Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Eigenaar on za 30/05/2015 at 10:05:12,82. Microsoft Windows 8.1 Pro met Media Center 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 30/05/2015 10:07:09 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\Eigenaar\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 9.20 (x64 edition) Adobe Reader XI (11.0.11) - Nederlands Adobe Refresh Manager Audacity 2.0.5 AVG 2015 CCleaner CDBurnerXP D3DX10 Definition Update for Microsoft Office 2013 (KB2986209) 32-Bit Edition Farming Simulator 2013 GIMP 2.8.14 Google Chrome Google Update Helper Hauppauge WinTV 7 Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel© Trusted Connect Service Client Junk Mail filter update LAME v3.99.3 (for Windows) LibreOffice 4.3.1.2 Light Image Resizer 4.6.5.0 Logitech SetPoint 6.65 Malwarebytes Anti-Malware versie 2.1.6.1022 Microsoft Access MUI (Dutch) 2013 Microsoft Application Error Reporting Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 64-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 64-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft PowerPoint Viewer Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Word MUI (Dutch) 2013 Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais paint.net Photo Common Photo Gallery PhotoFiltre 7 Picasa 3 PlayReady PC Runtime amd64 Quick Media Converter HD Realtek High Definition Audio Driver Secure Download Manager Security Update for Microsoft Excel 2013 (KB2986216) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2910941) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2975808) 32-Bit Edition Security Update for Microsoft PowerPoint 2013 (KB2975816) 32-Bit Edition Security Update for Microsoft Word 2013 (KB2965307) 32-Bit Edition Security Update for Skype for Business 2015 (KB3039779) 32-Bit Edition Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Access 2013 (KB2965276) 32-Bit Edition Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition Update for Microsoft Office 2013 (KB2837654) 32-Bit Edition Update for Microsoft Office 2013 (KB2880487) 32-Bit Edition Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition Update for Microsoft Office 2013 (KB2881017) 32-Bit Edition Update for Microsoft Office 2013 (KB2881076) 32-Bit Edition Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition Update for Microsoft Office 2013 (KB2899498) 32-Bit Edition Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition Update for Microsoft Office 2013 (KB2956152) 32-Bit Edition Update for Microsoft Office 2013 (KB2956164) 32-Bit Edition Update for Microsoft Office 2013 (KB2965253) 32-Bit Edition Update for Microsoft Office 2013 (KB2965259) 32-Bit Edition Update for Microsoft Office 2013 (KB2965269) 32-Bit Edition Update for Microsoft Office 2013 (KB2965271) 32-Bit Edition Update for Microsoft Office 2013 (KB2965277) 32-Bit Edition Update for Microsoft Office 2013 (KB2975869) 32-Bit Edition Update for Microsoft Office 2013 (KB2986156) 32-Bit Edition Update for Microsoft Office 2013 (KB2986171) 32-Bit Edition Update for Microsoft Office 2013 (KB3054782) 32-Bit Edition Update for Microsoft OneDrive for Business (KB2986244) 32-Bit Edition Update for Microsoft OneNote 2013 (KB2975901) 32-Bit Edition Update for Microsoft Outlook 2013 (KB3039799) 32-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB3039711) 32-Bit Edition Update for Microsoft Project 2013 (KB2986246) 32-Bit Edition Update for Microsoft Publisher 2013 (KB2883048) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition Update for Skype for Business 2015 (KB2889853) 32-Bit Edition Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\WinTV\Ir.exe C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Eigenaar\AppData\LocalLow\{C8D3882E-2B73-CF1B-6C36-6573DA870BAE} deleted C:\PROGRA~3\Avg_Update_0215pi deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8070 MB CPU Info: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz CPU Speed: 3201,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family-controller CD / DVD Drives: 1x (I: | ) I: TSSTcorpCDDVDW SH-224DB Ports: COM1 | COM3 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 921,2GB | D: 9,8GB Hard Disks - Free: C: 857,4GB | D: 8,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. H87M-D3H Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Default Browser: Google Chrome 43.0.2357.81 Internet Explorer Version: 11.0.9600.17801 Google Chrome version: 43.0.2357.81 Adobe Reader version: 11.0.11.18 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-05-08 20:43:19 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\WINDOWS\tweaking.com-regbackup-B-900-059-Windows-8.1-Pro-with-Media-Center-(64-bit).dat ====== C:\Users\Eigenaar\AppData\Local\Temp ==== 2015-05-24 18:20:18 22188B22BE5ABA25102B0D0EC0EA2553 5644312 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.5.5571.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2015-05-13 18:20:57 95B0179BDA907252025DEEA183699FB3 467776 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-05-13 18:20:56 272A62B660A48AEF366F8A1836CED19F 57856 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthhfenum.sys 2015-05-13 18:20:45 FE14D249D39368CA62D8DA6BC94AC694 80384 ----a-w- C:\WINDOWS\Sysnative\drivers\ahcache.sys 2015-05-13 18:20:44 C61EAF8E1E4B2F62BA4FDF457440B2C6 316416 ----a-w- C:\WINDOWS\Sysnative\drivers\udfs.sys 2015-05-13 18:20:33 C54B6B2170BF628FD42F799A66956D75 239424 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2015-05-13 18:20:33 95E295FD19F80B3AD33629B5AEFEC9C7 154432 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2015-05-13 18:20:33 5E5AB950693F2C6D6ACBEE3A74697ED7 561928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2015-05-08 20:44:50 AA32270D656010D2DC3F1757DB10FD59 36456 ----a-w- C:\WINDOWS\Sysnative\drivers\TrueSight.sys 2015-05-08 20:11:42 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2015-05-08 20:11:31 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-05-08 20:11:31 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-05-08 20:11:31 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-05-07 11:50:22 7EC2B7BBA7A30691D2E0D8478F219B90 378336 ----a-w- C:\WINDOWS\Sysnative\drivers\avgloga.sys 2015-05-07 11:49:24 398FEC9A9146E31E84AFB29731F4CA17 253920 ----a-w- C:\WINDOWS\Sysnative\drivers\avgidsha.sys 2015-05-07 11:49:22 BA60ECC498585DA1A918D424D7D07A18 220128 ----a-w- C:\WINDOWS\Sysnative\drivers\avgmfx64.sys 2015-05-04 12:14:30 5EBB839735C5089D255C521A8503F4C2 293856 ----a-w- C:\WINDOWS\Sysnative\drivers\avgwfpa.sys ====== C:\WINDOWS\Tasks ====== 2015-05-15 07:41:33 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task 2015-05-09 06:55:49 9E59588C8FA2CAFFCC113EA308E9EEBF 3598 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2344633494-598422352-3546750802-1001 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-05-28 19:06:56 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-05-28 19:16:48 -------- d-----w- C:\PROGRA~2\AVG ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2015-05-28 19:18:00 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\AVG2015 2015-05-28 19:17:40 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-05-28 19:17:29 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2015-05-28 19:17:28 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\TuneUp Software 2015-05-28 19:16:48 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2015 2015-05-28 19:14:52 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Avg2015 ====== C:\Users\Eigenaar ====== 2015-05-28 19:17:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-05-28 19:17:13 -------- d-----w- C:\ProgramData\AVG2015 2015-05-28 19:14:52 -------- d--h--w- C:\ProgramData\Common Files 2015-05-28 19:06:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64.exe 2015-05-17 13:26:33 EE8E61F376F7F3E309525C975642C989 1483336 ----a-w- C:\Users\Eigenaar\Downloads\mediacreationtool (2).exe 2015-05-08 20:44:50 -------- d-----w- C:\ProgramData\RogueKiller ====== C: exe-files == 2015-05-30 07:41:36 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe 2015-05-29 12:55:42 0122DC60AC2308F4979CBA2EC4942F97 7152488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe 2015-05-28 19:06:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Eigenaar.exe 2015-05-28 19:06:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64.exe 2015-05-26 17:03:03 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1E95F779-F051-4B7C-82CA-E99421FD292E}\43.0.2357.81_43.0.2357.65_chrome_updater.exe 2015-05-26 17:03:03 2D7D54B47ACFAB94671E3C97B2D2E639 1106512 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.81\43.0.2357.81_43.0.2357.65_chrome_updater.exe 2015-05-24 18:20:18 22188B22BE5ABA25102B0D0EC0EA2553 5644312 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.5.5571.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2344633494-598422352-3546750802-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" ==== Startup Folders ====================== 2014-09-13 08:31:21 1012 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk 2014-09-13 08:32:11 1138 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/09/2014 11:36] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [05/09/2014 11:48] ==== Chromium Look ====================== Google Slides - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Logitech Smooth Scrolling - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk Google Sheets - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap AdBlock - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Bookmark Manager - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences 589ad940b9316d36c796b":null,"c8fbb198b2c48d3fc5ac99d6a263a3b2":null}},"partition":{"per_host_zoom_levels":{"2166136261":{"www.facebook.com":0.5227586988632231}}},"password_bubble":{"nopes":1},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"printing":{"print_preview_sticky_settings":{"appState":"{\"version\":2,\"isGcpPromoDismissed\":false,\"selectedDestinationId\":\"HP psc 2100 Series\",\"selectedDestinationOrigin\":\"local\",\"selectedDestinationAccount\":\"\",\"selectedDestinationCapabilities\":{\"printer\":{\"collate\":{},\"color\":{\"option\":[{\"is_default\":true,\"type\":\"STANDARD_COLOR\",\"vendor_id\":\"2\"},{\"type\":\"STANDARD_MONOCHROME\",\"vendor_id\":\"1\"}]},\"copies\":{},\"dpi\":{\"option\":[{\"horizontal_dpi\":300,\"vertical_dpi\":300},{\"horizontal_dpi\":600,\"is_default\":true,\"vertical_dpi\":600},{\"horizontal_dpi\":1200,\"vertical_dpi\":1200}]},\"duplex\":{\"option\":[{\"is_default\":true,\"type\":\"NO_DUPLEX\"},{\"type\":\"LONG_EDGE\"},{\"type\":\"SHORT_EDGE\"}]},\"media_size\":{\"option\":[{\"custom_display_name\":\"Letter\",\"height_microns\":279400,\"name\":\"NA_LETTER\",\"vendor_id\":\"1\",\"width_microns\":215900},{\"custom_display_name\":\"Legal\",\"height_microns\":355600,\"name\":\"NA_LEGAL\",\"vendor_id\":\"5\",\"width_microns\":215900},{\"custom_display_name\":\"Executive\",\"height_microns\":266700,\"name\":\"NA_EXECUTIVE\",\"vendor_id\":\"7\",\"width_microns\":184100},{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},{\"custom_display_name\":\"A5\",\"height_microns\":210000,\"name\":\"ISO_A5\",\"vendor_id\":\"11\",\"width_microns\":148000},{\"custom_display_name\":\"Envelop nr. 10\",\"height_microns\":241300,\"name\":\"NA_NUMBER_10\",\"vendor_id\":\"20\",\"width_microns\":104700},{\"custom_display_name\":\"A6\",\"height_microns\":148000,\"name\":\"ISO_A6\",\"vendor_id\":\"70\",\"width_microns\":105000},{\"custom_display_name\":\"Hagaki 100x148mm zonder rand\",\"height_microns\":148100,\"name\":\"JPN_HAGAKI\",\"vendor_id\":\"119\",\"width_microns\":100100},{\"custom_display_name\":\"Hagaki 100x148mm\",\"height_microns\":148000,\"name\":\"JPN_HAGAKI\",\"vendor_id\":\"120\",\"width_microns\":100000},{\"custom_display_name\":\"Foto 4x6inch (tab)\",\"height_microns\":152400,\"name\":\"NA_INDEX_4X6\",\"vendor_id\":\"121\",\"width_microns\":101600},{\"custom_display_name\":\"B5\",\"height_microns\":256900,\"name\":\"JIS_B5\",\"vendor_id\":\"122\",\"width_microns\":181900},{\"custom_display_name\":\"A2-envelop\",\"height_microns\":146000,\"name\":\"JPN_CHOU2\",\"vendor_id\":\"123\",\"width_microns\":110900},{\"custom_display_name\":\"DL-envelop\",\"height_microns\":219900,\"name\":\"ISO_DL\",\"vendor_id\":\"124\",\"width_microns\":109900},{\"custom_display_name\":\"C6-envelop\",\"height_microns\":161900,\"name\":\"ISO_C6\",\"vendor_id\":\"125\",\"width_microns\":113900},{\"custom_display_name\":\"Indexkaart 3x5inch\",\"height_microns\":127000,\"name\":\"NA_INDEX_3X5\",\"vendor_id\":\"127\",\"width_microns\":76200},{\"custom_display_name\":\"Indexkaart 5x8inch\",\"height_microns\":203200,\"name\":\"NA_INDEX_5X8\",\"vendor_id\":\"128\",\"width_microns\":127000},{\"custom_display_name\":\"Banier A4, 210x297 mm\",\"height_microns\":296900,\"name\":\"ISO_A4\",\"vendor_id\":\"132\",\"width_microns\":210000}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"HP psc 2100 Series\",\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"marginsType\":0,\"customMargins\":null,\"isLandscapeEnabled\":false,\"isHeaderFooterEnabled\":false,\"dpi\":{\"horizontal_dpi\":600,\"is_default\":true,\"vertical_dpi\":600},\"vendorOptions\":{},\"selectedDestinationExtensionId\":\"\"}","savePath":"C:\\Users\\Eigenaar\\Documents"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{"http://kw.knack.be:80,http://kw.knack.be:80":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"default_content_settings":{},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{},"selectfile":{"last_directory":"C:\\rsit"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13054384562863020"},"translate_accepted_count":{"de":0,"en":0,"fr":0,"sv":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"de":1,"en":26,"fr":16,"sv":1},"translate_last_denied_time":1.413827e+12,"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - Global Startup: AutoStart IR.lnk = C:\Program Files (x86)\WinTV\Ir.exe O4 - Global Startup: WinTV Recording Status.lnk = C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=9 folders=10 9946798 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 30/05/2015 at 10:56:02,20 ======================