Zoek.exe v5.0.0.0 Updated 01-March-2015 Tool run by HP on ma 02-03-2015 at 14:41:19.02. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\HP\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-02-24-215724.log 22036 bytes C:\zoek-results2015-02-25-084929.log 43513 bytes ==== Empty Folders Check ====================== C:\Users\Administrator\AppData\Local\Comodo deleted successfully C:\Users\Administrator\AppData\Local\Google deleted successfully C:\Users\Gast\AppData\Local\Comodo deleted successfully C:\Users\Gast\AppData\Local\Google deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully C:\Users\HP\AppData\Local\Comodo deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 9.22beta Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager ANT Drivers Installer x86 AVG 2014 AVG 2015 Belgium e-ID middleware 4.0.5 (build 7363) CCleaner dreamboxEDIT -- The one and only settings editor for your Dreambox Elevated Installer Free Opener Garmin City Navigator Europe (Unicode) NT 2014.30 Update Garmin Express Garmin Express Tray Garmin POI Loader Garmin USB Drivers Google Chrome Google Earth Plug-in Google Update Helper Java 8 Update 31 Java Auto Updater K-Lite Codec Pack 7.0.0 (Standard) LuxSat_ToolBox_v.5.7 Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Mozilla Firefox 35.0.1 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) neroxml Picasa 3 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956097) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956098) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2920788) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2956099) 32-Bit Edition Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\\SiLabs\\MCU\\CP210x\\Windows_XP_S2K3_Vista_7_2) Skype Click to Call SkypeT 7.0 Speccy Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) SumatraPDF TeamViewer 10 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956096) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual Studio 2012 x86 Redistributables VLC media player Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) WinRAR 4.20 (32-bit) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Garmin\Express Tray\ExpressTray.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\PROGRA~1\MICROS~2\Office12\POWERPNT.EXE C:\Users\HP\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\neeq75e9.default-1416383897378 user.js not found ---- Lines finder removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private ---- FireFox user.js and prefs.js backups ---- prefs_02-03-2015_1520_.backup ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_02-03-2015_1520_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "AS2014"=- ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 1015 MB CPU Info: Intel(R) Celeron(R) CPU 2.80GHz CPU Speed: 2814.6 MHz Sound Card: Luidsprekers (SoundMAX Integrat | Display Adapters: Standaard-VGA grafische adapter | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen niet-PnP-beeldscherm | Screen Resolution: 1024 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | 802.11n USB Wireless LAN Card | Intel(R) PRO/100 VE-netwerkverbinding CD / DVD Drives: 1x (D: | ) D: _NEC DVD_RW ND-3520A Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 149.0GB Hard Disks - Free: C: 106.2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/04/05 | COMPAQ - 7000504 Time Zone: Romance (standaardtijd) Motherboard *: Lite-On Tech. 08FCh Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 35.0.1 Internet Explorer Version: 11.0.9600.17633 Mozilla Firefox version: 35.0.1 (x86 nl) Google Chrome version: 40.0.2214.115 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_31 (32-bit) Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\HP\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-02-25 10:32:02 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\System32\locale.nls 2015-02-19 07:05:26 01BD2653F2185218837CF4A175617F8A 620032 ----a-w- C:\Windows\System32\jscript9diag.dll 2015-02-19 07:05:25 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\System32\jscript9.dll 2015-02-18 12:43:44 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2015-02-18 12:35:51 A580CFFC56EE72550B803AED2EFD5442 27136 ----a-w- C:\Windows\System32\powertracker.dll 2015-02-18 12:35:50 DDE994E9159497D0D5AB2CDF66D1EAD6 76800 ----a-w- C:\Windows\System32\wdi.dll 2015-02-18 12:35:50 1115D5A98043254A0E787F888FC273C0 635904 ----a-w- C:\Windows\System32\perftrack.dll 2015-02-18 12:35:46 15E13FB1C22A47A128965287194D1906 2380288 ----a-w- C:\Windows\System32\win32k.sys 2015-02-18 12:35:37 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\System32\adtschema.dll 2015-02-18 12:35:37 4775E1A0E15BF148098C35A19135F881 1061376 ----a-w- C:\Windows\System32\lsasrv.dll 2015-02-18 12:35:35 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\System32\secur32.dll 2015-02-18 12:35:35 CEFE50761B7681715C66AE3488363985 100352 ----a-w- C:\Windows\System32\sspicli.dll 2015-02-18 12:35:35 BF08DE8E4FA1F143D41B3241F7FCE5F6 22528 ----a-w- C:\Windows\System32\lsass.exe 2015-02-18 12:35:35 ACF312F6CCFC9249F739BF439DD4B80C 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2015-02-18 12:35:35 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\System32\auditpol.exe 2015-02-18 12:35:35 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\System32\msobjs.dll 2015-02-18 12:35:35 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\System32\msaudite.dll 2015-02-18 12:33:14 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-02-18 12:33:14 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-02-18 12:31:28 A208DAC2932649CFF82A6A684D8BB1F6 571904 ----a-w- C:\Windows\System32\oleaut32.dll 2015-02-18 12:31:21 EEA1C649DBE9628150207BC563DA77F2 482304 ----a-w- C:\Windows\System32\generaltel.dll 2015-02-18 12:31:21 76293EF1A6BFCCBD901107E514E48624 886784 ----a-w- C:\Windows\System32\aeinv.dll 2015-02-18 12:31:21 48D5B4FC2235E069A444C105B65D40BD 767488 ----a-w- C:\Windows\System32\appraiser.dll 2015-02-18 12:31:20 1C562DF669A412EF40A9871C8856AEE4 621056 ----a-w- C:\Windows\System32\invagent.dll 2015-02-18 12:31:20 048FD5432E4C2B42EE39FD9F54ED162F 325632 ----a-w- C:\Windows\System32\devinv.dll 2015-02-18 12:31:19 F57E1D225AE5C2C8F475A99BFDF018F4 1167520 ----a-w- C:\Windows\System32\aitstatic.exe 2015-02-18 12:31:16 EE0759179FC7EB0012AF1A69C8AAE185 202752 ----a-w- C:\Windows\System32\aepdu.dll 2015-02-18 12:31:15 0389CAF21A50D13A90D2699750D499B5 159744 ----a-w- C:\Windows\System32\aepic.dll 2015-02-18 12:30:56 B63A6FF4339C9B701A93D3973C7FB6D2 550912 ----a-w- C:\Windows\System32\kerberos.dll 2015-02-18 12:30:56 7C893DBA0A58855A99DA68B751FD223B 248832 ----a-w- C:\Windows\System32\schannel.dll 2015-02-18 12:30:55 7D94A9161E8432B8521E60E064B1D737 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2015-02-18 12:30:54 F3F6BE20A03215209B61CA85B4A83E1F 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2015-02-18 12:30:54 3BB446DE24501FEA5FDB9A9DB23A22AE 221184 ----a-w- C:\Windows\System32\ncrypt.dll 2015-02-18 12:30:53 A12D64A94EC57079C2D96A741CB4FF53 172032 ----a-w- C:\Windows\System32\wdigest.dll 2015-02-18 12:30:50 C256EFD3655EC782F8094E96094E8F9E 17408 ----a-w- C:\Windows\System32\credssp.dll 2015-02-18 12:29:50 94B1F7CE1AAA5542923E0AD63C4D0050 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2015-02-18 12:29:49 B0F7BD3492C2D60A70F15AEADCE1E2A6 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2015-02-18 12:29:49 71189E2787179666BDCD1374AE92BF62 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-02-18 12:29:47 E1A4D24281526DDFEA418F729CDA9DC6 30720 ----a-w- C:\Windows\System32\iernonce.dll 2015-02-18 12:29:47 73AFBF165241EB4502CD15107AA12CBA 684544 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-02-18 12:29:46 C4F2424A0671907FD3AC44EBE43C3C66 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-02-18 12:29:45 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\System32\urlmon.dll 2015-02-18 12:29:45 74EA6C792F57E453261DA210C1BCEB53 342712 ----a-w- C:\Windows\System32\iedkcs32.dll 2015-02-18 12:29:45 55A84600EAAF8F1D3F0E6206E2EF6D48 47104 ----a-w- C:\Windows\System32\jsproxy.dll 2015-02-18 12:29:44 28B2D3CB1B4306D476200D80AF7D87AD 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-02-18 12:29:43 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\System32\ieapfltr.dll 2015-02-18 12:29:43 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-02-18 12:29:42 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\System32\msfeeds.dll 2015-02-18 12:29:42 47B26D89EF9973E2DD586D0C827F61A9 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2015-02-18 12:29:39 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-02-18 12:29:39 6F10743069DFFC56DEE079204960844E 168960 ----a-w- C:\Windows\System32\msrating.dll 2015-02-18 12:29:38 5FB7E9786F70F4072663746072C9E6CE 62464 ----a-w- C:\Windows\System32\iesetup.dll 2015-02-18 12:29:37 44791AA90DF93DD79E63ED3A38657964 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2015-02-18 12:29:36 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\System32\wininet.dll 2015-02-18 12:29:33 6FA05244FD2E40A3DC08337146B3C425 285696 ----a-w- C:\Windows\System32\dxtrans.dll 2015-02-18 12:29:32 994E7459260D315573DD72783D1B78A7 478208 ----a-w- C:\Windows\System32\ieui.dll 2015-02-18 12:29:30 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\System32\ieframe.dll 2015-02-18 12:29:27 D87759889FE7BCAE4461439139E62BAA 76288 ----a-w- C:\Windows\System32\mshtmled.dll 2015-02-18 12:29:26 180168942E4A133C55E7BBF17DA3C142 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2015-02-18 12:29:24 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll 2015-02-18 12:29:23 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\System32\iertutil.dll 2015-02-18 12:29:17 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\System32\mshtml.dll 2015-02-18 12:29:13 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\System32\vbscript.dll 2015-02-18 12:28:10 0C96A745A76C7DD75C5503E86D968E49 1174528 ----a-w- C:\Windows\System32\crypt32.dll 2015-02-18 12:27:15 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\System32\scesrv.dll ====== C:\Windows\system32\drivers ===== 2015-02-18 12:35:37 F516F1167EFBBC5ABC90687C94497869 369968 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-02-18 12:35:36 EF88BAC2B489D9C46F4E41ACF0219CD0 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-02-18 12:35:36 49D70660EE8266988C1F99A0297A1430 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-23 18:04:00 -------- d-----w- C:\Program Files\Speccy 2015-02-22 15:50:31 -------- d-----w- C:\Program Files\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\HP\AppData\Roaming ====== 2015-02-25 08:23:33 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-02-25 08:23:32 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-02-25 08:23:32 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-02-25 08:23:30 -------- d-----w- C:\Users\HP\AppData\Local\Temp 2015-02-11 11:19:04 85828A54D85BAE5256CE61FDA700D22E 108816 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT ====== C:\Users\HP ====== 2015-03-02 11:09:31 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\HP\Downloads\adwcleaner_4.111.exe 2015-02-24 16:20:14 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\HP\Downloads\RSIT.exe 2015-02-23 18:04:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2015-02-23 18:00:28 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\HP\Downloads\spsetup126.exe 2015-02-22 17:13:04 729CDAB7188F18358F6610BEC517EF04 6958304 ----a-w- C:\Users\HP\Downloads\Silverlight.exe 2015-02-22 15:44:06 1F4C7A565EF81D3666AD8FBDBAF48870 305664 ----a-w- C:\Users\HP\Downloads\Ninite Firefox Installer.exe 2015-02-22 14:52:10 E03031CF5CBC7442D044CAC999B83582 243600 ----a-w- C:\Users\HP\Downloads\Firefox Setup Stub 35.0.1.exe 2015-02-12 18:47:01 095CD2CE6EEE6663778E594C57C69EFA 564 ----a-w- C:\Users\HP\cline theo en vic.txt 2015-02-02 17:38:44 0556DF3CA5E6158AF5B4A251E8CAF081 372 ----a-w- C:\Users\HP\email.txt ====== C: exe-files == 2015-03-02 11:09:31 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\HP\Downloads\adwcleaner_4.111.exe 2015-02-24 16:20:14 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\HP\Downloads\RSIT.exe 2015-02-24 10:00:39 A0D35EC0B1954DC90EA0B5DD52587DA9 37745864 ----a-w- C:\ProgramData\Garmin\Core Update Service\APP-express-windows-3.2.29.0\GarminExpressInstaller.exe 2015-02-23 18:00:28 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\HP\Downloads\spsetup126.exe === C: other files == 2015-02-24 11:23:53 500246913C3C504FD2A65589CE192A8B 70737134 ----a-w- C:\Users\HP\Downloads\openhdf-cloud-ibox-3-238-20150222_usb.zip 2015-02-24 11:15:53 7D7B014579DB7B90E0CD356EF9C18EEF 732089 ----a-w- C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\neeq75e9.default-1416383897378\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi 2015-02-24 10:58:30 C176BC33BFF9BB7EE0296FDA2E761267 245252 ----a-w- C:\Users\HP\Downloads\bootloader-cloud-ibox-3-751mhz-20140805.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18-02-2015 18:49] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-02-2015 20:02] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-02-2015 20:02] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\neeq75e9.default-1416383897378 user_pref("browser.startup.homepage", "about:home"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [28-01-2015 09:13] ==== Firefox Extensions ====================== ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\neeq75e9.default-1416383897378 - Undetermined - {DDC359D1-844A-42a7-9AA1-88A850A938A8} - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\neeq75e9.default-1416383897378 886C8C9F4779D6BFB4724FDBC32C3404 - C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll - Google Update C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash 225D76851EFC6144B4BAD941B3E8989D - C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U31 B66B4D28D7D0C6322FF235C782CD6B76 - C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.310.13 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 9419AA8A2799526EC32B473C2BB7A10D - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 17:22] Google Docs - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Skype Click to Call - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSSE" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSSE" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe ==== Empty IE Cache ====================== C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\neeq75e9.default-1416383897378\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\HP\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=135 folders=49 53768951 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\HP\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\HP\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on ma 02-03-2015 at 17:18:38.55 ======================