Zoek.exe v5.0.0.0 Updated 09-March-2015 Tool run by Koen on di 10-03-2015 at 17:09:04,80. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Koen\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 10-3-2015 17:11:27 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Electronic Arts deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\SegmentAugmenter deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\PROGRA~3\{4A818508-3355-4FBC-B302-D53B599DD9D5} deleted successfully C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted successfully C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} deleted successfully C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted successfully C:\Users\Koen\AppData\Roaming\Atari deleted successfully C:\Users\Koen\AppData\Roaming\Publish Providers deleted successfully C:\Users\Koen\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Koen\AppData\Local\PokerStars.EU deleted successfully C:\Users\Koen\AppData\Local\WarThunder deleted successfully C:\Users\Koen\AppData\Local\ySltvu24 deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2162189199-1631107133-265142415-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF059E31-CC5A-4E2E-BF3B-96E929D65503} deleted successfully HKEY_USERS\S-1-5-21-2162189199-1631107133-265142415-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2162189199-1631107133-265142415-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fc4691d6 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fc4691d6 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALSysIO deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ALSysIO deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Electronic Arts not found C:\PROGRA~2\SegmentAugmenter not found C:\ProgramData\Premium not found C:\Program Files (x86)\SegmentAugmenter not found C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\{4A818508-3355-4FBC-B302-D53B599DD9D5} not found C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} not found C:\PROGRA~3\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} not found C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} not found "C:\Users\Koen\AppData\Local\Temp\ALSysIO64.sys" not found C:\PROGRA~2\Clear Cache Shortcut deleted C:\PROGRA~2\Homestuckify deleted C:\PROGRA~2\PageEdit deleted C:\PROGRA~2\Redirector deleted C:\PROGRA~2\Webutation deleted C:\ProgramData\BlueStacksSetup deleted C:\Users\Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Taken 3 2014BDRip x264-Larceny.lnk deleted C:\PROGRA~3\7463674114793177775 deleted C:\Users\Koen\.android deleted C:\PROGRA~2\GUT7A57.tmp deleted C:\PROGRA~2\GUM7A37.tmp deleted C:\Users\Koen\AppData\Roaming\appdataFr3.bin deleted C:\Users\Koen\welcome.vbs deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\InstallMate deleted C:\Users\Koen\AppData\Local\CRE deleted C:\Users\Koen\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\Koen\AppData\LocalLow\Bcool deleted C:\windows\SysNative\tasks\CodecUpdaterTask{C1AF9D2F-CF19-4AE9-8E0E-75049976218A} deleted C:\Windows\tasks\CodecUpdaterTask{C1AF9D2F-CF19-4AE9-8E0E-75049976218A}.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\PROGRA~2\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} deleted "C:\ProgramData\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\Taken 3 2014BDRip x264-Larceny.exe" deleted "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\2a93ac5b8beae0a9" not deleted "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\e76e0a0eac3e077d" not deleted "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\Taken 3 2014BDRip x264-Larceny.exe" deleted "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Koen\AppData\Local\Temp ==== 2015-03-10 13:23:03 057631047016A448B842B96E872B132B 43008 ----a-w- C:\Users\Koen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptayyn5.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-03-03 20:24:23 DDE994E9159497D0D5AB2CDF66D1EAD6 76800 ----a-w- C:\Windows\SysWOW64\wdi.dll 2015-02-24 23:40:28 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\SysWOW64\locale.nls ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-03 20:24:24 AA7079AD52B8BFBAE94167D54C32F84F 29696 ----a-w- C:\Windows\Sysnative\powertracker.dll 2015-03-03 20:24:23 D713D6446DDBB474D801F361B4B186EA 950272 ----a-w- C:\Windows\Sysnative\perftrack.dll 2015-03-03 20:24:23 C6F7473B55510F0B93961DA03D8E3B38 91136 ----a-w- C:\Windows\Sysnative\wdi.dll 2015-02-24 23:40:28 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\Sysnative\locale.nls ====== C:\Windows\Sysnative\drivers ===== 2015-03-10 15:24:30 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\Sysnative\drivers\glmkk.sys 2015-03-10 13:30:46 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-03-10 13:30:11 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-03-10 13:30:11 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-03-10 13:30:11 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-02-11 09:36:40 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-11 09:36:39 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-02-11 09:36:39 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2015-02-10 18:36:13 34E3CBBA95EAD56568423EEB124B5AE6 3364 ----a-w- C:\Windows\Sysnative\Tasks\{6852E35D-4670-4104-A0DA-3126CCB2A9EC} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-10 15:27:38 -------- d-----w- C:\Program Files\trend micro 2015-02-17 17:55:16 -------- d-----w- C:\Program Files\Microsoft Office 15 ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Koen\AppData\Roaming ====== 2015-03-08 17:44:26 -------- d-sh--w- C:\Users\Koen\AppData\Local\EmieUserList 2015-03-08 17:44:26 -------- d-sh--w- C:\Users\Koen\AppData\Local\EmieSiteList 2015-03-08 17:44:26 -------- d-sh--w- C:\Users\Koen\AppData\Local\EmieBrowserModeList 2015-03-08 17:44:21 -------- d-sh--w- C:\Users\Koen\AppData\Locallow\EmieSiteList 2015-02-15 19:57:28 -------- d-----w- C:\Users\Koen\AppData\Roaming\Spotify ====== C:\Users\Koen ====== 2015-03-10 15:26:51 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Koen\Downloads\RSITx64.exe 2015-03-10 13:27:09 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Koen\Downloads\mbam-setup-2.0.0.1000.exe 2015-03-10 13:12:40 95300BA672A14E3AE6740CB3CB41DB7B 2171392 ----a-w- C:\Users\Koen\Downloads\adwcleaner_4.112.exe 2015-03-09 18:41:54 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Koen\Desktop\dds.com 2015-02-17 18:00:38 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft 2015-02-17 17:57:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-11 19:41:16 -------- d-----r- C:\Users\Koen\Pictures ====== C: exe-files == 2015-03-10 15:27:39 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Koen.exe 2015-03-08 18:03:35 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe 2015-03-08 18:03:35 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe === C: other files == 2015-03-10 15:24:30 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\System32\drivers\glmkk.sys 2015-03-10 13:30:46 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-03-10 13:30:11 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-03-10 13:30:11 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-03-10 13:30:11 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-03-10 13:21:53 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Koen\AppData\Local\Temp\_MEI20362\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-03-10 13:21:52 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Koen\AppData\Local\Temp\_MEI20362\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-03-09 18:41:54 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Koen\Desktop\dds.com 2015-03-09 17:17:46 E24261F6AE0991385993C624120389DA 100 ----a-w- C:\Users\Koen\AppData\Local\Temp\uttF092.tmp.bat 2015-03-09 17:17:40 F2F18BC5529FFD6B9B22B18972E10202 68 ----a-w- C:\Users\Koen\AppData\Local\Temp\HYDD95A.tmp.1425921460\HTA\install.1425921460.zip 2015-03-09 17:17:33 F2F18BC5529FFD6B9B22B18972E10202 68 ----a-w- C:\Users\Koen\AppData\Local\Temp\HYDBCF4.tmp.1425921453\HTA\install.1425921453.zip 2015-03-08 17:57:28 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Koen\Downloads\maandstaat Ron DwarswaardHoucon Construction.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2162189199-1631107133-265142415-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Koen\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Spotify Web Helper"="C:\Users\Koen\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Koen\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Koen\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Spotify Web Helper"="C:\Users\Koen\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Koen\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Koen\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" "msnmsgr"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" "AVG-Secure-Search-Update_0913b"="C:\\Users\\Koen\\AppData\\Roaming\\AVG 0913b Campaign\\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid c13dfb2c649847d0b4f171fa8a64cf20-5de9ee254769474b501071276be2b5574ed6fdc5 --CMPID 0913b" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "LogMeIn GUI"="\"C:\\Program Files (x86)\\LogMeIn\\x64\\LogMeInSystray.exe\"" ==== Startup Folders ====================== 2012-09-27 19:44:44 1131 ----a-w- C:\Users\Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-10-06 11:42:58 1292 ----a-w- C:\Users\Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk 2013-10-30 12:29:10 1155 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 17:57] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-01-2015 17:56] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162189199-1631107133-265142415-1001Core.job --a------ C:\Users\Koen\AppData\Local\Google\Update\GoogleUpdate.exe [08-09-2012 15:28] C:\Windows\tasks\HPCeeScheduleForKoen.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 03:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Koen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2162189199-1631107133-265142415-1001Core" [C:\Users\Koen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2162189199-1631107133-265142415-1001UA" [C:\Users\Koen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForKoen" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{27BE1B25-1CCD-4255-BB03-592B97D04356}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{6298A269-D11A-4FA6-ABC1-79E75B3CC3B9}" ["c:\users\koen\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{AA7B1E43-84DF-4BAA-82E6-302C80BB4C00}" ["c:\users\koen\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - TrueSuite Website Logon - %AppDir%\extensions\websitelogon@truesuite.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ahjpcmknbihpimbhphomijdgjojhnnhc - C:\Users\Koen\AppData\Local\CRE\ahjpcmknbihpimbhphomijdgjojhnnhc.crx[] bfmogjcijkfeahcajecmmegieipfbdcc - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[17-08-2011 23:51] idclnppndfgjmbkndgnflleaelpfdbpi - C:\ProgramData\Bcool\idclnppndfgjmbkndgnflleaelpfdbpi.crx[] kncmjjooeedggldngaignobemebmacnh - C:\ProgramData\Codec-V\kncmjjooeedggldngaignobemebmacnh.crx[] njfdlbbafmjdgdgjephobehmgeeaogoh - C:\Users\Koen\AppData\Local\CRE\njfdlbbafmjdgdgjephobehmgeeaogoh.crx[] olakidobfhelgegjdgkchecjbgcifjaj - C:\ProgramData\Codec-V\olakidobfhelgegjdgkchecjbgcifjaj.crx[] pmlkdfmkmhbaopkabadofheinhjadomg - C:\ProgramData\Codec-V\pmlkdfmkmhbaopkabadofheinhjadomg.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ahjpcmknbihpimbhphomijdgjojhnnhc - C:\Users\Koen\AppData\Local\CRE\ahjpcmknbihpimbhphomijdgjojhnnhc.crx[] apdfllckaahabafndbhieahigkjlhalf - C:\Users\Koen\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[24-01-2015 17:57] hiolhmpmlcfkoaoafnbcgeemofoeagai - C:\Users\Koen\AppData\Local\Brand Thunder\mlbredsox\mlbredsox.crx[12-12-2012 16:29] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] njfdlbbafmjdgdgjephobehmgeeaogoh - C:\Users\Koen\AppData\Local\CRE\njfdlbbafmjdgdgjephobehmgeeaogoh.crx[] WGT Baseball: MLB - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpbjopfokekaencoephlgdbnljhcflhm ==== Chromium Fix ====================== C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSSE" "First Home Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "First Home Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.msn.com/?pc=MSSE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {2BB4FCA4-957D-4C3D-92BC-027B25576208} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2162189199-1631107133-265142415-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2BB4FCA4-957D-4C3D-92BC-027B25576208} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E931A51-A183-4E66-8562-D82896E74C67} deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ahjpcmknbihpimbhphomijdgjojhnnhc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\idclnppndfgjmbkndgnflleaelpfdbpi deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kncmjjooeedggldngaignobemebmacnh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\njfdlbbafmjdgdgjephobehmgeeaogoh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\olakidobfhelgegjdgkchecjbgcifjaj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlkdfmkmhbaopkabadofheinhjadomg deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ahjpcmknbihpimbhphomijdgjojhnnhc deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\njfdlbbafmjdgdgjephobehmgeeaogoh deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Koen\AppData\Roaming\VOS\VirtualDJ PRO Full\%Local AppData%\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Koen\Users\Koen\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=291 folders=54 261481636 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Downloads\AppData\Local\temp emptied successfully C:\Users\Koen\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Koen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\2a93ac5b8beae0a9" not found "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\e76e0a0eac3e077d" not found "C:\ProgramData\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}\Taken 3 2014BDRip x264-Larceny.exesearch" not found "C:\PROGRA~3\{489cd0e8-6ca7-719a-489c-cd0e86ca43a1}" not found ==== EOF on di 10-03-2015 at 18:25:47,27 ======================