Zoek.exe v5.0.0.0 Updated 24-12-2014 Tool run by Peter on za 27/12/2014 at 9:48:31,28. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Peter\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-25-073407.log 241875 bytes ==== Empty Folders Check ====================== C:\Users\Peter\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AA58ED58-01DD-4D91-8333-CF10577473F7} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{0f21b1e5-5afc-43c9-9c66-515046e92ec2} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2e32cfe5-df92-4ae5-b0be-609ed0df74a6} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Peter\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-23 15:01:33 -------- d-----w- C:\Program Files\Fotoservice ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Peter\AppData\Roaming ====== 2014-12-25 07:31:42 -------- d-----w- C:\Users\Peter\AppData\Locallow\ADSRemoval 2014-12-24 15:51:14 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-12-24 15:51:14 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-12-24 15:51:13 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-12-24 15:51:13 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-12-24 15:51:13 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-12-24 15:51:11 -------- d-----w- C:\Users\Peter\AppData\Local\Temp ====== C:\Users\Peter ====== 2014-12-24 14:38:39 -------- d-----w- C:\ProgramData\ProductData 2014-12-19 10:46:18 -------- d-----w- C:\Users\Peter\Start Menu ====== C: exe-files == 2014-12-25 08:52:42 9208E5A0A844FCCB39B5252C07B4E860 2173952 ----a-w- C:\Film Downloads\Voor Tom\adwcleaner_4.106.exe 2014-12-25 07:32:34 4A37C6206D2757A710D972C73E9F3572 1177920 ----a-w- C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\unins000.exe 2014-12-23 15:03:19 D9C385D878FDC0912441E37045D04D5D 547227 ----a-w- C:\Program Files\Fotoservice\Kruidvat fotoservice\uninstall.exe 2014-12-23 15:01:37 630D75210B325A280C3352F879297ED5 5718872 ----a-w- C:\Program Files\Fotoservice\Kruidvat fotoservice\vcredist2010_x64.exe 2014-12-23 15:01:36 DB0EDDCB0F28BFB7CED8B5CFCA462346 19968 ----a-w- C:\Program Files\Fotoservice\Kruidvat fotoservice\facedetection.exe 2014-12-23 15:01:33 9CE5B727EA51E8089D0A30A4091210B6 1484800 ----a-w- C:\Program Files\Fotoservice\Kruidvat fotoservice\Fotoshow.exe 2014-12-23 15:01:33 64C61255BC1479ED5DFB8AE750352FE7 7412224 ----a-w- C:\Program Files\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe 2014-12-23 15:01:33 0E16028AF061B5387FFC533FDF2DD959 422912 ----a-w- C:\Program Files\Fotoservice\Kruidvat fotoservice\Fotoimporteerder.exe 2014-12-23 14:55:23 341C33928D21143FC73E682B11A165EA 1558568 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\setup_Kruidvat_fotoservice.exe 2014-12-21 11:46:26 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP\WiseCustomCalla18.exe 2014-12-21 11:41:24 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla18.exe 2014-12-21 11:40:09 AE8CD7DFA4C4A62C1DE136ABB8615473 180905 ----a-w- C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP\WiseCustomCalla21.exe === C: other files == 2014-12-25 09:39:40 A24624807D91E77E06EEB016D4C2D053 1443602 ----a-w- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xpty6wgq.default-1419366784337\extensions\firefox@ghostery.com.xpi 2014-12-23 20:35:44 A1B1BC6A14B437C82AC830116979E9F6 979699 ----a-w- C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xpty6wgq.default-1419366784337\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2014-12-23 14:55:17 16135FA730C7DD4EDC09B1A8C806784B 10216770 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-svgtemplates-5.1.7_16135fa730c7dd4edc09b1a8c806784b.zip 2014-12-23 14:55:07 3C565D28CB24EB0B6F926FB88E8B12DF 11315979 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-svgcalendars-5.1.7_3c565d28cb24eb0b6f926fb88e8b12df.zip 2014-12-23 14:54:58 EE9C818B70E620B7FF5714D88CDB26C5 15356670 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-backgrounds-5.1.7_ee9c818b70e620b7ff5714d88cdb26c5.zip 2014-12-23 14:54:51 3F2086AA3939A991BA12282159C519AD 8970988 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-decorations-5.1.7_3f2086aa3939a991ba12282159c519ad.zip 2014-12-23 14:54:47 86EFA27E1DD1C8CF15168616DE1CDD92 6222676 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-photofun-5.1.7_86efa27e1dd1c8cf15168616de1cdd92.zip 2014-12-23 14:54:39 405EA250FDC7D1D3B6DAD16D86C11DDA 12136575 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-startscreen-5.1.7_405ea250fdc7d1d3b6dad16d86c11dda.zip 2014-12-23 14:54:31 FEB366D41CBBF635D5A3E3E071007020 13207614 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-resources-5.1.7_feb366d41cbbf635d5a3e3e071007020.zip 2014-12-23 14:54:01 3BD94FB2768CEF4561E2B2ABED0EB5AD 48916830 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-dll64-5.1.7_3bd94fb2768cef4561e2b2abed0eb5ad.zip 2014-12-23 14:53:31 F66A33C42C4883A5969FF66B866C8356 48280818 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-dll-5.1.7_f66a33c42c4883a5969ff66b866c8356.zip 2014-12-23 14:53:28 D2F15EEC27727C6B67A7850A22442CB0 3892124 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-cewe64-5.1.7_d2f15eec27727c6b67a7850a22442cb0.zip 2014-12-23 14:53:23 17F188FA486364F52AB275226002F914 3398517 ----a-w- C:\Film Downloads\Voor Tom\Setup Kruidvat fotoservice\38-cewe-5.1.7_17f188fa486364f52ab275226002f914.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden " "Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe " "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe " "SmartRAM"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe /m" "Adobe Reader Synchronizer"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "KBD"="C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" "OsdMaestro"="c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "UpdateP2GoShortCut"="c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 " "UpdateLBPShortCut"="c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5 " "UpdatePDIRShortCut"="c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0 " "UpdatePSTShortCut"="c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium UpdateWithCreateOnce Software\CyberLink\PowerStarter " "TSMAgent"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" "CLMLServer for HP TouchSmart"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "DVDAgent"="c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart " "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart " "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "AgentMonitor"="C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden " "Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe " "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe " "SmartRAM"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe /m" "Adobe Reader Synchronizer"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe" "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe " "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Health Check Scheduler"="\"c:\\Program Files (x86)\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe\"" "HP Software Update"="\"C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lollipop.lnk] "backup"="C:\\Windows\\pss\\lollipop.lnk.Startup" "backupExtension"=".Startup" "item"="lollipop" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/12/2014 23:23] C:\Windows\tasks\HPCeeScheduleForPeter.job --a------ C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [24/02/2009 17:17] C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [02/02/2009 19:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe] "C:\Windows\SysNative\tasks\ASC7_SkipUac_Peter" ["C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Peter" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Peter)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\FGRun" [C:\Users\Peter\AppData\Roaming\pack.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard online update program" [c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] "C:\Windows\SysNative\tasks\HP Health Check" ["c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] "C:\Windows\SysNative\tasks\HP online update program" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPeter" [C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe] "C:\Windows\SysNative\tasks\Peter DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\Windows\SysNative\tasks\RecoveryCD" ["C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"] "C:\Windows\SysNative\tasks\ScanSoft Background Update" [C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe] "C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Peter" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\Norton Management\Norton Error Analyzer" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Management\Norton Error Processor" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xpty6wgq.default-1419366784337 user_pref("browser.startup.homepage", "http://www.google.be"); user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xpty6wgq.default-1419366784337 - Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - wrc@avast.com - Ghostery - %ProfilePath%\extensions\firefox@ghostery.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\xpty6wgq.default-1419366784337 424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash 5950D438CD3DDF2DD50D9FA4E07A6C1C - C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Peter\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Peter\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19/11/2014 05:57] Google Wallet - Peter\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Wallet - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== C:\zoek_backup content ====================== ==== EOF on za 27/12/2014 at 10:03:19,45 ======================