Zoek.exe v5.0.0.0 Updated 20-March-2015 Tool run by Marti on vr 20-03-2015 at 13:41:45,76. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marti\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 20-3-2015 13:46:40 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\Marti\AppData\Roaming\HpUpdate deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 16 ActiveX Adobe Reader XI (11.0.10) - Nederlands Basissoftware voor HP Deskjet 3050 J610 series Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module DAEMON Tools Lite Dell Resource CD Dropbox FIFA 14 Google Chrome Google Update Helper HP Deskjet 3050 J610 series Haelp HP Update Intel(R) Rapid Storage Technology Iomega Encryption Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4.5.2 Microsoft Office 365 ProPlus - nl-nl Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Origin Panda Devices Agent Panda Free Antivirus REALTEK Wireless LAN Driver and Utility RemoteComms External Disk Access Softonic Assistant Spotify Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD The Stanley Parable VLC media player Vuze WinRAR 5.20 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe C:\Users\Marti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Marti\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SoftonicAssistant"=- ==== Deleting Files \ Folders ====================== C:\Users\Marti\AppData\Local\SoftonicAssistant deleted C:\Users\Marti\Downloads\SoftonicDownloader_voor_panda-free-antivirus.exe deleted C:\END deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\PROGRA~2\Windows Collaboration" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4093 MB CPU Info: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz CPU Speed: 2151,9 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: ATI Mobility Radeon HD 4300 Series | ATI Mobility Radeon HD 4300 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter | Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller CD / DVD Drives: 1x (D: | ) D: Optiarc DVD+-RW AD-7560S Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 465,8GB Hard Disks - Free: C: 272,2GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 07/17/09 | DELL - 27d90711 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0G437N Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Panda Free Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Panda Free Antivirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Panda Firewall disabled Default Browser: Google Chrome 41.0.2272.89 Internet Explorer Version: 11.0.9600.17633 Google Chrome version: 41.0.2272.89 Adobe Reader version: 11.0.10.32 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Marti\AppData\Local\Temp ==== 2015-03-18 12:56:25 12C0789B30AD2425D9F5B63FFFAAEEA6 43008 ----a-w- C:\Users\Marti\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6etbhr.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-03-19 20:07:36 080598EFE474B7A28D7260C3AC389E36 30352 ----a-w- C:\Windows\Sysnative\drivers\dtlitescsibus.sys 2015-03-09 08:04:44 105ACC469DF34C8BD0D5E68A70C774E5 60400 ----a-w- C:\Windows\Sysnative\drivers\PSKMAD.sys 2015-03-05 05:46:05 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2015-03-05 05:34:34 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2015-02-20 16:48:52 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_xusb21_01009.Wdf ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-19 20:07:33 -------- d-----w- C:\Program Files\DAEMON Tools Lite 2015-03-11 16:04:57 -------- d-----w- C:\Program Files\trend micro 2015-02-23 19:55:32 -------- d-----w- C:\Program Files\WinRAR ======= C:\PROGRA~2 ===== 2015-03-19 20:09:42 -------- d-----w- C:\PROGRA~2\Galactic Cafe 2015-03-05 05:33:52 -------- d-----w- C:\PROGRA~2\Intel ======= C: ===== ====== C:\Users\Marti\AppData\Roaming ====== 2015-03-20 12:43:18 -------- d-----w- C:\Users\Marti\AppData\Local\Diagnostics 2015-03-19 23:25:57 -------- d-----w- C:\Users\Marti\AppData\Local\SKIDROW 2015-03-19 20:07:35 -------- d-----w- C:\Users\Marti\AppData\Roaming\DAEMON Tools Lite 2015-03-04 02:37:53 -------- d-sh--w- C:\Users\Marti\AppData\Locallow\EmieUserList 2015-03-04 02:37:53 -------- d-sh--w- C:\Users\Marti\AppData\Locallow\EmieBrowserModeList 2015-03-04 02:37:47 -------- d-sh--w- C:\Users\Marti\AppData\Local\EmieUserList 2015-03-04 02:37:47 -------- d-sh--w- C:\Users\Marti\AppData\Local\EmieSiteList 2015-03-04 02:37:47 -------- d-sh--w- C:\Users\Marti\AppData\Local\EmieBrowserModeList 2015-03-04 02:37:31 -------- d-sh--w- C:\Users\Marti\AppData\Locallow\EmieSiteList 2015-02-23 20:40:00 -------- d-----w- C:\Users\Marti\AppData\Local\Chromium 2015-02-23 19:58:30 -------- d-----w- C:\Users\Marti\AppData\Local\Sports Interactive 2015-02-23 19:55:54 -------- d-----w- C:\Users\Marti\AppData\Roaming\WinRAR 2015-02-23 19:55:45 -------- d-----w- C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ====== C:\Users\Marti ====== 2015-03-19 20:13:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galactic Cafe 2015-03-19 20:04:48 D3AB99ACD4D9CDC3663D1B36F4064808 13146016 ----a-w- C:\Users\Marti\Downloads\DTLite501-0406 (1).exe 2015-03-19 20:00:36 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2015-03-19 19:59:53 D3AB99ACD4D9CDC3663D1B36F4064808 13146016 ----a-w- C:\Users\Marti\Downloads\DTLite501-0406.exe 2015-03-19 18:13:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marti\Desktop\RSITx64.exe 2015-02-23 19:58:30 -------- d-----w- C:\Users\Public\Documents\Sports Interactive 2015-02-23 19:55:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ====== C: exe-files == 2015-03-19 20:17:34 FF1AFF976A2AFEF8A620F538B1E472DB 203776 ----a-r- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\Launcher.exe 2015-03-19 20:13:06 3805BF9DE274775917D20A380BE90E57 41212184 ----a-w- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\physx\PhysX_9.09.0814_SystemSoftware.exe 2015-03-19 20:13:05 11DD6E8AB9759D1AC91FFE0D0E4949CB 525128 ----a-w- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\directx\DXSETUP.exe 2015-03-19 20:12:50 1801436936E64598BAB5B87B37DC7F87 8990552 ----a-w- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\_CommonRedist\vcredist\2010\vcredist_x86.exe 2015-03-19 20:12:49 C9D9EEBCCEF20D637F193490CEC05E79 10274136 ----a-w- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\_CommonRedist\vcredist\2010\vcredist_x64.exe 2015-03-19 20:12:42 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\_CommonRedist\DirectX\Jun2010\DXSETUP.exe 2015-03-19 20:12:37 ADE3C1EEA314A00D0F60120DB89814FD 409600 ----a-r- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\thestanleyparable.exe 2015-03-19 20:09:42 B39C8A68D2E0EBF649CB506D03D3B2EF 704346 ----a-w- C:\Program Files (x86)\Galactic Cafe\The Stanley Parable\unins000.exe 2015-03-19 19:17:08 0A02543D95A6C239351EC9EB26A00823 10763296 ----a-w- C:\Users\Marti\AppData\Roaming\Azureus\tmp\AZU8755009600596735343.tmp\Vuze_5.6.0.0c_win64.exe 2015-03-19 18:14:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Marti.exe 2015-03-19 18:13:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marti\Desktop\RSITx64.exe 2015-03-18 12:10:16 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Program Files (x86)\Google\Update\Install\{DBF74404-8814-4E8A-AC70-910BF68C91DF}\41.0.2272.89_40.0.2214.115_chrome_updater.exe 2015-03-18 12:10:16 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe 2015-03-18 11:37:50 F500F119EC9887D7A39CAAD950EF9521 5747416 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe 2015-03-18 11:37:30 8C00D6757CE2A8F957CAB7DF32035A2C 550576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe 2015-03-18 11:37:29 63D1D96C413C788048914C4B0D084C86 39584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe 2015-03-18 11:37:28 591FBE535F9B0BB79096A2E3CE3B1932 33432 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\appsharinghookcontroller.exe 2015-03-18 11:37:28 0C9C63D586B262C24389011F26C0DE35 1130192 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe 2015-03-18 11:37:19 4DB03900EE99298F891EAD3C00A32765 207528 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msoxmled.exe 2015-03-18 11:37:10 1FF6EB4030CC1C5B49F333D4B45E5FCC 84200 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe 2015-03-18 11:37:06 CCDC3655F1AB147459BF772CCCC032B0 474344 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe 2015-03-18 11:37:06 A8A09184A92390FD57E3895115560F1C 842440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe 2015-03-18 11:37:06 50AB5E67BD064F03FC59DA90F91E1C70 217760 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\msoxmled.exe 2015-03-18 11:37:06 0CF86795B3008AB4819F74C817392ED0 7856336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe 2015-03-18 11:37:04 988D70FEF8D50E45A0BB3E00AC797F84 1923224 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\winword.exe 2015-03-18 11:37:04 520E91FC4C8D0B92D58156318B1095DB 665240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe 2015-03-18 11:37:04 097EC147C5873D95210D8D274D933C54 528584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe 2015-03-18 11:37:03 73A9230B35BD9F8ADDEB6830E47365E9 18975904 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe 2015-03-18 11:37:01 098BB04E5924402C0148CADFC747E425 9597096 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\pdfreflow.exe 2015-03-18 11:36:59 CF2304643EB79D4F19D941850D370AF0 480976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe 2015-03-18 11:36:59 B7B245E5C9AD2685185F51C0F73E9213 873648 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2015-03-18 11:36:54 52215BD2997991A78683B4105668B253 1295568 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ocpubmgr.exe 2015-03-18 11:36:53 0EA1128527AB3D75A9E0B21E5F9074FC 569592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe 2015-03-18 11:36:52 00025468AD80F344D548DE9DD8172B97 1762464 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\onenote.exe 2015-03-18 11:36:50 CBB3CBD09C6D751313E42788A8D9457E 517352 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe 2015-03-18 11:36:49 F4764F1F2170B9BC7C1BB853AF18730F 498880 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msouc.exe 2015-03-18 11:36:49 886E365B27408BB8BAB72BFB119413E7 10752680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\mspub.exe 2015-03-18 11:36:49 026AFF122AA7CF23D2AE7E7AE5CAD5C7 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msosync.exe 2015-03-18 11:36:48 BBD74168E558508B50232CFAA1CD3A8B 15519912 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe 2015-03-18 11:36:47 CE826E26BC11D68251BDB5C8BB03F59F 283304 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoia.exe 2015-03-18 11:36:47 59453225D5C263FF0EEA5FA8B75029EE 161480 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msosrec.exe 2015-03-18 11:36:45 09157B91EB4A2C6D2F44329EAAE99D48 19055264 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe 2015-03-18 11:36:43 EAC84AD3723688F673173FEE0967E9DC 6486696 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe 2015-03-18 11:36:42 9B7D4CC34C742A1B4C59736120DF6724 1784480 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\infopath.exe 2015-03-18 11:36:41 0DE66CB0CCC281EEF25C4B1C1F8EB9E9 25720992 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe 2015-03-18 11:36:39 5D2907CF6A604C7C4DA255F2EC15E324 229056 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\clview.exe 2015-03-18 11:36:38 D4186A6EA6A76FB18607252C45F21D26 4522680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\graph.exe 2015-03-18 11:36:38 9EBDAB817EB68DC5DDAA012D923CCA84 8716992 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\groove.exe 2015-03-18 11:36:33 DA34D678DF56F2BFCAD0CF36784C2CB3 21938848 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2015-03-18 11:36:32 B6F864DAE02E7B87E72D4B6A14221D32 990376 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe 2015-03-18 11:36:28 AAF38AE8479CF94F9C6C445A5CBADF45 627912 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe 2015-03-18 11:36:03 1E04BB34663B22ECE85D6D0CEE710144 280736 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\DATABASECOMPARE.EXE 2015-03-13 14:15:37 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2015-03-13 14:15:33 4D83DC461F8F4370274CF6E9AC9A34F4 49208 ----a-w- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe 2015-03-13 14:15:29 9C32939B75035B85AEB1BAA82295A51E 1167360 ----a-w- C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe === C: other files == 2015-03-19 20:07:36 080598EFE474B7A28D7260C3AC389E36 30352 ----a-w- C:\Program Files\DAEMON Tools Lite\dtlitescsibus.sys 2015-03-19 19:16:43 1592BE1E99F1366A67E349209F65EF4E 9815424 ----a-w- C:\Users\Marti\AppData\Local\Temp\Vuze_5.6.0.0c_win64.zip 2015-03-17 11:20:36 0EF8C9ED4FCAAD842791150A00D38F73 202043 ----a-w- C:\Users\Marti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SMM9WY7V\video[1].zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1617728351-3029463369-2982614091-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Marti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Marti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" ==== Startup Folders ====================== 2015-02-13 23:51:13 2037 ----a-w- C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive voor Bedrijven.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-02-2015 11:37] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-02-2015 12:04] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-02-2015 12:04] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== Google Slides - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf MEGA - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod YouTube - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Vertalen.nu - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\giapagjeblcapfphboclikepoeelhgkj AdBlock - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Marti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: OneDrive voor Bedrijven.lnk = C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Marti\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=10 folders=5 2630786 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marti\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Marti\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 20-03-2015 at 14:19:11,92 ======================