
Zoek.exe v5.0.0.0 Updated 13-November-2014
Tool run by Albert on vr 14/11/2014 at 11:12:42,90.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Albert\Documents\zoek-2\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2014-11-13-095032.log	1247748 bytes
C:\zoek-results2014-11-13-135302.log	1357332 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2061107396-2004619400-3521041143-1002\Software\Microsoft\Internet Explorer\SearchScopes\{3E37B198-0CDD-43A3-9DCD-29A4067ED06D} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Albert\Documents\zoek-2\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\ProgramData\avg9 deleted
C:\ProgramData\Temp\AVG deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3894 MB
CPU Info: Intel(R) Core(TM) i5 CPU       M 430  @ 2.27GHz
CPU Speed: 2216,4 MHz
Sound Card: Luidsprekers en koptelefoons (I | 
Display Adapters: Intel(R) Graphics Media Accelerator HD | Intel(R) Graphics Media Accelerator HD | ATI Mobility Radeon HD 5470    | ATI Mobility Radeon HD 5470    | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
CD / DVD Drives: 1x (F: | ) F: hp      CDDVDW TS-L633N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  441,1GB | D:  24,4GB | E:  99,0MB
Hard Disks - Free: C:  362,1GB | D:  3,6GB | E:  88,4MB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 05/17/10 | HPQOEM - 1
Time Zone: Romance (standaardtijd)
Motherboard *: Hewlett-Packard 144B
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Panda Free Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Panda Free Antivirus disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Spybot - Search and Destroy disabled (Outdated)
Firewall: Panda Firewall disabled
Default Browser: Firefox	33.1
Internet Explorer Version: 11.0.9600.17420 
Mozilla Firefox version: 33.1 (x86 nl)
Adobe Reader version: 11.0.9.29
Flash Player version: 13.0.0.206
Shockwave Player version: 11.5.1r601

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Albert\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-11-12 08:00:04	980EEEE8815DA7593708774D1225BD35	681984	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2014-11-12 08:00:03	9AB39ADD28C7C1A685B1EA8C6A25CF08	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2014-11-12 08:00:03	9216ABFD53F5EC1F35C3554AD1A175DE	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-11-12 08:00:03	13E5B1CD503A4B21E9F0A2D55A00198B	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:59:30	B6273619A3DF28F03B64E911E45A6AB2	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:59:30	A6E51BDCB8F4B84E874F918F0452763D	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:59:30	5D5640C34C4A97467F77489DBB157568	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:59:29	FB56C76FEA44693752BD99D7D9930ABA	341168	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:59:29	4772DB007FFBD4BBE3F526704BCA67FE	1310208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:59:28	843BD9DAF03ABB6761DEE6D155301F28	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:59:28	66F4FFDBCD501260ABC198317D2B0D10	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:59:27	93074C4FA92A8399404D032F6AF72C1B	19781632	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:59:27	26EE6C9780A8FC872C60F9E35D7EBD4B	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:59:26	5E01004CBC35A78FE2AB4016CCAD4760	708096	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:59:26	5972510EF1C6097D9C14C17387A5EDB2	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:59:26	19D68FDEE62519C5A0387EB4E88A01EF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:59:25	FA310BD4A5DE904445DDDE54C5A654F2	2277376	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:59:25	7748B3DDDC92C7FC11F7462DB872E8E7	2051072	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:59:24	8A46404AC1AEB22AA2D4C906D0FC86C2	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:59:24	6DDC0F44A70976C492CB1666BA9A7912	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:59:24	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:59:23	A1A2EE55A2C69F79AED00973E604B9C4	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:59:22	8585BC27224F97458C186AA085B754A7	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:59:22	36EE0A2A981617610F921BCBB997DB06	12819456	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:59:20	4169C6A6613856D69224498620F0C2B5	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:59:19	AE39939F1E25401B9A4952A7A8D372AC	4298240	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:59:19	9ED3132B7F0D36FA9911721E8B2CB968	501248	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:59:19	6DD7D61A8EF3DFEC4FAEFEB395E77424	1892864	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:59:18	755D0A90CFC4BCB178D7070B0351F0AE	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:59:18	139E85C4E5DF322AE1BF6544D8C32B0A	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:57:41	537184E7306E06BB22C5B93D2AFA4DF8	1237504	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:57:40	5FDBDEECA34E73325D87C5ACD16A3EEC	701440	----a-w-	C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:57:40	09FA271EE1F9AD68B2D1C1C210F4B71F	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:57:38	FD79B005E849DF3D7E9B5EB7A637C528	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:57:38	8D338464B851DDD76E2B876A3E09EB70	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:57:37	AA7325057A1E1CC401798C0B1238E182	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:57:29	8CFAEFCD7F1E004950FCAE870A501B3E	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:57:27	8FE6AB488ECDC60930CE973A7051B0D4	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:57:26	B580A6B9932669DE703001AEE66D5BB1	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:57:26	3B3B8BA16DC999EA17D075D2F1064DE4	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:57:26	37BC079204BF9B087D6DE6B728908B4B	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:57:25	9CEA80FFC617E6B6DD7B52E6225C0D38	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:57:23	8205E55DFB11809E5F2AAD1C48840535	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:57:11	0F39AC3274312EFFD03928291E8BA7CA	67584	----a-w-	C:\Windows\SysWOW64\packager.dll
2014-11-12 07:57:09	EDA54D2E17C0271D2CDA946ABE344110	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2014-11-03 08:42:50	3597DE1371DF9DDC15001778EBA54EAF	5702656	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2014-11-02 17:57:01	1368E2297C53E2CA0C14E9E5F33BF40C	1645628	----a-w-	C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-02 17:52:02	AB5EFB103DB01C1912C9D2F545EA5621	17920	----a-w-	C:\Windows\SysWOW64\wksprtPS.dll
2014-11-02 17:52:02	8DEEE20D8D30E9B0FBDCA31E58A027BD	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2014-11-02 17:52:02	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2014-11-02 17:52:02	2EFB1279E7BEA7D12D9F4D6508D27880	50176	----a-w-	C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-11-02 17:52:01	5E676B296B762E211D83B87635F2C330	855552	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2014-11-02 17:47:38	2413D2216D08FAF7D7178D9E0B481AEB	2285056	----a-w-	C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-11-02 17:46:37	C263F3E7E0523556964D661BC7CB9565	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
2014-11-02 17:46:30	3888D02CE6413C2A06D903DE1C778BF5	2363904	----a-w-	C:\Windows\SysWOW64\msi.dll
2014-11-02 17:46:25	E01D2AC63453534DB8AD1EA97DEE9C3A	594944	----a-w-	C:\Windows\SysWOW64\RMActivate_isv.exe
2014-11-02 17:46:25	BBCE3E9E74C7CEA47FA4115B360AC2C6	423936	----a-w-	C:\Windows\SysWOW64\secproc_isv.dll
2014-11-02 17:46:25	6142C5540C8D2764D59CBC11AF4A5900	572416	----a-w-	C:\Windows\SysWOW64\RMActivate.exe
2014-11-02 17:46:25	0F5FEF37588AF457E02125674F171A4F	508928	----a-w-	C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-11-02 17:46:25	08D323750350A8A29611D1004C0CF319	510976	----a-w-	C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-11-02 17:46:24	9158DBE2F8483434FC72F320690C9DB8	87040	----a-w-	C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-11-02 17:46:24	7FA485555BF802FE3DB5598004DBDFAC	390144	----a-w-	C:\Windows\SysWOW64\msdrm.dll
2014-11-02 17:46:24	58712A48D31B40EBCB35B47205F87771	87040	----a-w-	C:\Windows\SysWOW64\secproc_ssp.dll
2014-11-02 17:46:24	12A9F24DC9F465DA79AC2272D829A81E	428032	----a-w-	C:\Windows\SysWOW64\secproc.dll
2014-11-02 17:45:41	A8DDB7ACB122FC36FF0D7C9B3099A380	793600	----a-w-	C:\Windows\SysWOW64\TSWorkspace.dll
2014-11-02 17:45:39	06FC8A93A4FA1F42A3D1D06694F2B339	419992	----a-w-	C:\Windows\SysWOW64\locale.nls
2014-11-02 17:45:38	C7673B3F8BB35221B42D67BF7ADAFDFD	7168	----a-w-	C:\Windows\SysWOW64\KBDYAK.DLL
2014-11-02 17:45:38	730B7C639957EA0BF37C1459831A1E19	6656	----a-w-	C:\Windows\SysWOW64\KBDRU1.DLL
2014-11-02 17:45:38	72222991598E173BBE1429426926C020	7168	----a-w-	C:\Windows\SysWOW64\KBDTAT.DLL
2014-11-02 17:45:38	45B308F20FEF040BD7321E85F69DF5E2	6656	----a-w-	C:\Windows\SysWOW64\KBDRU.DLL
2014-11-02 17:45:38	2BD0519015E899A2FF52210CC5875F88	6656	----a-w-	C:\Windows\SysWOW64\KBDBASH.DLL
2014-11-02 17:45:32	386BF6FD9FC562B1A5558C49E1C3A6FB	12874240	----a-w-	C:\Windows\SysWOW64\shell32.dll
2014-11-02 17:45:30	BBA80D3CAB22620A6AC9BB603386EE33	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2014-11-02 17:45:30	79896A78039C9A63C56197843CFBAD0B	1987584	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2014-11-02 17:43:28	A054EA8FBE16D4D34F06D81A4F0088E2	1230336	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-11-12 08:00:05	008CD4EBFABCF78D0F19B3778492648C	683520	----a-w-	C:\Windows\Sysnative\termsrv.dll
2014-11-12 08:00:04	C4C1B73FC2FF151BA08E1EAFDE2A2FAF	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-11-12 08:00:04	58F87BF5659C8EBC61EB439C916F2F9A	681984	----a-w-	C:\Windows\Sysnative\adtschema.dll
2014-11-12 08:00:03	7184AEACDA13E64B10F84E9DD79C8A01	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2014-11-12 07:59:30	854B230F5D77486B67D809FFB8A10C7E	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-11-12 07:59:30	7293701905DF1F40760C851F20DDC9EC	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-11-12 07:59:30	1F3794CE1AEA5DA12ACF90210EAE4ECB	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-11-12 07:59:29	4E47ABA3C6C5032446A2AF7EFD026037	716800	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-11-12 07:59:29	26BC4EC95E363DD59171710E22108F15	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-11-12 07:59:28	33098C85B789630865CD3F5D22FB0DFC	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-11-12 07:59:25	56651A76C63DAF2C593F1F767FC8A856	1550336	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-11-12 07:59:25	1C216980E7D21100A357B52B3C45F78D	388272	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-11-12 07:59:24	E17C34BECCD1388E9B386A9F82F01222	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-11-12 07:59:23	C6A719FD0B07B2DD0ADACD07636F4BAD	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-11-12 07:59:23	2A1A7F17C906941334C6A67E935F214B	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-11-12 07:59:22	1E30BECF0DB35481588FB72C9CF97CA2	800768	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-11-12 07:59:21	BD708EBEDB35E474F1A19747154ACC47	799232	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-11-12 07:59:21	BA4EC6139B8830BBA9CC5D065CA5796C	2884096	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-11-12 07:59:21	6507CA9349500A535AF70670F248E525	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-11-12 07:59:21	5C9D58591D0091630452B04F35527240	2124288	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-11-12 07:59:18	31F2A5ECFD2C75F970A3007ACD5627C7	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-11-12 07:59:18	08BCDD6C9E23D00309F359620461DFE8	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-11-12 07:59:17	277A4735954F1BF29EE3D138A5251BFE	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-11-12 07:59:16	7EE5FBD190BF5B27F7977EA6CBF0DCAC	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-11-12 07:59:16	69602F6259598A7837CB83D3608FE293	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-11-12 07:59:16	154B8555A118BCFD95F358390E418B00	14390272	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-11-12 07:59:15	F208D7FB40FD80EA9F123BABF687359C	6040064	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-11-12 07:59:15	B6DC4597FF946B0C8B29650A71F52D4E	580096	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-11-12 07:59:15	98088A13F65BE35DA3693F264740CEEC	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-11-12 07:59:15	7EC80DB959695D4F927D2D601DA59F35	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-11-12 07:59:14	EE3592B010E3F69D141323E592C01A1A	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-11-12 07:59:14	6FC2819A4F80AAB2DADEDFC1EFEE3C3F	2365440	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-11-12 07:59:14	4B6D9AB2ECD11AF5F6B1C42D938E0A85	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-11-12 07:59:13	BBD6A636AAA65D874F3863280CD8373D	25110016	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-11-12 07:57:41	364ECFF4ABD9D575F4F7CF7EB7928EF3	1882624	----a-w-	C:\Windows\Sysnative\msxml3.dll
2014-11-12 07:57:40	D005697F0467BBDDAB7638496DA5DB52	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2014-11-12 07:57:40	1FEBD408F32DFC523882E7DA5AC57819	878080	----a-w-	C:\Windows\Sysnative\IMJP10K.DLL
2014-11-12 07:57:38	FAFCB80D42A65964B6F4945283B8C10F	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2014-11-12 07:57:38	DE3E38431B00C2EA247C53675DCF01A0	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2014-11-12 07:57:38	B1BB7B91C3C878FDB2874138CE81C4EF	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2014-11-12 07:57:38	A2C9E45F4069A002E985D1563D16813B	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2014-11-12 07:57:38	9383B21A4B77C130940262DDC5F3F49B	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2014-11-12 07:57:30	A71B81AC2C14ABA013CCF1225D9E3E36	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-11-12 07:57:29	109CC0DF72CC07A6CB59D2995255A1DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2014-11-12 07:57:26	DF30FC54FFF79BC744B22A4850A3CF92	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-11-12 07:57:26	55F0CF40479A1FC89CFA578909A540F2	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-11-12 07:57:26	47C48C705F4F1EFC99B50B43AE4301FE	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-11-12 07:57:26	028D99F83CBB31DB7995530B89EA13CF	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-11-12 07:57:24	336BA030AB7B05300CB0B5C6AFB27176	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-11-12 07:57:11	934735F508E297504460935B71E99F0B	77824	----a-w-	C:\Windows\Sysnative\packager.dll
2014-11-12 07:57:10	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-11-12 07:57:09	B938AF16A521C913791C6F7AFF032757	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2014-11-03 08:42:51	07B79261BA622FC85F079BF50E6C5E70	6583296	----a-w-	C:\Windows\Sysnative\mstscax.dll
2014-11-02 17:52:07	DDED7C5558B3AE09F568945281A9A6D1	44544	----a-w-	C:\Windows\Sysnative\TsUsbGDCoInstaller.dll
2014-11-02 17:52:03	FEC6178962DFF33074D39CA907971405	12800	----a-w-	C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-02 17:52:03	108C257D765AAD2E6EC46557DA0B02BD	13824	----a-w-	C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe
2014-11-02 17:52:02	8E75B1112C374EBDF18FD640DA2F0655	1147392	----a-w-	C:\Windows\Sysnative\mstsc.exe
2014-11-02 17:52:02	7BD2E6E2458A5B95F8341244C7FC7DD4	18944	----a-w-	C:\Windows\Sysnative\wksprtPS.dll
2014-11-02 17:52:02	79EE5ECB4BE89343E4CF1E48F7769F59	420864	----a-w-	C:\Windows\Sysnative\wksprt.exe
2014-11-02 17:52:02	5289A00E2D21BB3A7D6761646543ED5C	62976	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2014-11-02 17:52:02	149A388C17F04AD1F99B477A43BE1A9F	56832	----a-w-	C:\Windows\Sysnative\MsRdpWebAccess.dll
2014-11-02 17:52:02	0D2C2FAC4F29B5868D39B7267058CFEF	83968	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2014-11-02 17:52:01	A4420969E5AB94856E5C0C02E6099D3F	1057280	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2014-11-02 17:47:38	3469B9FAE899139FEE7356E91693376A	2777088	----a-w-	C:\Windows\Sysnative\msmpeg2vdec.dll
2014-11-02 17:46:37	A8A87343CAE432677D82C0BCC753D905	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
2014-11-02 17:46:30	ADD3F2C3E6B89BD16D4BFC61B3658DD9	3241472	----a-w-	C:\Windows\Sysnative\msi.dll
2014-11-02 17:46:26	17CF3B3F68272BD40C878D4DBAB0EBC9	658432	----a-w-	C:\Windows\Sysnative\RMActivate_isv.exe
2014-11-02 17:46:25	C6AC2C91541D24F9E236A670C0CA793D	528384	----a-w-	C:\Windows\Sysnative\msdrm.dll
2014-11-02 17:46:25	5693212AB2EBCACBBE05EC3A642113E2	485888	----a-w-	C:\Windows\Sysnative\secproc_isv.dll
2014-11-02 17:46:25	399FC1B75790EE606A6FD9F2FB4C891C	488448	----a-w-	C:\Windows\Sysnative\secproc.dll
2014-11-02 17:46:25	297926B15AE5390409F1007EB28A8EFB	552960	----a-w-	C:\Windows\Sysnative\RMActivate_ssp_isv.exe
2014-11-02 17:46:25	1B3741488AA7E237961A29D1E7A44C0A	626176	----a-w-	C:\Windows\Sysnative\RMActivate.exe
2014-11-02 17:46:25	03F8F411F118CFDA508E77C747BB05EA	553984	----a-w-	C:\Windows\Sysnative\RMActivate_ssp.exe
2014-11-02 17:46:24	DC6DD779F35BB42E2E76FDFEC565C251	123392	----a-w-	C:\Windows\Sysnative\secproc_ssp_isv.dll
2014-11-02 17:46:24	B41B1FEDEBBD955B4E25676B42087885	123392	----a-w-	C:\Windows\Sysnative\secproc_ssp.dll
2014-11-02 17:45:42	30B1489F2DCD8DC1AB6BB60CA6093615	48640	----a-w-	C:\Windows\Sysnative\wwanprotdim.dll
2014-11-02 17:45:42	04F82965C09CBDF646B487E145060301	228864	----a-w-	C:\Windows\Sysnative\wwansvc.dll
2014-11-02 17:45:41	EFF3FF9D9E5BFD2A05390D959A1C3AD0	1031168	----a-w-	C:\Windows\Sysnative\TSWorkspace.dll
2014-11-02 17:45:39	06FC8A93A4FA1F42A3D1D06694F2B339	419992	----a-w-	C:\Windows\Sysnative\locale.nls
2014-11-02 17:45:38	EA21295A386C6DB2A2A90E657B37C5F4	7168	----a-w-	C:\Windows\Sysnative\KBDYAK.DLL
2014-11-02 17:45:38	BE67D99EDA34A68B827868371B5529AD	7168	----a-w-	C:\Windows\Sysnative\KBDTAT.DLL
2014-11-02 17:45:38	920B5C1CC0BAB6E574297BC3D945DA31	7168	----a-w-	C:\Windows\Sysnative\KBDBASH.DLL
2014-11-02 17:45:38	80EDA24B00478FA795F90DFA09C12E86	7168	----a-w-	C:\Windows\Sysnative\KBDRU1.DLL
2014-11-02 17:45:38	353C4A38042819CA83AEFC6F2E7051CD	6656	----a-w-	C:\Windows\Sysnative\KBDRU.DLL
2014-11-02 17:45:32	AE57F6C7AB3ED244B5F14151C4EA0057	14175744	----a-w-	C:\Windows\Sysnative\shell32.dll
2014-11-02 17:45:31	224C2EEBAAF39CD93DE5332DBE5E5A95	2565120	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2014-11-02 17:45:30	8D46C7BCDF7FBAAC8666D6640ADA930E	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2014-11-02 17:43:28	AFCA5C1ECEAF948FC815178BC077680E	1424384	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
====== C:\Windows\Sysnative\drivers =====
2014-11-12 08:00:05	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-11-07 16:08:59	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-11-07 16:08:42	D3311B31C470E7681B14D9B014CBF9ED	93400	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-11-07 16:08:42	95EF63A7827D4E3A229CBBCB42619E93	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-11-07 16:08:42	5C3669B71657F22E67A1D4BD49D2CBE7	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-11-02 17:52:03	E9981ECE8D894CEF7038FD1D040EB426	56832	----a-w-	C:\Windows\Sysnative\drivers\TsUsbFlt.sys
2014-11-02 17:45:28	B3222734D80013D2C73841B0C549FA63	27584	----a-w-	C:\Windows\Sysnative\drivers\Diskdump.sys
2014-11-02 17:45:28	A3F0BC5897F9D3786A3CB695B163633A	190912	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2014-11-02 17:45:28	96BB922A0981BC7432C8CF52B5410FE6	274880	----a-w-	C:\Windows\Sysnative\drivers\msiscsi.sys
2014-11-02 17:45:10	1A29A59A4C5BA6F8C85062A613B7E2B2	1684928	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-11-12 12:23:26	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-11-01 07:22:27	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Albert\AppData\Roaming ======
2014-11-13 18:21:43	--------	d-sh--w-	C:\Users\Albert\AppData\Local\EmieBrowserModeList
2014-11-13 18:21:15	--------	d-sh--w-	C:\Users\Albert\AppData\Locallow\EmieBrowserModeList
2014-11-13 13:50:28	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-11-13 13:50:27	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2014-11-13 13:50:27	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2014-11-13 13:50:27	--------	d-----w-	C:\Users\Albert\AppData\Local\Temp
2014-11-11 09:47:17	A0B3FDD4C95251DCC30B1C88C80F32E4	7597	----a-w-	C:\Users\Albert\AppData\Local\Resmon.ResmonCfg
2014-11-02 10:43:16	--------	d-----w-	C:\Users\Albert\AppData\Roaming\Fighters
2014-11-01 07:23:52	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun
2014-11-01 07:23:34	--------	d-----w-	C:\Users\Albert\AppData\Roaming\Oracle
====== C:\Users\Albert ======
2014-11-12 12:22:42	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Albert\Downloads\RSITx64.exe
2014-11-07 17:32:18	--------	d-----w-	C:\ProgramData\LightScribe
2014-11-07 16:07:04	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Albert\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-11-07 16:06:43	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Albert\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 10:46:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
2014-11-02 18:13:56	C7969516D87176867BD5AE772967006F	3894696	----a-w-	C:\Users\Albert\Downloads\Reparatieprogramma-voor-Glxinfo.exe-WinThruster.exe
2014-11-02 10:41:24	--------	d-----w-	C:\ProgramData\Fighters
2014-11-02 10:39:41	D5A4FFEB58917576C3611935A364CA8A	4810344	----a-w-	C:\Users\Albert\Downloads\SLOW-PCfighterSetup_1.7.88Web.exe
2014-11-02 10:38:46	421EB30C8FE92C663FDDC1CB73CCAFD1	4501576	----a-w-	C:\Users\Albert\Downloads\SLOW-PCfighterSetup_2.1.14.6Web.exe

====== C: exe-files ==
2014-11-12 12:23:26	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Albert.exe
2014-11-12 12:22:42	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Albert\Downloads\RSITx64.exe
2014-11-12 07:59:29	B569522A58F9B53B20D16516D26E0DD8	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-11-12 07:59:26	2E1CAA313AAE151B8D6E81C0075DE88C	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-11-12 07:59:25	B5724D61C7CB3FC9BACD9F8E58A77A03	468992	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-11-12 07:59:24	591C6FD1541BAFAEEE82B1F5831C8532	815280	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-11-12 07:59:21	0A2FA344ABBE0D160CE9773256A42B21	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-12 07:59:20	F00FC8AF1B04C4611F92BC3DA01A2F49	813744	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-11-07 16:07:04	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Albert\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-11-07 16:06:43	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Albert\Downloads\mbam-setup-2.0.3.1025.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2061107396-2004619400-3521041143-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"Spybot-S&D Cleaning"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-2061107396-2004619400-3521041143-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Albert\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Albert\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220_1\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe /LaunchSysTray"
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"Spybot-S&D Cleaning"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Albert\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Albert\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220_1\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"
"HPToneControl"="C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe"
"HP Quick Launch"="C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Anna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
"path"="C:\\Users\\Anna\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk"
"backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\MICROS~1\\Office12\\ONENOTEM.EXE /tsr"
"item"="OneNote 2007 Schermopname en Snel starten"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Test^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
"path"="C:\\Users\\Test\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk"
"backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\MICROS~1\\Office12\\ONENOTEM.EXE /tsr"
"item"="OneNote 2007 Schermopname en Snel starten"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/05/2014 18:56]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\Windows\SysNative\tasks\{E56BEA04-6CBE-40A1-B4EC-6C6969CC6C1C}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/4.1.0.179.161/nl/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" [C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" [C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" [C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\8exiit8w.default
9FD6A1990289B9290563CA069CB74EF9	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll -	Shockwave Flash
F7E675EBDE6DA3A1665F2DCFA683322F	- C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director


==== Chromium Startpages ======================

C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Preferences
ï»¿{"homepage":"http://www.google.com/","homepage_is_newtabpage":false,"distribution":{"skip_first_run_ui":false,"import_search_engine":false,"import_history":false,"create_all_shortcuts":true,"do_not_launch_chrome":true,"make_chrome_default":true,"verbose_logging":false,"ping_delay":-60},"sync_promo":{"show_on_first_run_allowed":false},"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["http://www.google.com/"]},"first_run_tabs":["http://www.google.com/","http://welcome_page"]}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.vandaag.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.vandaag.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{3F4101CE-D47B-455B-8E23-19A7BBAC188B}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{3F4101CE-D47B-455B-8E23-19A7BBAC188B} Google  Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz="
{C9B5020F-E7E4-412A-BF83-599AB96E08E0} Flickr  Url="https://www.flickr.com/search/?q={searchTerms}"

==== HijackThis Entries ======================

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O2 - BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Albert\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Albert\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Albert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Albert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GL1Y86L9 will be deleted at reboot
C:\Users\Albert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RO60TPSM will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Albert\AppData\Local\Mozilla\Firefox\Profiles\8exiit8w.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1509 folders=96 801906539 bytes)

==== Empty Temp Folders ======================

C:\Users\Albert\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Albert\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Albert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GL1Y86L9" not found
"C:\Users\Albert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RO60TPSM" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on vr 14/11/2014 at 12:31:04,58 ======================