-1051348300-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} deleted successfully HKEY_USERS\S-1-5-21-509793778-43246264-1051348300-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C90E3813-9894-A76D-D8EE-49A5E2B6B581} deleted successfully HKEY_USERS\S-1-5-21-509793778-43246264-1051348300-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C90E3813-9894-A76D-D8EE-49A5E2B6B581} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C90E3813-9894-A76D-D8EE-49A5E2B6B581} deleted successfully HKEY_CLASSES_ROOT\CLSID\{C90E3813-9894-A76D-D8EE-49A5E2B6B581} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C90E3813-9894-A76D-D8EE-49A5E2B6B581} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 14 ActiveX Adobe Flash Player 14 Plugin Adobe Reader X (10.1.9) - Nederlands Adobe Shockwave Player 11.6 Alcor Micro Smart Card Reader Driver Apple Application Support Apple Mobile Device Support Apple Software Update BlueStacks App Player BlueStacks Notification Center Bonjour Broadcom 2070 Bluetooth 3.0 Broadcom 802.11 Wireless LAN Adapter Broadcom Wireless Utility Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module D3DX10 Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition Dropbox GetDataBack for NTFS Google Chrome Google Update Helper HP 3D DriveGuard HP HotKey Support HP QuickWeb HP Webcam Driver iCloud IDT Audio Intel(R) Management Engine Components Intel(R) Network Connections Drivers Intel(R) Processor Graphics Intel(R) Rapid Storage Technology iTunes Java 7 Update 51 Java Auto Updater JMicron 1394 Filter Driver JMicron Flash Media Controller Driver LSI HDA Modem Malwarebytes Anti-Malware versie 2.0.2.1012 McAfee Security Scan Plus Microsoft .NET Framework 4.5.1 Microsoft Access MUI (Dutch) 2013 Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 365 ProPlus - nl-nl Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Word MUI (Dutch) 2013 Movie Maker MSVCRT MSVCRT110 NimoFilm Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais PC_Booster Photo Common Photo Gallery priceaceHop QuickTime Recuva Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition SMART Common Platform SMART Dutch Language Pack SMART Notebook SMART Product Drivers SMART Product Update Spotify swMSM Synaptics Pointing Device Driver TeamViewer 8 Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition Validity Fingerprint Sensor Driver VLC media player 2.0.1 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinPcap 4.1.3 Wireshark 1.10.3 (32-bit) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\IDT\WDM\STacSV.exe C:\Windows\system32\Hpservice.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\vcsFPService.exe C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\aestsrv.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\BlueStacks\HD-LogRotatorService.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Windows\system32\taskhost.exe C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\SMART Technologies\Education Software\Aware.exe C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\spotify.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft Office 15\root\office15\lync.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Program Files\SMART Technologies\Education Software\Marker.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\TeamViewer\Version8\tv_w32.exe C:\Users\OpenWindows\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wuauclt.exe C:\Users\OpenWindows\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k swprv ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732}] ==== Deleting Files \ Folders ====================== C:\Program Files\priceaceHop deleted C:\ProgramData\priceaceHop deleted C:\Users\OpenWindows\AppData\LocalLow\{B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} deleted C:\Users\OpenWindows\AppData\LocalLow\{C90E3813-9894-A76D-D8EE-49A5E2B6B581} deleted C:\Program Files\Adblocker deleted C:\Program Files\Mozilla Firefox\user.js deleted C:\user.js deleted C:\Users\OpenWindows\AppData\Roaming\Babylon deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted "C:\PROGRA~2\86104034b6724e80\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140819211653" deleted "C:\PROGRA~2\86104034b6724e80\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140819211702" deleted "C:\PROGRA~2\86104034b6724e80\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140819211626" deleted "C:\PROGRA~2\86104034b6724e80\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140819211642" deleted "C:\PROGRA~2\86104034b6724e80" deleted ==== System Specs ====================== Windows: Windows 7 Enterprise Edition Service Pack 1 (Build 7601) Memory (RAM): 3015 MB CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz CPU Speed: 2494,4 MHz Sound Card: Luidsprekers / HP (2- IDT High | Communicatie koptelefoons (2- I | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Intel(R) Centrino(R) Advanced-N 6205 #2 | Intel(R) 82579V Gigabit Network Connection CD / DVD Drives: 1x (D: | ) D: hp DVDRAM GT50N Ports: COM1 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 189,7GB | E: 102,9GB | F: 5,2GB Hard Disks - Free: C: 128,5GB | E: 102,8GB | F: 2,3GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 09/14/11 | HPQOEM - f Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 1619 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Google Chrome 36.0.1985.143 Internet Explorer Version: 11.0.9600.17239 Google Chrome version: 36.0.1985.143 Adobe Reader version: 10.1.9.22 Sun Java version: 1.7.0_51 (32-bit) Flash Player version: 14.0.0.145 Shockwave Player version: 11.6.3r633 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\OPENWI~1\AppData\Local\Temp ==== 2014-08-27 11:37:02 2CB9E77DBE264277AA11E296DCD204A9 43008 ----a-w- C:\Users\OpenWindows\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9djfvz.dll 2014-08-19 19:16:55 2F4F672915E7840931225A5489D7CE6B 1199104 ---ha-w- C:\Users\OpenWindows\AppData\Local\Temp\s17o\temp\setupbc.exe 2014-08-19 19:16:43 4D1B4FF1A2D9B5A0BBCCC9388BC118DC 2352128 ---ha-w- C:\Users\OpenWindows\AppData\Local\Temp\s17o\temp\setupytb.exe 2014-08-19 19:16:27 2C5D6F1D8B7459138F989A2F91908553 2317312 ---ha-w- C:\Users\OpenWindows\AppData\Local\Temp\s17o\temp\extIE_setup.exe 2014-08-19 19:16:12 73E9C0F9470424630261E81032D33E72 1233920 ---ha-w- C:\Users\OpenWindows\AppData\Local\Temp\s17o\temp\setupespl.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-08-24 20:23:23 459E257F8915D44B23ACB46211FD45D0 45536 ----a-w- C:\Windows\System32\wups2.dll 2014-08-24 20:23:23 072678E0D68E9C3A7960328671134C7B 54240 ----a-w- C:\Windows\System32\wuauclt.exe 2014-08-24 20:23:22 EC6E2DB67695966DF22CF5EBEFC1D305 2425856 ----a-w- C:\Windows\System32\wucltux.dll 2014-08-24 20:23:22 D9B0134913E5EF007AF82A418C503322 1973728 ----a-w- C:\Windows\System32\wuaueng.dll 2014-08-24 20:23:11 867148EBF47E7E7E7B21C07B4A981929 581600 ----a-w- C:\Windows\System32\wuapi.dll 2014-08-24 20:23:11 372218B80DEF827063049EBEE76B7501 92672 ----a-w- C:\Windows\System32\wudriver.dll 2014-08-24 20:23:11 255F0417EC31C71585824269522EC8E9 36320 ----a-w- C:\Windows\System32\wups.dll 2014-08-24 20:23:05 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\Windows\System32\wuwebv.dll 2014-08-24 20:23:04 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\System32\wuapp.exe 2014-08-19 07:35:47 AF6655214DEBB2C8446DE843A02AAEBA 99480 ----a-w- C:\Windows\System32\infocardapi.dll 2014-08-19 07:35:43 370FC4421ADE62FC89AC93B345570388 8856 ----a-w- C:\Windows\System32\icardres.dll 2014-08-19 07:35:33 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\System32\icardagt.exe 2014-08-19 07:35:27 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2014-08-14 20:36:39 C9059EF0C94C55C0DA9CACEE160A5F66 654336 ----a-w- C:\Windows\System32\rpcrt4.dll 2014-08-14 20:36:38 5860EE5C807CB3866551B845123493C6 107520 ----a-w- C:\Windows\System32\cdd.dll 2014-08-14 20:36:37 41A3A54603686FD437FA4E8EB95025F9 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-08-14 20:36:36 FEE3E022B00A5165ED645E38C1E6C776 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-08-14 20:36:36 7B051C4A70F23A84A09366999FE63CBD 307384 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-08-14 20:36:36 6D017C0E499443ACDE3D9B5DCD753F32 1169920 ----a-w- C:\Windows\System32\urlmon.dll 2014-08-14 20:36:36 478824EC0BCE9968C0DC787164B1753B 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-08-14 20:36:36 3BB3D5D1CACD68BE8F7A16CCB3AADA93 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-08-14 20:36:36 36B67392AFB8901CC442EA988AD4603D 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-08-14 20:36:36 004DFEA0B7AE3F8F438CD2D8C643DAEE 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-08-14 20:36:35 E9B28B60C0272E2E1E462E6FB38E6B55 367104 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-08-14 20:36:35 E8D46F442AB53A52BDBB3EA0C51BDABD 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-08-14 20:36:35 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-08-14 20:36:35 1A05CFA45B6AEBFCCC835DCF68CBD1D0 526336 ----a-w- C:\Windows\System32\msfeeds.dll 2014-08-14 20:36:34 E70C00791A18866BB23B3A652E3390A0 2001920 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-08-14 20:36:34 D7D412D3436CFB85B383CDD3C9B455F0 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-08-14 20:36:34 B91AA3BC8083E66925FAE29FDA485CEA 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-08-14 20:36:34 7EFBB7A3C664A8DF93C9937DF76760A4 663040 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-08-14 20:36:34 4D0E91438CE181AF94C653B3BBE3C65A 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-08-14 20:36:33 9D16B568E318F49535AD72539C9997C2 455168 ----a-w- C:\Windows\System32\vbscript.dll 2014-08-14 20:36:33 18A3154606E3F8945956948A4E708007 704512 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-08-14 20:36:32 B945BAA81B4805AD6BDDF4D026DCFB47 1792512 ----a-w- C:\Windows\System32\wininet.dll 2014-08-14 20:36:29 F48A1A114382AB4EF8000E1943E6CF1F 438784 ----a-w- C:\Windows\System32\ieui.dll 2014-08-14 20:36:29 239575F9EA0D227516843EEE8B7342CA 239616 ----a-w- C:\Windows\System32\dxtrans.dll 2014-08-14 20:36:28 90FF511B751A0327D07C4073760F1578 11772928 ----a-w- C:\Windows\System32\ieframe.dll 2014-08-14 20:36:27 FF4A917DD7C387BD2715A5F67307FED1 2184704 ----a-w- C:\Windows\System32\iertutil.dll 2014-08-14 20:36:27 49FFD37673BD20279A8BF27CC20040B3 1068032 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-08-14 20:36:27 444EB30B1610A35FC99D62A91B2BCAA7 69632 ----a-w- C:\Windows\System32\mshtmled.dll 2014-08-14 20:36:27 272420427EB96EA052C719AA796C09F2 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-08-14 20:36:25 7C1BFC2ABE297BCA1A7BA77A8292C088 4204032 ----a-w- C:\Windows\System32\jscript9.dll 2014-08-14 20:36:25 24FA5F74D3B4BA62539DF87285BA934E 597504 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-08-14 20:36:24 8453DDF167CE2986AA4AB04BC6824925 17524224 ----a-w- C:\Windows\System32\mshtml.dll 2014-08-14 20:36:01 D08819FEE0CDB8A8A58E2B34D05E7A11 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-08-14 20:35:57 C212A43AA83A717AD38505F23ACDCB33 2363392 ----a-w- C:\Windows\System32\msi.dll 2014-08-14 20:35:57 43CD23B65CBF04D6F8ACA984B0EF93FE 1805824 ----a-w- C:\Windows\System32\authui.dll 2014-08-14 20:35:56 CADC4CFE957C24984FFA718AB7E4EF3C 101824 ----a-w- C:\Windows\System32\consent.exe 2014-08-14 20:35:56 9DA1CCDBBF8136AC2383C2624CA8CD14 337408 ----a-w- C:\Windows\System32\msihnd.dll 2014-08-14 20:35:54 386BF6FD9FC562B1A5558C49E1C3A6FB 12874240 ----a-w- C:\Windows\System32\shell32.dll ====== C:\Windows\system32\drivers ===== 2014-08-25 09:13:13 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-08-25 09:12:53 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-08-25 09:12:53 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-08-25 09:12:53 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-08-14 20:36:39 3583A5A8CC2E682BFFBD4630D0FEC08B 730048 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-08-14 20:36:39 0EC652D17AB4607745FB4E6958E8FAB6 219072 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys ====== C:\Windows\Tasks ====== 2014-08-19 19:20:26 B9080348400ED35C8DA20821EE5F9E5A 5098 ----a-w- C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for OpenWindows-PC-OpenWindows OpenWindows-PC ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-08-27 17:41:38 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\OpenWindows\AppData\Roaming ====== 2014-08-19 19:16:25 -------- d-----w- C:\Users\OpenWindows\AppData\Local\Torch 2014-08-19 19:16:25 -------- d-----w- C:\Users\OpenWindows\AppData\Local\Chromatic Browser 2014-08-19 19:16:25 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-08-19 19:16:25 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-08-19 19:16:25 -------- d-----w- C:\Users\Gast\AppData\Local\Torch 2014-08-19 19:16:25 -------- d-----w- C:\Users\Gast\AppData\Local\Chromatic Browser 2014-08-19 19:16:25 -------- d-----w- C:\Users\extra\AppData\Local\Torch 2014-08-19 19:16:25 -------- d-----w- C:\Users\extra\AppData\Local\Chromatic Browser 2014-08-19 19:16:25 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch 2014-08-19 19:16:25 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-08-19 19:16:24 -------- d-----w- C:\Users\OpenWindows\AppData\Local\Comodo 2014-08-19 19:16:24 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google 2014-08-19 19:16:24 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-08-19 19:16:24 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-08-19 19:16:24 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-08-19 19:16:24 -------- d-----w- C:\Users\extra\AppData\Local\Google 2014-08-19 19:16:24 -------- d-----w- C:\Users\extra\AppData\Local\Comodo 2014-08-19 19:16:24 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-08-19 19:16:23 -------- d-----w- C:\Users\Administrator\AppData\Local\Google ====== C:\Users\OpenWindows ====== 2014-08-27 17:40:51 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\OpenWindows\Downloads\RSIT.exe 2014-08-25 09:11:46 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\OpenWindows\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-19 19:16:27 6471C52810B8A50B8C7897FBE5F0E2D1 398 --sha-r- C:\ProgramData\ntuser.pol 2014-08-19 19:16:24 -------- d-----w- C:\Users\HomeGroupUser$\AppData 2014-08-19 19:16:24 -------- d-----w- C:\Users\Gast\AppData 2014-08-19 19:16:23 -------- d-----w- C:\Users\Administrator\AppData ====== C: exe-files == 2014-08-28 16:26:46 933AEEACCB30766C8B373D1FA4323DED 35634896 ----a-w- C:\Users\OpenWindows\AppData\Roaming\Spotify\Spotify_new.exe 2014-08-27 17:41:39 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\OpenWindows.exe 2014-08-27 17:40:51 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\OpenWindows\Downloads\RSIT.exe 2014-08-27 14:49:49 A5BEFFA0AF16E48CDD5CDE6B74A796FB 11267408 ----a-w- C:\Users\OpenWindows\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GSSLNJCX\mseinstall.exe 2014-08-27 14:46:36 F5A156B789DF3A69F921C2D5E4E46D85 112287488 ----a-w- C:\Users\OpenWindows\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MF9DEU2N\msert.exe 2014-08-25 09:11:46 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\OpenWindows\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-24 20:23:23 072678E0D68E9C3A7960328671134C7B 54240 ----a-w- C:\Windows\System32\wuauclt.exe 2014-08-24 20:23:04 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\System32\wuapp.exe === C: other files == 2014-08-25 09:13:13 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-08-25 09:12:53 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-08-25 09:12:53 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-08-25 09:12:53 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-509793778-43246264-1051348300-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Unified Remote v2"="C:\Program Files\Unified Remote\RemoteServer.exe" "iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "Spotify"="C:\Users\OpenWindows\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Lync"="C:\Program Files\Microsoft Office 15\root\office15\lync.exe /fromrunkey" "GoogleChromeAutoLaunch_FEB39095124CC424563DDD4941CB0C2E"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-509793778-43246264-1051348300-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe -update activex" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe" "QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "SMART Board Service"="C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" "SMART Board Tools"="C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe" "HPQuickWebProxy"="C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "BlueStacks Agent"="C:\Program Files\BlueStacks\HD-Agent.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Unified Remote v2"="C:\Program Files\Unified Remote\RemoteServer.exe" "iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "Spotify"="C:\Users\OpenWindows\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Lync"="C:\Program Files\Microsoft Office 15\root\office15\lync.exe /fromrunkey" "GoogleChromeAutoLaunch_FEB39095124CC424563DDD4941CB0C2E"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe -update activex" ==== Startup Folders ====================== 2013-01-31 14:10:57 1061 ----a-w- C:\Users\OpenWindows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-05-12 09:11:16 1154 ----a-w- C:\Users\OpenWindows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Apple Diagnostics" [C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] prICeochop - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Administrator\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Administrator\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - extra\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - extra\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - extra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - extra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - extra\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - extra\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - extra\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - extra\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - Gast\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - Gast\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - OpenWindows\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - OpenWindows\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - OpenWindows\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - OpenWindows\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc Angry Birds - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Google Docs - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf prICeochop - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Cut the Rope - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo Flash Save - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc Google Wallet - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia prICeochop - OpenWindows\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - OpenWindows\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc prICeochop - OpenWindows\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc Flash Save - OpenWindows\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc ==== Chrome Fix ====================== C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\extra\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\extra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\extra\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\extra\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\OpenWindows\AppData\Local\Chromatic Browser\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\OpenWindows\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\OpenWindows\AppData\Local\Torch\User Data\Default\Extensions\flcdkbhphkhaachpmicopidcmnncfelc deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\extra\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\extra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\extra\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\extra\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\OpenWindows\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\OpenWindows\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\OpenWindows\AppData\Local\Torch\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lpleipinonnoibneeejgjnoeekmbopbc_0.localstorage deleted successfully C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lpleipinonnoibneeejgjnoeekmbopbc_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\S-493389286 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43} deleted successfully ==== HijackThis Entries ====================== O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {B0A27B68-5C4A-724D-8A15-B2FBCD3B2732} - (no file) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe" O4 - HKLM\..\Run: [SMART Board Tools] "C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe" O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [Unified Remote v2] C:\Program Files\Unified Remote\RemoteServer.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [Spotify] "C:\Users\OpenWindows\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\OpenWindows\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FEB39095124CC424563DDD4941CB0C2E] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = OpenWindows\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE ==== Empty IE Cache ====================== C:\Users\extra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\OpenWindows\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\OpenWindows\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\OpenWindows\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\OpenWindows\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GSSLNJCX will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\OpenWindows\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=277 folders=108 9053284 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\extra\AppData\Local\Temp emptied successfully C:\Users\OpenWindows\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\OPENWI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\OpenWindows\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GSSLNJCX" deleted ==== EOF on do 28-08-2014 at 18:54:59,16 ======================