Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Nelleke on di 14-07-2015 at 9:05:41,39. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nelleke\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2015-07-10-140541.log 206166 bytes ==== Empty Folders Check ====================== C:\PROGRA~3\AstralaxWrapper deleted successfully C:\PROGRA~3\ProductData deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Nelleke\AppData\Roaming\AlawarEntertainment deleted C:\Users\Nelleke\AppData\Roaming\ProductData deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\jetpack deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Nelleke\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== 2015-07-09 19:21:39 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS ====== C:\Windows\Sysnative ===== 2015-07-09 19:22:52 4D5D8058F17C873B4F0792678BAA6534 34080 ----a-w- C:\Windows\Sysnative\SmartDefragBootTime.exe 2015-07-09 19:22:52 293C21F0EE9720B9B710DDA40A545CFD 128288 ----a-w- C:\Windows\Sysnative\IObitSmartDefragExtension.dll ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2015-07-09 20:47:31 6B6EC710B3F069F1308B96E1E104A496 2910 ----a-w- C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_Nelleke 2015-07-09 19:21:38 2E35BBA31216B5E41B0622668053EE35 2880 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster SkipUAC (Nelleke) 2015-07-09 19:19:51 88FA06A3F78051AC7540A3D157D147E3 3190 ----a-w- C:\Windows\Sysnative\Tasks\ASC8_PerformanceMonitor 2015-07-09 19:18:54 4730489B449F9BC2AE67B5B34895D842 2878 ----a-w- C:\Windows\Sysnative\Tasks\ASC8_SkipUac_Nelleke 2015-06-28 08:43:59 8D3632FC3E820F5A1CABBA7512D6F285 2906 ----a-w- C:\Windows\Sysnative\Tasks\hpUrlLauncher.exe_{EC173DC3-A57E-40F4-901A-92E855F456B3} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-07-08 18:52:53 -------- d-----w- C:\Program Files\iTunes 2015-07-08 18:52:53 -------- d-----w- C:\Program Files\iPod ======= C:\PROGRA~2 ===== 2015-07-09 19:18:49 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit 2015-07-08 18:52:54 -------- d-----w- C:\PROGRA~2\iTunes 2015-06-25 08:12:25 -------- d-----w- C:\PROGRA~2\ESET 2015-06-23 14:32:23 -------- d-----w- C:\PROGRA~2\WinAVI ======= C: ===== ====== C:\Users\Nelleke\AppData\Roaming ====== 2015-07-10 13:42:18 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-07-10 13:42:18 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-07-10 13:42:18 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-07-10 13:42:18 -------- d-----w- C:\Users\Public\AppData\Local\Temp 2015-07-10 13:42:18 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2015-07-10 13:42:18 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-07-10 13:42:18 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-07-10 13:42:17 -------- d-----w- C:\Users\Nelleke\AppData\Local\Temp 2015-06-24 14:04:38 -------- d-----w- C:\Users\Nelleke\AppData\Local\THWIT 2015-06-23 14:32:35 -------- d-----w- C:\Users\Nelleke\AppData\Roaming\WinAVI 2015-06-23 14:32:35 -------- d-----w- C:\Users\Nelleke\AppData\Local\WinAVI ====== C:\Users\Nelleke ====== 2015-07-09 20:30:12 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nelleke\Desktop\RSITx64.exe 2015-07-09 19:18:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8 2015-07-08 18:53:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-06-23 14:32:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI All-in-One Converter 2015-06-22 18:17:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-06-18 19:00:05 479C14794456561EF2D008CE60754164 544 ----a-w- C:\Users\Nelleke\gedicht aad.txt 2015-06-18 08:36:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller ====== C: exe-files == 2015-07-09 20:30:12 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nelleke\Desktop\RSITx64.exe 2015-07-09 19:31:24 28CA7D1BB9FBFCA2B529D885E61491D8 933664 ----a-w- C:\Users\Nelleke\AppData\Roaming\IObit\IObit Uninstaller\PPUninstallertemp.exe 2015-07-09 19:31:23 D950F6C1C056BD7CE1BF461CFA3137EB 776992 ----a-w- C:\Users\Nelleke\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe 2015-07-09 19:31:23 B043D98FC21FD58E987AEA4F845767BE 1718560 ----a-w- C:\Users\Nelleke\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe 2015-07-09 19:31:22 5D2AF40D165791C24C28DB24D1AE086E 588576 ----a-w- C:\Users\Nelleke\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe 2015-07-09 19:23:46 4CB35168D19F7D2D7203C5B05F947BE9 28389664 ----a-w- C:\ProgramData\IObit\ASCDownloader\ASC8\IObit Malware Fighter.exe 2015-07-09 19:22:37 1F8E3E0E450549215FF1500D7C15F6E7 7031304 ----a-w- C:\ProgramData\IObit\ASCDownloader\ASC8\Smart Defrag.exe 2015-07-09 19:21:26 CCFD9E0B42D0874C7751DF473106265A 11727256 ----a-w- C:\ProgramData\IObit\ASCDownloader\ASC8\Driver Booster.exe 2015-07-09 19:18:56 E6BDB63E8DBD8D6B2C1AB5C6B39ADB40 2904864 ----a-w- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 2015-07-09 19:18:46 F3E8E02CE126E02F6CEC4F301862CAFE 23840 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\wnet_x86\RegistryDefragBootTime.exe 2015-07-09 19:18:46 F1525F3D112F4DD28BBFC4C6B4F42335 23840 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\wxp_x86\RegistryDefragBootTime.exe 2015-07-09 19:18:46 A500F83ECC7AAD400EE677B096193A95 24352 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\win7_x86\RegistryDefragBootTime.exe 2015-07-09 19:18:46 9D69441E0F1B134D5B7DFA993F365A32 26400 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\wnet_amd64\RegistryDefragBootTime.exe 2015-07-09 19:18:46 85D28E9EE35CD2336495F1F890871B49 27424 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\wlh_amd64\RegistryDefragBootTime.exe 2015-07-09 19:18:46 7EEDADC5D43319D802A7CA9EBCFF830E 26400 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\wxp_amd64\RegistryDefragBootTime.exe 2015-07-09 19:18:46 71B5DBE2F3E12C7B5C7CC5BCF245DC65 24352 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\wlh_x86\RegistryDefragBootTime.exe 2015-07-09 19:18:46 27B73DAB32F51461861CF7398E3A282C 27424 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\drivers\win7_amd64\RegistryDefragBootTime.exe 2015-07-09 19:18:45 42FCD6E1D73A71C7D807F76BB194796D 5384520 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\SPSetup.exe 2015-07-09 19:18:44 F23A0487D1079148B07B6F9501FCDE90 2594592 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suc11_RegistryCleaner.exe 2015-07-09 19:18:44 D07DC842842F5563B3B01B9ED0420CBB 535840 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe 2015-07-09 19:18:44 8F98D4316D4BE83F16062402E034FE45 554784 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suc12_DiskCleaner.exe 2015-07-09 19:18:44 8B8C6947602079257F567984D8E10353 1440032 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo11_InternetBooster.exe 2015-07-09 19:18:44 7CF030E4545E00D56135F8AC508EBA7E 3876128 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo12_StartupManager.exe 2015-07-09 19:18:44 2A127E9DBBD39C79CF9CD9F211BB3C4F 1718560 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Sur13_WinFix.exe 2015-07-09 19:18:43 EE39D8F9A4CA07CC713D817E3E75954D 2226464 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Wizard.exe 2015-07-09 19:18:43 B043D98FC21FD58E987AEA4F845767BE 1718560 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\UninstallPromote.exe 2015-07-09 19:18:43 4DD2655D5BF4F44CD72BDFC514353DE3 825632 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Homepage.exe 2015-07-09 19:18:43 0A6B46C7DF4CC23C106E7494321AE5F3 8032544 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\IObitUninstaller.exe 2015-07-09 19:18:42 ADBF49691A837B142B68A91EA361B852 1338144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\RescueCenter.exe 2015-07-09 19:18:42 AB61AA00EB531A3FA9D4C926D15E9EEF 1440032 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\SPInit.exe 2015-07-09 19:18:42 91965DD96253FA213885A86A5B3269F6 589088 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\SendBugReportNew.exe 2015-07-09 19:18:42 7F32C12E4E3873400DE6CD84088A7ACE 876320 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Reinforce.exe 2015-07-09 19:18:42 7158B17DFBD02E5C31ABB57F147B002B 583456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\SoftUpdateTip.exe 2015-07-09 19:18:42 3D39215EDC03C527082D819AC4A6312D 814368 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\StartupInfo.exe 2015-07-09 19:18:42 33BAC77CCF4C1D507D432B29A66CE2C8 145696 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ReProcess.exe 2015-07-09 19:18:42 2C870BCAE50622B4C488EE30089C8142 650528 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Report.exe 2015-07-09 19:18:42 266388F826B9277614D436B507E05F8D 544544 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\smBootTime.exe 2015-07-09 19:18:42 1C1ADA584D73FEBC7CF5FE98A084109B 600864 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\TaskHelper.exe 2015-07-09 19:18:41 EEA4AB4C60D63AEA93774C1E2E526305 735008 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\QuickSettings.exe 2015-07-09 19:18:41 E555183AD72039E9B1ADE2E81E0F89EE 64288 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\PerformUpdate.exe 2015-07-09 19:18:41 A9255568A4C269D1F8D7971354357375 429856 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Nfeatures.exe 2015-07-09 19:18:41 88AADA69A5695CCFEC5331CF2B4BD7C8 1657632 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\PPUninstaller.exe 2015-07-09 19:18:41 63EE41C76AB9D03BF33359FEBE97220A 443680 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\MonitorDisk.exe 2015-07-09 19:18:41 6009C7F55A71FA7F23692B92214A4CF8 1774880 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe 2015-07-09 19:18:41 4520FCD37034DE30B0B7B38EEA84B77D 1814816 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Register.exe 2015-07-09 19:18:41 39956C1ABAB13FF57F92F89E7B457921 174880 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\LocalLang.exe 2015-07-09 19:18:41 07782C388EDDB13CB0A1040F7E1DDCDC 1106720 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe 2015-07-09 19:18:40 EE79D3AE2B5E25F92AFF8188F38F07BE 43296 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\DiskDefrag.exe 2015-07-09 19:18:40 E6BDB63E8DBD8D6B2C1AB5C6B39ADB40 2904864 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\LiveUpdate.exe 2015-07-09 19:18:40 E4C875F4D737DFC6A8BEB87D09656F71 1703200 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\DefaultProgram.exe 2015-07-09 19:18:40 7D4652F17E76BB705B5B8FA64112971B 1198368 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoSweep.exe 2015-07-09 19:18:40 491435EE4A6A1C4B65620854BC701450 44832 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\DiskScan.exe 2015-07-09 19:18:40 425CACE6904A239C894847E5C93753C4 992544 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\BrowserCleaner.exe 2015-07-09 19:18:40 3F750ABAC4EC9F1495CA1394FB180FFA 1408288 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoUpdate.exe 2015-07-09 19:18:40 0A42F6EC406B60711E8140BB55462AAB 228640 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\delayLoad.exe 2015-07-09 19:18:40 069C5F833AD663C7CCFF3A25630FE772 97568 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Display.exe 2015-07-09 19:18:39 F95D04C2096C2534DD9465A5408E2505 672032 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCDownload.exe 2015-07-09 19:18:39 ACD4AF1B9D6E6C0C5BE470E5CF313FE6 814880 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe 2015-07-09 19:18:39 685BE3562969BD708E0798606C44BAD0 598304 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCInit.exe 2015-07-09 19:18:39 6536C4768AE7B97F30427FD6720D76EA 1902368 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoCare.exe 2015-07-09 19:18:39 422963B9386FD4052AA766A6575ED8DE 2429728 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe 2015-07-09 19:18:39 14EAF09E4A4553F7CB9B57731AAA21EB 550176 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCUpgrade.exe 2015-07-09 19:18:38 E2405E793004B179C99D05331635CAF1 5425440 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe 2015-07-09 19:18:38 A9F18C9DCB8E3CC98F3C370105521108 2163488 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ActionCenterDownloader.exe 2015-07-09 19:18:38 7D4BDF7B34D838C299C615D95C70CE7F 28960 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ACPreScan.exe 2015-07-09 19:18:37 37E24A946C409B7A0F7BE1FBC02218ED 1198368 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 8\unins000.exe 2015-07-08 19:06:46 2A28197A515ACC23F744FCB57E481250 77104 ----a-w- C:\Users\Nelleke\AppData\Local\Apple\Apple Software Update\SetupAdmin.exe === C: other files == 2015-07-09 19:21:39 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "Google Update"="C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Windows\CurrentVersion\runonce] "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "Google Update"="C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "Seagate Scheduler2 Service"="C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Nelleke\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisorDock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPAdvisorDock" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\DOCK\\HPAdvisorDock.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OneDrive" "hkey"="HKCU" "command"="\"C:\\Users\\Nelleke\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Nelleke\\AppData\\Roaming\\Spotify\\Spotify.exe\" -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Nelleke\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\"" ==== Startup Folders ====================== 2014-01-07 21:18:25 1065 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk 2015-07-12 08:39:35 2132 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-06-2015 20:53] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core.job --a------ C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 01:14] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA.job --a------ C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 01:14] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core.job --a------ C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 21:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA.job --a------ C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 21:38] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\Users\Nelleke\AppData\Roaming\HP Photo Creations\Communicator.exe [13-05-2011 11:11] C:\Windows\tasks\HPCeeScheduleForNelleke.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05-01-2010 13:53] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Nelleke" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Nelleke)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core" [C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA" [C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\Users\Nelleke\AppData\Roaming\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForNelleke" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPOSIAPP64" ["%ProgramFiles(x86)%\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe"] "C:\Windows\SysNative\tasks\hpUrlLauncher.exe_{EC173DC3-A57E-40F4-901A-92E855F456B3}" [C:\Program Files\hp\HP ENVY 5530 series\Bin\utils\hpUrlLauncher.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Nelleke" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{87CB33B6-B2AB-4BA6-B18B-C4C009689351}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN4AS465B3" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 user_pref("browser.startup.homepage", "http://www.allemaal-series.org/browse.php"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.selectedEngine", ""); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default - Undetermined - %ProfilePath%\extensions\compatibility@addons.mozilla.org - HP Smart Print - %ProfilePath%\extensions\hpwebprint@hpwebprint.com ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - Lunapic Image Edit - %ProfilePath%\extensions\corp@lunapic.com.xpi - YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi - Kalp Tuu - %ProfilePath%\extensions\ffextension@weheartit.com.xpi - Pin It Button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default - WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} ProfilePath: C:\Users\Nelleke\AppData\Roaming\Thunderbird\Profiles\2j53e4is.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 9F8956BF8C354FCC6E0C416417E5E7ED - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll - Shockwave Flash 08ACECEB47FAF053C468D8AFE44709AD - C:\Users\Nelleke\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Nelleke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 77B6DD23DCA19A217D5A4C4CAF962895 - C:\Users\Nelleke\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer EECE85E006E195B1B227A8EB0874BDA8 - C:\Users\Nelleke\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll - Microsoft Office 2013 49D429EBF5305FC9ADD7545B7C914333 - C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 6BEAD7859E8A087BE04556AB5A78855C - C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Page Restore"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Page Restore"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nelleke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\7icxe948.default\Cache emptied successfully C:\Users\Nelleke\AppData\Local\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=83 folders=59 42263553 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Nelleke\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nelleke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 14-07-2015 at 13:03:12,72 ======================