
Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by hennie on vr 24-04-2015 at 21:40:52,26.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\hennie\Documents\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

24-4-2015 21:48:14 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Atari deleted successfully
C:\Program Files\Home Cinema deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\Users\hennie\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\hennie\AppData\Local\PowerCinema deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{006C9380-D33C-40DF-9283-F4AACFAC5A02} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{006C9380-D33C-40DF-9283-F4AACFAC5A02} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{006C9380-D33C-40DF-9283-F4AACFAC5A02} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{006C9380-D33C-40DF-9283-F4AACFAC5A02} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{006C9380-D33C-40DF-9283-F4AACFAC5A02} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C0D70ED8-D984-40C3-9666-8939CE76EA13} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{22E03916-85C5-44B0-8DC9-1830C11238D9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{006C9380-D33C-40DF-9283-F4AACFAC5A02} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACDaemon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ACDaemon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MozillaMaintenance deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MozillaMaintenance deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NMIndexingService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\NMIndexingService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\WtuSystemSupport deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\hennie\AppData\Roaming\Mozilla\Firefox\Profiles\vurufv7h.default

user.js not found
---- Lines Torntv modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\
---- FireFox user.js and prefs.js backups ---- 

prefs_24-04-2015_2215_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\Atari not found
C:\Program Files\Home Cinema not found
"C:\Windows\system32\fb78.dll" not found
C:\Users\hennie\AppData\Local\AVG Web TuneUp deleted
C:\Program Files\FoxTabPDFReader deleted
C:\extensions deleted
C:\Users\hennie\AppData\Roaming\LimeWirePlus deleted
C:\PROGRA~2\AVG Web TuneUp deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\hennie\AppData\Local\BearShare deleted
C:\Users\hennie\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Users\hennie\AppData\Roaming\Mozilla\Firefox\Profiles\vurufv7h.default\jetpack deleted
"C:\Users\hennie\AppData\Local\{04BFE958-130A-40E2-825A-9CCD3031CC5C}" deleted
"C:\Users\hennie\AppData\Local\{1E6E0728-B1F6-43D9-94D1-E219F62A348E}" deleted
"C:\Users\hennie\AppData\Local\{23BABB79-8AF8-44A6-A047-A8EA925083AF}" deleted
"C:\Users\hennie\AppData\Local\{2B21FECA-F0B6-45BD-82F7-FB6407CD839E}" deleted
"C:\Users\hennie\AppData\Local\{7C635297-5767-47E2-910D-648E0D7B5598}" deleted
"C:\Users\hennie\AppData\Local\{AF526645-7110-4DD8-93BA-C36AEB9DFEE1}" deleted
"C:\Users\hennie\AppData\Local\{B110D081-623E-4B7B-8099-6DB15DC8A618}" deleted
"C:\Users\hennie\AppData\Local\{D243D350-A296-43B7-8B82-7FD03E05456F}" deleted
"C:\Users\hennie\AppData\Local\{E70B5B25-F11D-4820-81C6-4EE03A3E5FE2}" deleted
"C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted
"C:\Program Files\AVG Web TuneUp\TBAPI.dll" deleted
"C:\Program Files\AVG Web TuneUp" not deleted
"C:\Program Files\AVG Web TuneUp" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\hennie\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2015-04-20 17:01:43	BFC1892FFA0E8D3351EF59D6E3F39A2F	1249280	----a-w-	C:\Windows\System32\msxml3.dll
2015-04-20 16:20:10	1359F3CD7DF4D105C6C70CCE671F8520	297984	----a-w-	C:\Windows\System32\gdi32.dll
2015-04-20 16:16:45	5D9311526801643000D7032A83B18B12	244152	----a-w-	C:\Windows\System32\clfs.sys
2015-04-20 16:16:45	2FF4B8BA9805BABA5E8FB923AF44F480	57344	----a-w-	C:\Windows\System32\clfsw32.dll
2015-04-20 16:15:11	E33CD56F2F344658C6000821611BBBD7	1205168	----a-w-	C:\Windows\System32\ntdll.dll
2015-04-20 16:15:11	377602E869DA9C05AC67CA3A5019A051	3604920	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-04-20 16:15:10	952EA6E27E3A16F02F85C10BB7F4752A	3552184	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-04-19 12:18:43	7D59D86548F987EC638482BE9537AD00	96680	----a-w-	C:\Windows\System32\WindowsAccessBridge.dll
2015-04-19 12:18:43	6045943DD4B9731735DB0774B25AE114	191400	----a-w-	C:\Windows\System32\javaw.exe
2015-04-19 12:18:42	B175AD07294EB83FD12947B47B009D66	190888	----a-w-	C:\Windows\System32\java.exe
2015-04-19 12:18:42	12F3D9FC2D1D68BB1C9AF782F94E4CF8	272296	----a-w-	C:\Windows\System32\javaws.exe
2015-04-15 15:06:42	55CC2EDB8C41846CCEDC4CFCD21AC136	6006784	----a-w-	C:\Windows\System32\mshtml.dll
2015-04-15 15:06:40	69E67B54726C6521BAB0F64FCE0A164E	1214976	----a-w-	C:\Windows\System32\urlmon.dll
2015-04-15 15:06:40	622CEE5D0FEDCFF831F6A8593D22D493	11084800	----a-w-	C:\Windows\System32\ieframe.dll
2015-04-15 15:06:39	DDF47DD87C45615CDD84940AEAD3020B	1469440	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-04-15 15:06:39	BA8AACE4FA38374F8C7CC1E5D5B3DB06	630272	----a-w-	C:\Windows\System32\msfeeds.dll
2015-04-15 15:06:39	1230634D2C2A51AA6F36B7DAE80E347B	420864	----a-w-	C:\Windows\System32\vbscript.dll
2015-04-15 15:06:38	E18BC5BB1FFC199B410D81925CB1F528	2006016	----a-w-	C:\Windows\System32\iertutil.dll
2015-04-15 15:06:38	44168CD13FF6580BC75974CBD3DEBA2B	630784	----a-w-	C:\Windows\System32\mstime.dll
2015-04-15 15:06:38	20D1E61A997E238C00720398A6DA2DBB	916992	----a-w-	C:\Windows\System32\wininet.dll
2015-04-15 15:06:37	38CA60168F267F02B3E04025E9B86AD8	385024	----a-w-	C:\Windows\System32\html.iec
2015-04-15 15:06:37	1FBB20F863F1730320B218660668CA22	387584	----a-w-	C:\Windows\System32\iedkcs32.dll
2015-04-15 15:06:37	0418A8E2F17E25D522AB44EFA9B234D8	216576	----a-w-	C:\Windows\System32\dxtrans.dll
2015-04-15 15:06:36	E9AD81F8D576D30B55987E49C8C377CC	206848	----a-w-	C:\Windows\System32\occache.dll
2015-04-15 15:06:36	E51492796BD4358B66846142E02B9714	164352	----a-w-	C:\Windows\System32\ieui.dll
2015-04-15 15:06:36	53D07337036188749E3BECBC3A503378	348160	----a-w-	C:\Windows\System32\dxtmsft.dll
2015-04-15 15:06:35	AFC78BA55C4B44464B062ABC62F3A35C	109056	----a-w-	C:\Windows\System32\iesysprep.dll
2015-04-15 15:06:35	7F33AB31328C462643FD683F4EA8DD17	105984	----a-w-	C:\Windows\System32\url.dll
2015-04-15 15:06:35	70C4133C962805444068255DA9BEB71B	133632	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-04-15 15:06:35	3182E7F79CCF3EB87297B3B67E5A60C2	184320	----a-w-	C:\Windows\System32\iepeers.dll
2015-04-15 15:06:34	D2D1F0B1992FF5D8F252D02D7B459596	55296	----a-w-	C:\Windows\System32\msfeedsbs.dll
2015-04-15 15:06:34	50F52280A4F92B091D43C8C20B11C0B6	55808	----a-w-	C:\Windows\System32\iernonce.dll
2015-04-15 15:06:34	4DE5349A4D79FC502830C69A23D91797	43520	----a-w-	C:\Windows\System32\licmgr10.dll
2015-04-15 15:06:34	3A7E10C8060FABADD619429DE81C66C2	67072	----a-w-	C:\Windows\System32\mshtmled.dll
2015-04-15 15:06:34	185E7AE904AFF5B9163301FE3678BB5C	71680	----a-w-	C:\Windows\System32\iesetup.dll
2015-04-15 15:06:33	EC02EB2995485BB9B19F79091CC6E2C6	25600	----a-w-	C:\Windows\System32\jsproxy.dll
2015-04-15 15:06:33	A46AA23AE7AA056EC31A08974C9D879F	174080	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-04-15 15:06:33	58BDFF49171723321EEF7B29DCE20816	13312	----a-w-	C:\Windows\System32\msfeedssync.exe
2015-04-15 15:06:33	0D860957DECFAC5AA21F98CC258297E7	19456	----a-w-	C:\Windows\System32\corpol.dll
2015-04-15 15:06:31	043E3390260C49D25D3B79B32ADA5E4D	1638912	----a-w-	C:\Windows\System32\mshtml.tlb
====== C:\Windows\system32\drivers =====
2015-04-23 14:50:54	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-23 14:48:14	A3F4391DFDF2F9E9FE4EAD193265A5AD	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-04-23 14:48:14	9BD41E40039098BF5F8FE878A9A6989E	75480	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-04-23 14:48:14	6D2DB74A8CF2DDFE372FFF9C73E8F0EF	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-04-20 15:36:46	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\089B7368.sys
2015-04-19 15:59:09	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\08993668.sys
2015-04-15 11:05:06	5897D0F8F83A9FD81F48F64324221EC9	206816	----a-w-	C:\Windows\System32\drivers\avgldx86.sys
2015-04-09 12:12:50	D060A39BFD1C95A4A1CEDCEFBD8BEF89	226784	----a-w-	C:\Windows\System32\drivers\avgidsdriverx.sys
2015-04-07 10:45:10	B5F24281DF67005DFDB7593D5C27F837	213984	----a-w-	C:\Windows\System32\drivers\avgtdix.sys
2015-04-03 07:37:24	0C577B0E18097204DA73FDE1BDD7BAA3	110048	----a-w-	C:\Windows\System32\drivers\avgmfx86.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-20 18:41:14	--------	d-----w-	C:\Program Files\trend micro
2015-04-19 14:00:13	--------	d-----w-	C:\Program Files\AVG Web TuneUp
2015-04-19 12:43:54	--------	d-----w-	C:\Program Files\AVG
2015-04-19 12:09:02	--------	d-----w-	C:\Program Files\Common Files\Java
======= C: =====
2015-04-24 12:00:57	FEAD240565D5F3F4501F9B534E104F97	1072	----a-w-	C:\MBAM Scanlog custom scan.txt
2015-04-19 11:50:05	232BC4F9270DF372530D5CB66A9631C1	2439	----a-w-	C:\DelFix.txt
====== C:\Users\hennie\AppData\Roaming ======
2015-04-19 12:48:43	--------	d-----w-	C:\Users\hennie\AppData\Roaming\AVG2015
2015-04-19 12:48:12	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2015
2015-04-19 12:44:00	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Local\Avg2015
2015-04-19 12:28:18	--------	d-----w-	C:\Users\hennie\AppData\Local\Avg2015
====== C:\Users\hennie ======
2015-04-19 12:47:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-19 12:45:34	--------	d-----w-	C:\ProgramData\AVG2015
2015-04-19 12:35:57	16D87FAC0BD6622A77B79E061D3CD332	42968	----a-w-	C:\Users\hennie\msistorg.dat
2015-04-19 12:28:19	--------	d--h--w-	C:\ProgramData\Common Files
2015-04-12 08:47:39	9A7962DB6F51C9889BE6B6EBDE221500	173568	----a-w-	C:\Users\hennie\pp ik eet.ppt
2015-04-04 11:25:54	A729EE4842CEEBF25F6879F02FE30A70	14989	----a-w-	C:\Users\hennie\6 april 2015.docx
2015-03-29 12:34:13	AC0E58A652431AE29F2644BEFC0FEB13	163584	----a-w-	C:\Users\hennie\beloning lisa.docx
2015-03-29 08:50:08	3E796819BA6EB95A1F457EF456FD4E0D	25791	----a-w-	C:\Users\hennie\Songtekst.docx
2015-03-29 08:16:17	1AD04B0A0F997E13A1693FF3D9D67175	19868	----a-w-	C:\Users\hennie\Leren leren.docx
2015-03-29 07:51:02	2F4B534D050C0FE48777B2E02625BAF2	927744	----a-w-	C:\Users\hennie\pp soep peen boon.ppt

====== C: exe-files ==
2015-04-20 18:41:16	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\hennie.exe
2015-04-19 12:51:47	114DEA326D9A95F27C53BFCE3040F3C2	7151856	----a-w-	C:\Program Files\AVG\AVG2015\Notification\Launcher.exe
2015-04-19 12:05:59	B175AD07294EB83FD12947B47B009D66	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-04-19 12:05:59	6045943DD4B9731735DB0774B25AE114	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-04-19 12:05:59	12F3D9FC2D1D68BB1C9AF782F94E4CF8	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-04-19 12:05:20	F65FA872AB42C3F0DBDDE26DF9609F5C	159656	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe
2015-04-19 12:05:19	D7168BCC2877E533EB32E0E00DCEEAE6	51112	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe
2015-04-19 12:05:19	B406B32BDFDE96384C5F0A93D0090403	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe
2015-04-19 12:05:18	EEF1E60EE8CD91EB27B465DF7D97D747	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-04-19 12:05:18	B2ED82B1A6ACCED29498BB9BA43D430F	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe
2015-04-19 12:05:18	6EE11615820FCCBC8879FD86DD033515	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe
2015-04-19 12:05:18	01E2DB324E5D3C31D1C31D7E3B9748CF	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe
2015-04-19 12:05:17	BDFE80354D388518D8C4E71F2734796D	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe
2015-04-19 12:05:17	9A78F5C33E24C55B7025416C79658759	16296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe
2015-04-19 12:05:16	E830232219E9156AF3E7F0ACB1B85FC8	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe
2015-04-19 12:05:16	57631CADE6FE87A131913D6241A5343A	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe
2015-04-19 12:05:16	33EF14CDCDD35CB53D3C3FCB3C2819CC	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe
2015-04-19 12:05:16	11EEA5DB4A0B073867E3DCBCDBF12118	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\klist.exe
2015-04-19 12:05:15	90D8F0F8665DFE0F5616902F8A0E8561	76712	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-04-19 12:05:14	3C07B66A8BB9F028DC8EB87F84915DF0	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe
2015-04-19 12:05:10	12F3D9FC2D1D68BB1C9AF782F94E4CF8	272296	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe
2015-04-19 12:05:09	6045943DD4B9731735DB0774B25AE114	191400	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe
2015-04-19 12:05:08	7AEB4F5D482E1167E1FE9A726584BCD6	68520	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
2015-04-19 12:05:07	C885370364208460FD31001113F2B2A2	15784	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe
2015-04-19 12:05:07	B175AD07294EB83FD12947B47B009D66	190888	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\java.exe
2015-04-19 12:05:06	EECA4389069973E098AC4A167D58DC47	30632	----a-w-	C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe
2015-04-18 10:02:53	0D423A0CBEC984F3C08354C72E999FB1	11017296	----a-w-	C:\Users\hennie\AppData\Local\Google\Update\Install\{5F60B34C-50E7-46C5-A502-8C142D0D5D35}\42.0.2311.90_41.0.2272.118_chrome_updater.exe
2015-04-18 10:02:50	0D423A0CBEC984F3C08354C72E999FB1	11017296	----a-w-	C:\Users\hennie\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.90\42.0.2311.90_41.0.2272.118_chrome_updater.exe
=== C: other files ==
2015-04-24 08:08:44	34FA9A72F559F3FBA73289B49A8F0429	84	---ha-w-	C:\Program Files\Common Files\X10\Common\x10prod.sys
2015-04-23 14:50:54	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-23 14:48:14	A3F4391DFDF2F9E9FE4EAD193265A5AD	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-04-23 14:48:14	9BD41E40039098BF5F8FE878A9A6989E	75480	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-04-23 14:48:14	6D2DB74A8CF2DDFE372FFF9C73E8F0EF	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-04-20 16:16:45	5D9311526801643000D7032A83B18B12	244152	----a-w-	C:\Windows\System32\clfs.sys
2015-04-20 15:36:46	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\089B7368.sys
2015-04-19 15:59:09	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\08993668.sys
2015-04-19 12:05:21	34AD992DE8D6023490DB5C9017FAE6E8	14130	----a-w-	C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe  /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"GroupsICT"="C:\Users\hennie\AppData\Roaming\GroupsICT.exe"
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart"
"Google Update"="C:\Users\hennie\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; OfficeLivePatch.1.3; .NET CLR 3.0.30729; OfficeLiveConnector.1.4) -http://www.spele.nl/game/pacman/motor_banen.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe  /MINIMIZED"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"GroupsICT"="C:\Users\hennie\AppData\Roaming\GroupsICT.exe"
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart"
"Google Update"="C:\Users\hennie\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; OfficeLivePatch.1.3; .NET CLR 3.0.30729; OfficeLiveConnector.1.4) -http://www.spele.nl/game/pacman/motor_banen.html"

==== Startup Folders ======================

2013-09-08 14:04:58	1119	----a-w-	C:\Users\hennie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14-04-2015 19:35]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24-10-2014 10:35]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24-10-2014 10:35]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-916243623-521414899-487270652-1000Core.job --a------ C:\Users\hennie\AppData\Local\Google\Update\GoogleUpdate.exe [24-10-2014 16:40]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-916243623-521414899-487270652-1000UA.job --a------ C:\Users\hennie\AppData\Local\Google\Update\GoogleUpdate.exe [24-10-2014 16:40]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\system32\tasks\4812" [wscript.exe C:\Users\hennie\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-916243623-521414899-487270652-1000Core" [C:\Users\hennie\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-916243623-521414899-487270652-1000UA" [C:\Users\hennie\AppData\Local\Google\Update\GoogleUpdate.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\hennie\AppData\Roaming\Mozilla\Firefox\Profiles\vurufv7h.default
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [11-08-2009 15:23]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\hennie\AppData\Roaming\Mozilla\Firefox\Profiles\vurufv7h.default
6BEAD7859E8A087BE04556AB5A78855C	- C:\Users\hennie\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer
49D429EBF5305FC9ADD7545B7C914333	- C:\Users\hennie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
7F776D29CE1EC62F9D30BD877A40D419	- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll -	DivX Plus Web Player
C517E5EA7CEE783F3681F62D2A362E5B	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live? Photo Gallery
AF98ECFCA95399CB7402C34E5E2967B6	- C:\Program Files\ABN AMRO e.dentifier2\Mozilla\npBECON.dll -	ABN AMRO e.dentifier2 Plug-in
0CA4180B21C6B728578F3B0433BB740E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
24E990B1E6D55428001843CF7217DD81	- C:\Program Files\Microsoft\Office Live\npOLW.dll -	Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
AB87EEFFD18F2BAAFC274E7075EA6C67	- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
DFCAB29E8FD38F95650CC1E203E8D318	- C:\Windows\system32\npmproxy.dll -	Microsoft® Windows® Operating System


==== Chromium Look ======================


Bookmark Manager - hennie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik

==== Chromium Startpages ======================

C:\Users\hennie\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "https://sites.google.com/a/mytylschooldebrug.nl/intranet/home?pli=1", "https://www.google.nl/" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://mysearch.avg.com/?cid={961C1CFA-9A76-4D92-87A3-A228B2080F60}&mid=c58bc967d89247cdbc42d15426af2cdd-c3309647e0c8f106dc9ce2d3c900db9ee0fe34fc&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-04-19 16:03:35&v=4.1.0.411&pid=wtu&sg=&sap=hp"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.aldi.com/"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search/?q=%s"
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{316827E2-1FEA-48CB-A069-CF3902A320F7} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rlz=1I7MEDA_nl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{316827E2-1FEA-48CB-A069-CF3902A320F7} deleted successfully
HKEY_USERS\S-1-5-21-916243623-521414899-487270652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{316827E2-1FEA-48CB-A069-CF3902A320F7} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\hennie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\hennie\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\hennie\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\hennie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\hennie\AppData\Local\Mozilla\Firefox\Profiles\vurufv7h.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\hennie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=685 folders=91 173273585 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hennie\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot