Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Gebruiker on ma 17-03-2014 at 23:01:01,38. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek(1).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-17-122531.log 70852 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe E:\Program Files (x86)\Glary Utilities 4\Integrator.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Gebruiker\Desktop\zoek(1).exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Windows\Installer\993e2b.msi" deleted ==== System Specs ====================== Operating System: Microsoft Windows 8.1 6.3.9600 64 bits Manufacturer: ASUSTeK COMPUTER INC. - Model: S400CA Install Date: 18-10-2013 22:56:11 Last Boot: 17-3-2014 21:33:53 Processor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 3981 MB (free 2424 MB - 60) Computername: ASUS Domain: WORKGROUP User: Gebruiker (Administrator account) Local Disk: C:\ - NTFS - 97 GB (free 41 GB) Local Disk: D:\ - NTFS - 97 GB (free 62 GB) Local Disk: E:\ - NTFS - 270 GB (free 264 GB) Bootdevice: \Device\HarddiskVolume1 Windows update: Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Avira Desktop On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Avira Desktop disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 27.0.1 Internet Explorer Version: 11.0.9600.16521 Mozilla Firefox version: 27.0.1 (x86 nl) Sun Java version: 1.7.0_51 (32-bit) Sun Java version: 1.7.0_25 (64-bit) Flash Player version: 12.0.0.77 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-03-12 20:59:42 D292652F380DFC23897CB31B1940E56C 588800 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-03-12 20:59:42 42433CDEC449D40F508752F2D487D8E4 478208 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-03-12 20:59:41 3104FCDE0470E5D89C9991FC0EDDE57E 18643560 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2014-03-12 20:59:40 9929F71938D9FCE4550BEB935071F0C8 13949440 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-03-12 20:59:38 A00970DBAD7034523CF9D2C395A944B8 103936 ----a-w- C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-03-12 20:59:38 716046CF7941B176C18AA58785899A2D 174592 ----a-w- C:\WINDOWS\SysWOW64\WSClient.dll 2014-03-12 20:59:37 A863A4DEF854D579C36EAA9DECF21C80 336896 ----a-w- C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-03-12 20:59:37 65ACE54B8EDA937EE7706733D27F40A8 802816 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-03-12 20:59:36 EC308077E9BEEDF523AE3D6BA042E016 630272 ----a-w- C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2014-03-12 20:59:36 E2C1E49EBFB8EFA1AFF6966533BAD12B 140800 ----a-w- C:\WINDOWS\SysWOW64\easwrt.dll 2014-03-12 20:59:36 DBB6B2FA462A5E7029766B09ED9CDA73 381168 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2014-03-12 20:59:36 CF8746715C1AA00C29F789825E321C7C 770560 ----a-w- C:\WINDOWS\SysWOW64\ReAgent.dll 2014-03-12 20:59:36 A7DE6E0B69826D5B6F5FF68AABCF7035 218112 ----a-w- C:\WINDOWS\SysWOW64\sti.dll 2014-03-12 20:59:36 986ABF43F76F5B0E3557363FB4925C78 1472048 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2014-03-12 20:59:31 D34CE666D9BA3D5232609D3C15075B70 5770752 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-12 20:59:30 ECEBFCEF5799B57BFF242D24B27E4FE4 2143960 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-12 20:59:30 6C8AC5035C39C818624EFA962B24AB3D 1036288 ----a-w- C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-12 20:59:30 34823DAA381423CAE81FEE7C2EEE52F4 669352 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-12 20:59:30 2A3626E0B7F5A5317902EBDAF2B4CCE0 1371824 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2014-03-12 20:59:30 17500825FE6C7094ACC6E7DC6B578399 369280 ----a-w- C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-12 20:59:29 FCD51A3EB7E47FBCE17382A95FD3AB35 2873344 ----a-w- C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-12 20:59:29 F5033F3C6F8E706D78ACB9351EBF7B3E 1238016 ----a-w- C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-12 20:59:29 D4A17A8DEB194D77AD9651F0EE0C76EB 138752 ----a-w- C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-12 20:59:29 D0B6EB329D696A5C2122352EAE722290 855552 ----a-w- C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-12 20:59:29 878B3C936C3C2850A57C24C6F104EBC5 208896 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-12 20:59:29 3DA5CD1E3B9BDAF79731CB6CB1029CB3 53248 ----a-w- C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-12 20:59:29 249DE8C6F690646CC8EC53D49ABC6BE9 408480 ----a-w- C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-12 20:59:26 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-12 20:59:25 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-12 20:59:24 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-12 20:59:24 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-12 20:59:24 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-03-12 20:59:24 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-12 20:59:24 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-12 20:59:24 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-03-12 20:59:10 07B5CC5559ED3F55A3F940B3211D89C2 124416 ----a-w- C:\WINDOWS\SysWOW64\poqexec.exe 2014-03-12 20:59:06 F80E8CF9E4A051C2CC338C85088A046C 488448 ----a-w- C:\WINDOWS\SysWOW64\qedit.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-03-12 20:59:42 FF73B88BA206966BD228320F664D4D92 21199256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2014-03-12 20:59:42 968FB3BA8E7DF0933A1CF593BD503F4A 461312 ----a-w- C:\WINDOWS\Sysnative\XpsGdiConverter.dll 2014-03-12 20:59:42 43D0F8E593ABD37B5BC9573EDD71EFEB 628736 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2014-03-12 20:59:42 1D8F8BE07D2B06C32ADB4B08F0F2A357 749056 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2014-03-12 20:59:40 04B5ADB034D17585D3BCFC6DE5CADFF8 18576384 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2014-03-12 20:59:38 B88A70259DF2927787C0B766DD4CFB5C 206336 ----a-w- C:\WINDOWS\Sysnative\WSClient.dll 2014-03-12 20:59:38 68085A085DE8E3540EE8E02CAE575B2E 138240 ----a-w- C:\WINDOWS\Sysnative\OEMLicense.dll 2014-03-12 20:59:37 E80700EB046D0B82B694C98CF7231C08 481944 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2014-03-12 20:59:37 E069B63DAD920D231FA8A141DFF43A8C 960512 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2014-03-12 20:59:37 A95838FFFAEAA7500263D491575F7E0C 1214976 ----a-w- C:\WINDOWS\Sysnative\schedsvc.dll 2014-03-12 20:59:36 E287F157F7A0011D93179C64EF8ADCF2 376320 ----a-w- C:\WINDOWS\Sysnative\pnrpsvc.dll 2014-03-12 20:59:36 D03BF756457B6A1EB305B26046BB9B4D 914944 ----a-w- C:\WINDOWS\Sysnative\ReAgent.dll 2014-03-12 20:59:36 C8ACFF60C553E63949A79DC370B516E4 947712 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2014-03-12 20:59:36 A0D3749BB1BC942C7D21C4D99E79A615 131160 ----a-w- C:\WINDOWS\Sysnative\easinvoker.exe 2014-03-12 20:59:36 847CFF96ACB575CE73C0E2E86C6BA993 842752 ----a-w- C:\WINDOWS\Sysnative\MsSpellCheckingFacility.dll 2014-03-12 20:59:36 66F214C9E446407D78048681394820A6 178176 ----a-w- C:\WINDOWS\Sysnative\easwrt.dll 2014-03-12 20:59:36 3D136E8D4C0407D9C40FD8BDD649B587 1720560 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2014-03-12 20:59:36 1FCA4E287F0ED13BF037A484AA2FE3B1 419160 ----a-w- C:\WINDOWS\Sysnative\hal.dll 2014-03-12 20:59:36 0B9FBEC5714523FF76DDFEB320FE2DF2 303616 ----a-w- C:\WINDOWS\Sysnative\sti.dll 2014-03-12 20:59:31 C993A0B97BECD3AAF5158E3869878465 6353960 ----a-w- C:\WINDOWS\Sysnative\sppsvc.exe 2014-03-12 20:59:31 BAAD43360A7DF630ECC414671AEFA28C 6640640 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2014-03-12 20:59:31 977F77CE98456F6B115E5360A1160449 2133208 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2014-03-12 20:59:30 CFADC50692A845BAC30940E203393219 1287064 ----a-w- C:\WINDOWS\Sysnative\kernel32.dll 2014-03-12 20:59:30 C7DFBE21051D5E44B479CBF74B968335 1486848 ----a-w- C:\WINDOWS\Sysnative\dbghelp.dll 2014-03-12 20:59:30 C7B69F90B823182CE6BE7C5374832DE5 764864 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2014-03-12 20:59:30 C039246195C736A602F581D29F18A43D 1928144 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2014-03-12 20:59:30 B5D2EBAD81739185A91D210F5F01824B 407024 ----a-w- C:\WINDOWS\Sysnative\Faultrep.dll 2014-03-12 20:59:30 819A1E0F89B6AC222E9D95CA000A40B1 4175360 ----a-w- C:\WINDOWS\Sysnative\dbgeng.dll 2014-03-12 20:59:30 2684605E822359CBD1ED2BD2C8E76397 249856 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll 2014-03-12 20:59:29 C83AFB0B285F293EDECF5EBDEC074A94 458616 ----a-w- C:\WINDOWS\Sysnative\WerFault.exe 2014-03-12 20:59:29 AFCAB4DC692CCE37E283B00E2D7B438F 447488 ----a-w- C:\WINDOWS\Sysnative\sppcomapi.dll 2014-03-12 20:59:29 99453C649DC4B0BE6D062B701CD2917F 716288 ----a-w- C:\WINDOWS\Sysnative\swprv.dll 2014-03-12 20:59:29 94D79382FB796B0A8C90270654A70563 1057280 ----a-w- C:\WINDOWS\Sysnative\rdvidcrl.dll 2014-03-12 20:59:29 735CB57F806D292FB7ABE8BDFD3B5853 233920 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2014-03-12 20:59:29 724ADFEE7743C26C550ABFE04271DCFD 160256 ----a-w- C:\WINDOWS\Sysnative\DWWIN.EXE 2014-03-12 20:59:29 3FFEC6927D4017829A82ECDB277BB23E 64512 ----a-w- C:\WINDOWS\Sysnative\tsgqec.dll 2014-03-12 20:59:29 110BE5198A63D3FF3CE9C30F1DC12EC3 386722 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-03-12 20:59:28 4E0709D9BB951AD1C22E4FF519B90839 23133696 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-03-12 20:59:25 9C5ADB26632D46919ABB231CF7DE98B9 13051904 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-03-12 20:59:24 E6ACA421DA3E50D7F0A31228F0C547B0 627200 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-03-12 20:59:24 DF79CE9B950C62677D232154E93A81C7 2334208 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-03-12 20:59:24 D378AB3C9178424588B55AC7B652D7F9 218624 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-03-12 20:59:24 CF1C73DE1FADE3D3C44FCAF254F57DB2 5768704 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-03-12 20:59:24 BA0A21F761CE5001DF712C51BF11F953 1393664 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-03-12 20:59:24 76862AAF77C049EC20217FDC209F7F13 2765824 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-03-12 20:59:24 48ED94DA88F65684B28FCD87C01288A7 817664 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-03-12 20:59:10 4A8D40E38BC2C57E5D630AD6994A85CB 139776 ----a-w- C:\WINDOWS\Sysnative\poqexec.exe 2014-03-12 20:59:07 695C842DAA76536CE44C336C9E27B25D 1507704 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2014-03-12 20:59:07 1A1DDFD4BA6523979C76BE188984C3AC 1643584 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2014-03-12 20:59:06 1A69D165DDA78A4329B854D4FEDAD132 4189184 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-03-12 20:59:06 05894DFC52A78C3B1DD5EF6F30FAD28C 586240 ----a-w- C:\WINDOWS\Sysnative\qedit.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-03-16 13:25:28 C0BA352412C002730831E83E69285BB6 17088 ----a-w- C:\WINDOWS\Sysnative\drivers\BootDefragDriver.sys 2014-03-12 20:59:37 13B160C1913F012BD1615EB1398D3779 1530712 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-03-12 20:59:36 D22EB844EB57D016CC34178AC86456DF 325464 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2014-03-12 20:59:36 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys 2014-03-12 20:59:36 22EDC0DE06A0272DFA4C7B47B5D8E377 382808 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-03-12 20:59:30 ECC68BD5347BDE9631EE68274858A41F 2543960 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-03-12 20:59:29 C85C075DE5B6D0FE116043054DE8EE02 311640 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-03-12 20:59:21 C52148456E0F6EAD9E903020A79207FC 236888 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-03-12 20:59:21 241895E8A9C158DF86E12FDD21033A32 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2014-03-12 20:59:20 57F22324FAAF92ADF957B281E88F1743 124760 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2014-02-17 07:00:32 ED39D676080A1AEA755F1DEC1A8DF1A4 1119064 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-02-17 07:00:31 79B6F3DF7CDFD12159871FF71464F0CE 403456 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-02-17 07:00:29 B7342B3C58E91107F6E946A93D9D4EFD 142848 ----a-w- C:\WINDOWS\Sysnative\drivers\ipnat.sys 2014-02-17 07:00:29 4628B415A84EA9D4D396A56F1D0CB6C6 142680 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2014-02-17 07:00:27 1C89EF529DB7DCA98E801EFDCC8437DE 19456 -c--a-w- C:\WINDOWS\Sysnative\drivers\BtaMPM.sys ====== C:\WINDOWS\Tasks ====== 2014-02-21 07:03:42 FC63586611D150ECB190C8067E0BD0F6 3096 ----a-w- C:\WINDOWS\Sysnative\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2027060751-2346385369-3789192830-1001 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-03-16 12:14:10 -------- d-----w- C:\Program Files\trend micro 2014-03-16 12:00:11 -------- d-----w- C:\Program Files\Speccy 2014-03-12 21:01:53 -------- d-----w- C:\Program Files\Common Files\Atheros ======= C:\PROGRA~2 ===== 2014-03-03 11:16:33 -------- d-----w- C:\PROGRA~2\QuickTime ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-03-17 20:35:38 -------- d-----r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-03-17 13:38:14 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-03-17 12:35:05 -------- d-----w- C:\Users\Gebruiker\AppData\Local\VirtualStore 2014-03-17 12:18:51 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2014-03-17 12:18:51 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2014-03-17 12:18:51 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Temp 2014-03-17 12:18:51 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-03-17 12:18:51 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-03-15 12:32:01 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Tracker Software ====== C:\Users\Gebruiker ====== 2014-03-17 13:07:08 A835A531CB59AD25A48F3966B1674CB9 1299048 ----a-w- C:\Users\Gebruiker\Downloads\speedupmypc.exe 2014-03-17 11:34:50 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Gebruiker\Downloads\MicrosoftFixit.Search.FISC.6331848682266932.2.1.Run.exe 2014-03-16 13:38:59 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Gebruiker\Downloads\MicrosoftFixit.WinFileFolder.FISC.53318405076116996.2.2.Run.exe 2014-03-16 12:52:31 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Gebruiker\Downloads\MicrosoftFixit.Search.FISC.53318405076116996.2.1.Run.exe 2014-03-16 12:13:41 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-03-16 12:00:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-03-16 11:59:07 024542793EF5B061EA2AE16D991D2DD3 4845384 ----a-w- C:\Users\Gebruiker\Downloads\spsetup125.exe 2014-03-15 12:31:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 2014-03-03 11:16:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-03-03 11:16:33 -------- d-----w- C:\ProgramData\Apple Computer 2014-02-24 06:26:18 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp ====== C: exe-files == 2014-03-17 21:49:36 57FFC647042C5CD7BE0CAF5787C16DF1 820424 ----a-w- C:\Program Files\Microsoft Office 15\Data\ClientUpdateDir\officec2rclient.exe 2014-03-17 21:49:36 03F5F6B3FA0BACD7D385C5CE6D309F7A 2169016 ----a-w- C:\Program Files\Microsoft Office 15\Data\ClientUpdateDir\officeclicktorun.exe 2014-03-17 21:49:35 A43959C4F02876DF766EB4AB7802AB18 737512 ----a-w- C:\Program Files\Microsoft Office 15\Data\ClientUpdateDir\integratedoffice.exe 2014-03-17 13:07:08 A835A531CB59AD25A48F3966B1674CB9 1299048 ----a-w- C:\Users\Gebruiker\Downloads\speedupmypc.exe 2014-03-17 11:34:50 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Gebruiker\Downloads\MicrosoftFixit.Search.FISC.6331848682266932.2.1.Run.exe 2014-03-16 13:38:59 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Gebruiker\Downloads\MicrosoftFixit.WinFileFolder.FISC.53318405076116996.2.2.Run.exe 2014-03-16 12:52:31 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Gebruiker\Downloads\MicrosoftFixit.Search.FISC.53318405076116996.2.1.Run.exe 2014-03-16 12:14:10 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-03-16 12:13:41 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-03-16 11:59:07 024542793EF5B061EA2AE16D991D2DD3 4845384 ----a-w- C:\Users\Gebruiker\Downloads\spsetup125.exe 2014-03-15 12:51:28 6CEFCC79BAFBA725DCE5A245C1034FFF 2228224 ----a-w- C:\Users\Gebruiker\AppData\Local\Packages\5812179B29925.3284964C256C_vp95hwg6x04ww\AC\Microsoft\CLR_v4.0_32\NativeImages\Kesyn.Book\8d3b7b636e9c6d6f917de0b00175e452\Kesyn.Book.ni.exe 2014-03-15 12:26:50 2D4DE3BDE2888A714F87582968C6DAD0 54506928 ----a-w- C:\Users\Gebruiker\Downloads\PDF reader XVE3\PDFXVE3.exe 2014-03-15 12:16:49 6AB585DAB91E7D88AAA1B562AFA9377C 217768 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE 2014-03-15 12:16:47 F0B54CE877BE92DB307905FB49259266 33440 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesX86\Microsoft Office\Office15\AppSharingHookController.exe 2014-03-15 12:16:47 9E24E6015CD1F35C6B2EF75FB326B01F 3015336 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\WORDICON.EXE 2014-03-15 12:16:44 F7973FCD48D8EE5D5735288EF08C7A88 377008 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\msoia.exe 2014-03-15 12:16:44 002CAA8D4D2EBA86B32D340D27B8175F 107760 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2014-03-15 12:16:42 96E662C8C9B23AC7DE7D1948C145B4FB 3509416 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\PPTICO.EXE 2014-03-15 12:16:39 3C683E054BBBA0298C0C832E8F31B460 39584 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\AppSharingHookController64.exe 2014-03-15 12:16:37 F0EA9218B3C1F961873EFAE9AC82A20D 588008 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DWTRIG20.EXE 2014-03-15 12:16:35 21587EAAD3120394426B036FC5B7277F 997584 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DW20.EXE 2014-03-15 12:16:33 D4826D1A19220F5BFFE2DD34BC100D91 3748008 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\ACCICONS.EXE 2014-03-15 12:16:33 79F0E929756083D13F8B12BE81DDD435 49344 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\flattener\Flattener.exe 2014-03-15 12:16:27 906900B79D2E3E92E7AE7EBC9B033EB4 5282008 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe 2014-03-15 12:16:26 5E0C267F8CF897C1ED3A9B6289AAC15D 614568 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOICONS.EXE 2014-03-15 12:16:25 5D6F2D337FB91576CDBADC3080364DB8 14022320 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\PDFREFLOW.EXE 2014-03-15 12:16:22 1F56DF410344B10F10958B81CD39B2FF 1056944 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\protocolhandler.exe 2014-03-15 12:16:21 B64096648F30C744F2CE42AB5B8EC557 652472 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOSQM.EXE 2014-03-15 12:16:20 B3ADBDE5F1EAD2528B164523AF6A9338 3685544 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\XLICONS.EXE 2014-03-15 12:16:20 96EA29F53F0475C4189008DFA22A89C3 6077128 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\Integration\OneDriveSetup.exe 2014-03-15 12:16:19 86ABD59E7C4CF6BFA97651417625DC1D 7113432 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe 2014-03-15 12:16:11 EDC0A2B201BA18CABEB2717C4129D5B0 1626840 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 2014-03-15 12:16:11 E3E0F7264AEB08CB05D567606A201794 110792 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\NAMECONTROLSERVER.EXE 2014-03-15 12:16:11 A73405073AD648319BD8167F8B9AC5EB 277696 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\CLVIEW.EXE 2014-03-15 12:16:11 8379A7F5AFD74161BB14049BD40AFAAB 626368 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSOUC.EXE 2014-03-15 12:16:11 672E98E0F48968CA1E4CFC5757C11EE9 55512 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\SETLANG.EXE 2014-03-15 12:16:10 F6D9E689E65BCC03F7A31E3D25FE6486 471232 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSOSYNC.EXE 2014-03-15 12:16:10 A56DF62F436C9EF30E9980EC282609B8 666864 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\IEContentService.exe 2014-03-15 12:16:10 9E8379C216A0F8F26C2DC69536ED6531 37040 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\msoev.exe 2014-03-15 12:16:10 9E64B9034767EAC60032A1C23CEBEF29 221360 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\ONENOTEM.EXE 2014-03-15 12:16:10 893F383169D3FA2979026ED8CE0F3C30 873120 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSQRY32.EXE 2014-03-15 12:16:10 7897B0641FEDEBEFE30E9831784BD30E 576728 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\SELFCERT.EXE 2014-03-15 12:16:10 711D8404BFFD66284111A6D284AE55E2 29463712 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\excelcnv.exe 2014-03-15 12:16:10 671BEB6315244A46BAEC4E7890DB3A53 47336 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\SCANPST.EXE 2014-03-15 12:16:10 6394852B6EB5563C18E74847E5AF932C 37048 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\msotd.exe 2014-03-15 12:16:10 4C3636BECC56AEDE1AF8B372C7D334FB 1026728 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\misc.exe 2014-03-15 12:16:10 40708CB81D1E024E0A1C8A2674644A8D 696056 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\ORGCHART.EXE 2014-03-15 12:16:10 240299DED0EEE0E2B1A1F7D51FF46F57 6132928 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\GRAPH.EXE 2014-03-15 12:16:08 E1516703A43A5D0B299128646A2551C9 1848016 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\OcPubMgr.exe 2014-03-15 12:16:08 C8CC4AC85399EC3B8236B0C57A7D776E 8463016 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\lynchtmlconv.exe 2014-03-15 12:16:07 A62C45FB70F128B84AF81A7B018091FB 227496 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\CNFNOT32.EXE 2014-03-15 12:16:07 A5B8B4E12D6086F06250D89279DC99C7 860832 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\UcMapi.exe 2014-03-15 12:16:07 654F5E1ECA3DDED8E121BFF72B5F7B68 698056 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\VPREVIEW.EXE 2014-03-15 12:15:53 53202A250AE8110206AF419C0638F8EA 833232 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\Integration\Integrator.exe 2014-03-15 12:15:28 B2E32CD230F26E8B6F53026EE62CDA9B 2561704 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\INFOPATH.EXE 2014-03-15 12:15:28 96083845ECC29E60E6A7974FFFB679D2 13280448 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\GROOVE.EXE 2014-03-15 12:15:28 2E1E5D2AD99AC6CBA39D0E22099C5B60 22538400 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\lync.exe 2014-03-15 12:15:27 7E83DB40A8AE716545C55331EE565D11 20594344 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSACCESS.EXE 2014-03-15 12:15:27 486DF7009FB985A4DF5ABD5D52D4D84D 27002536 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\OUTLOOK.EXE 2014-03-15 12:15:27 1D3BF44F8CB2372539E331A0BCD7D981 2229416 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\ONENOTE.EXE 2014-03-15 12:15:16 641792470FF487DDB1ABC35126A9EE7B 1925280 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\WINWORD.EXE 2014-03-15 12:15:15 5A58DC4F019C79C198EAE0BEC1DC21EF 32994464 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\EXCEL.EXE 2014-03-15 12:15:15 1AA9714EB50230FF61762200BEFC0708 14110888 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSPUB.EXE 2014-03-15 12:15:06 F7E86263A91582BF680C9AAD04819118 968872 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\FIRSTRUN.EXE 2014-03-15 12:15:06 6EA860F880F0AF59E31608AB504B9120 109736 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\perfboost.exe 2014-03-12 20:59:42 43D0F8E593ABD37B5BC9573EDD71EFEB 628736 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2014-03-12 20:59:42 42433CDEC449D40F508752F2D487D8E4 478208 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2014-03-12 20:59:36 A0D3749BB1BC942C7D21C4D99E79A615 131160 ----a-w- C:\Windows\System32\easinvoker.exe 2014-03-12 20:59:31 C993A0B97BECD3AAF5158E3869878465 6353960 ----a-w- C:\Windows\System32\sppsvc.exe 2014-03-12 20:59:29 D4A17A8DEB194D77AD9651F0EE0C76EB 138752 ----a-w- C:\Windows\SysWOW64\DWWIN.EXE 2014-03-12 20:59:29 C83AFB0B285F293EDECF5EBDEC074A94 458616 ----a-w- C:\Windows\System32\WerFault.exe 2014-03-12 20:59:29 724ADFEE7743C26C550ABFE04271DCFD 160256 ----a-w- C:\Windows\System32\DWWIN.EXE 2014-03-12 20:59:29 249DE8C6F690646CC8EC53D49ABC6BE9 408480 ----a-w- C:\Windows\SysWOW64\WerFault.exe 2014-03-12 20:59:24 D378AB3C9178424588B55AC7B652D7F9 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-03-12 20:59:10 4A8D40E38BC2C57E5D630AD6994A85CB 139776 ----a-w- C:\Windows\System32\poqexec.exe 2014-03-12 20:59:10 07B5CC5559ED3F55A3F940B3211D89C2 124416 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2014-03-12 20:59:07 695C842DAA76536CE44C336C9E27B25D 1507704 ----a-w- C:\Windows\System32\winload.exe 2014-03-12 20:59:07 695C842DAA76536CE44C336C9E27B25D 1507704 ----a-w- C:\Windows\System32\Boot\winload.exe === C: other files == 2014-03-17 22:08:50 A29030FB93B2E48EDD124749881406CE 943211 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\sysspec\SysSpec.zip 2014-03-17 19:02:17 BC43418097FE22C37FABDE9F6009653F 97506444 ----a-r- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\FileHistory\Data\1023\C\Users\Gebruiker\Documents\1 Praktijk\e-dot\joy4ever-nl-1391942304-complete-2014-03-17-15-37-29.zip 2014-03-17 18:18:49 BC43418097FE22C37FABDE9F6009653F 97506444 ----a-w- C:\Users\Gebruiker\Documents\1 Praktijk\e-dot\joy4ever-nl-1391942304-complete-2014-03-17-15-37-29.zip 2014-03-16 13:25:28 C0BA352412C002730831E83E69285BB6 17088 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys 2014-03-15 12:17:21 54D0ED7F9BB0FDF3F43518D492AF7FF3 86471 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\Ocomprivate.zip 2014-03-15 12:17:14 DDB638579B9FF3B85BB2A3CF16567180 85409 ----a-w- C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\Microsoft.Lync.Model.zip 2014-03-15 12:10:56 0465D4E318A8BF5FEA23E4C4291B7969 54019738 ----a-w- C:\Users\Gebruiker\Downloads\PDFXVE3.zip 2014-03-12 20:59:37 13B160C1913F012BD1615EB1398D3779 1530712 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-03-12 20:59:36 D22EB844EB57D016CC34178AC86456DF 325464 -c--a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2014-03-12 20:59:36 A1A5E79C0D1352AFDC08328A623DA051 408576 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2014-03-12 20:59:36 22EDC0DE06A0272DFA4C7B47B5D8E377 382808 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2014-03-12 20:59:30 ECC68BD5347BDE9631EE68274858A41F 2543960 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-03-12 20:59:29 C85C075DE5B6D0FE116043054DE8EE02 311640 -c--a-w- C:\Windows\System32\drivers\volsnap.sys 2014-03-12 20:59:21 C52148456E0F6EAD9E903020A79207FC 236888 ----a-w- C:\Windows\System32\drivers\WdFilter.sys 2014-03-12 20:59:21 241895E8A9C158DF86E12FDD21033A32 35856 ----a-w- C:\Windows\System32\drivers\WdBoot.sys 2014-03-12 20:59:20 57F22324FAAF92ADF957B281E88F1743 124760 ----a-w- C:\Windows\System32\drivers\WdNisDrv.sys 2014-03-12 20:59:06 1A69D165DDA78A4329B854D4FEDAD132 4189184 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2027060751-2346385369-3789192830-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GUDelayStartup"="E:\Program Files (x86)\Glary Utilities 4\StartupManager.exe -delayrun" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GUDelayStartup"="E:\Program Files (x86)\Glary Utilities 4\StartupManager.exe -delayrun" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASUS InstantOn] ==== Startup Folders ====================== 2013-09-20 16:59:27 1123 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk 2013-06-16 14:44:35 1295 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-12-28 09:34:31 1295 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GlaryInitialize 4.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-10-2013 15:30] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\WINDOWS\SysNative\tasks\4802" [wscript.exe C:\Users\GEBRUI~1\AppData\Local\Temp\launchie.vbs //B] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe] "C:\WINDOWS\SysNative\tasks\ASUS Patch for VIA Audio" [C:\Windows\system32\AsPatchViaAudio.exe] "C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["E:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GlaryInitialize 4" [E:\Program Files (x86)\Glary Utilities 4\Initialize.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\8n5q4ffh.default - Pocket - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\8n5q4ffh.default\extensions\isreaditlater@ideashower.com - Pocket - %ProfilePath%\extensions\isreaditlater@ideashower.com - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi - Firepicker - %ProfilePath%\extensions\firepicker@thedarkone.xpi - Rainbow Color Tools - %ProfilePath%\extensions\rainbow@colors.org.xpi ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\TomTom\HOME\Profiles\5aecsuc6.default - Map status indicator - E:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - E:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\8n5q4ffh.default 95812430959AE88CDD0301AB3A71913B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 6512664A6B3E3F037091D0E0CEA970D8 - E:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll - PDF-XChange Editor D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Gebruiker\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL - Microsoft Office 2013 74E615C992BAF1C8EDB720AEAF94A11C - E:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll - PDF-XChange Editor ==== Chrome Look ====================== Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.vlinderkind.eu/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.vlinderkind.eu/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140752FF deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417025FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF268140752FF deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: CrossriderApp0030383 - {11111111-1111-1111-1111-110311031183} - C:\Program Files (x86)\GemistDownloader-plugin\GemistDownloader-plugin-bho.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [GUDelayStartup] E:\Program Files (x86)\Glary Utilities 4\StartupManager.exe -delayrun O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @oem19.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing) O23 - Service: @oem19.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\8n5q4ffh.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=191 folders=31 431439915 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 17-03-2014 at 23:32:23,98 ======================