Zoek.exe v5.0.0.0 Updated 20-September-2014 Tool run by Vlasman on di 30-09-2014 at 15:13:52.35. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Vlasman\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-09-30-103759.log 1407 bytes C:\zoek-results2014-09-30-112914.log 381 bytes C:\zoek-results2014-09-30-120252.log 446 bytes C:\zoek-results2014-09-30-121258.log 504 bytes C:\zoek-results2014-09-30-122439.log 542 bytes C:\zoek-results2014-09-30-130308.log 583 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3606609435-1336123501-1718763158-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{2b0cf91e-63d5-4474-9229-134d0b96fb28} deleted successfully ==== Installed Programs ====================== 64 Bit HP CIO Components Installer Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 ABBYY FineReader 9.0 Sprint Adobe Digital Editions Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader X (10.1.12) - Nederlands AIMP3 avast Free Antivirus CCleaner ConvertXtoDVD 4.0.9.322 DirPrinting Download Navigator Dropbox Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON Scan EPSON XP-402 403 405 406 Series Printer Uninstall EpsonNet Print FormatFactory 3.0.1 Google Chrome Google Update Helper HD Tune 2.55 HPDiagnosticAlert ICY Thermostat Assistant v2.0 JavaFX 2.1.1 Medion GoPal Assistant 4.00.0003 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Office Klik-en-Klaar 2010 Microsoft Office Starter 2010 - Nederlands Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mp3 Editor For Free v6.2.1 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Paragon Backup & RecoveryT 2013 Free Philips Media Converter Picasa 3 SAMSUNG PC Share Manager Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Shared C Run-time for x64 SkypeT 6.11 Speccy TeamViewer 9 TP-LINK 300Mbps Wireless USB Adapter Stuurprogramma TP-LINK Draadloos configuratie hulpprogramma VC80CRTRedist - 8.0.50727.6195 VLC media player Windows-stuurprogrammapakket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) Windows Mobile Apparaatcentrum Windows Mobile Device Center Driver Update Winmx Community 1 WinRAR 5.01 (64-bit) ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\HD Tune\HDTune.exe C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Users\Vlasman\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe ==== System Specs ====================== Operating System: Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 64-bits Manufacturer: Acer - Model: Aspire X3812 Install Date: 26-8-2011 9:33:33 Last Boot: 30-9-2014 15:08:45 Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 4095 MB (free 2810 MB - 68) Computername: CPU-PC Domain: WORKGROUP User: Vlasman (Administrator account) Local Disk: C:\ - NTFS - 244 GB (free 188 GB) Local Disk: D:\ - NTFS - 198 GB (free 105 GB) Local Disk: E:\ - NTFS - 931 GB (free 217 GB) Local Disk: F:\ - NTFS - 488 GB (free 487 GB) CD \ DVD Drive: G:\ Removable Disk: I:\ - - GB (free GB) Removable Disk: J:\ - - GB (free GB) Local Disk: Q:\ - - GB (free GB) Bootdevice: \Device\HarddiskVolume1 Windows update: Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 37.0.2062.124 Internet Explorer Version: 11.0.9600.17280 Google Chrome version: 37.0.2062.124 Adobe Reader version: 10.1.12.15 Flash Player version: 15.0.0.152 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-09-12 20:27:37 BA3AFC9419A11D6C28E80ECD524F0380 308 ----a-w- C:\Windows\setup.iss 2014-09-12 16:11:47 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr 2014-09-12 14:10:17 221273069A1688D37FA5AF5E9F81B81C 390332098 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Vlasman\AppData\Local\Temp ==== 2014-09-24 10:10:38 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Vlasman\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd6onip.dll 2014-09-23 13:04:09 8F5320DA386DC457D4C5684DEF1842C7 602208 ----a-w- C:\Users\Vlasman\AppData\Local\Temp\{13306C69-A360-4D90-B737-8DF0B9552336}\setup.exe 2014-09-23 13:04:09 7DE8F5E642F0651337ADCAE78C8CF408 5383122 ----a-w- C:\Users\Vlasman\AppData\Local\Temp\{13306C69-A360-4D90-B737-8DF0B9552336}\ISSetup.dll 2014-09-23 13:02:56 24BCAF1BBB1F29E0245416B5D2873E46 5777584 ----a-w- C:\Users\Vlasman\AppData\Local\Temp\optprosetup.exe 2014-09-23 09:14:15 2701B76FD4D3163E20B75A613198AC84 5077425 ----a-w- C:\Users\Vlasman\AppData\Local\Temp\n1136\FLVMPlayerSetup-c45490cb.exe 2014-09-23 09:13:43 DE5C4ED5BA45ABADBCC0861912FE89A1 351280 ----atw- C:\Users\Vlasman\AppData\Local\Temp\n1136\s1136.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-09-24 00:34:38 C263F3E7E0523556964D661BC7CB9565 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-09-24 00:34:39 A8A87343CAE432677D82C0BCC753D905 2048 ----a-w- C:\Windows\Sysnative\tzres.dll ====== C:\Windows\Sysnative\drivers ===== 2014-09-12 17:53:19 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2014-09-12 17:53:19 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-09-12 17:53:19 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-09-12 17:52:31 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-09-12 17:52:31 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-09-12 17:52:30 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-09-12 17:52:03 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2014-09-12 17:51:38 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys 2014-09-12 17:51:38 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys 2014-09-12 17:51:36 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2014-09-12 17:51:36 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2014-09-12 17:51:36 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2014-09-12 17:51:36 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys 2014-09-12 17:51:12 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2014-09-12 17:51:10 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2014-09-12 17:51:03 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2014-09-12 17:51:01 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2014-09-12 17:51:01 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2014-09-12 17:51:01 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-09-12 17:51:01 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-09-12 17:51:01 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2014-09-12 17:51:01 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2014-09-12 17:51:01 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2014-09-12 17:50:57 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2014-09-12 17:50:55 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2014-09-12 17:50:21 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2014-09-12 17:50:21 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-09-12 17:50:20 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-09-12 17:50:06 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-09-12 16:11:58 48DED912CDE54FC0923B9858512366E1 92008 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2014-09-12 16:11:57 B8FDEDE963B82CFD23B3A53A3084666D 1041168 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2014-09-12 16:11:57 471A311745848B80339436688A8286E6 224896 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2014-09-12 16:11:56 0DEDC041DF594AEC2C3BD00417CFAF60 427360 ----a-w- C:\Windows\Sysnative\drivers\aswsp.sys 2014-09-12 16:11:55 FF1E537A3632CBB9A0BF72B9FD0878D5 79184 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2014-09-12 16:11:55 645D97385F3F284FB5604F9B970F4D24 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2014-09-12 16:11:54 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2014-09-12 16:11:54 A5757DE5F9C83AB40667A53D5126EA40 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2014-09-12 16:08:30 7461D3DA1AABB5F703504E958455A900 926824 ----a-w- C:\Windows\Sysnative\drivers\RTL8192cu.sys ====== C:\Windows\Tasks ====== 2014-09-27 08:40:52 9595251083C7808D9228B829D414A19D 3164 ----a-w- C:\Windows\Sysnative\Tasks\{A0C15BCA-E2C2-4970-96EC-EDA62EFD57C2} 2014-09-25 06:43:12 F82D33D0AFD63B208537A58B3BF2FB2B 3192 ----a-w- C:\Windows\Sysnative\Tasks\{80E138AB-BE2A-4FD8-8C67-1D78F19C98BE} 2014-09-12 16:20:41 740A1707D775B778A97BE6B4BC0D39D3 4054 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-09-12 16:20:41 28F8F34130AC617A672B330B5236B236 1058 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-12 16:20:39 29C17092DCE197A5E159ECCAAD13F201 3802 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-09-12 16:20:39 09BCA656EA9328E19AF8A821654F496F 1054 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-12 16:12:07 C5B72A6F80AC7FE8C9035555D8161D42 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-26 06:49:55 -------- d-----w- C:\Program Files\Speccy 2014-09-12 20:35:16 -------- d-----w- C:\Program Files\Common Files\EPSON 2014-09-12 20:26:05 -------- d-----w- C:\Program Files\EpsonNet ======= C:\PROGRA~2 ===== 2014-09-27 14:52:20 -------- d-----w- C:\PROGRA~2\trend micro 2014-09-26 08:13:13 -------- d-----w- C:\PROGRA~2\HD Tune 2014-09-24 06:05:14 -------- d-----w- C:\PROGRA~2\Doublekiller 2014-09-23 22:13:10 -------- d-----w- C:\PROGRA~2\Picasa3 2014-09-23 14:05:17 -------- d-----w- C:\PROGRA~2\Winmx 2014-09-23 13:34:48 -------- d-----w- C:\PROGRA~2\Samsung 2014-09-17 07:57:06 -------- d-----w- C:\PROGRA~2\AIMP3 2014-09-12 20:30:59 -------- d-----w- C:\PROGRA~2\ABBYY FineReader 9.0 Sprint 2014-09-12 20:30:58 -------- d-----w- C:\PROGRA~2\COMMON~1\ABBYY 2014-09-12 20:25:58 -------- d-----w- C:\PROGRA~2\EPSON Software 2014-09-12 20:24:16 -------- d-----w- C:\PROGRA~2\epson 2014-09-12 18:44:36 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-09-12 16:08:58 -------- d-----w- C:\PROGRA~2\TP-LINK ======= C: ===== 2014-09-12 15:28:23 7992813F117268E98F0F2288BD6D57D4 105 ----a-w- C:\prefs.js ====== C:\Users\Vlasman\AppData\Roaming ====== 2014-09-23 13:02:57 -------- d-----w- C:\Users\Vlasman\AppData\Local\Programs 2014-09-22 10:34:03 -------- dc----w- C:\Users\Vlasman\AppData\Local\MigWiz 2014-09-17 07:57:11 -------- d-----w- C:\Users\Vlasman\AppData\Roaming\AIMP3 2014-09-12 20:40:18 -------- d-----w- C:\Users\Vlasman\AppData\Roaming\Epson 2014-09-12 20:32:50 -------- d-----w- C:\Users\Vlasman\AppData\Local\ABBYY 2014-09-12 20:25:58 -------- d-----w- C:\Users\Vlasman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software 2014-09-12 16:09:15 -------- d-----w- C:\Users\Vlasman\AppData\Roaming\TP-LINK ====== C:\Users\Vlasman ====== 2014-09-29 14:33:03 811C465382DEACF3F531A89257D2BC6C 3543011 ----a-w- C:\Users\Vlasman\Downloads\Driver_Mechanic.exe 2014-09-27 14:51:27 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Vlasman\Desktop\RSIT.exe 2014-09-26 08:13:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2014-09-26 06:49:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-09-26 06:47:09 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\Vlasman\Downloads\rcsetup151.exe 2014-09-26 06:46:40 5028642A01C7D6EA50AA4BD5276819F4 4362512 ----a-w- C:\Users\Vlasman\Downloads\dfsetup218.exe 2014-09-26 06:37:34 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Vlasman\Downloads\spsetup126 (1).exe 2014-09-24 10:17:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-09-24 10:15:28 F8A9C43301FCA5EEDC9C882372DE34BD 7771936 ----a-w- C:\Users\Vlasman\Downloads\aimp_3.55.1355.exe 2014-09-24 10:07:55 602B8CB3503CA1FA3D3963C3727752CB 323672 ----a-w- C:\Users\Vlasman\Downloads\DropboxInstaller.exe 2014-09-23 14:04:41 D25121C3BB19568B1CBD94920E43872B 1327781 ----a-w- C:\Users\Vlasman\Downloads\Winmx 3.54.exe 2014-09-23 13:35:29 -------- d-----w- C:\ProgramData\374311380 2014-09-23 13:34:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG 2014-09-23 13:00:55 B8AFC80F60308A334B79672B3994962A 767952 ----a-w- C:\Users\Vlasman\Downloads\setup (1).exe 2014-09-23 12:59:43 063A42C7FE0A1B6613290F6FC6ABC60E 55087601 ----a-w- C:\Users\Vlasman\Downloads\setup.exe 2014-09-23 09:13:12 474D59C8BB2C470A1194A2E1502FACD4 550960 ----a-w- C:\Users\Vlasman\Downloads\Double Driver.exe 2014-09-23 08:11:43 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Vlasman\Downloads\spsetup126.exe 2014-09-23 08:09:12 EBDC91A720D2EA0B898024F65AAD0902 768368 ----a-w- C:\Users\Vlasman\Downloads\SetupImgBurn_2.5.8.0_inst.exe 2014-09-23 07:47:17 DB5EF28D8AEAAFDDB7F1F8A9FD02E59E 564632 ----a-w- C:\Users\Vlasman\Downloads\HDScrub34.exe 2014-09-23 07:21:57 729CDAB7188F18358F6610BEC517EF04 6958304 ----a-w- C:\Users\Vlasman\Downloads\Silverlight.exe 2014-09-23 07:12:31 9080F0F8BBE82C411B3B487C7721A9DC 768368 ----a-w- C:\Users\Vlasman\Downloads\MediaMonkey_4.1.4.1709_inst.exe 2014-09-23 07:09:23 979A0D9F8558C38DCAA15411DA446838 35169200 ----a-w- C:\Users\Vlasman\Downloads\vsoConvertXtoDVD5_setup.exe 2014-09-23 06:58:15 1B0F651B4C3DC9EAF7E7F68C3285254B 768368 ----a-w- C:\Users\Vlasman\Downloads\FFSetup3.3.5.0_inst.exe 2014-09-22 23:39:18 69C3CB5C4AABA90D33618EF1B114DA0D 2129568 ----a-w- C:\Users\Vlasman\Downloads\TA_setup_23.exe 2014-09-22 23:22:33 B3D8898A091D67CF9AB013433899A16A 768368 ----a-w- C:\Users\Vlasman\Downloads\ADVANCED_Codecs_v476_inst.exe 2014-09-22 23:21:30 BE6E7AEC2AA808300C6065B3C7038B1E 75904920 ----a-w- C:\Users\Vlasman\Downloads\AdbeRdr11009_en_US.exe 2014-09-22 23:20:36 251847986BB7118967A8C7EC5A7A53DD 768368 ----a-w- C:\Users\Vlasman\Downloads\vlc-2.1.5-win64_inst.exe 2014-09-22 23:18:49 27D9039FC25B4418755AC54E0E09FA32 91906368 ----a-w- C:\Users\Vlasman\Downloads\avast_free_antivirus_setup.exe 2014-09-22 23:17:19 A1FF165D0E07C411F42EBA54B3768757 38825784 ----a-w- C:\Users\Vlasman\Downloads\Kies3Setup.exe 2014-09-22 23:16:31 5A416D83F6BF8BA68B409A9A69FB96C5 17385800 ----a-w- C:\Users\Vlasman\Downloads\picasa39-setup.exe 2014-09-22 23:16:19 09CAFBF6C56237C384F8D38782A7C3B1 768368 ----a-w- C:\Users\Vlasman\Downloads\aimp_3.55.1355_inst.exe 2014-09-22 23:15:48 F0201746A6262629A401D7B19A7F6BD1 1678440 ----a-w- C:\Users\Vlasman\Downloads\SkypeSetup.exe 2014-09-22 23:15:10 A8E7D31F2834BF734B72FB1C10CAECCD 768368 ----a-w- C:\Users\Vlasman\Downloads\winrar-x64-511_inst.exe 2014-09-22 23:14:07 9EDC2D6D90F6E07A0B9C53FA9E0C4BDE 768368 ----a-w- C:\Users\Vlasman\Downloads\Paragon-281-FRE_WinInstall_10.1.21.638_000_inst.exe 2014-09-22 23:13:41 E078969E921BB09F44E56D60E80F964C 41377280 ----a-w- C:\Users\Vlasman\Downloads\Dropbox 2.10.30.exe 2014-09-16 13:59:21 -------- d-----w- C:\ProgramData\restore 2014-09-15 19:25:18 -------- d-----w- C:\ProgramData\managecapsule 2014-09-14 11:58:12 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-09-12 20:32:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint 2014-09-12 20:30:58 -------- d-----w- C:\ProgramData\ABBYY 2014-09-12 20:28:36 -------- d-----w- C:\ProgramData\UDL 2014-09-12 20:27:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software 2014-09-12 20:24:35 -------- d-----w- C:\ProgramData\EPSON 2014-09-12 20:24:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-09-12 16:21:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-09-12 16:12:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-12 16:08:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2014-09-12 16:07:01 -------- d-----w- C:\ProgramData\TP-LINK ====== C: exe-files == 2014-09-29 14:33:03 811C465382DEACF3F531A89257D2BC6C 3543011 ----a-w- C:\Users\Vlasman\Downloads\Driver_Mechanic.exe 2014-09-27 14:52:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Vlasman.exe 2014-09-27 14:51:27 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Vlasman\Desktop\RSIT.exe 2014-09-26 08:13:13 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 ----a-w- C:\Program Files (x86)\HD Tune\HDTune.exe 2014-09-26 08:13:13 CEFC20D14D9940D53505E9B9769139E7 682266 ----a-w- C:\Program Files (x86)\HD Tune\unins000.exe 2014-09-26 06:47:09 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\Vlasman\Downloads\rcsetup151.exe 2014-09-26 06:46:40 5028642A01C7D6EA50AA4BD5276819F4 4362512 ----a-w- C:\Users\Vlasman\Downloads\dfsetup218.exe 2014-09-26 06:37:34 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Vlasman\Downloads\spsetup126 (1).exe 2014-09-25 06:25:53 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe 2014-09-25 06:15:40 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\Vlasman\Downloads\HDTune\hdtune_255.exe 2014-09-25 06:11:30 3A0B51F010F3F42E6A9C5FA2D132AB2C 42592 ----a-w- C:\Users\Vlasman\Downloads\AppCrashView\AppCrashView.exe 2014-09-25 06:09:42 4AF70993B562E3E85CB40843F8F26EE1 128608 ----a-w- C:\Users\Vlasman\Downloads\WhatIsHang\WhatIsHang.exe 2014-09-25 06:06:02 3D0A4451B7200BA892B443C089BDAE55 287840 ----a-w- C:\Users\Vlasman\Downloads\WinCrashReport\WinCrashReport.exe 2014-09-25 06:00:53 B0374EF227F086A483324E350787E8A3 146528 ----a-w- C:\Users\Vlasman\Downloads\BlueScreenView\BlueScreenView.exe 2014-09-24 10:16:46 E1360E960D926D43AAD47AE2FC6970BA 2905914 ----a-w- C:\Program Files (x86)\AIMP3\Uninstall.exe 2014-09-24 10:16:43 A23E9BF946E39CA9D408F32172EEECA2 354304 ----a-w- C:\Program Files (x86)\AIMP3\Modules\opusenc.exe 2014-09-24 10:16:43 6B4FAFDE326A58EA6AB780478D28A44E 258560 ----a-w- C:\Program Files (x86)\AIMP3\Modules\mpcenc.exe 2014-09-24 10:16:37 33FB4C73FA9629DD44ECF8C8924C82F6 751560 ----a-w- C:\Program Files (x86)\AIMP3\AIMP3lib.exe 2014-09-24 10:16:37 2A5C5244BFD7A9CAFDB7473928926306 447944 ----a-w- C:\Program Files (x86)\AIMP3\AIMP3ate.exe 2014-09-24 10:16:36 86755D3AD428FD24A19239914139F7DD 537032 ----a-w- C:\Program Files (x86)\AIMP3\AIMP3ac.exe 2014-09-24 10:16:35 8032EE41504B1EE95D277CE0EDD977B6 1703880 ----a-w- C:\Program Files (x86)\AIMP3\AIMP3.exe 2014-09-24 10:15:28 F8A9C43301FCA5EEDC9C882372DE34BD 7771936 ----a-w- C:\Users\Vlasman\Downloads\aimp_3.55.1355.exe 2014-09-24 10:09:17 872983DCEC59DA427A84FC283948BF68 39143064 ----a-w- C:\Users\Vlasman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V8CQVCXN\Dropbox%202.10.30data[1].exe 2014-09-24 10:07:55 602B8CB3503CA1FA3D3963C3727752CB 323672 ----a-w- C:\Users\Vlasman\Downloads\DropboxInstaller.exe 2014-09-24 06:04:39 9F0C5B2E3E174F9880D99B00545FA23A 812544 ----a-w- C:\Program Files (x86)\Doublekiller\DoubleKiller.exe 2014-09-24 00:34:39 916CEC665A9879DEB15BBDD943B7350B 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2014-09-23 22:13:39 5A416D83F6BF8BA68B409A9A69FB96C5 17385800 ---ha-w- C:\Program Files (x86)\Picasa3\setup.exe 2014-09-23 22:13:19 6DE5B13C5BFCD14DFA33BF5CBB73FEE2 171419 ----a-w- C:\Program Files (x86)\Picasa3\Uninstall.exe 2014-09-23 14:04:41 D25121C3BB19568B1CBD94920E43872B 1327781 ----a-w- C:\Users\Vlasman\Downloads\Winmx 3.54.exe 2014-09-23 13:34:51 88FB04B7833D7E889F9375734BBDE939 987744 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}\setup.exe === C: other files == 2014-09-25 06:11:35 2A7F0B64123EB458BAC77AD0EA33D8E5 995 ----a-w- C:\Users\Vlasman\Downloads\appcrashview_dutch.zip 2014-09-25 06:10:59 1BF0B1B9FA55BFE29A800EC7A2B515DE 46644 ----a-w- C:\Users\Vlasman\Downloads\appcrashview.zip 2014-09-25 06:09:45 1D58FA1661C5587BD77C6432E36ADE71 1571 ----a-w- C:\Users\Vlasman\Downloads\whatishang_dutch.zip 2014-09-25 06:09:14 8448378B8E9BF701C062A354995A6F5A 75657 ----a-w- C:\Users\Vlasman\Downloads\whatishang-x64.zip 2014-09-25 06:06:06 4429E7002A1A2EA889E00635046B9262 1886 ----a-w- C:\Users\Vlasman\Downloads\wincrashreport_dutch.zip 2014-09-25 06:05:25 AEA0932C4FCF34E5D3C00C5ACC696692 203837 ----a-w- C:\Users\Vlasman\Downloads\wincrashreport-x64.zip 2014-09-25 06:01:16 36B61EF01992B7F17257607C3E455E1C 1573 ----a-w- C:\Users\Vlasman\Downloads\bluescreenview_dutch.zip 2014-09-25 06:00:12 6069027ED1F638027CE11223AD991A29 84917 ----a-w- C:\Users\Vlasman\Downloads\bluescreenview-x64.zip 2014-09-24 10:16:26 CB8300A7D3418666262D91F7002DD5BC 1432720 ----a-w- C:\Program Files (x86)\AIMP3\!Backup\z Before install v3.55.1355 [2014.09.24 12-16-26].zip 2014-09-24 10:09:51 837E58885C903FFF576A031578BF6E48 1129280 ----a-w- C:\Users\Vlasman\AppData\Roaming\Dropbox\bin\xui_resources.zip 2014-09-24 06:03:20 E68AC3926BA37B8AB7A8B4CFF951D5C0 400720 ----a-w- C:\Users\Vlasman\Downloads\doublekiller.zip 2014-09-23 14:05:18 1489C3CD8157C9F5E8742C60514BF854 81 ----a-w- C:\Users\Vlasman\AppData\Local\Temp\deleteme.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3606609435-1336123501-1718763158-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT EPLTarget\P0000000000000000 /M XP-402 403 405 406 Series" "EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT EPLTarget\P0000000000000001 /M XP-402 403 405 406 Series" "WinMX"="E:\Programs\Winmx\WinMX.exe -m" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "HD Tune"="C:\PROGRA~2\HDTUNE~1\HDTune.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT EPLTarget\P0000000000000000 /M XP-402 403 405 406 Series" "EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT EPLTarget\P0000000000000001 /M XP-402 403 405 406 Series" "WinMX"="E:\Programs\Winmx\WinMX.exe -m" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="E:\\Programs\\Winamp\\winampa.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Draadloos configuratie hulpprogramma.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TP-LINK Draadloos configuratie hulpprogramma.lnk" "backup"="C:\\Windows\\pss\\TP-LINK Draadloos configuratie hulpprogramma.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\TP-LINK\\TP-LIN~1\\TWCU.exe -nogui" "item"="TP-LINK Draadloos configuratie hulpprogramma" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25-09-2014 08:17] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-09-2014 18:20] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Ad-Aware Update (Weekly)" [E:\Programs\AdAware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{0F4BEBA2-10F7-417F-8BA0-7FBA7C758F96}" [C:\Program Files (x86)\Deadtime Stories\DeadtimeStories.exe] "C:\Windows\SysNative\tasks\{42782ABB-C73A-4BDD-816E-D7615AC9654C}" [C:\Program Files (x86)\Grace's Quest - To Catch An Art Thief\GraceQuest.exe] "C:\Windows\SysNative\tasks\{489D1179-D30F-49CA-8EA7-E00AAA81E110}" [C:\Program Files (x86)\Princess Isabella - A Witch's Curse\Princess.exe] "C:\Windows\SysNative\tasks\{5AF743B5-CE0E-4907-85C2-0531131758A6}" [C:\Program Files (x86)\GAMESVOORIEDEREEN.NL\HetGeheimzinnigeDagboekCD\HetGeheimzinnigeDagboek_og.exe] "C:\Windows\SysNative\tasks\{5CFCEA6A-A4AE-41E1-883B-66AAC9E08F7E}" [C:\Program Files (x86)\Neptune's Secret\NeptunesSecret.exe] "C:\Windows\SysNative\tasks\{6568F0BB-C215-4917-BE5D-6469761A2DEA}" [C:\Program Files (x86)\The Hidden Object Show\THOS.exe] "C:\Windows\SysNative\tasks\{80C97CAF-E67E-4F5A-A841-FDD27F7AFEA3}" [C:\Program Files (x86)\Hidden Expedition - Everest\Hidden Expedition Everest.exe] "C:\Windows\SysNative\tasks\{A41B08E8-35C8-482B-9647-469486B37592}" [C:\Program Files (x86)\Escape the Museum\Museum.exe] "C:\Windows\SysNative\tasks\{B6273979-C0C7-4A5E-B8DB-B5157CC589EC}" [C:\Program Files (x86)\GAMESVOORIEDEREEN.NL\HetGeheimzinnigeDagboekCD\HetGeheimzinnigeDagboek_og.exe] "C:\Windows\SysNative\tasks\{BF6539F8-497F-4AFE-9D1B-4C20842C6CF7}" [C:\Program Files (x86)\Hidden Expedition - Everest\Hidden Expedition Everest.exe] "C:\Windows\SysNative\tasks\{F0E85869-1132-481F-8CBF-256285B2E314}" [C:\Program Files (x86)\Deadtime Stories\DeadtimeStories.exe] "C:\Windows\SysNative\tasks\{F9DE32D6-1251-4A73-A32D-A748F29809BA}" [C:\Program Files (x86)\Insider Tales - The Stolen Venus 2\venus.exe] "C:\Windows\SysNative\tasks\{FE8CA6FD-2856-49C7-8D51-9CBB5E4D0645}" [C:\Program Files (x86)\The 80s Game\T8G_Release.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21-09-2014 15:15] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{b64982b1-d112-42b5-b1e4-d3867c4533f8}"="C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension" [11-10-2012 08:52] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Vlasman\AppData\Roaming\Philips-Songbird\Profiles\h1o57o5z.default - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\7digital@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-minimizetotray@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\sharing@songbirdnest.com ExtDir: C:\Users\Vlasman\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - OneClickDownloader - %ExtDir%\OneClickDownload@OneClickDownload.com ExtDir: C:\Users\Vlasman\AppData\Roaming\Mozilla\Firefox\Profiles - OneClickDownloader - %ExtDir%\extensions\OneClickDownload@OneClickDownload.com ExtDir: C:\Users\Vlasman\AppData\Roaming\Mozilla\Extensions - OneClickDownloader - C:\Users\Vlasman\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cdjfkejjfbnnahgfabnehkfkhpfghoak - C:\Users\Vlasman\AppData\Local\Temp\tbch.crx[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12-09-2014 18:11] oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files (x86)\adawaretb\chrome-newtab-search.crx[] pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx[] Google Slides - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap avast Online Security - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki LastPass - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Wallet - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Vlasman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=AV01" "BrowserMngr Start Page"="http://search.babylon.com/?affID=109217&tt=bandext_3312_5&babsrc=HP_ss&mntrId=e6d4197400000000000000262d14c7b8" "bProtector Start Page"="http://search.babylon.com/?affID=109217&tt=bandext_3312_5&babsrc=HP_ss&mntrId=e6d4197400000000000000262d14c7b8" "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Search the web (Babylon) Url="http://search.babylon.com/?q={searchTerms}&affID=109217&tt=bandext_3312_5&babsrc=SP_ss&mntrId=e6d4197400000000000000262d14c7b8" {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Search the Web Url="http://www.google.com/search?ie=utf-8&oe=utf-8&mssrc=ms_chr&mstb=adawaretb&q={searchTerms}" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear" {F1E5DE38-27D5-4F6F-97F3-EA02708849D3} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [HD Tune] C:\PROGRA~2\HDTUNE~1\HDTune.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-402 403 405 406 Series" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-402 403 405 406 Series" O4 - HKCU\..\Run: [WinMX] E:\Programs\Winmx\WinMX.exe -m O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/SKIP-BO%20Castaway%20Caper/Images/stg_drm.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - E:\Programs\WiselinkPro.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on di 30-09-2014 at 15:22:11.23 ======================