Zoek.exe v5.0.0.0 Updated 16-10-2014 Tool run by Hendrik on do 16/10/2014 at 10:30:51,01. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hendrik\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 16/10/2014 10:33:13 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Hendrik\AppData\Roaming\QuickScan deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2293620883-1879012837-2307501702-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2293620883-1879012837-2307501702-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Common Files\DVDVideoSoft deleted C:\Windows\AutoKMS deleted C:\Users\Hendrik\AppData\Roaming\ESXi-Customizer.ini deleted C:\Users\Hendrik\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Hendrik\Downloads\bsplayer266-1075 (1).exe deleted C:\Users\Hendrik\Downloads\bsplayer266-1075.exe deleted C:\Users\Hendrik\Downloads\bsplayer266.1075.exe deleted C:\Users\Hendrik\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\Hendrik\Downloads\SoftonicDownloader_voor_ibm-spss-statistics.exe deleted "C:\Windows\tasks\AutoKMS.job" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-10-14 14:53:59 72E4EF187000A8BFF0E3EE4EA431FF12 588267905 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Hendrik\AppData\Local\Temp ==== 2014-10-16 08:21:23 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfwcxzp.dll 2014-10-15 16:39:07 BC83108B18756547013ED443B8CDB31B 421200 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\msvcp100.dll 2014-10-15 16:39:07 AC81A1D6620C149AF28569A1494500CB 2605640 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\QtCore4.dll 2014-10-15 16:39:07 96A1640409903FC1E0CE6400E4E3B599 364104 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\QtXml4.dll 2014-10-15 16:39:07 82710FEE49206423E9574C64CF833F21 8583240 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\QtGui4.dll 2014-10-15 16:39:07 40DFAA9D82F8C3D1AC93A71CDF2BD3D1 245320 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\ssleay32.dll 2014-10-15 16:39:07 18AAC35603B942A2319AD8B4A82BFF67 1059912 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\QtNetwork4.dll 2014-10-15 16:39:07 0E37FBFA79D349D672456923EC5FBBE3 773968 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\msvcr100.dll 2014-10-15 16:39:06 B342814C358E3D7F8AD5221DEA8A4106 1112648 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\libeay32.dll 2014-10-15 16:39:06 279A285E588D1AA0F4207B4E38D92328 713288 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\advanced_ip_scanner.exe 2014-10-15 16:39:06 1028F7406AE5D45736AB0CA0F7DCD597 184392 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\Advanced IP Scanner 2\advanced_ip_scanner_console.exe 2014-10-14 12:18:11 E3A25C80E2375B2D42C3D4729769BDF3 10240 ----a-w- C:\Users\Hendrik\AppData\Local\Temp\SDIAG_93449cb3-d6e4-4c75-9d6c-e0d93014dacf\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== 2014-10-16 08:29:04 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Hendrik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-4474f13e ====== C:\Windows\SysWOW64 ===== 2014-10-16 08:28:29 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-10-15 13:16:39 0FCE0139881B3988362C58FCC2C3D4A2 140280 ----a-w- C:\Windows\SysWOW64\BgGamingMonitor.dll 2014-10-15 13:16:25 FF43AEA4000F01F91BBAFF382912D02F 64336 ----a-w- C:\Windows\SysWOW64\BGLsp.dll 2014-10-15 09:30:00 CE9FDB173E3FDA974B9CC2596558EA47 68608 ----a-w- C:\Windows\SysWOW64\packager.dll 2014-10-15 09:28:44 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-10-15 09:28:25 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-10-15 09:28:23 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-10-15 09:28:20 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-10-15 09:28:20 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-10-15 09:28:19 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-10-15 09:28:18 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 09:28:18 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 09:28:17 980D01CB48811552E09D9CFF397886C9 315904 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 09:28:16 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-15 09:28:16 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 09:28:15 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-10-15 09:28:15 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-10-15 09:28:15 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 09:27:08 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-10-12 12:40:42 A64711C9CF690718EADA750370EC5EB2 4659712 ----a-w- C:\Windows\SysWOW64\Redemption.dll 2014-10-12 12:40:42 7753FC56F9CAC4B5AFDA3196DB654F21 144664 ----a-w- C:\Windows\SysWOW64\secman.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-16 08:20:06 BF03D91CEFF33EC7442E1CAD52AAAC0F 544 ----a-w- C:\Windows\Sysnative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD 2014-10-15 13:16:39 7CEED76D6D67AA19B8B65A3233ACCF25 153712 ----a-w- C:\Windows\Sysnative\BgGamingMonitor.dll 2014-10-15 13:16:25 055232A8C10590C2AC6EE6868C3DA4B9 76624 ----a-w- C:\Windows\Sysnative\BGLsp.dll 2014-10-15 09:30:25 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-10-15 09:30:01 F782575495709CD79F1A15EFD11D51E3 76288 ----a-w- C:\Windows\Sysnative\packager.dll 2014-10-15 09:28:45 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-10-15 09:28:31 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-10-15 09:28:29 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-10-15 09:28:21 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-10-15 09:28:20 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-10-15 09:28:20 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-10-15 09:28:19 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-10-15 09:28:19 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-10-15 09:28:17 2A1C9DB3F9C09795D77E9F24C30BE423 363008 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-10-15 09:28:17 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-10-15 09:28:16 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-10-15 09:28:16 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-10-15 09:28:15 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-10-15 09:28:15 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-10-15 09:28:15 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-10-15 09:28:15 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-10-15 09:27:08 25EE65F2FA154EDED0E87354311FB1E2 590336 ----a-w- C:\Windows\Sysnative\rastls.dll ====== C:\Windows\Sysnative\drivers ===== 2014-10-12 12:41:37 F38232291F05CE25BA1C47FB51EB64CB 206080 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys 2014-10-12 12:41:37 1E0F456A03E204F92D24437CD907A512 110336 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys 2014-09-29 09:26:27 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf 2014-09-17 09:45:18 B10D44999DB509F72F568C0E78F129EC 259312 ----a-w- C:\Windows\Sysnative\drivers\NSKernel.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-15 21:33:15 -------- d-----w- C:\Program Files\trend micro 2014-10-10 12:28:30 -------- d-----w- C:\Program Files\Application Verifier 2014-10-10 12:25:32 -------- d-----w- C:\Program Files\Microsoft 2014-10-10 12:25:11 -------- d-----w- C:\Program Files\IIS Express 2014-10-10 12:24:31 -------- d-----w- C:\Program Files\IIS 2014-10-10 12:11:38 -------- d-----w- C:\Program Files\Microsoft Visual Studio 11.0 2014-09-29 09:19:32 -------- d-----w- C:\Program Files\Microsoft SQL Server 2014-09-29 09:18:09 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition ======= C:\PROGRA~2 ===== 2014-10-16 08:28:33 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-10-16 08:27:45 -------- d-----w- C:\PROGRA~2\Java 2014-10-12 12:39:50 -------- d-----w- C:\PROGRA~2\Samsung 2014-10-10 12:28:30 -------- d-----w- C:\PROGRA~2\Application Verifier 2014-10-10 12:27:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Microsoft 2014-10-10 12:26:09 -------- d-----w- C:\PROGRA~2\Microsoft ASP.NET 2014-10-10 12:25:45 -------- d-----w- C:\PROGRA~2\Microsoft Web Tools 2014-10-10 12:25:11 -------- d-----w- C:\PROGRA~2\IIS Express 2014-10-10 12:24:50 -------- d-----w- C:\PROGRA~2\NuGet 2014-10-10 12:24:42 -------- d-----w- C:\PROGRA~2\Microsoft WCF Data Services 2014-10-10 12:24:31 -------- d-----w- C:\PROGRA~2\IIS 2014-10-10 12:18:10 -------- d-----w- C:\PROGRA~2\HTML Help Workshop 2014-10-10 12:18:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Designer 2014-10-10 12:12:59 -------- d-----w- C:\PROGRA~2\COMMON~1\Merge Modules 2014-10-10 12:12:04 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 11.0 2014-09-29 09:23:20 -------- d-----w- C:\PROGRA~2\Windows Kits 2014-09-29 09:20:46 -------- d-----w- C:\PROGRA~2\Microsoft Help Viewer 2014-09-29 09:20:43 -------- d-----w- C:\PROGRA~2\Microsoft SDKs 2014-09-29 09:19:32 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server 2014-09-29 09:18:06 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition 2014-09-29 09:17:23 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 12.0 2014-09-29 08:31:54 -------- d-----w- C:\PROGRA~2\Wolfenstein - Enemy Territory 2014-09-18 16:16:50 -------- d-----w- C:\PROGRA~2\Git ======= C: ===== ====== C:\Users\Hendrik\AppData\Roaming ====== 2014-10-12 12:42:08 -------- d-----w- C:\Users\Hendrik\AppData\Local\Samsung 2014-10-12 12:42:06 -------- d-----w- C:\Users\Hendrik\AppData\Roaming\Samsung 2014-10-10 12:05:50 -------- d-----w- C:\Users\Hendrik\AppData\Local\e-academy Inc 2014-10-10 10:34:59 -------- d-----w- C:\Users\Hendrik\AppData\Roaming\e-academy Inc 2014-10-05 14:16:55 -------- d-----w- C:\Users\Hendrik\AppData\Roaming\Identities 2014-09-29 10:44:55 -------- d-----w- C:\Users\Hendrik\AppData\Roaming\NuGet 2014-09-29 08:35:13 -------- d-----w- C:\Users\Hendrik\AppData\Local\PunkBuster 2014-09-29 08:33:02 -------- d-----w- C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory ====== C:\Users\Hendrik ====== 2014-10-16 08:28:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-16 08:25:34 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Hendrik\Downloads\chromeinstall-8u25 (1).exe 2014-10-16 08:09:05 -------- d-----w- C:\ProgramData\Sun 2014-10-16 07:59:33 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Hendrik\Downloads\chromeinstall-8u25.exe 2014-10-15 21:32:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hendrik\Desktop\RSITx64.exe 2014-10-15 16:38:45 158AD140043CA2077457E158F019D390 6596600 ----a-w- C:\Users\Hendrik\Downloads\ipscan23.exe 2014-10-14 15:12:52 9FFE26411F9E73762564DF8019376170 25685872 ----a-w- C:\Users\Hendrik\Downloads\sp58848.exe 2014-10-14 12:47:16 7EAE809B499B91D68FB3564C990058DF 1359960 ----a-w- C:\Users\Hendrik\Downloads\VS2012.4 (1).exe 2014-10-14 11:47:48 7EAE809B499B91D68FB3564C990058DF 1359960 ----a-w- C:\Users\Hendrik\Downloads\VS2012.4.exe 2014-10-12 12:40:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-10-12 12:39:50 -------- d-----w- C:\ProgramData\Samsung 2014-10-12 12:36:55 B9F6060BCCA8F842824C4FC2F7141804 75714480 ----a-w- C:\Users\Hendrik\Downloads\KiesSetup.exe 2014-10-10 14:11:11 -------- d-----w- C:\ProgramData\Microsoft Visual Studio 2014-10-10 12:29:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2014-10-10 12:29:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK 2014-10-10 12:28:25 -------- d-----w- C:\ProgramData\Windows App Certification Kit 2014-10-10 12:27:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-10-10 12:27:17 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2014-10-10 12:12:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2014-10-08 17:38:53 D14382F95B6B0969515A03249A451011 183 ----a-w- C:\Users\Hendrik\.gitconfig 2014-10-05 14:18:42 1CDAA587CA6F2F543C01410CF825DBAD 25889 ----a-w- C:\Users\Hendrik\Downloads\Office 2010 Activator (KMS) !!.exe 2014-10-03 15:39:14 A3F2B836AFCEAC68FD90863FECCA4B73 1126 ---ha-w- C:\Users\Hendrik\_viminfo 2014-10-03 13:26:23 -------- d-----w- C:\Users\Hendrik\.ssh 2014-09-23 14:28:56 -------- d--h--w- C:\ProgramData\CanonBJ 2014-09-23 10:08:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer 2014-09-21 14:43:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pajama Sam - Doe niet onder voor bliksem en donder 2014-09-18 16:30:10 -------- d-----w- C:\Users\Hendrik\.codeintel 2014-09-18 16:17:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git ====== C: exe-files == 2014-10-16 08:28:14 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-10-16 08:28:14 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-10-16 08:28:13 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-10-16 08:28:13 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-10-16 08:28:13 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-10-16 08:28:13 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-10-16 08:28:13 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-10-16 08:28:13 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-10-16 08:28:13 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-10-16 08:28:13 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-10-16 08:28:13 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-10-16 08:28:13 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-10-16 08:28:13 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-10-16 08:28:13 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-10-16 08:28:13 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-10-16 08:28:13 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-10-16 08:28:13 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-10-16 08:28:12 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-10-16 08:28:12 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-10-16 08:28:12 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-10-16 08:28:12 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-10-15 21:33:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Hendrik.exe 2014-10-15 13:16:39 CEA9F8D760B4598EB3C781BE813F09CD 86864 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDelayStartup.exe 2014-10-15 13:16:39 3C04347D2B7E51C1F1F915FAE99D1269 82768 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgDelayStartup.exe 2014-10-15 13:16:37 0B22FEDB465EF03D8CA8C4F43A7D0F4C 359760 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\InspectorScan.exe 2014-10-15 13:16:28 5E2C93A494B026F3866A6F8B84EB7E62 228688 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe 2014-10-15 13:16:27 BFAE48EE9EBD60A544D776152631015E 371024 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupShellTransfer.exe 2014-10-15 13:16:26 87946A31623D2FD22759C6DA21D7EDD4 299344 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupRun.exe 2014-10-15 13:16:25 BF8CE6FAB7F3C046A5790ADE876EE170 235856 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BsMailProxy\BgCertUtil32.exe 2014-10-15 13:16:24 EBB8B6D8642EBDA8596D3E6FD645D596 280912 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe 2014-10-15 13:16:24 C05084879E25E9625837FA1A461DEE82 591696 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe 2014-10-15 13:16:23 7155B821F3BBFB30A376A8F6B70D896F 33712 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgWsc.exe 2014-10-15 13:16:23 182273123CB78659061DA07534741DA5 248144 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgSecErase.exe 2014-10-15 13:16:22 E3D4349BB0EDEB15F3C0B9FE2050EF63 1167184 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\ManualUpdate.exe 2014-10-15 13:16:22 A2E95F9930C3020A5B00C891ECFFC978 476496 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgScan.exe 2014-10-15 13:16:22 74D60F46E23A22E036E0D97A4478E89B 130896 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\UpdatePatcher.exe 2014-10-15 13:16:21 F6351799C7CD122661647D3D5070384B 2933072 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe 2014-10-15 13:16:21 F3AAF09124BA481A5237BCD24D3B3BA3 449264 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Uninst.exe 2014-10-15 13:16:19 13DF948193CC299099DA3E0A5387644D 150240 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Instalator.exe 2014-10-15 13:16:18 8547BD45DC6567EEF799387A42ABD25B 1339728 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe 2014-10-15 13:16:18 47D1E812A3478372B60D128245A7044E 148816 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgProbe.exe 2014-10-15 13:16:17 984868EF7A43C06DC6E3D6A1997CE4F4 158032 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgProbe.exe 2014-10-15 13:16:17 5EA81999BC55319608BA52999E3ABE81 77648 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgRegister.exe 2014-10-15 13:16:17 475B5C72BD34AFD455829ACD8950D5A0 154448 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgNag.exe 2014-10-15 13:16:17 44312AA36AB19D6AF71359AE77DEF5B6 71504 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLauncher.exe 2014-10-15 13:12:46 473E73255A98BF3572EE2B8BAC0EBAB0 384336 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe 2014-10-15 09:28:18 8A120D686685E02B5D8760C723E890B4 810640 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-10-15 09:28:18 0B219DF6F397F076BC4DF0249156D010 812688 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-10-15 09:28:17 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-10-15 09:28:17 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-10-12 12:40:30 88320F69900EFF885F9AA83D24AD83C0 1193984 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe === C: other files == 2014-10-16 08:28:14 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-10-15 09:30:25 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\Windows\System32\win32k.sys 2014-10-14 15:01:35 A61D473456A479A2810245D04FE446B1 1184831 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip 2014-10-14 10:04:33 18F36CFA390C720FA9D19ED1F49DF85E 105062 ----a-w- C:\Users\Hendrik\Downloads\labo04-basisbestanden(1).zip 2014-10-12 16:25:01 7C6C5EECF5B6612BBC76D8ABE6FD0AF5 648269 ----a-w- C:\Users\Hendrik\Downloads\2ICT3_hendrik.raes_labo03.zip 2014-10-12 16:24:40 7C6C5EECF5B6612BBC76D8ABE6FD0AF5 648269 ----a-w- C:\Users\Hendrik\Dropbox\School\2014 - 2015\Semester 1\Webscripten\Serverside\Labo 3\Labo3_basis\2ICT3_hendrik.raes_labo03.zip 2014-10-12 16:22:05 7C6C5EECF5B6612BBC76D8ABE6FD0AF5 648269 ----a-w- C:\wamp\www\hendrik.raes\Labo3_basis\2ICT3_hendrik.raes_labo03.zip 2014-10-12 12:41:37 F38232291F05CE25BA1C47FB51EB64CB 206080 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2014-10-12 12:41:37 F38232291F05CE25BA1C47FB51EB64CB 206080 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys 2014-10-12 12:41:37 2C71F7AFB1DA599E87F3C4FF15188EBE 184192 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys 2014-10-12 12:41:37 1E0F456A03E204F92D24437CD907A512 110336 ----a-w- C:\Windows\System32\drivers\ssudbus.sys 2014-10-12 12:41:37 1E0F456A03E204F92D24437CD907A512 110336 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys 2014-10-12 12:41:37 1D93C52AF82D68CFF028B51AA8E024C6 89856 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudbus.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2293620883-1879012837-2307501702-1001\Software\Microsoft\Windows\CurrentVersion\Run] "MySQL Notifier"="C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe" "HP Deskjet 3050A J611 series (NET)"="C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN34K1CK1C05WK:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "vmware-tray.exe"="C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MySQL Notifier"="C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySqlNotifier.exe" "HP Deskjet 3050A J611 series (NET)"="C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN34K1CK1C05WK:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-04-04 08:26:36 1103 ----a-w- C:\Users\Hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/04/2014 21:25] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/04/2014 21:25] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\MySQLNotifierTask" ["C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "antiphishing@bullguard"="C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard" [04/08/2014 17:47] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== HTML5 Outliner - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\afoibpobokebhgfnknfndkgemglggomo Google Docs - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Web Developer - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm YouTube - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Last updated at time on date - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hendrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2293620883-1879012837-2307501702-1001\Software\Mozilla\Firefox\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Hendrik\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Hendrik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=731 folders=479 1990763965 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Hendrik\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hendrik\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ibE1AB.tmp" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ibE1BC.tmp" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ibE1BD.tmp" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ibE1DD.tmp" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ibE26B.tmp" not found ==== EOF on do 16/10/2014 at 11:20:12,49 ======================