Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Michelle on di 02-06-2015 at 18:23:30,43. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michelle\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 2-6-2015 18:24:54 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Zylom Games deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 ABBYY FineReader 9.0 Sprint Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 17 ActiveX Adobe Flash Player 17 NPAPI Adobe Reader XI (11.0.08) Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Driver Installation Program Atheros Wi-Fi Protected Setup Library Bing Bar Bonjour Camera Assistant Software for Toshiba CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibiliteitspakket voor het 2007 Microsoft Office system Computer Security 14.115.100.0 (release) Corel PaintShop Photo Pro X3 D3DX10 Definition Update for Microsoft Office 2010 (KB3015642) 32-Bit Edition Dropbox DVD MovieFactory for TOSHIBA Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON Scan EPSON SX420W Series Handboek EpsonNet Print EpsonNet Setup 3.2 F-Secure CCF Reputation F-Secure CCF Scanning 1.51.111.300 (release) F-Secure Network CCF 1.02.141 F-Secure SafeSearch 1.03.159.0 (release) Free Audio CD Burner version 1.4 Free YouTube to MP3 Converter version 3.8 Geluiddemper v. cd/dvd-station GIMP 2.8.0 Google Chrome Google Desktop Google Toolbar for Internet Explorer Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Huishoudboekje ICA iCloud Intel(R) Graphics Media Accelerator Driver Intel© Matrix Storage Manager IPM_PSP_CL IPM_PSP_COM iTunes Java 8 Update 45 Java Auto Updater Junk Mail filter update Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2010 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Microsoft Works Microsoft XML Parser MobileMe Control Panel MSVCRT NetWaiting Netwerkhandleiding EPSON SX420W Series OGA Notifier 2.0.0048.0 Online Safety 2.115.2783.1598 Printer EPSON SX420W Series verwijderen PSPPContent PSPPRO_DCRAW QLICT Afstandsbediening v2.9 QuickTime Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader RegClean Pro Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft Excel 2010 (KB2965240) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965242) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2999412) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2999420) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965237) 32-Bit Edition Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Segoe UI Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Setup Skype Click to Call SkypeT 7.3 Spelling Dictionaries Support For Adobe Reader 8 Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD TOSHIBA-handleidingen TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup Toshiba Online Product Information TOSHIBA Recovery Disc Creator TOSHIBA Supervisor Password Toshiba TEMPRO TOSHIBA Value Added Package TRDCReminder TRORDCLauncher Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition Update for Microsoft Office 2010 (KB2965291) 32-Bit Edition Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition Update for Microsoft Office 2010 (KB2999439) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2986252) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3015585) 32-Bit Edition Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Player Firefox Plugin Ziggo Internetbeveiliging ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Internetbeveiliging\fshoster32.exe C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\SAgent4.exe C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DATA BECKER\Huishoudboekje\quick.exe C:\Program Files\Internetbeveiliging\fshoster32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Users\Michelle\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Windows\system32\igfxext.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSLAUNCH.EXE C:\Users\Michelle\Desktop\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Zylom Games not found C:\Program Files\RegClean Pro deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro deleted C:\Users\Public\Desktop\RegClean Pro.lnk deleted C:\found.000 deleted C:\found.001 deleted C:\Users\Michelle\AppData\Roaming\Systweak deleted C:\Windows\system32\roboot.exe deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 2940 MB CPU Info: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz CPU Speed: 1482,9 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Atheros AR5007EG Wireless Network Adapter | Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (F: | ) F: HL-DT-STDVDRAM GSA-T50N Ports: COM3 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 116,3GB | E: 115,1GB Hard Disks - Free: C: 26,2GB | E: 95,0GB Manufacturer *: INSYDE BIOS Info: AT/AT COMPATIBLE | 12/09/08 | TOSINV - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA Portable PC Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Internetbeveiliging On-access scanning disabled (Outdated) Anti-Spyware: Internetbeveiliging disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 43.0.2357.81 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 43.0.2357.81 Adobe Reader version: 11.0.8.4 Sun Java version: 1.8.0_45 (32-bit) Flash Player version: 17.0.0.169 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Michelle\AppData\Local\Temp ==== 2015-06-02 15:46:24 0CFC0308F76EC217C457F54DDFCB3077 43008 ----a-w- C:\Users\Michelle\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxzhpmh.dll 2015-06-01 20:13:41 75789803CB4131B7DBC0168B9F0CB9B5 245800 ----a-w- C:\Users\Michelle\AppData\Local\Temp\cleanup_tool.exe 2015-06-01 19:37:59 1974579DD29DF870EC488568A5B526D9 511152 ------w- C:\Users\Michelle\AppData\Local\Temp\.zylominstallertemp1433187479\ZylomGameInstallerTemp.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-28 19:30:54 -------- d-----w- C:\Program Files\trend micro ======= C: ===== 2015-05-31 16:37:03 ACECB7D7AF592DA7A843EF44B4500818 17494 ----a-w- C:\readme.txt ====== C:\Users\Michelle\AppData\Roaming ====== 2015-06-01 18:35:34 -------- d-----w- C:\Users\Michelle\AppData\Local\F-Secure 2015-05-31 08:15:57 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-05-31 08:15:57 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-05-31 08:15:57 -------- d-----w- C:\Users\Michelle\AppData\Local\Temp 2015-05-31 08:15:57 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-05-31 08:15:57 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-05-26 18:46:56 F48C82F0BA04F055F1C5933AD953E72E 1356 ----a-w- C:\Users\Michelle\AppData\Local\d3d9caps.dat ====== C:\Users\Michelle ====== 2015-06-01 16:55:15 D56605A4F5CE2DBEBA1540304827B394 2231296 ----a-w- C:\Users\Michelle\Downloads\adwcleaner_4.206.exe 2015-05-28 19:29:49 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Michelle\Downloads\RSIT.exe ====== C: exe-files == 2015-06-02 15:44:52 FE0B93CE6EFAD628152BA700C44266A2 207912 ----a-w- C:\ProgramData\f-secure\GUTS2\hydrawin\1433236834\install.exe 2015-06-01 20:13:41 75789803CB4131B7DBC0168B9F0CB9B5 245800 ----a-w- C:\Users\Michelle\AppData\Local\Temp\cleanup_tool.exe 2015-06-01 19:37:59 1974579DD29DF870EC488568A5B526D9 511152 ------w- C:\Users\Michelle\AppData\Local\Temp\.zylominstallertemp1433187479\ZylomGameInstallerTemp.exe 2015-06-01 18:35:34 DC3B2886D00572CC70C771969D89DA09 4825936 ----a-w- C:\Users\Michelle\AppData\Local\F-Secure\stubdl\fsdart.exe 2015-06-01 16:55:15 D56605A4F5CE2DBEBA1540304827B394 2231296 ----a-w- C:\Users\Michelle\Downloads\adwcleaner_4.206.exe 2015-06-01 16:42:18 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Users\Michelle\AppData\Local\Google\Update\Install\{4054D74B-05AD-4EF2-8F10-6F08742DB2EC}\43.0.2357.81_43.0.2357.65_chrome_updater.exe 2015-06-01 16:42:18 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Users\Michelle\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.81\43.0.2357.81_43.0.2357.65_chrome_updater.exe 2015-05-31 08:31:10 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe 2015-05-28 19:30:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michelle.exe 2015-05-28 19:29:49 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Michelle\Downloads\RSIT.exe 2015-05-27 14:51:31 277A41EB7D2DAA7105DF85BFC2F1C9AD 60456 ----a-w- C:\ProgramData\f-secure\GUTS2\orsp-win-v2\1432729310\fsorsp.exe 2015-05-27 14:51:30 AAD44E235E567401AB51571D06891C69 199720 ----a-w- C:\ProgramData\f-secure\GUTS2\orsp-win-v2\1432729310\orspupd.exe 2015-05-27 14:51:30 652F932B64BE6B9320E501DDBFAACA95 80936 ----a-w- C:\ProgramData\f-secure\GUTS2\orsp-win-v2\1432729310\orspdiag.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "TOSCDSPD"="TOSCDSPD.EXE" "Google Update"="C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "EPSON2265D9 (Epson Stylus SX420W)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_S4FE8.tmp /EF HKCU" "Epson Stylus SX420W(Netwerk)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_SB649.tmp /EF HKCU" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" [HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #6"="C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icscards.nl/nlic/portal/anwb/?ns_campaign=notification.anwb&ns_mchannel=e-mail.notification&ns_source=internal.20150505&ns_linkname=tekstlink&ns_fee=0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "NDSTray.exe"="NDSTray.exe" "cfFncEnabler.exe"="cfFncEnabler.exe" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "Google EULA Launcher"="c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA" "Toshiba TEMPO"="C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="RtHDVCpl.exe" "Skytel"="Skytel.exe" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe /start" "jswtrayutil"="C:\Program Files\Jumpstart\jswtrayutil.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "Corel File Shell Monitor"="c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe" "EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Huishoudboekje"="C:\Program Files\DATA BECKER\Huishoudboekje\quick.exe" "F-Secure Hoster (45123)"="C:\Program Files\Internetbeveiliging\fshoster32.exe -app -hosterid:1" "F-Secure Manager"="C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe " "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe " "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "TOSCDSPD"="TOSCDSPD.EXE" "Google Update"="C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "EPSON2265D9 (Epson Stylus SX420W)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_S4FE8.tmp /EF HKCU" "Epson Stylus SX420W(Netwerk)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_SB649.tmp /EF HKCU" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #6"="C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icscards.nl/nlic/portal/anwb/?ns_campaign=notification.anwb&ns_mchannel=e-mail.notification&ns_source=internal.20150505&ns_linkname=tekstlink&ns_fee=0" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~2\\GOEC62~1.DLL" ==== Startup Folders ====================== 2008-08-19 11:40:54 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2008-08-19 11:40:54 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2015-04-24 15:03:35 1051 ----a-w- C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16-04-2015 18:37] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000Core.job --a------ C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [26-10-2014 00:20] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000UA.job --a------ C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [26-10-2014 00:20] C:\Windows\tasks\Scheduled scanning task.job --a------ C:\PROGRA1\INTERN3\apps\COMPUT1\ANTI-V1\fsav.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000Core" [C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000UA" [C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Scheduled scanning task" [C:\PROGRA~1\INTERN~3\apps\COMPUT~1\ANTI-V~1\fsav.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{C2AB3416-5164-4923-82ED-5A68766413B5}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{FB0A90B0-EF1F-4681-B4DC-5FB09CA3A10E}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{448bb7fc-4480-4bbb-86d5-dacf656c0480}"="C:\Program Files\Internetbeveiliging\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https" [17-04-2015 22:48] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jmjjnhpacphpjmnnlnccpfmhkcloaade - C:/Program Files/Internetbeveiliging/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx[17-04-2015 22:46] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10-10-2011 12:09] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gkmikccifolokanfakbeadbmgchomeli - C:\Program Files\Internetbeveiliging\apps\SafeSearch\Chrome\main.crx[19-06-2014 10:28] Google Slides - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Bookmark Manager - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Browsing Protection by F-Secure - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade Skype Click to Call - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {29ADE21B-BCF1-47ED-B239-A1E45EB22990} Google Url="http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_nl" {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=CnzcSvFEm7rYDuBZslU1tM_b8UM?q={searchTerms}" {D4359B43-B7E8-4BB8-8C8E-125F148DF020} Google Url="http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_nl" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Corel File Shell Monitor] c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Huishoudboekje] C:\Program Files\DATA BECKER\Huishoudboekje\quick.exe O4 - HKLM\..\Run: [F-Secure Hoster (45123)] "C:\Program Files\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [Google Update] "C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [EPSON2265D9 (Epson Stylus SX420W)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S4FE8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Epson Stylus SX420W(Netwerk)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_SB649.tmp" /EF "HKCU" O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKCU\..\RunOnce: [Application Restart #6] C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icscards.nl/nlic/portal/anwb/?ns_campaign=notification.anwb&ns_mchannel=e-mail.notification&ns_source=internal.20150505&ns_linkname=tekstlink&ns_fee=0 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Michelle\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\fshoster32.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\Windows\system32\SAgent4.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=53 folders=9 481830353 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Michelle\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Michelle\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on di 02-06-2015 at 18:49:17,01 ======================