Zoek.exe v5.0.0.0 Updated 19-December-2014 Tool run by anderlecht on vr 19/12/2014 at 12:50:09,59. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\anderlecht\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19/12/2014 12:55:46 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\AVS4YOU deleted successfully C:\PROGRA~2\DsNET Corp deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\WinAVI deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted successfully C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} deleted successfully C:\Users\anderlecht\AppData\Roaming\HpUpdate deleted successfully C:\Users\anderlecht\AppData\Roaming\Malwarebytes deleted successfully C:\Users\anderlecht\AppData\Roaming\Vso deleted successfully C:\Users\anderlecht\AppData\Local\cache deleted successfully C:\Users\anderlecht\AppData\Local\genienext deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3482549158-1047911144-748988040-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2014\avgfws.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Windows\SysWOW64\svchost.exe C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Users\anderlecht\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Users\anderlecht\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Freemake Improver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Freemake Improver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Freemake Improver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Freemake Improver deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skypesetup.exe] ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} not found C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} not found C:\ProgramData\Freemake deleted C:\ProgramData\AVG January 2013 Campaign deleted C:\Users\anderlecht\AppData\LocalLow\Conduit deleted C:\Users\anderlecht\daemonprocess.txt deleted C:\Users\anderlecht\.android deleted C:\PROGRA~2\Sports Interactive deleted C:\PROGRA~2\LiveVDO.tv plugin deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\prefs.js deleted C:\Users\anderlecht\AppData\Local\APN deleted C:\Users\anderlecht\AppData\Local\Mobogenie deleted C:\Users\anderlecht\Downloads\ReimageRepair.exe deleted C:\Users\anderlecht\AppData\LocalLow\vShare deleted C:\Windows\Reimage.ini deleted C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\InstallUtil.InstallLog deleted C:\Users\anderlecht\Documents\Optimizer Pro deleted C:\Users\anderlecht\Documents\Mobogenie deleted C:\Users\Public\Desktop\Foxreal YouTube FLV Downloader.lnk deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6134 MB CPU Info: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz CPU Speed: 1566,4 MHz Sound Card: Luidsprekers en Dual koptelefoo | SPDIF (Digitaal Uit via HP Dock | Display Adapters: NVIDIA GeForce GT 230M | NVIDIA GeForce GT 230M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 720 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Advanced-N 6200 AGN | Bluetooth-apparaat (Personal Area Network) CD / DVD Drives: 1x (G: | ) G: hp BDDVDRW CT21L Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 447,7GB | D: 465,8GB | E: 17,8GB | F: 99,0MB Hard Disks - Free: C: 133,2GB | D: 321,7GB | E: 2,9GB | F: 94,9MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 05/31/10 | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 7001 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG Internet Security 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG Internet Security 2014 disabled (Outdated) Firewall: AVG Internet Security 2014 disabled Default Browser: Google Chrome 39.0.2171.95 Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 39.0.2171.95 Adobe Reader version: 10.1.13.16 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.246 Shockwave Player version: 11.5.1r601 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ANDERL~1\AppData\Local\Temp ==== ====== Java Cache ===== 2014-12-19 11:43:01 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\anderlecht\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-2325684d 2014-12-19 11:42:52 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\anderlecht\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-20dad334 2014-12-19 11:42:52 5007FC7ED3E4D59E1E2007C8CA8D9573 424 ----a-w- C:\Users\anderlecht\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-12-19 11:42:50 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\anderlecht\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-4496c33a 2014-12-01 11:18:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\anderlecht\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-3402733c 2014-12-19 11:42:53 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\anderlecht\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-6e833c86 ====== C:\Windows\SysWOW64 ===== 2014-12-19 11:39:13 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-12-19 11:20:09 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Windows\SysWOW64\java.exe 2014-12-19 11:20:09 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-12-18 08:45:21 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-12-10 11:35:36 D17954CA6343F43B62637F51996B4E95 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2014-12-10 11:35:36 60FBCF033FF42A40C916C01A962A8802 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2014-12-10 11:35:36 52096F5F476733F2E2725CF346FF373B 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll 2014-12-10 11:35:36 20257A0BFB824B49055A6EEC29C72C03 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll 2014-12-10 11:35:35 FF0A6E76FAE624AC74780AB008752F98 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll 2014-12-10 10:12:03 E1456E7396022EBE4E5434188D1AC8B0 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 10:11:59 F98B3860BB47089EA8C1504F043E90E9 342200 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 10:11:59 F34F6DC38A21FCDBB50CDD1EE97B1EA3 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-12-10 10:11:59 F25284C763E728E4DAC248C211D1FC5B 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 10:11:59 D7A98A4CEA2E89F544065A00BF37FC10 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 10:11:59 BB25F69463AD8E7E51B5D9D158B5F8DF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-12-10 10:11:59 69AC6FD5B0B4DC963723E1EBDEE10A2C 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 10:11:59 2EADED07BDA52C1FC5A6D4E1CC5858F0 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 10:11:59 2ABC5587D582ACCEA30B4CF968C2A4A5 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 10:11:58 220505B0B3E96C857DD01729AF0CD369 19749376 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-12-10 10:11:57 F0BCBD8FCDA145EED53ED66C45CC378B 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-12-10 10:11:57 DEB9476A3CD1A5819DD4504BB7C6BA66 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 10:11:57 41AFA61E061E98E97272AC02184C8C2C 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 10:11:56 EC5A3E4E21079B9D423AA0760828D678 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 10:11:56 543ADCEA31CF9C2B4EEB900D4AAFD0F9 2052096 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 10:11:56 01777AB557997E98691E322225314E57 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-12-10 10:11:55 CF9D05678B02B44FBC8D8AD8C9F30D58 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-12-10 10:11:55 B59E370277EDB6643083B62297175628 12836864 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-12-10 10:11:55 759E2FAD5371512C6679FA346719493E 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 10:11:55 35BD045804B67E78F4CAB72CB820AF7F 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 10:11:53 2E9E105037AC1274656C3D1125323352 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 10:11:52 F728E7E9937117E0F32F39840EB6D737 4299264 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-12-10 10:11:52 930F63D6BC43D4BCD937DFCECDA95F82 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-12-10 10:11:52 5E4E0E43E0A5BF9F089696DFA7A3D677 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-12-10 10:11:52 37F078B5B435AFC6BF316F2AD14B469A 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-12-10 10:11:52 29CED1A4777A43526A4ED8A7B6936883 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 10:11:11 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-10 10:11:11 B6AC69FFBAA159DD5CEED814245A286D 214016 ----a-w- C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 10:11:11 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe 2014-12-10 10:11:11 5D9A1A3E5824CECE65871C60E5A08A1A 145920 ----a-w- C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 10:11:11 2C28FEC61C4AC68480A99CB7AA197FA9 248832 ----a-w- C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 10:11:11 1DE9BD23AFA36150586C732D876D9B74 1177088 ----a-w- C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 10:11:08 50C73E54062BA252350F3F29580E28DA 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-18 08:45:21 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-12-13 11:27:03 189951EC6DB7B31326FB1D2E16F31535 10230 ----a-w- C:\Windows\Sysnative\ScanResults.xml 2014-12-13 11:24:10 406E76BE63C65E0BF4B263156320254E 464 ----a-w- C:\Windows\Sysnative\ScannerSettings 2014-12-10 11:35:36 AB2EB93A982A2C26BA3E4D2D65328804 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2014-12-10 11:35:36 68E09E7CD4DC52F132A4B492ACE8C243 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe 2014-12-10 11:35:36 63578DB847FCC40883CB8F303E785D46 2048 ----a-w- C:\Windows\Sysnative\mferror.dll 2014-12-10 11:35:35 9797A23F773C0782A0D91BEC44054166 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2014-12-10 11:35:35 6E1DDE0E72FB8268F42F6777CE4C5036 4121600 ----a-w- C:\Windows\Sysnative\mf.dll 2014-12-10 10:12:11 8E64BB62AB3810D3C29ED50C405AD3BD 1232040 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2014-12-10 10:12:10 F0356290BA3940F31AFF5566501495F7 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2014-12-10 10:12:10 E00981CF227CEEBE7B5A8D99C76D1116 741376 ----a-w- C:\Windows\Sysnative\invagent.dll 2014-12-10 10:12:10 DAF13A81A5FC895D68B1D9A72F65F4CB 413184 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-12-10 10:12:10 D257AF48934D2167BE15AA4008176381 1083392 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-12-10 10:12:10 985558125FEEC89AB4AD142158B066D7 830976 ----a-w- C:\Windows\Sysnative\appraiser.dll 2014-12-10 10:12:10 4253086737D81D7C9C160FDE6C037F44 396800 ----a-w- C:\Windows\Sysnative\devinv.dll 2014-12-10 10:12:09 5CD6E919CE938A98AB25A2EA2C8C4EDA 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-12-10 10:12:03 A9A0BFD706B3A24C403EEFEB0790D011 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2014-12-10 10:11:59 F987718A5CA053DC23E94A531F1754A4 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-12-10 10:11:59 D471F7A428C21DB04D810445D12D68E0 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-12-10 10:11:59 9F07E8FC75C5F98A783ABFD3005EFC22 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-12-10 10:11:59 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-12-10 10:11:59 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-12-10 10:11:59 077AEB068A51B396F25BBCAB0944FC3A 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-12-10 10:11:57 5BF0BAA1E5EF724287565E97C9219254 389296 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-12-10 10:11:56 E7A2061ADF0F4D430FECDA1E8D6B7BA6 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-12-10 10:11:56 B4E481E9498CE22113628C4E9EA24427 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-12-10 10:11:55 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-12-10 10:11:55 14BA910E7731FC84EB85328BD0F1EE81 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-12-10 10:11:55 0AF0AEF0BA9EF6169E61C78504DCAE55 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-12-10 10:11:54 EFBA893429814EA3244C87C2D1256618 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-12-10 10:11:54 23AE7A3B44D5C550B81347288CE3230E 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-12-10 10:11:53 982B871A25B5078093FAD82D0AB0E3FC 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-12-10 10:11:53 3FE71E2A5BD3EC652E64FC8BCEFEDD2C 2125312 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-12-10 10:11:52 DFECAE6D925FBC9078870E16F98C471F 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-12-10 10:11:51 F7CCA58B973FB5EAED8D1F12DD3E51F6 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-12-10 10:11:51 8EF01E2EF21D41A23FF70B28179F9ABE 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-12-10 10:11:50 DB10D681314714E0D4623E4C0CF6654A 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-12-10 10:11:50 556D271F4243B273EDA353512BF3608A 14412800 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-12-10 10:11:49 8D64466AD12CA5677CD0099C43C58569 6039552 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-12-10 10:11:49 7AC115968B8856004920057B2271224C 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-12-10 10:11:49 1D294810D3A8A8F722E86AA001F54DCC 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-12-10 10:11:49 021DFF3CB0ADCD19B3AAA00A650FDEE2 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-12-10 10:11:48 89296EF4A3729A049DA25B7D67A04078 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-12-10 10:11:48 4AF089160FE082E5EA5C4AA72782DCA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-12-10 10:11:48 17A157A4225CF562202AC71DB8103177 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-12-10 10:11:47 D478A4CF07FB8ADF72FB16B88E8030B8 25059840 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-12-10 10:11:11 FDEB5EE2E4DB9DE9251DDAF6A5BCA070 346624 ----a-w- C:\Windows\Sysnative\WSManMigrationPlugin.dll 2014-12-10 10:11:11 D929ABD465A2DED963DA8B30946A8D5C 2020352 ----a-w- C:\Windows\Sysnative\WsmSvc.dll 2014-12-10 10:11:11 9B44CABE3536D0E3BF627176318AAFC9 181248 ----a-w- C:\Windows\Sysnative\WsmAuto.dll 2014-12-10 10:11:11 5C642B7B0365305451D579F3EFAD57D4 310272 ----a-w- C:\Windows\Sysnative\WsmWmiPl.dll 2014-12-10 10:11:11 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\Sysnative\WSManHTTPConfig.exe 2014-12-10 10:11:11 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\Sysnative\charmap.exe 2014-12-10 10:11:08 A026998E927FD2095505154CBD72F35B 2048 ----a-w- C:\Windows\Sysnative\tzres.dll ====== C:\Windows\Sysnative\drivers ===== 2014-12-13 11:35:04 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-12-13 11:33:57 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-12-13 11:33:57 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-12-13 11:33:57 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-12-10 10:12:03 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-12-19 11:39:38 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-12-19 11:37:32 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\anderlecht\AppData\Roaming ====== 2014-12-19 11:19:16 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2014-12-17 08:43:56 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg 2014-12-17 08:43:56 -------- d-----w- C:\Users\anderlecht\AppData\Local\Avg 2014-12-14 09:47:37 -------- d-sh--w- C:\Users\anderlecht\AppData\Local\EmieBrowserModeList ====== C:\Users\anderlecht ====== 2014-12-19 11:38:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-19 10:58:04 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\anderlecht\Downloads\chromeinstall-8u25 (1).exe 2014-12-19 10:54:15 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\anderlecht\Downloads\chromeinstall-8u25.exe 2014-12-13 11:31:56 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\anderlecht\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-11 09:46:43 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\anderlecht\Downloads\RSITx64.exe 2014-12-11 09:09:55 9B66D883CD374F0EFEEEE9FC98281E99 209736 ----a-w- C:\Users\anderlecht\Downloads\FreeVK.exe ====== C: exe-files == 2014-12-19 11:38:53 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-12-19 11:38:53 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-12-19 11:38:53 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-12-19 11:38:38 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-12-19 11:38:38 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-12-19 11:38:38 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-12-19 11:38:37 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-12-19 11:38:37 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-12-19 11:38:37 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-12-19 11:38:37 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-12-19 11:38:37 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-12-19 11:38:37 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-12-19 11:38:37 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-12-19 11:38:37 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-12-19 11:38:37 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-12-19 11:38:37 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-12-19 11:38:37 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-12-19 11:38:37 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-12-19 11:38:36 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-12-19 11:38:36 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-12-19 11:38:36 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-12-19 11:38:36 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-12-19 11:38:36 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-12-19 11:38:36 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-12-19 11:20:09 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Windows\SysWOW64\java.exe 2014-12-19 11:20:09 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-12-19 10:58:04 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\anderlecht\Downloads\chromeinstall-8u25 (1).exe 2014-12-19 10:54:15 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\anderlecht\Downloads\chromeinstall-8u25.exe 2014-12-18 08:45:21 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-12-18 08:45:21 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-12-17 08:43:53 433A5A41988E5168454BC58FED604509 302096 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgndisa.exe 2014-12-13 11:31:56 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\anderlecht\Downloads\mbam-setup-2.0.4.1028.exe === C: other files == 2014-12-19 11:38:39 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-12-18 09:20:41 06AF51D660095D1DF1F877CEDD897FE0 13261 ----a-w- C:\Users\anderlecht\Downloads\covert.affairs.frontwards.(2014).dut.1cd.(5969508).zip 2014-12-13 11:35:04 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-12-13 11:33:57 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-12-13 11:33:57 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-12-13 11:33:57 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3482549158-1047911144-748988040-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "uTorrent"="C:\Users\anderlecht\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPCam_Menu"="c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\Hewlett-Packard\Media\Webcam UpdateWithCreateOnce Software\Hewlett-Packard\Media\Webcam" "Corel File Shell Monitor"="C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" "DpAgent"="C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe" "QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles(x86)%\Synaptics\SynTP\SynTPEnh.exe" "HPToneControl"="C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "uTorrent"="C:\Users\anderlecht\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" "HPToneControl"="C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightScribe Control Panel" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\anderlecht\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WirelessAssistant] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WirelessAssistant" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/12/2014 12:34] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/01/2014 11:46] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/01/2014 11:46] C:\Windows\tasks\HPCeeScheduleForANDERLECHT-PC$.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CapSchedInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe] "C:\Windows\SysNative\tasks\CapSvcInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe] "C:\Windows\SysNative\tasks\CapUninst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe] "C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForANDERLECHT-PC$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\Sun Microsystems-online actualiseringsprogramma" [C:\Program Files\Java\jre6\bin\jusched.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe] "C:\Windows\SysNative\tasks\TVAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{BA8BCB1C-7D02-47E0-AE63-410F5F118F8D}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [23/06/2010 01:56] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\firefoxext" [23/06/2010 01:56] ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Could not determine latest Stable Version) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[30/05/2012 14:56] pbiamblgmkgbcgbcgejjgebalncpmhnp - C:\Program Files (x86)\LiveVDO.tv plugin\vshareplg.crx[] selector is not a valid CSS selector - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Tampermonkey - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Alarm - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjkdjnaajdmnminlhhhcicfnokdhjfg AdBlock - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Cool Clock - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce Freemake Video Converter - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Google Mail Checker - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff Google Wallet - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda LiveVDO plugin - anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp ==== Chromium Fix ====================== C:\Users\anderlecht\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully C:\Users\anderlecht\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully C:\Users\anderlecht\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\anderlecht\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\anderlecht\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:8888;https=127.0.0.1:8888" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [uTorrent] "C:\Users\anderlecht\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Aced.com - {bdb825fa-7a98-498f-b101-45a8f268a1ff} - C:\Users\anderlecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aced.com\Aced.com.lnk (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\anderlecht\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BGK3U7H will be deleted at reboot C:\Users\anderlecht\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOGN3QM5 will be deleted at reboot C:\Users\anderlecht\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P344ZJ2K will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\anderlecht\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2116 folders=148 335890574 bytes) ==== Empty Temp Folders ====================== C:\Users\anderlecht\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ANDERL~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\anderlecht\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BGK3U7H" not found "C:\Users\anderlecht\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOGN3QM5" not found "C:\Users\anderlecht\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P344ZJ2K" not found ==== EOF on vr 19/12/2014 at 13:20:42,95 ======================