
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Henk on vr 15-05-2015 at 22:29:53,77.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Henk\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

D:\zoek-results2014-08-23-105042.log	58681 bytes
D:\zoek-results2014-08-23-164109.log	8094 bytes
D:\zoek-results2015-01-28-160323.log	47316 bytes
D:\zoek-results2015-01-31-120931.log	1691 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\FireTrust\MailWasher Free\MailWasher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Henk\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bisymody deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bisymody deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\buwomyre deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\buwomyre deleted successfully

==== Deleting Files \ Folders ======================

D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default\extensions\staged not found
D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default\extensions\searchffv2@gmail.com not found
C:\Program Files (x86)\globalUpdate not found
C:\Program Files (x86)\predm not found
D:\Henk\AppData\Roaming\03000200-1431544358-0500-0006-0007000800 not found
"D:\Henk\AppData\Roaming\ezxdHgu0.exe" not found
"D:\Henk\AppData\Roaming\UBwKWzbcc4LjsPT3i6EFJbDB.exe" not found
C:\PROGRA~2\1021fc00-f198-4f03-bbfc-92e0bfdbd919 deleted
D:\Henk\AppData\Roaming\\AlawarEntertainment deleted
D:\Henk\AppData\Local\\nsy2D4D.tmp deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-2771351034-1752285704-1091563883-1008 deleted
C:\Users\Public\Documents\iwin deleted
"C:\Windows\tasks\ezxdHgu0.job" deleted
"C:\Windows\tasks\UBwKWzbcc4LjsPT3i6EFJbDB.job" deleted
"D:\Henk\AppData\Roaming\ezxdHgu0" deleted
"C:\Windows\tasks\ezxdHgu0.job" deleted
"C:\Windows\SysNative\tasks\ezxdHgu0" deleted
"D:\Henk\AppData\Roaming\UBwKWzbcc4LjsPT3i6EFJbDB" deleted
"C:\Windows\tasks\UBwKWzbcc4LjsPT3i6EFJbDB.job" deleted
"C:\Windows\SysNative\tasks\UBwKWzbcc4LjsPT3i6EFJbDB" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4096 MB
CPU Info: AMD Athlon(tm) II X4 640 Processor
CPU Speed: 2909,2 MHz
Sound Card: Headphone (VIA HD Audio) | 
SPDIF Interface (TX0) (VIA HD A | 
Display Adapters: AMD Radeon HD 5670 | AMD Radeon HD 5670 | AMD Radeon HD 5670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: NVIDIA nForce 10/100/1000 Mbps Ethernet
CD / DVD Drives: 1x (E: | ) E: _NEC    DVD_RW ND-2500A
Ports: COM1 LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  221,6GB | D:  244,0GB | F:  931,5GB
Hard Disks - Free: C:  136,5GB | D:  178,7GB | F:  483,5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/17/10 | 051710 - 20100517
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASRock M3N78D
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Firewall: avast! Antivirus disabled
Default Browser: Google Chrome	42.0.2311.152
Internet Explorer Version: 11.0.9600.17801 
Mozilla Firefox version: 37.0.2 (x86 en-US)
Google Chrome version: 42.0.2311.152
Adobe Reader version: 11.0.10.32
Sun Java version: 1.8.0_45 (32-bit) 
Sun Java version: 1.8.0_45 (64-bit) 
Flash Player version: 17.0.0.169
Shockwave Player version: 12.1.3r153

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-05-08 18:47:34	2169B4B1EFAA3453A4DA732F1F94C1E1	43112	----a-w-	C:\Windows\avastSS.scr
====== D:\Henk\AppData\Local\Temp ====
2015-05-14 15:42:31	FFF2C9BA6AB0C6F3A290CD3FBCBDF3C0	165704	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\psmachine.dll
2015-05-14 15:42:31	C51C9B677C0BF6651B4D0AEE60E005A7	188232	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\psmachine_64.dll
2015-05-14 15:42:31	98137411B9C632095F919E2CE70B288A	599368	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\npGoogleUpdate3.dll
2015-05-14 15:42:31	821CC209D61D0ED1F4C86ABE0C8A1319	188232	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\psuser_64.dll
2015-05-14 15:42:31	580930FD62744F10FCDD5375E201BEEA	165704	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\psuser.dll
2015-05-14 15:42:29	FD98434B6A06FE31A35E4BFBC827B290	52040	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdateOnDemand.exe
2015-05-14 15:42:29	F3B6470DA7CE34E559D3BA7365CC909C	115528	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdateComRegisterShell64.exe
2015-05-14 15:42:29	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdateSetup.exe
2015-05-14 15:42:29	7502515B2447293E7239840134391CE0	28160	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdateHelper.msi
2015-05-14 15:42:29	5F0A3AA68785C49454F56C9F2DDA0237	52040	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdateWebPlugin.exe
2015-05-14 15:42:29	5C2593649CF4FE6B9ED6F9A734DBF344	1683272	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\goopdate.dll
2015-05-14 15:42:28	E1B44A75947137F4143308D566889837	107848	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdate.exe
2015-05-14 15:42:28	83BB030C71C9727DCFB2737005772C4E	232264	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleCrashHandler.exe
2015-05-14 15:42:28	4C02536F4CA35911FB3EA5715F300C57	52040	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleUpdateBroker.exe
2015-05-14 15:42:28	323CFFFDAF253AC65CD194A101BE6231	287048	----atw-	D:\Henk\AppData\Local\\Temp\{E7B08404-7A86-4D5A-BFBF-CADBABA11478}\GoogleCrashHandler64.exe
2015-05-13 19:13:08	10FFABC748D68C40B68F883058C9B932	50225	----a-w-	D:\Henk\AppData\Local\\Temp\81431544380\S05AK1JUUA==10700.exe
2015-05-13 19:09:38	62BC010C4F52DF84E03B0BB57BE66A41	760848	----a-w-	D:\Henk\AppData\Local\\Temp\Komax Kappa 220 Service Manual__10924_i1514958887_il651967.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-05-13 11:35:47	858EB73F68B20A2A5C66B6C000D1C0DD	102608	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:40:14	D0CA74BE380498A0111A73EB9C76CF8F	342016	----a-w-	C:\Windows\SysWOW64\certcli.dll
2015-05-13 09:40:14	2665A3D34D1C62DF303723422215B001	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-05-13 09:39:51	CFCB89C0FE8EF502A7934C0D20E5DBD6	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 09:39:51	C3120D99E6DA7878A1DD2D88138AC60A	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-05-13 09:39:51	9025CA7BCD6B7956366FC90B3D6E3933	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 09:39:50	8C00AB01B1BC1E2F69765776BBC5A5D1	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 09:39:49	D74445161E58644309F858342F5E265C	19691008	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-05-13 09:39:49	C2EB0AA5570CF8BC881B36EE55A59337	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 09:39:49	C1A32612710492D0C3339E46EC15E333	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-05-13 09:39:49	AA2F2D55DEF98007839D0189D721D70B	1310208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-05-13 09:39:49	7B4FA4B41FBDBB12C5038FCB6E6652AA	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 09:39:49	746BBC86351D07859D8B40056447F7B2	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 09:39:49	6388FC82897DDDA607BBE3580D75AE15	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 09:39:48	E993B5E929F46A52E9F4EB68A7855CDF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-05-13 09:39:48	63A2E3E9C771B1D4D7D84942D6FCB661	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 09:39:48	28313FF0DE83EAD8F5EF1B963D9078C3	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 09:39:48	136687227F11CE928CB05F4FD90319AC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 09:39:47	F2DB87F164BC13AB8EF90FBF5D866B65	664576	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-05-13 09:39:47	CC4974FCF9387F32A0FF87BCE093A5AD	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 09:39:47	C525258A00ECFB4CE089F54C163268C3	2278400	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-05-13 09:39:47	BCFA71A878903B5F92A7AFEFCCC5CA97	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-05-13 09:39:47	5AAC24BF6C4A54DA526CC6244DEBE227	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 09:39:47	3CE5DE0730C22A54FE783DB8A989E8BD	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 09:39:47	1BBC9CFD29A62D80FB77BB69BFF7513C	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 09:39:47	0E22CD36FC3292CB812CC46CBCFD8444	12828672	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-05-13 09:39:45	6E2B4875B968324E5844F35A37A79260	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-05-13 09:39:45	1C5C5B5EF9CFDFC897D4549A2385DB3A	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 09:39:44	CB5F450D21B9D76B7F01D006E4AEDB40	1882112	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-05-13 09:39:44	37625FC1DAF886F1980E2D8F315B93AC	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-05-13 09:39:44	07E82A31808C8BC053D1DE547082C58F	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-05-13 09:39:24	8D50ED3F0FBE3590AB0D43BF7B60E57A	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 09:39:24	0A66C88B087249742381924AB8F9EFCC	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 09:39:23	D0F574320615303ADECDCB452EBB8930	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-05-13 09:39:23	A44680B810977EA64E280523E96F2EA9	1310744	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-05-13 09:39:23	7A5824DC9A85FCE4334F57FF0795853E	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-05-13 09:39:22	EB058143B57ED460AC4F2DFBA104BBFF	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 09:39:22	C6D2D384B6232B0B800234C03C50979F	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-05-13 09:39:22	8C45A65ED20B487085B79EEFCC08D160	92160	----a-w-	C:\Windows\SysWOW64\sechost.dll
2015-05-13 09:39:22	54A01CC4BC47B31C5CD082D064AB37BC	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-05-13 09:39:22	1569F20BB9DB9FDC87A6D3C8A3726ABF	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-05-13 09:39:21	850F756363237A2EB069B9B25EF8BEC3	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-05-13 09:39:21	7F99900705E249E9D5C55E490B7D076E	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 09:39:21	74C0EC1257698176E288DA282F318E1C	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-05-13 09:39:21	66D6A06936088E412E29A182679F0D71	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 09:39:21	0B6E937863837BA3383E9CE9200DDF1E	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 09:39:20	FCB1C8345C794FE89ABA03B4CA3131BB	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 09:39:20	F286528898342F0F1EB402606750C391	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-05-13 09:39:20	D9E25B4BD2120CC5183CCCE9421C7AFE	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-05-13 09:39:20	AFFE5747054D03F8CEE18A8518A9AA34	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-05-13 09:39:20	ABA025664F9F42C568B2C022AADCB18F	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-05-13 09:39:20	97B30711DC6CA0EA4EACEDCE8080A3B4	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-05-13 09:39:19	99A508910BB06DFBE99D9AF7D6B4E950	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-05-13 09:39:19	3346701038E55BD366F3D5CE31F55483	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 09:39:18	79AF005633B7E41B7A194A7E7B9D3D93	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-05-13 09:39:18	741DB93796E7D4F3F804C13537FB40F4	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-05-13 09:39:18	6BB13D5E12C5C4D829C1D640DF269EA0	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-05-13 09:39:17	F43CB86F9536B17E5C7CFCFB48ACBE54	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-05-13 09:39:17	D9716B488CC27652C12B1B5E0944987E	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-05-13 09:39:17	D079A408CC3E22A09D1260A6F18FC0FD	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-05-13 09:39:17	BF9BB4113E9FCDABD4C703DDD06293F3	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-05-13 09:39:17	9638DA21E965E23C85C4319F3F66D824	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 09:39:17	86B2AC15999BB4F8B5C84AB6154A1783	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-05-13 09:39:03	C22AB1781BC6F0BB1C9B352CF66DBFFC	1250816	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-05-13 09:38:56	418AEC0CE89A13200F2820079B9CDFD9	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2015-05-13 09:38:52	744AB3C1A73A57DEED49D631F1BDEA1D	2311168	----a-w-	C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 09:38:49	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-05-13 09:38:46	DCA2C6E7990771209CDD8E9DA90ED0E2	5120	----a-w-	C:\Windows\SysWOW64\shimeng.dll
2015-05-13 09:38:46	D3E8C7FADB758E5D222C639CC65790AD	295936	----a-w-	C:\Windows\SysWOW64\apphelp.dll
2015-05-13 09:38:46	715C060150D969B0DE5DD5B365A712AF	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-13 11:35:47	189FB45D7442083AE8A2E4E612233EF7	124112	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:40:14	ED4B980701D081AC42F7B121C1E42149	460800	----a-w-	C:\Windows\Sysnative\certcli.dll
2015-05-13 09:40:14	8AD8D17425C75D2621B2CDFE0DEABD21	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-05-13 09:39:51	E802824B9B4A16355A5233A7B8215ECE	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-05-13 09:39:51	9DCD15027A13195ABA68B40A5EB26691	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-05-13 09:39:50	70EDB996FE1BCB699232A15CB0D0FA32	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-05-13 09:39:49	6D2787CD32595A91969502A399E7BA48	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-05-13 09:39:49	5EDC6AF7589B65C89CB1154B3377D0C4	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-05-13 09:39:49	1122DD841CCB7E07EF41039CBD66A29E	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-05-13 09:39:48	ED4EB5A0CDD251A17B946C515CB94D70	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-05-13 09:39:48	D7B9EEF960F68DC18724BB5F89A464DD	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-05-13 09:39:47	EB9FCD39D65E23380CB2C2F0E6F2ED53	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-05-13 09:39:47	E20B5098C8707B2CF0858024568234FF	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-05-13 09:39:47	2A2CDE78F9E9019AD0E4D804A02688A3	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-05-13 09:39:47	010F562B961AB8CAEC7A0C72F8FDD690	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-05-13 09:39:46	F28577138120BA7E5423820D4B4C4727	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-05-13 09:39:46	49B1935F131A44CD29857D6900CB643F	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-05-13 09:39:45	F918BE3C5ACA0B6485D725CC1A5348DC	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-05-13 09:39:45	B85ECB91C88F6E74045061B7F7DDEFA2	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-05-13 09:39:45	843D063E75B19188759CBEC82828BCB1	2885120	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-05-13 09:39:44	CA0369799519F33DDE8FD26F5D87D014	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-05-13 09:39:44	29BBA65402DD568F49C837533F269482	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-05-13 09:39:44	0B4E78E6E65D1FD2CE55C93CF1EFD623	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-05-13 09:39:43	E061B5A1D0F9BBACA41149201ADF4A3B	14401536	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-05-13 09:39:43	1D610F215769E4FF56C7B1847DE4B86D	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-05-13 09:39:43	1921A72BF1273BED72E569EF1F1A0611	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-05-13 09:39:42	FFC30231459FC44FD73E07532C707791	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-05-13 09:39:42	DC1200D3C3AC1E69A4DAD053BC26BF0D	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-05-13 09:39:42	79A4C71CD8B610DE9F66B72B5654C450	6025728	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-05-13 09:39:42	63061A0826839DE8F5B4713976C99F1B	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-05-13 09:39:41	F0289B3A341429117696F0279DA977B6	2352128	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-05-13 09:39:41	C1D6BD834E69E8F77C8B4DDFCEE073F6	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-05-13 09:39:41	5A18ACE782C215300BE1C82D9EDC565B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-05-13 09:39:40	F2A1718334172C0F4E231E998F6CB8AB	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-05-13 09:39:39	C31D57F7A58FACDA2671075CEBA75199	24971776	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-05-13 09:39:36	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\Sysnative\services.exe
2015-05-13 09:39:26	EA8A3E8C674B03CB4AFA1D344DBD7BC1	1254400	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-05-13 09:39:26	D449C36379EBEFD3CCDAEC328002BB5B	36864	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-05-13 09:39:25	A985325F4FE72FB003749A2FBBA9952E	5569984	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-05-13 09:39:25	8453010B6512DAEAFC61CC0836FA137E	1728960	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-05-13 09:39:24	10D39E74B0D5011A8C199B9646579C3F	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-05-13 09:39:23	DA8B541825991F6699790E617FF0FF60	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-05-13 09:39:23	B01B21E15671ACD3F0AD131DC4CABFC7	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-05-13 09:39:23	408A8232E84515E4AA819E0C95E65257	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-05-13 09:39:23	1C9F2F4A2C603739BD8CC8C64310AFD7	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-05-13 09:39:22	FDF1E0FD74DED0034BA6FFB665E0641E	424448	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-05-13 09:39:22	EE27E1D639E3807229C15AF94320CF0A	404992	----a-w-	C:\Windows\Sysnative\tracerpt.exe
2015-05-13 09:39:22	E55A72876BC5E244D0A8F7F07862A939	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-05-13 09:39:22	D17DD01601460F5899E5C154B3FD0BFA	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-05-13 09:39:22	CCAB9BE9C9100C5F54A5A8F355730841	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-05-13 09:39:22	A0BCD6A64281492EFAE02AC144A335F1	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-05-13 09:39:22	9C5DBA74D0C641C2A4ABDC79969B7BEF	104448	----a-w-	C:\Windows\Sysnative\logman.exe
2015-05-13 09:39:22	52146DBFE253B83FAB1980AA704C7974	113664	----a-w-	C:\Windows\Sysnative\sechost.dll
2015-05-13 09:39:22	0CD609B1143961F5C3BA691729A6A5DA	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-05-13 09:39:21	FE60A67032A5C94F6ACE483C8FE84105	47104	----a-w-	C:\Windows\Sysnative\typeperf.exe
2015-05-13 09:39:21	DA5EF2CC0764BE7097BAFA9CAF903FE8	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-05-13 09:39:21	CD3770C78AFFC223A3B9D38F27B7A309	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-05-13 09:39:21	ACE24D86D2714FCC1639F890DF54951B	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-05-13 09:39:21	52935C072F8D5A92508AA3A3CC9133C7	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-05-13 09:39:21	40C5EA47D4AEC96249B09BF0C076A60C	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-05-13 09:39:21	2292CD8500725B94B7D2E3C0C84F2D19	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-05-13 09:39:20	BB7BAF9532DBA5AB4009E981687D1EA6	19456	----a-w-	C:\Windows\Sysnative\diskperf.exe
2015-05-13 09:39:20	A3DCC3D8BB57E31EA07949313CC3A3CF	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-05-13 09:39:20	9262D6E2C239EDD6D87B080F2BCCEC9F	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-05-13 09:39:20	8C711AF30BE3991050D0D011D92CFBE0	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-05-13 09:39:20	79F036EB691ABBA84E8EB1715E5F2B17	43008	----a-w-	C:\Windows\Sysnative\relog.exe
2015-05-13 09:39:20	4DD0098FFAB4664DB979537C48AE055F	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-05-13 09:39:19	E1B0C7042BA7B8903D60DF3885F2DFE7	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-05-13 09:39:19	D2602AC48B38FA10956E32D18E7143B0	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-05-13 09:39:19	ADC2D7B5BFF277E5A9FACE6A21A24ABC	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-05-13 09:39:19	50EBA6640805F6D5EF4A0DCEF2D180AB	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-05-13 09:39:19	0D9BDBE780DD81757AC5AF87E8B1EBEC	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-05-13 09:39:18	D205305FB0E352A9D4CF922D6A016BF4	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-05-13 09:39:17	AF278DB00C43E925E58C8CA2C0CF4C71	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-05-13 09:39:17	90DC7B112F946B412C9CDC6F459F4053	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-05-13 09:39:17	90293AAC2AB0908BFF98ADB89CEBC931	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-05-13 09:39:17	7A448B8CED7F7348C36159D5CC8E19ED	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-05-13 09:39:05	E612E86FA15EA1EF9A52433A2743C447	1179136	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-05-13 09:39:04	490505F6E53EF046EC70A353BC9CD615	1647104	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-05-13 09:39:03	D858C33B133740D5F1F1CF71C33F6355	3204608	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-05-13 09:38:56	2B36E0C5C262437E1B098344DEFA55F8	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-05-13 09:38:55	6B0F962B1EE486FFE7BCABBC9C736976	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2015-05-13 09:38:52	E5404072A5A9E0B452ADDF1D1339176C	2543104	----a-w-	C:\Windows\Sysnative\wpdshext.dll
2015-05-13 09:38:49	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\Sysnative\poqexec.exe
2015-05-13 09:38:46	F55F287810AAF708618793764AF7D1BB	23552	----a-w-	C:\Windows\Sysnative\sdbinst.exe
2015-05-13 09:38:46	83BFCCAC53795E8A5055A93672D0C46C	72192	----a-w-	C:\Windows\Sysnative\aelupsvc.dll
2015-05-13 09:38:46	7E21D3072EB20D5400919D435D549A9B	6656	----a-w-	C:\Windows\Sysnative\shimeng.dll
2015-05-13 09:38:46	31D260ADAF1CCFEFC49DB9FBCE9986DA	342016	----a-w-	C:\Windows\Sysnative\apphelp.dll
2015-05-08 18:48:13	9CA2FDD44F7C1F8AC1652F6C2638CFED	364472	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2015-05-13 09:39:22	F7DFAE6040AC910B7C64EE208A34157D	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-05-13 09:39:22	8FE94F2EF9BF444E93E35D87E210D02F	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-05-08 18:50:15	2EF62E6F46345480A2946AA7D7EB28F5	28144	----a-w-	C:\Windows\Sysnative\drivers\aswKbd.sys
2015-05-08 18:45:10	81A2A421E6D7B43AA9E87A5FCB5730C3	449896	----a-w-	C:\Windows\Sysnative\drivers\aswNdisFlt.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= D: =====
====== D:\Henk\AppData\Roaming ======
====== D:\Henk ======
2015-05-14 20:47:10	0A975D6DC7AFA65B101CE36CD83DCE09	9138	----a-w-	D:\Henk\Downloads\AdwCleanerS8.txt
2015-05-14 20:41:10	0A975D6DC7AFA65B101CE36CD83DCE09	9138	----a-w-	D:\Henk\Desktop\AdwCleaner[S8].txt
2015-05-14 19:20:50	2E1D22AC30F4B392CEAF3D7D59BE3626	2204160	----a-w-	D:\Henk\Downloads\adwcleaner_4.203.exe
2015-05-14 17:44:02	C3B069CC1D2951C291F8AA3F3DA72C02	41243	----a-w-	D:\Henk\Downloads\info.txt
2015-05-14 17:30:06	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	D:\Henk\Downloads\RSITx64.exe
2015-05-14 16:45:14	4275E53305DD8BB2A4FB78A307336E1F	1252	----a-w-	D:\Henk\Downloads\malware gescand 14-5-2015 (1).txt
2015-05-14 16:36:24	4275E53305DD8BB2A4FB78A307336E1F	1252	----a-w-	D:\Henk\Downloads\malware gescand 14-5-2015.txt
2015-05-13 15:25:30	79FD83C117BB1E0CAC108E451D969986	48140	----a-w-	D:\Henk\Downloads\Factuur_automatische_incasso_11-05-2015 (1).pdf
2015-05-13 15:25:26	3B862FD8CB35AF008C0403E9B6988A6B	48142	----a-w-	D:\Henk\Downloads\Factuur_automatische_incasso_11-05-2015.pdf
2015-05-13 15:25:14	FEF4F748596DFEE80F0AEB71CB99F428	49343	----a-w-	D:\Henk\Downloads\Factuur_automatische_incasso_11-04-2015.pdf
2015-05-11 17:59:57	FA846A5E9873D698C1C7F86A1B352436	153327	----a-w-	D:\Henk\Desktop\hardhout schutting.jpg
2015-05-09 18:57:56	81CE74E5ECF6857CF7A873B112D43D9F	1484	----a-w-	D:\Henk\Desktop\MotorTown.exe - Snelkoppeling.lnk
2015-05-09 18:01:19	6452F67FF4E2B7E70677BE12554F54ED	998307	----a-w-	D:\Henk\Downloads\Puzzel spelletjes.torrent
2015-05-09 17:57:28	4EA69F408E013BB9C4639AFF80B64D20	14993	----a-w-	D:\Henk\Downloads\Motor Town - Bezielde Bolides.torrent
2015-05-09 14:59:08	A2B2DC1B627100F1D431307527D7E380	238080	----a-w-	D:\Henk\Desktop\voorbeeld schuttingen.doc
2015-05-05 10:59:36	BA849A2305B2EDDBD6BB87887F703D2A	1347258	----a-w-	D:\Henk\Downloads\ru-14700109-14700109.643404671134327-20140121_2312_usa-T40_85_winter.wotreplay
2015-05-03 11:01:47	9146DECFE689E22A38DBCEAB074A91F4	53	----a-w-	D:\Henk\Desktop\Webcam Groningen Grote Markt - Martinitoren - Stadhuis - Waagstraat.url
2015-05-02 21:30:18	8C3F1852CF95CA4F2609743770E0B39B	59332	----a-w-	D:\Henk\Downloads\schutting achter.jpg
2015-05-02 20:23:20	--------	d-----w-	D:\Henk\Desktop\schuttingen
2015-04-21 16:13:27	6EDC3730396616B62A0E46764F70E188	9707900	----a-w-	D:\Henk\Desktop\Beheerplan bomen Lewenborg.pdf
2015-04-19 18:59:01	7C90175E6EE9763B0C7FC6C140AA8D46	71	----a-w-	D:\Henk\Desktop\Keukens.url

====== C: exe-files ==
2015-05-14 19:38:22	4A8C4031A194515AAD83EC9120D2F6A3	54784	----a-w-	C:\Windows\Temp\F79.tmp.exe
2015-05-14 19:38:21	212E581AB0D0B550435B5409A1B4BA68	316850	----a-w-	C:\Windows\Temp\BEE.tmp.exe
2015-05-14 18:08:45	EFE3565332B4229EBBEE7EC0E422FC1F	54784	----a-w-	C:\Windows\Temp\262D.tmp.exe
2015-05-14 18:08:43	9F1B53986990CA34548F83A8B9EE3C3C	314810	----a-w-	C:\Windows\Temp\1F85.tmp.exe
2015-05-14 16:38:41	D9026A0DB7D40825EA9917505628D367	54784	----a-w-	C:\Windows\Temp\B222.tmp.exe
2015-05-14 16:38:39	50497DD34ADDB840FDBE1BA977F2A14E	321449	----a-w-	C:\Windows\Temp\AB2C.tmp.exe
2015-05-14 15:43:14	D114497B17F8118E6AAD27735B467D3A	41774672	----a-w-	C:\Program Files (x86)\Google\Update\Install\{F52B7CEF-5CA9-407E-A51A-4B5E8ED1B14A}\42.0.2311.152_chrome_installer.exe
2015-05-14 15:43:12	D114497B17F8118E6AAD27735B467D3A	41774672	----a-w-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\42.0.2311.152\42.0.2311.152_chrome_installer.exe
2015-05-14 14:59:29	3D034D4843D3E3B01BFA9CFE509AA38D	55296	----a-w-	C:\Windows\Temp\ADAD.tmp.exe
2015-05-14 11:49:11	1FBF54B7AAE3EFCF17CDF8B104FAEF0D	54784	----a-w-	C:\Windows\Temp\E3D5.tmp.exe
2015-05-14 10:19:10	1843E54D6BD7F84E3819AFA4D5D4073F	54784	----a-w-	C:\Windows\Temp\7BA1.tmp.exe
2015-05-14 10:19:07	8C6F7E7A29D26FE5166FEB353B3EA0D4	291630	----a-w-	C:\Windows\Temp\6F8A.tmp.exe
2015-05-13 22:02:47	DD743B93AF1A48D9E62762C17271858C	313867	----a-w-	C:\Windows\Temp\F6C0.tmp.exe
2015-05-13 09:39:51	9DCD15027A13195ABA68B40A5EB26691	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-05-13 09:39:49	5EDC6AF7589B65C89CB1154B3377D0C4	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-05-13 09:39:49	4B3D652AACEE4FE636F74CB8015BF00E	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-05-13 09:39:48	A2A98DBD9E13B81AB68FB6A699A157CB	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-05-13 09:39:48	2AA6685FC67CDD231BA0345112DFEE89	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-05-13 09:39:47	EC75F14CC85659C780A0DC575F7B1242	815304	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-05-13 09:39:47	2A2CDE78F9E9019AD0E4D804A02688A3	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-13 09:39:47	1BBC9CFD29A62D80FB77BB69BFF7513C	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 09:39:46	CDBB6EFC96D0567951A13A6ABDCA1FDE	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-05-13 09:39:45	ABE6FDB01D22FD63BB190BF95F5BC9B6	813776	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-05-13 09:39:44	29BBA65402DD568F49C837533F269482	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-05-13 09:39:36	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\System32\services.exe
2015-05-13 09:39:25	A985325F4FE72FB003749A2FBBA9952E	5569984	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-05-13 09:39:24	8D50ED3F0FBE3590AB0D43BF7B60E57A	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 09:39:24	0A66C88B087249742381924AB8F9EFCC	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 09:39:22	EE27E1D639E3807229C15AF94320CF0A	404992	----a-w-	C:\Windows\System32\tracerpt.exe
2015-05-13 09:39:22	EB058143B57ED460AC4F2DFBA104BBFF	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 09:39:22	E55A72876BC5E244D0A8F7F07862A939	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-05-13 09:39:22	C6D2D384B6232B0B800234C03C50979F	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-05-13 09:39:22	9C5DBA74D0C641C2A4ABDC79969B7BEF	104448	----a-w-	C:\Windows\System32\logman.exe
2015-05-13 09:39:21	FE60A67032A5C94F6ACE483C8FE84105	47104	----a-w-	C:\Windows\System32\typeperf.exe
2015-05-13 09:39:21	DA5EF2CC0764BE7097BAFA9CAF903FE8	112640	----a-w-	C:\Windows\System32\smss.exe
2015-05-13 09:39:21	74C0EC1257698176E288DA282F318E1C	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-05-13 09:39:21	52935C072F8D5A92508AA3A3CC9133C7	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-05-13 09:39:20	F286528898342F0F1EB402606750C391	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-05-13 09:39:20	D9E25B4BD2120CC5183CCCE9421C7AFE	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-05-13 09:39:20	BB7BAF9532DBA5AB4009E981687D1EA6	19456	----a-w-	C:\Windows\System32\diskperf.exe
2015-05-13 09:39:20	AFFE5747054D03F8CEE18A8518A9AA34	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-05-13 09:39:20	97B30711DC6CA0EA4EACEDCE8080A3B4	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-05-13 09:39:20	9262D6E2C239EDD6D87B080F2BCCEC9F	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-05-13 09:39:20	79F036EB691ABBA84E8EB1715E5F2B17	43008	----a-w-	C:\Windows\System32\relog.exe
2015-05-13 09:39:20	4DD0098FFAB4664DB979537C48AE055F	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-05-13 09:39:17	F43CB86F9536B17E5C7CFCFB48ACBE54	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-05-13 09:39:17	D9716B488CC27652C12B1B5E0944987E	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-05-13 09:38:56	D5E35700566B225CBF8ECD7F92C460C8	2164224	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2015-05-13 09:38:55	0DBC9BB05703CA0D8792E2075D62B3C3	51200	----a-w-	C:\Program Files\Windows Journal\PDIALOG.exe
2015-05-13 09:38:49	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\System32\poqexec.exe
2015-05-13 09:38:49	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-05-13 09:38:46	F55F287810AAF708618793764AF7D1BB	23552	----a-w-	C:\Windows\System32\sdbinst.exe
2015-05-13 09:38:46	715C060150D969B0DE5DD5B365A712AF	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 19:20:04	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Install\{488BD81D-F6CE-489E-B73F-0EC4BA4D2BD8}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-12 19:20:03	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.152\42.0.2311.152_42.0.2311.135_chrome_updater.exe
=== C: other files ==
2015-05-13 09:39:22	F7DFAE6040AC910B7C64EE208A34157D	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-05-13 09:39:22	8FE94F2EF9BF444E93E35D87E210D02F	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-05-13 09:39:03	D858C33B133740D5F1F1CF71C33F6355	3204608	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2771351034-1752285704-1091563883-1008\Software\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft ScreenHunter 5.1 Free"="C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Google Update"="D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft ScreenHunter 5.1 Free"="C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Google Update"="D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"D:\\Henk\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"D:\\Henk\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RunDLLEntry]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RunDLLEntry"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\RunDLL32.exe C:\\Windows\\system32\\AmbRunE.dll,RunDLLEntry"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"D:\\Henk\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"c:\\program files (x86)\\ati technologies\\ati.ace\\core-static\\clistart.exe\" msrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sdAuxService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sdCoreService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ThreatFire]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-04-2015 23:15]
C:\Windows\tasks\CCleanerClean.job --a------ C:\Program Files\CCleaner\CCleaner.exe [23-04-2015 16:56]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job --a------ C:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe []
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job --a------ C:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe []
C:\Windows\tasks\Google Software Updater.job --a------ C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [07-09-2011 19:49]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-10-2014 09:12]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-10-2014 09:12]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job --a------ C:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job --a------ C:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerClean" [C:\Program Files\CCleaner\CCleaner.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core" [D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA" [D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Google Software Updater" [C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core" [D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA" [D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1010 series" ["C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\ShouldIRemoveIt_Notifications" [C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe]
"C:\Windows\SysNative\tasks\SlimCleaner Run" ["C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{722E2EDB-48D9-45C6-B267-3418D47ED143}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E1139F21-08C1-44BB-A074-AB90112287DD}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{77CFD4D3-DDEB-4AA5-B501-8E1389EA906C}" [C:\Program Files\Alwil Software\Avast5\AvastUI.exe]
"C:\Windows\SysNative\tasks\{EFBB3A01-09C5-412F-8123-89935713112A}" [C:\Program Files\Alwil Software\Avast5\AvastUI.exe]

==== Firefox Start and Search pages ======================

ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default
user_pref("browser.startup.homepage", "www.google.nl");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.bdtoolbar.orig_keyword_url", "chrome://browser-region/locale/region.properties");
user_pref("keyword.URL", "https://www.google.com/search");

ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.selectedEngine", "Yahoo!");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [08-05-2015 20:47]

==== Firefox Extensions ======================

ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default
- Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

ProfilePath: D:\Henk\AppData\Roaming\TomTom\HOME\Profiles\iy0ambly.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default
FC5866F7793AF2CBCD425CC4B8D32A9E	- C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll -	Zylom Plugin
7D04E74E8B63FF93F26C6A2EC14A4EE7	- C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director
DCB0BCEF594E2C410793C4A823C318F3	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll -	Shockwave for Director / Shockwave for Director
9AE02005247DA91AB1743F5208DBEF76	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll -	Shockwave Flash
2BC6A052D9B153F6DC2F0E420FB4F407	- D:\Henk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player
98137411B9C632095F919E2CE70B288A	- D:\Henk\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll -	Google Update
3CD19649B2C3023D65E67C056457A2BC	- D:\Henk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
A0D63D14016C75D718F5432B13FC6576	- D:\Henk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
4CD25DDA1221224BB92591756ED12602	- D:\Henk\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer
FE5EBC41BC74FEB22D64FCB715F067F5	- D:\Henk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll -	Google Talk Plugin Video Accelerator
DDC4B753983AF90EEDA7360C16D4D39A	- D:\Henk\AppData\Roaming\Mozilla\plugins\npoctoshape.dll -	Octoshape Streaming Services


==== Chromium Look ======================

Google Chrome Version: 42.0.2311.152

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[19-03-2015 18:01]

Google Docs - AppData\Local - Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - AppData\Local - Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf
TV - AppData\Local - Profile 3\Extensions\beobeededemalmllhkmnkinmfembdimh
selector is not a valid CSS selector - AppData\Local - Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Facebook Background Changer Plus NO ADs - AppData\Local - Profile 3\Extensions\cnoidmlhdpcdlmnkdecpdalonkmgcodd
Puzzle Games - AppData\Local - Profile 3\Extensions\dijbjapfnfhcljlohpbipaklifkeaone
Puzzle Skill Games - AppData\Local - Profile 3\Extensions\djpbeidibgdgnhcgoamegepdcgmnlbaj
Tank Riders - AppData\Local - Profile 3\Extensions\gdmmodjlfegeieihcdcgcalkgmhgmiae
Bookmark Manager - AppData\Local - Profile 3\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - AppData\Local - Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki
Cargo Bridge: Armor Games Edition - AppData\Local - Profile 3\Extensions\hlpiaibleklmjieibbnmkignbggodmmj
Cut the Rope - AppData\Local - Profile 3\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo
Solitaire - AppData\Local - Profile 3\Extensions\lkbhppfbabandkdmgjmifahoabeodiep
Unblock Car 3D - AppData\Local - Profile 3\Extensions\ndaflanlochpiijbgjgofgmnbgmhgkmd
Google Wallet - AppData\Local - Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - AppData\Local - Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

D:\Henk\AppData\Local\\Google\Chrome\User Data\Profile 3\Preferences
"homepage": "http://www.google.com/",
"startup_urls": [ "https://www.google.nl/" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{11CA2252-3D7E-4008-BA1B-F25370CCBCA7} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{4B277E1C-679C-412E-96BE-C5952ECECF40} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
{AA84B8B2-32D7-4EC2-AFA8-F7225E7FD860} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google  Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
{F901C088-3558-4AF5-B93A-6A73358FDDC1} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"

==== Reset Google Chrome ======================

D:\Henk\AppData\Local\\Google\Chrome\User Data\Profile 3\Preferences was reset successfully
D:\Henk\AppData\Local\\Google\Chrome\User Data\Profile 3\Secure Preferences was reset successfully
D:\Henk\AppData\Local\\Google\Chrome\User Data\Profile 3\Web Data was reset successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Wisdom-soft ScreenHunter 5.1 Free] C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] "D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
D:\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
D:\Henk\backup system files\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
D:\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2G2N78W will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

D:\Henk\AppData\Local\\Google\Chrome\User Data\Profile 3\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=74 folders=25 7830595 bytes)

==== Empty Temp Folders ======================

D:\Henk\AppData\Local\\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"D:\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2G2N78W" not found

==== EOF on vr 15-05-2015 at 23:26:47,42 ======================