Zoek.exe v5.0.0.0 Updated 18-February-2015 Tool run by Gebruiker on do 19-02-2015 at 15:09:16,48. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19-2-2015 15:11:49 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Gebruiker\AppData\Local\Secunia PSI deleted successfully C:\Users\Gebruiker\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully ==== Installed Programs ====================== 3M Products Update version 2012-05 for Microsoft Office 2010 64 Bit HP CIO Components Installer Aangifte inkomstenbelasting 2013 Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.1 AIO_CDA_ProductContext AIO_CDA_Software AIO_Scan ANT Drivers Installer x64 Avast Internet Security BufferChm C5100 c5100_Help CCleaner Citrix Authentication Manager Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver Updater Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) Copy Definition Update for Microsoft Office 2010 (KB2956079) 64-Bit Edition Destinations DeviceDiscovery DocProc Elevated Installer Fax Garmin Express Garmin Express Tray Google Chrome Google Update Helper GPBaseService2 HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photosmart All-In-One Driver Software HP Solution Center 14.0 HP Update HPDiagnosticAlert HPPhotoGadget HPProductAssistant Image Resizer for Windows Image Resizer for Windows (64 bit) Intel(R) Processor Graphics Java 7 Update 67 MarketResearch Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Language Pack 2010 - Dutch/Nederlands Microsoft Office O MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office X MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Minecraft MSXML 4.0 SP3 Parser Network64 OCR Software by I.R.I.S. 14.0 Online Plug-in Recuva Secunia PSI (3.0.0.9016) Security Update for Microsoft Excel 2010 (KB2956081) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553154) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2956066) 64-Bit Edition Self-service Plug-in Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition SolutionCenter Status Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) swMSM Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Toolbox TrayApp Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition Update for Microsoft Office 2010 (KB2956054) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2956128) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2956129) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition VLC media player WebReg ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Citrix\ICA Client\redirector.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Gebruiker\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\HostIt deleted C:\Users\Gebruiker\AppData\Roaming\dlg deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Gebruiker\AppData\LocalLow\{05BDA67E-D6E5-F322-EC4C-F13B93CC9343} deleted C:\Users\Gebruiker\AppData\LocalLow\{8B05C297-2CD7-69A9-F03E-A8CCE139D05F} deleted C:\Users\Gebruiker\AppData\LocalLow\{8E1D1F50-34F2-83FD-0A2F-572B2862BD4C} deleted C:\Users\Gebruiker\AppData\LocalLow\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E} deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Windows\Installer\bc52d17.msi" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8071 MB CPU Info: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz CPU Speed: 3463,3 MHz Sound Card: Luidsprekers (2- High Definitio | Display Adapters: Intel(R) HD Graphics 4400 | Intel(R) HD Graphics 4400 | Intel(R) HD Graphics 4400 Monitors: 1x; SyncMaster P2370HD(Analog) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224DB Ports: COM1 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 1847,4GB | G: 698,6GB Hard Disks - Free: C: 1637,8GB | G: 577,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI H81M-P33 (MS-7817) Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Firewall: avast! Antivirus disabled Internet Explorer Version: 11.0.9600.17631 Google Chrome version: 40.0.2214.111 Adobe Reader version: 11.0.10.32 Sun Java version: 1.7.0_67 (32-bit) Shockwave Player version: 12.1r150 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-02-12 11:50:09 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-02-11 11:27:48 FFE2F54DA7DE767C943F18823913EC07 736768 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-02-11 11:27:48 6705E8543E628DE9877F726C6B4A1E39 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll 2015-02-11 11:27:48 53670AE50F15C82990FCF599B02C6B36 154112 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-02-11 11:27:08 96750B86DA18725EBAE201989AAD9B98 1489072 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 11:27:08 74887EBB4777EC450EF167645C99163E 602776 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 11:27:08 332625D3A96613A7CBC66B04F307F2FA 393728 ----a-w- C:\Windows\SysWOW64\scesrv.dll 2015-02-11 11:27:07 F7A9D2E57D357B36C11F1C8269F2B05F 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-02-11 11:27:07 ACC85159376F84F49F8FE6D860E39A4F 8704 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-02-11 11:27:07 A7AA844B8C4F7A5A13D85201877C84E5 1498360 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-02-11 11:27:07 3C908C70D5876D6B55D742A665DC88C7 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-02-11 11:27:07 20FE9408E23EC6486CD995759B0BE02B 5632 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-02-11 11:27:07 1D4E9DD1CF2B3A280FCF26693FBBD299 4096 ----a-w- C:\Windows\SysWOW64\user.exe 2015-02-11 11:26:59 C9E243A14893E41E1EF6D3A31BAEF08A 359424 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-02-11 11:26:57 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-02-11 11:26:54 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-02-11 11:26:54 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-02-11 11:26:53 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 11:26:53 E4D2BC3DA34348662960E5C2A66DD2F4 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-02-11 11:26:53 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-02-11 11:26:53 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 11:26:53 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-02-11 11:26:52 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-02-11 11:26:52 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 11:26:52 47893802431547E170D36E033F846882 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 11:26:52 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 11:26:51 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 11:26:51 E06ED042936F8D932748FACCB229A52C 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2015-02-11 11:26:51 9947D49276026A96D8ACDE9CBAAFC807 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-02-11 11:26:51 94BD6172078CFB71B59A7AF56CF77AF9 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-02-12 11:50:09 16ACAA0C01F31B39F39446188F6A3593 6041600 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-02-11 11:27:48 F5BC103612FE72C176C751721B874FA6 445440 ----a-w- C:\Windows\Sysnative\certcli.dll 2015-02-11 11:27:48 A40E52EB03C793735C916FC2C58A015F 154112 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-02-11 11:27:48 8E0AA77F379DEA510D8AC00102C8D509 736768 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-02-11 11:27:48 461729186C7F280019E369ECD652D4DB 1441792 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-02-11 11:27:08 F8A442ABBAB56529B625DB9D916EA46A 538624 ----a-w- C:\Windows\Sysnative\scesrv.dll 2015-02-11 11:27:08 9EC0B4E613DB6002DEF0346208E433E7 1762840 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-02-11 11:27:08 6835D94FDAAB39E008E8490BD3E88CA3 788680 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2015-02-11 11:27:08 43647B730E82998201C61CA7FF7B524A 391526 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2015-02-11 11:27:08 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-02-11 11:27:07 BC9E947C4B1E166CE2237871CAA4BDC0 16896 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-02-11 11:27:07 7162FD845D142C542C0D041F3B3D525F 1733440 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-02-11 11:27:07 63274242700279852B5CFFE4E2E0C6D1 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-02-11 11:27:07 57D55B8D3387C51758C785C425922C0E 285184 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-02-11 11:26:59 3D2E3A5CFCE65310134C11A00D6D32D0 430080 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-02-11 11:26:58 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-02-11 11:26:55 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-02-11 11:26:54 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-02-11 11:26:54 505815B1967A504B077497D304239B4A 816128 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-02-11 11:26:53 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-02-11 11:26:53 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-02-11 11:26:53 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-02-11 11:26:53 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-02-11 11:26:52 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-02-11 11:26:52 CF1488FCA487516DB09E797F3AC49E4A 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2015-02-11 11:26:52 907B558B742B1E52E9E37E3CAAF6508E 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-02-11 11:26:52 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-02-11 11:26:52 49FABD0144A3BBD59D5DA1A0180DCE6E 374272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-02-11 11:26:52 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-02-11 11:26:51 F86097CFDE7624DA2DE246F5B4BE3704 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-02-11 11:26:51 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-02-11 11:26:51 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-02-11 11:26:51 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-02-11 11:26:27 BA0ED854110D45E5D4A46BD250BAF4E0 1487976 ----a-w- C:\Windows\Sysnative\sppobjs.dll 2015-02-11 11:26:24 FCEE1C08EA416800FAC891DDEB608627 414208 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-02-11 11:26:24 EF2C89AEE3D56860F6CCB8D97374402B 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-02-11 11:26:24 E357B0D37DB9C4B17923C893CCF75A18 894464 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-02-11 11:26:24 642A03FB834B4C4BCA8DFEE2EFD4175B 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-02-11 11:26:24 32DE26000788F35DA344702B44728524 761856 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-02-11 11:26:24 12D4142E4EBFDB6F057B615A0547C4CF 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-02-11 11:26:18 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-02-11 11:27:48 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-11 11:27:48 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-15 18:23:30 -------- d-----w- C:\Program Files\Recuva ======= C:\PROGRA~2 ===== 2015-02-18 14:58:24 -------- d-----w- C:\PROGRA~2\Minecraft ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2015-02-19 10:11:32 -------- d-----w- C:\Users\Default\AppData\Roaming\Garmin 2015-02-19 10:11:32 -------- d-----w- C:\Users\Default User\AppData\Roaming\Garmin 2015-02-18 14:59:14 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\java 2015-02-18 14:59:12 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\.minecraft ====== C:\Users\Gebruiker ====== 2015-02-19 10:11:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2015-02-18 14:58:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-02-15 18:23:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2015-02-15 18:23:04 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\Gebruiker\Downloads\rcsetup151.exe 2015-02-15 16:58:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2015-02-15 09:11:38 -------- d-----w- C:\Users\Gebruiker\Start Menu 2015-02-08 11:05:22 0DD7CD28C36F909EF7EE0C8628D687F3 37987520 ----a-w- C:\Users\Gebruiker\Downloads\Windows-KB890830-x64-V5.20.exe ====== C: exe-files == 2015-02-19 10:10:28 E0243706B94F530596BFA941247911AA 37302160 ----a-w- C:\Windows\Temp\tmp368F.tmp.exe 2015-02-18 14:59:03 E512E19ABB0905DDD6966D8A285378F1 15784 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\rmid.exe 2015-02-18 14:59:03 E4637864454A133F78366F9EE8F13DAE 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\keytool.exe 2015-02-18 14:59:03 B46B4608D10D2999F09F610E1F3598C1 99240 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\jp2launcher.exe 2015-02-18 14:59:03 ABE7423B4F03500EE51BCCA239856F75 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\pack200.exe 2015-02-18 14:59:03 A7812249FF577AE77DC2974C4179C233 16808 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\rmiregistry.exe 2015-02-18 14:59:03 A18D9444F006007569AE38BA4BC7587D 16808 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\policytool.exe 2015-02-18 14:59:03 74295D477250AD744520D5C0321D6486 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\tnameserv.exe 2015-02-18 14:59:03 2BF5652B3E0ACABE545186725B47BB7B 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\ktab.exe 2015-02-18 14:59:03 1C95FFFA46178E256C878AC59501303A 66472 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\ssvagent.exe 2015-02-18 14:59:03 19FBC4DF38E7813B541AF6056454ABB6 197544 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\unpack200.exe 2015-02-18 14:59:03 15FC3374508FCDBFA9EE6BCEE79516AE 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\kinit.exe 2015-02-18 14:59:03 15F93809B280128FB304AD7F3480A544 16808 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\servertool.exe 2015-02-18 14:59:03 147355AED2BC7E5E4AD517F8460F70F2 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\klist.exe 2015-02-18 14:59:03 0111B4B086BC3FC50A6A2A3BB4FF33B6 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\orbd.exe 2015-02-18 14:59:02 D2440F16BB04B2BA00E6B7D3B16386B0 15784 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\jjs.exe 2015-02-18 14:59:02 C1228BDB2C61E626F8E4F3C1D1AA3169 34216 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\jabswitch.exe 2015-02-18 14:59:02 83A17CFF2CF0E9E02B342F52B5F1EF6C 190888 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe 2015-02-18 14:59:02 70CF52440D822C531623014383EB860F 191400 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe 2015-02-18 14:59:02 689BF70CD2AAFF5F9853F8AAF69847C0 320936 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaws.exe 2015-02-18 14:59:02 0D1BED637BC1D3B5EE6A66B1A92005D5 15784 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java-rmi.exe 2015-02-18 14:59:02 0181F6F681D28D596D71FAEBAEBFB9CB 77224 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javacpl.exe 2015-02-18 14:58:35 920CA9D8423F449BB6B5C91B74654053 101888 ----a-w- C:\Program Files (x86)\Minecraft\tools\NativeUpdater.exe 2015-02-18 14:58:33 F28C19973BD82EE50BB16A5A39C1BA83 1294088 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\Y0SDREH2\MinecraftLauncher[1].exe 2015-02-18 14:58:33 F28C19973BD82EE50BB16A5A39C1BA83 1294088 ----a-w- C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe 2015-02-15 18:23:04 3F9C12E62A0AE1D7A9DBB252195C4C54 4210920 ----a-w- C:\Users\Gebruiker\Downloads\rcsetup151.exe 2015-02-15 16:58:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2015-02-15 16:58:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2015-02-15 11:31:36 9B6EAE6CF5FC51B5F37C4E6980AD321A 26236928 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\ae5c22cdb826036eff3716aa3b4b2a72e7c6bd18\JavaJRE_7u75_32-bit_PSIonlySPS.exe 2015-02-15 11:31:20 A46558D92D39EDDA18310084B71706E5 108371968 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\1a5c9fa3de6a9a9b29fcdee8205bd8d98da4e429\AdobeReader_10.1.13_nl-NL_SPS.exe 2015-02-15 11:26:53 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\6CR654WS\adwcleaner_4.110.exe === C: other files == 2015-02-18 14:59:03 E6188BE460746F84D5F3EAEE736FE1CA 14130 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup" "Redirector"="C:\Program Files (x86)\Citrix\ICA Client\redirector.exe /startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Startup Folders ====================== 2014-07-01 14:26:53 2126 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2014-03-30 10:21:19 1129 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-07-2014 13:26] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07-02-2015 11:11] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gebruiker\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gebruiker\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23-11-2014 20:38] Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.telegraaf.nl/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.telegraaf.nl/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{A8952556-12AE-4238-A534-079A5CEB0D03}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {994102F9-22CA-4BBC-966E-6D6C0DA38430} Unknown Url="Not_Found" {A8952556-12AE-4238-A534-079A5CEB0D03} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3575262360-258679368-1463809348-1001\Software\Microsoft\Internet Explorer\SearchScopes\{994102F9-22CA-4BBC-966E-6D6C0DA38430} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75932EE05AB03F84FAFA19C253187532 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EE23957-0BA5-48F3-AFAF-912C35815723} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\75932EE05AB03F84FAFA19C253187532 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=372 folders=126 83324870 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 19-02-2015 at 16:26:02,75 ======================