Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Veentjes on zo 21-06-2015 at 12:47:19,11. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Veentjes\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 21-6-2015 12:50:52 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Symantec deleted successfully C:\PROGRA~3\Adobe deleted successfully C:\Users\Veentjes\AppData\Roaming\TP deleted successfully C:\Users\Veentjes\AppData\Local\Adobe deleted successfully C:\Users\Veentjes\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Veentjes\AppData\Local\EmieSiteList deleted successfully C:\Users\Veentjes\AppData\Local\EmieUserList deleted successfully C:\Users\Veentjes\AppData\Local\PDFC deleted successfully C:\Users\Veentjes\AppData\Local\VirtualStore deleted successfully ==== Installed Programs ====================== Adobe Flash Player 17 ActiveX Basissoftware voor HP Photosmart 5510 series Bejeweled 3 Bing Bar Blackhawk Striker 2 Chuzzle Deluxe Compaq Setup Manager Cradle of Rome 2 D3DX10 DirectX for Managed Code Update (Summer 2004) Dora's World Adventure Facebook Farm Frenzy Farmscapes FATE Final Drive Fury Gardenscapes NL Google Chrome Google Earth Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 Hoyle Card Games HP Auto HP Calendar HP Client Services HP Clock HP Customer Experience Enhancements HP Games HP LinkUp HP Magic Canvas HP Magic Canvas Tutorials HP Notes HP Odometer HP Photo Creations HP Photosmart 5510 series Haelp HP Product Detection HP RSS HP Setup HP Support Assistant HP Support Information HP TouchSmart RecipeBox HP Update HP Vision Hardware Diagnostics Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Processor Graphics Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update jZip LabelPrint Letters from Nowhere 2 Luxor HD Magic Desktop Mah Jong Medley Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Mathematics Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft OneDrive Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 More Games from HP Games Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Norton Internet Security Norton Online Backup opensource PDF Complete Special Edition Penguins Photo Common Photo Gallery Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Poker Superstars III PokerStars.eu Polar Bowler Polar Golfer Power2Go Productverbeteringonderzoek HP Photosmart 5510 series Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver RollerCoaster Tycoon 3: Platinum Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3023224) Security Update for Microsoft .NET Framework 4.5.1 (KB3035490) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition SkypeT 7.3 The Treasures of Mystery Island: The Ghost Ship Torchlight TSHostedAppLauncher Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3054891) 32-Bit Edition Update Installer for WildTangent Games App Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Virtual Villagers 4 - The Tree of Life WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Searchqu Toolbar Zuma's Revenge ==== Running Processes ====================== C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Veentjes\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4003 MB CPU Info: Intel(R) Celeron(R) CPU G530T @ 2.00GHz CPU Speed: 1975,6 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) CD / DVD Drives: 1x (E: | ) E: hp DVD A DH16ABSH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 448,3GB | D: 17,4GB Hard Disks - Free: C: 307,9GB | D: 2,2GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | 11/18/11 | HPQOEM - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: PEGATRON CORPORATION 2AD4 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Firewall: Norton Internet Security disabled Default Browser: Google Chrome 43.0.2357.124 Internet Explorer Version: 11.0.9600.17843 Google Chrome version: 43.0.2357.124 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Veentjes\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-06-10 14:59:51 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 14:59:51 9F6066005D8B8620598085C7499E9B70 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-10 14:59:51 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-06-10 14:59:51 8C3A03295F56D1FFB51D9D05DA42B12D 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-10 14:59:51 81C1182A9EE7AC4D21187811DE66A7D0 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-06-10 14:59:51 7C9F8DB66A56306C5BBE97F9FC0F01EF 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 14:59:51 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 14:59:51 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-06-10 14:59:51 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 14:59:51 185490A6C3BEDAC5EF547314F68AB07B 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 14:59:50 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-06-10 14:59:49 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 14:59:49 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-06-10 14:59:49 5C06EE62F06E990E9521EA80B8D4D4B8 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-06-10 14:59:49 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 14:59:48 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-06-10 14:59:48 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-06-10 14:59:48 C93AE4D14AEF5169791B35D97AE7C9FC 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-06-10 14:59:48 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-06-10 14:59:48 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 14:59:48 1A628C1F5470F0AF21E37E425026F27A 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-06-10 14:59:48 17B0852D8202A872C3E6D01B518B6A4E 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-06-10 14:59:47 8C8B8C78C0CCD5D36ABCB115B0B581E1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-06-10 14:59:46 85E21CCF38166E0D6DE2E42D9D3823BD 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-10 14:59:46 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-06-10 14:59:45 FB5C9234E4BF6BDAF4A954763A4582BA 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-06-10 14:59:45 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-06-10 14:59:45 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-06-10 14:56:49 DA27A4EA7B7C77FAFDB3F94D83E310C1 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2015-06-10 14:56:49 A98E8F79C738CAF23C152DBCABD978FE 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll 2015-06-10 14:56:49 605E9B2CFA3445ED7716D0B345EE21EC 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll 2015-06-10 14:56:49 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx 2015-06-10 14:56:49 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll 2015-06-10 14:56:43 2CA16814DA3C5B2D8C7E70DC47A45ED1 551424 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-06-10 14:56:39 9E68E1BDEBD85FC8803707370BE0FC6E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2015-06-10 14:56:39 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-10 14:56:37 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe 2015-06-10 14:56:36 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-10 14:56:35 EA141596564AE0C670EDD0F2636EC29C 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-06-10 14:56:35 BBABC6702529CFADAC0EC2B28168A288 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-06-10 14:56:35 8C7635292CFF4901F058269454A1D64E 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-06-10 14:56:32 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe 2015-06-10 14:56:31 9A50B2567918BF7DDD600ECE5DB5ED76 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-06-10 14:56:31 4238391DE3E3FDCD2C731C1E4E0F402C 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll 2015-06-10 14:56:29 65A5E27C2217D606E212B6088CCD6104 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll 2015-06-10 14:56:28 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-06-10 14:56:28 5643A88C6DA8AAEC9CE2845431942650 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-06-10 14:56:27 A9E8F961F7FE1EDEEF8F46EEB800F2D8 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-06-10 14:56:24 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-06-10 14:56:24 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe 2015-06-10 14:56:24 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe 2015-06-10 14:56:23 FCA6EFFEE6D7D42E794F0E538297026C 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-06-10 14:56:22 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe 2015-06-10 14:56:21 F81920ADB15012CF4E9FF8238C85686A 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-06-10 14:56:21 F72A9953199EF5807D595AE3694B5D01 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-06-10 14:56:21 D877133532CE090502B1166B360E9516 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-06-10 14:56:21 7A9F94E0F53C8F6E09405351AC104A3C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-06-10 14:56:21 6C730482615C97B923B88C648FF554A3 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-06-10 14:56:21 558227F567E977D71B9182013EF03E9C 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-06-10 14:56:21 2D23A10FBFA09DC1B61799128BBA91A2 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-06-10 14:56:19 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-06-10 14:56:19 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-06-10 14:56:19 52C869A640B8169D7C8460FB1646ABF5 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-06-10 14:56:18 7E7933E63BBE2BE71CC908EF140458EF 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-06-10 14:56:18 619D5101114C71E1A4A585C5E68301B7 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-06-10 14:56:18 2E65BF3D85BB2C831669FBCBDE6C9879 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-06-10 14:56:10 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-06-10 14:59:51 9E2B8C0601E3D460F78F0233B509CE4F 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-06-10 14:59:51 9DB8E01D5A546FAFCACE95489E351186 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-06-10 14:59:51 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-06-10 14:59:51 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-06-10 14:59:51 4BD747AAF01C480901B3E777EC48826B 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-06-10 14:59:49 D202078FBA3A77B85D39669EE4110DE2 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-06-10 14:59:49 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-06-10 14:59:49 3C3E159F284F51D55DB59C3D0B843979 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-06-10 14:59:48 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-06-10 14:59:48 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-06-10 14:59:48 36F3718E67F442F54AB4A39DCDD8FD19 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-06-10 14:59:48 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-06-10 14:59:47 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-06-10 14:59:47 5F8EE9311ECF078CD9426874FFAD660C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-06-10 14:59:46 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-06-10 14:59:46 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-06-10 14:59:46 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-06-10 14:59:45 AFF5C12099B87FA645F8867701729894 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-06-10 14:59:45 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-06-10 14:59:44 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-06-10 14:59:44 8909A24DA8B5C426CF6595BA843B6CC5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-06-10 14:59:44 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-06-10 14:59:43 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-06-10 14:59:43 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-06-10 14:59:43 4A5A84B457C72E79A64AE4036EC6BB0E 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-06-10 14:59:43 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-06-10 14:59:42 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-06-10 14:59:42 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-06-10 14:59:42 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-06-10 14:59:41 16091938F6CDBCCCBA1CBE24600121BC 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-06-10 14:59:41 06A8CE6C3AE6B7916F026B0EFDDCAAA5 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-06-10 14:59:40 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-06-10 14:56:50 9D80A82B0BB77AC3EF6A87FA0C534E20 14635008 ----a-w- C:\Windows\Sysnative\wmp.dll 2015-06-10 14:56:49 834FD7C31EA16D59CC3B2DC60F2F2620 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll 2015-06-10 14:56:49 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx 2015-06-10 14:56:49 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll 2015-06-10 14:56:48 51ECEE70F33601310DDEF3EEE39550D3 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2015-06-10 14:56:44 AA5319FA8602676B5D3A2B4A1355896D 1255424 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2015-06-10 14:56:43 8DCA1C70AF170C3FBCE47A4F49BFC887 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-06-10 14:56:43 6ECD6D92F43C2DC55099F892978D5BE7 728576 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-06-10 14:56:41 6FDF03A3B110C5264F52F979335AE301 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-06-10 14:56:40 93A05407F8E53BC731C42AAD56163F80 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-06-10 14:56:39 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-06-10 14:56:39 53042708C242959B3924242FBBE297B1 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-06-10 14:56:39 4FFD08A01047EF6B58F6EB4E6D001A8D 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll 2015-06-10 14:56:37 FF9BBFAE899091C1FF0D1A3F2C587911 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-06-10 14:56:37 CCB352B939B77B38983DD878C547451F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-06-10 14:56:37 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe 2015-06-10 14:56:37 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-06-10 14:56:37 2313AF8D5A9CEB4A55400A01DD311A95 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-06-10 14:56:37 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-06-10 14:56:36 37DFCC91E419952772E02F2B3BBB2E2B 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-06-10 14:56:35 996EE6571ADB880A60846DD02C8D5869 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-06-10 14:56:35 66DF73B202105406602941778792FE3D 879104 ----a-w- C:\Windows\Sysnative\tdh.dll 2015-06-10 14:56:33 AD54856A16B635720B0BE5FAF44526FC 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-06-10 14:56:33 4F90A7A0FCBC0ED18E573917860062FF 113664 ----a-w- C:\Windows\Sysnative\sechost.dll 2015-06-10 14:56:33 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\Sysnative\logman.exe 2015-06-10 14:56:32 7C5E375F20F639607376351A8BCC0647 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-06-10 14:56:29 A929B9ABA1083AF35ECE7BD63AF3E42F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-06-10 14:56:29 A5F57F4866C2DC7F8215058D7D56BD21 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-06-10 14:56:28 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-06-10 14:56:28 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-06-10 14:56:26 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-06-10 14:56:25 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe 2015-06-10 14:56:25 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\Sysnative\relog.exe 2015-06-10 14:56:23 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe 2015-06-10 14:56:23 13DE715D959DD502CFD52DC920408B33 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-06-10 14:56:23 11D5815F0DC571CE3C72213B375860B1 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-06-10 14:56:22 D68690450978D127E030FB14E9B2023B 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-06-10 14:56:22 5EC57AC6DC16CB8A058CA019AA2C188D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-06-10 14:56:21 6ACD3C75BE449F039E1A4E43424D5B6F 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-06-10 14:56:21 5A17FF38EDE95B2313E428BF444126D7 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-06-10 14:56:21 289D99B0879C6ED5C6D1B3A856CA6DA3 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-06-10 14:56:21 20BD408AC3F8576997D6A47F48A1C5B2 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-06-10 14:56:19 AF557D115972A73964FC8F209300948A 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-06-10 14:56:18 8A4EB32C7C948F70EAC6F85063596A39 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2015-06-10 14:56:18 837BBE4170D5A75F293BD6F294A8FE34 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-06-10 14:56:18 6E882D7CA34073890107559B5A515A24 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-06-10 14:56:18 6ACFCC28E4D60B5A931D8749332A14E2 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-06-10 14:56:10 51F89CE2D0FEC66070354504E6C4C3E4 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll 2015-06-10 14:56:09 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-06-10 14:56:38 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-06-10 14:56:35 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-06-10 14:54:22 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Veentjes\AppData\Roaming ====== 2015-06-01 14:30:40 -------- d-----w- C:\Users\Veentjes\AppData\Local\GWX ====== C:\Users\Veentjes ====== ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2666209789-1590380751-2421502736-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 5510 series (NET)"="C:\Program Files\hp\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C1212R305NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_1BBD75CEC37DF4314716E60C6353596F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2666209789-1590380751-2421502736-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Veentjes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Veentjes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 5510 series (NET)"="C:\Program Files\hp\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C1212R305NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_1BBD75CEC37DF4314716E60C6353596F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Veentjes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Veentjes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\WIA6EB~1\\Datamngr\\datamngr.dll C:\\PROGRA~2\\WIA6EB~1\\Datamngr\\IEBHO.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\WIA6EB~1\\Datamngr\\x64\\datamngr.dll C:\\PROGRA~2\\WIA6EB~1\\Datamngr\\x64\\IEBHO.dll " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DATAMNGR" "hkey"="HKLM" "command"="C:\\PROGRA~2\\WIA6EB~1\\Datamngr\\DATAMN~1.EXE" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-06-2015 06:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-09-2014 12:17] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-09-2014 12:17] C:\Windows\tasks\HP Photo Creations Messager.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [15-02-2011 12:11] C:\Windows\tasks\HPCeeScheduleForVEENTJES-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 14:43] C:\Windows\tasks\HPCeeScheduleForVeentjes.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 14:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForVeentjes" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForVEENTJES-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\WSCStub.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{0A003E7A-B4A8-4006-9D94-EB8A5BDAFB7C}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{47C8EA3A-60EB-4533-84DE-985775B72D2E}" ["C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" http://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsWLM] "C:\Windows\SysNative\tasks\{48E48560-A5F8-417A-9F09-D79359BC0E8F}" ["C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" http://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsWLM] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck" [c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "quickprint@hp.com"="C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension" [26-01-2011 15:27] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.124 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\Exts\Chrome.crx[] Google Docs - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Pin It Button - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic AVG Secure Search - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Wallet - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Veentjes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Veentjes\AppData\Local\Google\Chrome\User Data\Default\Preferences "www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":19178}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":16635},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":19839},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":19456}},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":17928},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":15448}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":13711},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.02,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":16331},"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":18342},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":15256}},"youtu.be:443":{"alternative_service":[{"port":443,"probability":0.5,"protocol_str":"quic"}],"supports_spdy":true},"youtu.be:80":{"alternative_service":[{"port":80,"probability":0.02,"protocol_str":"quic"}]},"youtube.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":14418},"supports_spdy":true}},"supports_quic":{"address":"192.168.1.105","used_quic":true},"version":3}},"ntp":{"app_page_names":["Applicaties"]},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"printing":{"print_preview_sticky_settings":{"appState":"{\"version\":2,\"isGcpPromoDismissed\":false,\"selectedDestinationId\":\"Brother DCP-J552DW Printer (Kopie 1)\",\"selectedDestinationOrigin\":\"local\",\"selectedDestinationAccount\":\"\",\"selectedDestinationCapabilities\":null,\"selectedDestinationName\":\"Brother DCP-J552DW Printer (Kopie 1)\",\"mediaSize\":{\"custom_display_name\":\"A4 (210 x 297 mm)\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"customMargins\":null,\"vendorOptions\":{}}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"https://[*.]mega.co.nz:443,*":{"setting":1}},"cookies":{},"fullscreen":{"[*.]www.ad.nl,*":{"setting":1},"[*.]www.alphens.nl,*":{"setting":1},"[*.]www.hln.be,*":{"setting":1},"[*.]www.omroepwest.nl,*":{"setting":1},"[*.]www.parool.nl,*":{"setting":1},"[*.]www.youtube.com,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"*,*":{"per_resource":{"npsitesafety.dll":1}},"[*.]foto.hema.nl,*":{"setting":1},"[*.]java.com,*":{"setting":1},"[*.]www.campingbarbizon.nl,*":{"setting":1},"[*.]www.intel.com,*":{"setting":1},"[*.]www.vankempenhof.nl,*":{"setting":1}},"popups":{"[*.]s1.miramagia.nl,*":{"setting":1},"[*.]www.coolblue.nl,*":{"setting":1},"[*.]www.greetz.nl,*":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}},"[*.]foto.hema.nl,*":{"plugins":1},"[*.]java.com,*":{"plugins":1},"[*.]s1.miramagia.nl,*":{"popups":1},"[*.]www.ad.nl,*":{"fullscreen":1},"[*.]www.alphens.nl,*":{"fullscreen":1},"[*.]www.campingbarbizon.nl,*":{"plugins":1},"[*.]www.coolblue.nl,*":{"popups":1},"[*.]www.greetz.nl,*":{"popups":1},"[*.]www.hln.be,*":{"fullscreen":1},"[*.]www.intel.com,*":{"plugins":1},"[*.]www.omroepwest.nl,*":{"fullscreen":1},"[*.]www.parool.nl,*":{"fullscreen":1},"[*.]www.vankempenhof.nl,*":{"plugins":1},"[*.]www.youtube.com,*":{"fullscreen":1},"https://[*.]mega.co.nz:443,*":{"multiple-automatic-downloads":1}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13079340832117001","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13054558649050496"},"signin":{"signedin_time":"13063911100307501"},"sync":{"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAEXy3P1nKjkya9hLQrsNyDAAAAAACAAAAAAAQZgAAAAEAACAAAACWbppd4l+c+t7noo6Nfwat7D2h5UC7zOKHOkrAUIhDBgAAAAAOgAAAAAIAACAAAABqgT3BwKRwGrvgpO1EQsYIyccgNI698DmYhTVAQAooxEAAAACYl8XQq99WJuYarPOEngg/1KwV9taJHNLK0yV2jCLgngJ8pdArAOz8Gzrm8F2/5e9UFn/BBYq+zg7wtPyMiZMKQAAAAO9ij1kSTT/Ol4BObO4SeJ1CdMu8G7/wLQJHFvKnpwh6e0ceYllu8n67IY55cAHzaE1I0FQzo2OqLS1LeZcIbH4=","extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"first_sync_time":"13063911100363849","has_setup_completed":true,"history_delete_directives":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAEXy3P1nKjkya9hLQrsNyDAAAAAACAAAAAAAQZgAAAAEAACAAAABvvaJ9Kb/IOFe3kjSCmXbtcjwBcTxpMvC1oAzyUnhwgAAAAAAOgAAAAAIAACAAAABYkGKkzg6qOZdCE/E7NCZzKSHOHMQjXTNtKikbISd8bFAAAADZLZxv99W4+Qp7uvZyfuYyFbclPZ7mqLnLJ/7kBJd8kvxEf7NoHzIYe4LXof8vxW73t7+k4u/shHxUWDS0cNZ2vLab9gJrv5DIVEYma/f5EkAAAAAIcmR7LTJlsCE68KJbl5qlL2Gs81UR5eydj0LvxDS/f3vz2daBWao4IdEDoW8Aq1Tg+CV3oRckjYeuzKHsNCR/","last_synced_time":"13079357448728211","managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncBOyJtBP/73On0uPGmUjSHQ==","sessions":true,"suppress_start":false,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_on_first_run_allowed":false},"translate_accepted_count":{"de":0,"en":0,"es":1,"fr":0,"id":0,"it":2,"pl":1,"pt":2,"ru":0,"und":0},"translate_blocked_languages":[],"translate_denied_count":{"de":3,"en":4,"es":0,"fr":2,"id":1,"it":0,"pl":0,"pt":0,"ru":1,"und":1},"translate_last_denied_time":1417584971768.906,"translate_site_blacklist":["bankieren.mijn.ing.nl","mijnloonstrook.adp.nl"],"translate_too_often_denied":true,"translate_whitelists":{}} Application\\37.0.2062.103\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072086313404268","lastpingday":"13079343602945166","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"geavanveen@ziggo.nl","username":"geavanveen@ziggo.nl"}},"homepage":"http://www.google.nl/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"1CBFC9C357284020D13BAD0E387F35264E19127AAB2ABD74747D13962214588E"},"default_search_provider":{"keyword":"B96CC504B61A9AB19BED330F62721F4E24E4853C75F4D793AB2EF18C42FFB408","name":"8672C4706E44B873EA5BC26679C39865C108A65C9A5AFD90B7BB47BA28E3FF27","search_url":"F2E6DB22C6820860BE74884C4B8535B4C8E36A280767BF22415AC8ED067837D6"},"default_search_provider_data":{"template_url_data":"6287EEE8ED0A51A1A87251140B30BE80B9432CC233AD73C8371740B8587B569D"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"CB65AEDB70BF9ECBA46C1579C27D4602E6DEE1CEE2E6329ECBCE6D52AF171290","aohghmighlieiainnegkcijnfilokake":"2CBE4E87F7F83BB921569E9437D290FB4D183F1639BA2097EFD03AC20EAFED7F","apdfllckaahabafndbhieahigkjlhalf":"A9C334F293BF06B161B1858EA6574CFC632FAE6F29864496E82715D2037BEB4E","bepbmhgboaologfdajaanbcjmnhjmhfn":"23D2C9A1B079853EC92E10B3B32554DAD4035B07CFCB810EA6E2997DD3AAA7DB","blpcfgokakmgnkcojhhkbfbldkacnbeo":"DF49C6736260B4242D797E61EED5FFBD80E90B1F60FB90B9AE453FC53E8F3934","coobgpohoikkiipiblmjeljniedjpjpf":"B97B532A8FEE69B0E15E2D4C864C088C82DD6F63797ED2AF691C9C268D682624","eemcgdkfndhakfknompkggombfjjjeno":"4EA1B05C2DEFFF5CDAA4FEA8A415C28C2DD632C1F4B1169E47CD2C99CF8BF51B","ennkphjdgehloodpbhlhldgbnhmacadg":"545DBD15F485EB5B9C6106FA0CFDC91000C02BC81A8485D42A104FCABF9F09B0","fenidhimohlloccgodpbkecjnmkdbdlj":"C3F1D0D9FC5C10713BE926B5CA94DAA9BD47F065F3A2918C7FB87127633E42FE","gdhpgjcbfinhmdlecjenjkbkdnblgggj":"ABEBC641039B3C77190270571C451821D0A9DA54E68BA1AA80537E527B543681","gfdkimpbcpahaombhbimeihdjnejgicl":"6D8FC2BD376AA34B5389A256175FF98A3B3863CCD5D610241C300F52EFBC4FED","glhakdhondahkjmpfhlgdiccoipdhjkf":"3CBA041ADCADCE26EAB8FA4E19C6B8B51F9A2EF52D75A4FB0F4A8830C8C5B169","gpdjojdkbbmdfjfahjcgigfpmkopogic":"3058141175D238B2562DA248402706CC52A23AD8431C83966C56FE7B60AF4AAD","ihapjbgokihnicmomkejendlkechpobn":"41A27AEC43AA7D4AF8DB41AEDE4789D83BDFB587BE047DB38A73A44011DE4703","kmendfapggjehodndflmmgagdbamhnfd":"28FE0DE8843FD0CACB9E58FBFF6B9996EB9B352ED484BC8804754AB3D14D88BD","ldmbnhlfhehijfffefojgphbckamclgj":"883F075CF33C70742A4CA3CE26A5412333887DB8D3ACFEBD6993035482186343","leamjkdikoohhjidgafmgbgdbeofenlp":"321D27489C45EEBC7F4008C371E6A5DBF909CAAFE0B71F19941EDC54EDFB481F","mfehgcgbbipciphmccgaenjidiccnmng":"8AEA51987EBA416F428C568E0D5DACA2589922520F973BDBB8E9D6D8568CA6D0","mfffpogegjflfpflabcdkioaeobkgjik":"7F4550A4698F73A316983A03EBB389387DDD6ACE407E06E8CE31913B736D8CB1","mgndgikekgjfcpckkfioiadnlibdjbkf":"46B820A8601F517A0B83F13E864F87CA82EBB9623E8EC1E7A2AE5FFAC52AF0D6","mhjfbmdgcfjbbpaeojofohoefgiehjai":"4E66038E738348AFF85CAFA6ED3128351A7999CD2E77879BCBB5EEFD9799B4D9","mkoenlhbokfpmliiefdeplimommpbpgd":"C413FE405D16B39350EA73022E847FF4086B9ED11D57ECD3A89A96E4AEFE16F7","ndibdjnfmopecpmkdieinmbadjfpblof":"E1387E4C1AA09DFE10793A728490C0DDE035621249F5EC20C3589330223328B8","neajdppkdcdipfabeoofebfddakdcjhd":"C135410D207198FD69E7ABFAA42A213198E9B5FFC63D5AE775EEE4A9459173E4","nkeimhogjdpnpccoofpliimaahmaaome":"0E9A910FA27DEAD7F89FC6E9354AF733F23B945456EF26024A8FE171D8F352E7","nmmhkkegccagdldgiimedpiccmgmieda":"37ADD588A7F975CD710068509560A713C523BBF5A9424A55062B060DFFA6B48E","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"34842ABC05E08BD7B38EDE24D3CF7DA08EF3EE7777E7688BDEE7A2AD5A54B96F","pjkljhegncpnkpknbcohdijeoejaedia":"F1BDACDECC8128BF0AFBF1CC160EB5F54B5296F24B4D9B7B15FCDFD07DBD25E8"}},"google":{"services":{"last_username":"97E86CA9ACFF5CED721E8CBFC96542F4F67258C67487FBCF276B4D9D959BEBF5","username":"2425513D7567A70704CF1DDB2F2F8587465DC3916C2662C66C6D8FFE2A6F0201"}},"homepage":"9B787D559E90C84E15C0CB327638AB406A3D2DD365219382F2AC96C318FCCB55","homepage_is_newtabpage":"17ACB7F37466A1E5CBB5539FA0A478FB0E3A0AF6CE044D9032524CED2B19BA44","pinned_tabs":"027AF0B26DE7A411C77E257CE8B235A01157777BAD306FAFD35A400632A03131","prefs":{"preference_reset_time":"D7FB4DA924D0CC503A26DFCBA4D1303AF1BFC4566B117F46546C0DBA07DEB0CF"},"profile":{"reset_prompt_memento":"3DE63055E480E8F11843C8CE8670A15F1A5480034080E3202C2CADCCDD941973"},"safebrowsing":{"incidents_sent":"7AC55A77DF2FB60304415F7A293E436EAF24153319EEAA33CEDC5B7F45315A80"},"search_provider_overrides":"A57E6D1BD63C2F1CA1EF9E4E56B6E5800B6E6A7C0B9DA5A834338CE8B3FD4030","session":{"restore_on_startup":"19229D827FB5CBBBF8AED305B7A6AF5EA69A286EEA5F68AAEAB964CADFF60A96","startup_urls":"5E8D15AF557E78E11F891EE99A6D3D8221A3B15E513BADF785CC73DA1801CA9B"},"software_reporter":{"prompt_reason":"6D5E0FAF663E9A6B6262BE1E73E7EEB9DC15F39FBD6D4BBC76CD4258C3F0E0AE","prompt_seed":"3404BE531950F3A91D2C43E1C940199F5DCD821FE0F2222DE87AC32757E34728","prompt_version":"FEE65D9C28EEEABF46B2DEC43E45E34A6C988D1688B040AE23AB52F9621E5ABC"},"sync":{"remaining_rollback_tries":"CB49D17918BE540685122B8A1E58648217480FEC42A4844EAD6C51246F6FBEEC"}},"super_mac":"59984518BE1272F92928366DD5A3F2F0ED34A3B6F9003C6BADC203EFF656296E"},"session":{"restore_on_startup":4,"startup_urls":["https://www.facebook.com/","https://www.google.nl/","http://www.google.nl/","https://www.google.nl/","https://zyngagames.com/play/castleville","http://www.google.com/"]},"sync":{"remaining_rollback_tries":0}} ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {269073A3-B4C3-4E4E-900F-9AC05546097C} Search Results Url="http://dts.search-results.com/sr?src=ieb&appid=100&systemid=102&sr=0&q={searchTerms}" {2fa28606-de77-4029-af96-b231e3b8f827} Ask.com Url="http://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF" {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=120712&q={searchTerms}&src=IE-SearchBox" {b7fca997-d0fb-4fe0-8afd-255e89cf9671} Yahoo Url="http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF" {C7EB3AC1-0EA2-46D2-9E79-82BF3E091EB8} Amazon (UK) Search Suggestions Url="http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\hp\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C1212R305NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_1BBD75CEC37DF4314716E60C6353596F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Veentjes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Veentjes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on zo 21-06-2015 at 12:56:59,68 ======================