Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by Fabio en Kim on zo 15/06/2014 at 11:42:04,92. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Fabio en Kim\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-06-14-223707.log 94883 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\Performancer not found C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\paffxtbr@FilmFanatic.com not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\FABIOE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-06-14 21:19:19 2A13CF137B9C5728E86DA6FB882DC22D 2964 ----a-w- C:\Windows\Sysnative\Tasks\{7E25B6C0-E1B1-4DA2-85DC-F5A3D8307DBB} 2014-06-14 21:18:05 2A13CF137B9C5728E86DA6FB882DC22D 2964 ----a-w- C:\Windows\Sysnative\Tasks\{CC53644C-079C-4B14-8012-2FDF1DEF8D87} 2014-06-14 14:25:02 935BBD72DB8D84B89AF9513A826C66E1 3008 ----a-w- C:\Windows\Sysnative\Tasks\{E8E1A8A9-88D1-4D63-9CB5-B07A6106AF1F} 2014-06-06 17:47:00 C9809A054C48DE6DF41DAF0ACA50F7DB 3228 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForFabio en Kim 2014-06-06 17:47:00 A16A2CA13CA480C4F07A2516CF95F92C 360 ----a-w- C:\Windows\Tasks\HPCeeScheduleForFabio en Kim.job 2014-06-03 15:01:28 BEFAC500A977E4823D0AA46F368D3A7E 3384 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-14 15:16:14 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-06-14 14:21:36 -------- d-----w- C:\PROGRA~2\Trend Micro 2014-06-11 17:20:17 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird ======= C: ===== ====== C:\Users\Fabio en Kim\AppData\Roaming ====== 2014-06-14 22:28:56 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-14 22:28:56 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-14 22:28:56 -------- d-----w- C:\Users\Fabio en Kim\AppData\Local\Temp 2014-06-14 22:28:56 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-14 22:28:56 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-13 21:13:47 B464C29270D63815625379994EA8C81C 987528 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-06-06 21:29:17 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\Fabio en Kim\AppData\Local\recently-used.xbel ====== C:\Users\Fabio en Kim ====== 2014-06-14 15:15:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fabio en Kim\Downloads\RSITx64.exe ====== C: exe-files == 2014-06-14 15:16:15 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Fabio en Kim.exe 2014-06-14 15:15:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fabio en Kim\Downloads\RSITx64.exe 2014-06-11 17:20:20 EB313ABDC842ECD860AEE78DBEA3CCD4 901232 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe 2014-06-11 17:20:20 B247B655785E659EFA579E5089D50B45 390256 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2014-06-11 17:20:20 2D388825897E01BF440F78823DA9DCD7 275056 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe 2014-06-11 17:20:20 18D226DE67745BFDECBEF00182AC9BFD 22640 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe 2014-06-11 17:20:19 BB08D58A90F8DD9E9642F59211E1969D 18544 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe 2014-06-11 17:20:19 AFCE22055443AA82E32052AACF64E89E 194176 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe 2014-06-11 17:20:18 F60E017313E0F1EEB21D87C434CF538D 119408 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe 2014-06-11 17:20:18 96F17050399EC71B2E0FA025770586A6 117360 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe 2014-06-09 15:38:28 A2A89E87EA3BB6921FF526CD6DEDA824 13501272 ----a-w- C:\Program Files\Box\Box Sync\BoxSync.exe 2014-06-09 15:37:42 C1014CBD4CA8CAEC4873D0C5F0FCF0BE 30232 ----a-w- C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN338350VK05XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "SkyDrive"="C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN338350VK05XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "SkyDrive"="C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" "BoxSync"="c:\Program Files\Box\Box Sync\BoxSync.exe -m" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2013-09-20 16:12:14 1952 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6520 series (netwerk).lnk 2010-12-30 11:59:54 1239 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk 2011-04-13 20:50:20 1239 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk 2013-11-18 19:31:41 1109 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk 2010-12-25 13:42:37 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19/05/2014 17:06] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/07/2011 16:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/07/2011 16:07] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [25/07/2011 11:11] C:\Windows\tasks\HPCeeScheduleForDICRISTOFALO$.job --a------ [Undetermined Task] C:\Windows\tasks\HPCeeScheduleForFabio en Kim.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 03:53] C:\Windows\tasks\SW-Booster-S-1052359469.job --ah----- C:\programdata\miniapp\sw-booster\SW-Booster.exe [02/05/2013 14:57] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 0766afab10984bee93ae23da6aa9101a3d95c82066784680a8da7eddc5a8a469" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - dc1ffc6dd38d4d2cb56b54e4b6a8b643cefdecb8d1274666ae69058f01b9de7a" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - e2cbce1573be4b78bce7324f79a3f4c8b464a75c6829485982790e81fef29d17" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForDICRISTOFALO$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForFabio en Kim" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 6520 series" ["C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SW-Booster-S-1052359469" [c:\programdata\miniapp\sw-booster\SW-Booster.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{56B10FB9-597D-4770-8490-15FDAA275E56}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{7E25B6C0-E1B1-4DA2-85DC-F5A3D8307DBB}" [C:\Users\Fabio en Kim\Desktop\zoek.exe] "C:\Windows\SysNative\tasks\{9EC998EE-5F3C-42B2-A0AA-DAA2994C4B43}" [F:\Watchtower\Watchtower Library 2012\O\WTLibrary.exe] "C:\Windows\SysNative\tasks\{CC53644C-079C-4B14-8012-2FDF1DEF8D87}" [C:\Users\Fabio en Kim\Desktop\zoek.exe] "C:\Windows\SysNative\tasks\{E8E1A8A9-88D1-4D63-9CB5-B07A6106AF1F}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN338350VK" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [01/07/2013 11:04] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25/12/2010 15:44] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605 - Undetermined - C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\paffxtbr@FilmFanatic.com ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Thunderbird\Profiles\l0h1m7z0.default - AttachmentExtractor - %ProfilePath%\extensions\{35834d20-efdb-4f78-ab77-9635fb4e56c4}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605 A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 4AE054AAF74F93566720766CBC9A0E64 - C:\Users\Fabio en Kim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player A64F2C388DC26BE3E469EDC3657B14F4 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) C45F7E59F2A0A6D3C4E90117F4752414 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) F7AEAD4303A056F2D1685B43024776CA - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) FA0A3008589567CB7196620B05C9F28D - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 07A722522C5CB75AEBF837E0411415C0 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 215BBC07AAD6CB4772D2A1CA5E048C37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) 8F323545429C457FE6F8CED13E62AB3D - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 31DA97B4682187C6639BBE2215814FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11] RealDownloader - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Google Wallet - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5C20593D-2550-4FEA-BDA7-D9EB1346DCC5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {97A18302-F4DB-47D7-B1B2-D977467FBC9C} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {A963B397-9F38-4AC8-A474-29EABA907BDD} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" ==== Reset Google Chrome ====================== C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\5affxtbr@MyWebFace_5a.com deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF8HGZUB will be deleted at reboot C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Fabio en Kim\AppData\Local\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3845 folders=992 34926176636 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fabio en Kim\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\FABIOE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF8HGZUB" not found ==== EOF on zo 15/06/2014 at 12:11:19,38 ======================