Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Tench's desktop on za 03/01/2015 at 20:54:04,75. Microsoft Windows 7 Ultimate 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tench's desktop\Desktop\zoek(1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-21-212600.log 35861 bytes C:\zoek-results2014-09-04-115213.log 6999 bytes C:\zoek-results2015-01-02-213318.log 24154 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\YouTubeDownloaderConverter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YouTubeDownloaderConverter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\YouTubeDownloaderConverter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YouTubeDownloaderConverter deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] ==== Deleting Files \ Folders ====================== C:\Users\Tench's desktop\AppData\Roaming\GVU Technologies not found C:\Program Files (x86)\Popcorn Time deleted C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\extensions\magicplayer@acestream.org deleted C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} deleted C:\Program Files (x86)\SimpleTV deleted C:\Users\Tench's desktop\AppData\Roaming\SimpleTV V03 deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\TENCH'~1\AppData\Local\Temp ==== 2015-01-03 11:21:41 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Tench's desktop\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpecqywu.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-25 15:02:35 4B0C0A8C960AF22761FB6A25D8A50DF2 447752 ----a-w- C:\Windows\SysWOW64\vp6vfw.dll 2014-12-21 13:30:36 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-12-21 13:30:36 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll 2014-12-21 13:30:35 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\SysWOW64\xactengine3_7.dll 2014-12-21 13:30:34 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-12-21 13:30:32 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\SysWOW64\d3dcsx_43.dll 2014-12-21 13:30:29 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-21 13:30:36 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll 2014-12-21 13:30:36 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll 2014-12-21 13:30:35 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\Windows\Sysnative\xactengine3_7.dll 2014-12-21 13:30:34 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll 2014-12-21 13:30:32 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\Windows\Sysnative\d3dcsx_43.dll ====== C:\Windows\Sysnative\drivers ===== 2015-01-02 17:52:42 F51065667FB127CF6DE984DAEA2F6B24 285208 ----a-w- C:\Windows\Sysnative\drivers\tmcomm.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-12-25 14:53:43 -------- d-----w- C:\PROGRA~2\The Sims 4 2014-12-21 12:53:57 -------- d-----w- C:\PROGRA~2\Rockstar Games ======= C: ===== ====== C:\Users\Tench's desktop\AppData\Roaming ====== 2015-01-02 21:23:42 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-01-02 21:23:41 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-01-02 21:23:41 -------- d-----w- C:\Users\Tench's desktop\AppData\Local\Temp 2015-01-02 21:23:41 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-01-02 21:23:41 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-01-02 17:59:50 -------- d-----w- C:\Users\Tench's desktop\AppData\Roaming\HD Tune Pro 2015-01-02 17:59:10 2EB0E9817F9A375A0089F24FB40CEBDD 10 ----a-w- C:\Users\Tench's desktop\AppData\Local\sponge.last.runtime.cache 2015-01-02 17:51:02 -------- d-----w- C:\Users\Tench's desktop\AppData\Roaming\QuickScan ====== C:\Users\Tench's desktop ====== 2015-01-02 17:59:18 2616C2FB0EAB3DE29B2E2CB02F9715F3 2195900 ----a-w- C:\Users\Tench's desktop\Downloads\hdtunepro_550_trial.exe 2015-01-02 17:57:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tench's desktop\Desktop\RSITx64(1).exe 2015-01-02 17:52:24 57E86EA1E1AEBF898496F38D10A57664 2494560 ----a-w- C:\Users\Tench's desktop\Downloads\HousecallLauncher64.exe 2014-12-31 19:12:38 5028642A01C7D6EA50AA4BD5276819F4 4362512 ----a-w- C:\Users\Tench's desktop\Downloads\dfsetup218.exe 2014-12-14 18:06:25 37447140EFB71A65ADFFF8EC7F552A2E 198 ----a-w- C:\Users\Tench's desktop\.swfinfo ====== C: exe-files == 2015-01-02 17:59:18 2616C2FB0EAB3DE29B2E2CB02F9715F3 2195900 ----a-w- C:\Users\Tench's desktop\Downloads\hdtunepro_550_trial.exe 2015-01-02 17:57:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tench's desktop\Desktop\RSITx64(1).exe 2015-01-02 17:52:24 57E86EA1E1AEBF898496F38D10A57664 2494560 ----a-w- C:\Users\Tench's desktop\Downloads\HousecallLauncher64.exe 2014-12-31 19:12:38 5028642A01C7D6EA50AA4BD5276819F4 4362512 ----a-w- C:\Users\Tench's desktop\Downloads\dfsetup218.exe 2014-12-31 18:59:41 C444B1F4F2739B6206E815165904FF57 13322680 ----a-w- C:\Users\Tench's desktop\AppData\Local\NVIDIA\NvBackend\Packages\00006aee\vops-war_thunder.19183728.exe 2014-12-31 18:59:41 500C5258412C68591907EABEC12ECADF 16094400 ----a-w- C:\Users\Tench's desktop\AppData\Local\NVIDIA\NvBackend\Packages\00006aef\vops-war_thunder_ground_forces.19183728.exe 2014-12-31 18:59:27 C87A6B74862CCF7AFFC153C34525AAD1 4699592 ----a-w- C:\Users\Tench's desktop\AppData\Local\NVIDIA\NvBackend\Packages\00006af6\DAO.19186954.exe === C: other files == 2015-01-03 16:56:30 AA8911E99136B95A94F484A9C71CD298 2980472 ----a-w- C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LLKP0KM\tvguide[1].zip 2015-01-03 11:47:13 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Tench's desktop\AppData\Local\Temp\avastBCLTMP\fopdddcinljmpmioaklghcalngfhbaen.zip 2015-01-02 17:52:42 F51065667FB127CF6DE984DAEA2F6B24 285208 ----a-w- C:\Windows\System32\drivers\tmcomm.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-532037277-3603907517-1254532235-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Spotify Web Helper"="C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Tench's desktop\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LifeCam"="C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Spotify Web Helper"="C:\Users\Tench's desktop\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Tench's desktop\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "XMouseButtonControl"="C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Deskjet 3070 B611 series (NET)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Deskjet 3070 B611 series (NET)" "hkey"="HKCU" "command"="\"C:\\Program Files\\HP\\HP Deskjet 3070 B611 series\\Bin\\ScanToPCActivationApp.exe\" -deviceID \"CN2376C1ZF05MQ:NW\" -scfn \"HP Deskjet 3070 B611 series (NET)\" -AutoStart 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SDTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer9] ==== Startup Folders ====================== 2014-12-17 14:44:24 1174 ----a-w- C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-04-14 10:41:26 1956 ----a-w- C:\Users\Tench's desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk 2013-04-13 15:59:30 1037 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/12/2014 23:41] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/02/2014 16:12] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/02/2014 16:12] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\TENCH'~1\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default user_pref("browser.startup.homepage", "https://www.google.be/"); user_pref("browser.search.selectedEngine", "GMB O[:d)c飝*>%'cZJ&D"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [04/08/2014 18:47] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tench's desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6ov7f7n4.default 9860727E477F17B88E39AF8B69B0407A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/08/2014 18:47] Google Docs - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AS Magic Player - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim Ghostery - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij Google Wallet - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?pc=UP22&ocid=UP22DHP&dt=062913" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?pc=UP22&ocid=UP22DHP&dt=062913" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Tench's desktop\AppData\Local\Mozilla\Firefox\Profiles\6ov7f7n4.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Tench's desktop\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=15796 folders=1611 88349790827 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Tench's desktop\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\TENCH'~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Tench's desktop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on za 03/01/2015 at 21:28:07,70 ======================