Zoek.exe v5.0.0.1 Updated 25-October-2015 Tool run by Henk on wo 28-10-2015 at 16:31:35,53. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Henk\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== D:\zoek-results2015-10-27-191359.log 43320 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent 7-Zip 9.20 (x64 edition) Aangifte inkomstenbelasting 2010 Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Adobe Digital Editions Adobe Flash Player 19 ActiveX Adobe Flash Player 19 NPAPI Adobe Reader XI (11.0.13) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.1 AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Wireless Display v3.0 ATI AVIVO64 Codecs Avast Free Antivirus bl Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Components Setup D3DX10 Dream Aquarium 1.234 F1 2014 Facebook Video Calling 3.1.0.521 Google Chrome Google Earth Google Talk Plugin Google Update Helper Google+ Auto Backup HP Customer Experience Enhancements HP Deskjet 1010 series Basissoftware van het apparaat HP Deskjet 1010 series Help HP FWUpdateEDO2 HP Update HPDiagnosticAlert HPSupportUtilities30 IM Magician ImgBurn Insane 2 Java 8 Update 65 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 6.5.0 (Full) Klaverjassen Liveupdate4 MailWasher Free 6.5.4 Malwarebytes Anti-Malware versie 2.2.0.1024 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft IntelliPoint 8.0 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft OneDrive Microsoft Primary Interoperability Assemblies 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Movie Maker Mozilla Firefox 41.0.2 (x86 en-US) Mozilla Maintenance Service MSI Afterburner 1.5.1 MSI Kombustor v1.0.7 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyHeritage Family Tree Builder NVIDIA Drivers NVIDIA PhysX Octoshape Streaming Services OpenAL ph Photo Common Photo Gallery PowerISO Productverbeteringsonderzoek voor HP Deskjet 1010 series Revo Uninstaller Pro 3.0.8 Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2837610) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3054987) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085544) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085546) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2986254) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3085618) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3085615) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3055051) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3055052) 32-Bit Edition Shockwave Director 11.0.3 SlimCleaner Sony Picture Utility Sony USB Driver Sound Blaster X-Fi MB Speccy Spotify swMSM TomTom HOME TomTom HOME Visual Studio Merge Modules UnderCoverXP 1.23 Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3085617) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Verzoek of wijziging voorlopige aanslag 2011 Vimicro USB2.0 UVC PC Camera Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin Zylom Games Player Plugin ==== Running Processes ====================== C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrB.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe D:\Henk\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=198484"); user_pref("extensions.wrc.SearchRules.yahoo.com.url", "^http(s)?\\:\\/\\/((.)+\\.)?search\\.yahoo\\.com\\/(.)*"); user_pref("google.toolbar.sharing.usage.YahooMail", 1); user_pref("google.toolbar.subscribe.aggregators.myyahoo.desc", "My Yahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.id", "myyahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.order", "3"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.title", "My Yahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.url", "http://add.my.yahoo.com/rss?url=%feed%"); user_pref("weboftrust.search.yahoo.display", "Yahoo"); user_pref("weboftrust.search.yahoo.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*yahoo\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/|^http(s)?\\:\\/\\/.+\\/search\\/cach user_pref("weboftrust.search.yahoo.pre0.match", 4); user_pref("weboftrust.search.yahoo.pre0.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*yahoo\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/.+\\*\\*http.+yahoo\\.[a-z]{2,}.+ user_pref("weboftrust.search.yahoo.pre1.match", 4); user_pref("weboftrust.search.yahoo.pre1.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*yahoo\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/.+\\*\\*(http.+)"); user_pref("weboftrust.search.yahoo.pre2.match", 4); user_pref("weboftrust.search.yahoo.pre2.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*yahoo\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/click\\\\?u=(http.+)"); user_pref("weboftrust.search.yahoo.prestyle", ".bbox [ATTR], .right [ATTR] { display: none absolute; visibility: hidden; }"); user_pref("weboftrust.search.yahoo.url", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*yahoo\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/search[;\\\\?].+"); user_pref("weboftrust.search.yahoomail.display", "Yahoo Mail"); user_pref("weboftrust.search.yahoomail.dynamic", 1); user_pref("weboftrust.search.yahoomail.ign", "^http(s)?\\:\\/\\/([\\w\\-]*\\.)*(yahoo\\.(com|net)|ymailupdates\\.com)\\/"); user_pref("weboftrust.search.yahoomail.match0.condition", "or"); user_pref("weboftrust.search.yahoomail.match0.match0.attribute0.name", "class"); user_pref("weboftrust.search.yahoomail.match0.match0.attribute0.re", "msg-body"); user_pref("weboftrust.search.yahoomail.match0.match0.element", "div"); user_pref("weboftrust.search.yahoomail.match0.match1.attribute0.name", "id"); user_pref("weboftrust.search.yahoomail.match0.match1.attribute0.re", "^(messageAreaIframe|ViewArea_.*)$"); user_pref("weboftrust.search.yahoomail.match0.match1.element", "$frame"); user_pref("weboftrust.search.yahoomail.prestyle", "[ATTR] { position: absolute; visibility: hidden; }"); user_pref("weboftrust.search.yahoomail.searchlevel", 60); user_pref("weboftrust.search.yahoomail.url", "^http(s)?\\:\\/\\/([\\w\\-]*\\.)*mail\\.yahoo\\.(com|net)\\/(dc|neo|om\\/api)\\/"); ---- FireFox user.js and prefs.js backups ---- prefs_28-10-2015_1658_.backup ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\spnf0wg6.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=198484"); user_pref("browser.search.selectedEngine", "Yahoo"); ---- FireFox user.js and prefs.js backups ---- prefs_28-10-2015_1658_.backup ProfilePath: D:\Henk\AppData\Roaming\TomTom\HOME\Profiles\iy0ambly.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_28-10-2015_1658_.backup ==== Deleting Files \ Folders ====================== C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg deleted D:\Henk\AppData\Roaming\AVG deleted C:\ProgramData\Avg deleted C:\Program Files (x86)\AVG deleted C:\PROGRA~3\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5} deleted C:\PROGRA~3\Package Cache deleted D:\Henk\AppData\Local\\Unity deleted D:\Henk\Desktop\De Windows 10 Downloader voor Windows 7 en 8.1 - - Hoe KB3035583 verwijderen Myce.com.url deleted "C:\Windows\tasks\CCleanerClean.job" deleted ==== Folders Found ====================== 2015-10-28 15:07:14 2015-10-28 15:07:14 -------- d-----w- C:\Windows\Temp\avast_ash2\AVG Antivirus 2015-10-28 15:58:30 2015-10-28 15:58:30 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_AVG 2015-10-28 15:58:29 2015-10-28 15:58:30 -------- d---a-w- C:\zoek_backup\C_ProgramData_Avg 2015-10-28 15:58:29 2015-10-28 15:58:29 -------- d---a-w- C:\zoek_backup\C_Windows_SysNative_config_systemprofile_AppData_Local_Avg 2015-10-28 15:58:28 2015-10-28 15:58:28 -------- d---a-w- C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_Local_Avg 2015-10-28 15:58:28 2015-10-28 15:58:28 -------- d---a-w- C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_Local_AvgSetupLog 2015-10-28 15:58:29 2015-10-28 15:58:29 -------- d---a-w- C:\zoek_backup\D_Henk_AppData_Roaming_AVG 2015-10-28 15:58:30 2015-10-28 15:58:30 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_AVG\AVG PC TuneUp ==== Files Found ====================== ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4096 MB CPU Info: AMD Athlon(tm) II X4 640 Processor CPU Speed: 2940,1 MHz Sound Card: Headphone (VIA HD Audio) | SPDIF Interface (TX0) (VIA HD A | Display Adapters: AMD Radeon HD 5670 | AMD Radeon HD 5670 | AMD Radeon HD 5670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: NVIDIA nForce 10/100/1000 Mbps Ethernet CD / DVD Drives: 1x (E: | ) E: _NEC DVD_RW ND-2500A Ports: COM1 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 221,6GB | D: 244,0GB Hard Disks - Free: C: 154,2GB | D: 179,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/17/10 | 051710 - 20100517 Time Zone: West-Europa (standaardtijd) Motherboard *: ASRock M3N78D Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} Default Browser: Google Chrome 46.0.2490.80 Internet Explorer Version: 11.0.9600.18059 Mozilla Firefox version: 41.0.2 (x86 en-US) Google Chrome version: 46.0.2490.80 Adobe Reader version: 11.0.13.17 Sun Java version: 1.8.0_65 (32-bit) Sun Java version: 1.8.0_65 (64-bit) Flash Player version: 19.0.0.226 Shockwave Player version: 12.1.9r160 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-10-10 18:35:44 F0ECBDA4D2FD129FF15C299AF8462FC8 43112 ----a-w- C:\Windows\avastSS.scr ====== D:\Henk\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-10-27 18:25:08 C39FB2F1EB2DF9F3820BD7775F3AFC81 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-10-15 08:57:04 F03EA93F045D009830C890010750B34A 25432 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-10-15 08:57:04 AFE7905DD772DEA54B9C443C6634740A 700416 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-10-15 08:57:04 9F780E22C79AACBF3A93F6ACDE2A4E0A 766464 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-10-15 08:57:04 952D66DCA6CB744381B7298F8AAE994F 73216 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-10-15 08:57:04 21C89857E5671990BBF2B430BD75B9C9 1291264 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-10-15 08:57:04 1AC3E0E57844764B0CA6D2BF0F76C773 503808 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-10-15 08:57:04 14A5CC0EE60278D483A88124B88F3524 1163776 ----a-w- C:\Windows\Sysnative\aeinv.dll ====== C:\Windows\Sysnative\drivers ===== 2015-10-14 14:30:32 C6330F7C2E92A00E6773E82F79078AFC 157016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-10-14 14:30:32 3A8C03156C3E31E70EF84E48CA179B46 97112 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-10-14 14:30:31 ACB6782973BD93760D597FC7BB37E692 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-10-14 14:30:28 8C0376974AA28398FF501E78C04ACB30 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-10-14 14:30:28 262BF7BB7D0E44CFAA9B12A1E0A6EDF1 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-10-14 14:29:31 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-09-30 10:40:09 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\72D05010.sys ====== C:\Windows\Tasks ====== 2015-10-17 09:23:20 F2B4DED2E9E37169FF67963974752ADB 3120 ----a-w- C:\Windows\Sysnative\Tasks\{47D8A755-9A19-4D3E-BB07-DF076BEC5DC5} 2015-10-08 14:58:28 F6EF6A88C1AB2937F89FF49F2A3FAA9E 3180 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForHenk 2015-10-08 14:58:28 D74AB0E32260DA220CF0366EC35BA918 328 ----a-w- C:\Windows\Tasks\HPCeeScheduleForHenk.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-10-08 14:43:26 -------- d-----w- C:\PROGRA~2\Hewlett-Packard ======= D: ===== ====== D:\Henk\AppData\Roaming ====== 2015-10-08 14:52:56 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Hewlett-Packard ====== D:\Henk ====== 2015-10-27 18:25:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-27 18:09:00 461A1FEB2BE3C9AD35CD9206470BDA89 584288 ----a-w- D:\Henk\Downloads\Niet bevestigd 878159.crdownload 2015-10-24 22:06:28 -------- d-----w- D:\Henk\Pictures\25-10-2015 lekkage hal en raam stuk 2015-10-21 14:15:32 87355F10B50568662A044498F4BE81EB 56 ----a-w- D:\Henk\.oracle_jre_usage\48ac84126bcac2af.timestamp 2015-10-19 20:07:01 F000757C403C93838510A9BD0C620EC9 2383 ----a-w- D:\Henk\Desktop\LostInReefs3.exe - Snelkoppeling.lnk 2015-10-19 19:59:18 C21FC727AB21A0FE692D1AB558F680DE 64 ----a-w- D:\Henk\Desktop\Torrents Plaza - Postvak-in.url 2015-10-19 19:50:53 D24BE7DC910103652D419C4A5E34C4FE 14333 ----a-w- D:\Henk\Downloads\LostinReefs Antarctic NL NIEUW.torrent 2015-10-18 21:10:12 E575B6CAB669D0CA3D00C3981F185B59 465328 ----a-w- D:\Henk\Downloads\manual_mirror_cabinet_mounted_light_v15072014 (1).pdf 2015-10-18 21:09:24 D01310BDE0428A0E01288E4E9CDC2DF2 1351536 ----a-w- D:\Henk\Downloads\SP1601_Manual_mirror_cabinet_NL-FR_v02092014 (1).pdf 2015-10-18 21:04:58 D01310BDE0428A0E01288E4E9CDC2DF2 1351536 ----a-w- D:\Henk\Downloads\SP1601_Manual_mirror_cabinet_NL-FR_v02092014.pdf 2015-10-18 20:58:15 E575B6CAB669D0CA3D00C3981F185B59 465328 ----a-w- D:\Henk\Downloads\manual_mirror_cabinet_mounted_light_v15072014.pdf 2015-10-18 13:09:24 -------- d-----w- C:\ProgramData\Fugazo 2015-10-18 13:08:24 5C539E6F6685993DC2BA1D5473A4A468 711 ----a-w- D:\Henk\Desktop\WorldMosaics4.exe - Snelkoppeling.lnk 2015-10-18 13:07:44 92828EF180FBF6EDC80F0D714E768E84 746 ----a-w- D:\Henk\Desktop\worldmosaics2.exe - Snelkoppeling.lnk 2015-10-18 12:10:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- D:\Henk\Downloads\RSITx64.exe 2015-10-18 11:10:02 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- D:\Henk\Downloads\spsetup128 (2).exe 2015-10-18 10:43:45 36471462188ABE0E03BA3258C49B40A4 52 ----a-w- D:\Henk\Desktop\Tribal Wars - Het online spel.url 2015-10-17 09:26:29 -------- d-----w- D:\Henk\Downloads\Chameleon 2015-10-17 09:24:54 0D703760F1C5F997B16418954425370B 6383209 ----a-w- D:\Henk\Downloads\mbam-chameleon-3.1.25.0.zip 2015-10-16 20:04:16 -------- d---a-w- C:\ProgramData\Reprise 2015-10-16 20:03:27 -------- d-----w- C:\ProgramData\SketchUp 2015-10-16 13:08:33 4128F63699B46923743560AF32BB5AB2 17506 ----a-w- D:\Henk\Desktop\3e offerte 123176.pdf 2015-10-15 18:22:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-15 18:20:00 856F65089DE0B278ED09B3F6C37F19CD 929872 ----a-w- D:\Henk\Downloads\ChromeSetup.exe 2015-10-08 14:05:50 -------- d-----w- D:\Henk\Documents\HpReg_Backup ====== C: exe-files == 2015-10-27 18:25:08 A53E431775DF91EA016AF5817DF26B41 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-10-27 18:25:08 50CC4A65F784A51813A169EA33CF319A 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-10-27 18:25:08 4547FB479010206D8BEA10B2694C5C6D 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-10-27 18:24:52 FA5E33B54BD044F489BA4281B3D6ED95 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\servertool.exe 2015-10-27 18:24:52 CC0CF93D2BF12A423DA4134FFB9C324D 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssvagent.exe 2015-10-27 18:24:52 6211595DD15306DFD8E07B95E6F2984D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\tnameserv.exe 2015-10-27 18:24:52 4D2DDC988E4F67E7E07E78954FBEED2D 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\unpack200.exe 2015-10-27 18:24:51 FAE99E011922F5BE4CB2160E316D057B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmiregistry.exe 2015-10-27 18:24:51 BBC68E5519B11A74B8208AA7B85F3B80 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmid.exe 2015-10-27 18:24:51 B6DBE62611DA178B2CA578BC2B7BBA30 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javacpl.exe 2015-10-27 18:24:51 B61623580A304714A4E2FE6A5E73327F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\pack200.exe 2015-10-27 18:24:51 AA79E5830F4B6C29A5A976891ED0E86B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jjs.exe 2015-10-27 18:24:51 A53E431775DF91EA016AF5817DF26B41 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe 2015-10-27 18:24:51 940EE00C074A46D638A756723964D65D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\orbd.exe 2015-10-27 18:24:51 8ED50DA4BAE0046E05BEC0110CF20B17 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java-rmi.exe 2015-10-27 18:24:51 857117663B1F28ABBA4E1C6110A09282 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\policytool.exe 2015-10-27 18:24:51 66B01DCB41FBE8C3CAB13D3F8ED4FA58 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jabswitch.exe 2015-10-27 18:24:51 56DCBCE6CF84B5F12185AF6DB7B85EB2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\keytool.exe 2015-10-27 18:24:51 50CC4A65F784A51813A169EA33CF319A 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaws.exe 2015-10-27 18:24:51 4547FB479010206D8BEA10B2694C5C6D 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe 2015-10-27 18:24:51 2AA43B8A44341F90DCCFAE38107BA484 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2launcher.exe 2015-10-27 18:24:51 1A859E08A65ECBA7B687ACAED5EA5080 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ktab.exe 2015-10-27 18:24:51 1933BBD87F9759CC2D7DC2909C4CA0CD 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\klist.exe 2015-10-27 18:24:51 0AD21325149141252F05B32F7809F441 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\kinit.exe 2015-10-27 18:11:46 1359A14B642DE38FEEC2A448BF8D281C 584288 ----a-w- C:\Users\Henk\Bureaublad\FF bewaren\jxpiinstall(1).exe 2015-10-24 09:36:04 0E84D08A5C8A3291F9A65422A4E8D44D 939088 ----a-w- C:\Program Files (x86)\Google\Update\Install\{F6CEF24E-7C1A-403C-9D84-07D1E78D698B}\46.0.2490.80_46.0.2490.71_chrome_updater.exe 2015-10-24 09:36:04 0E84D08A5C8A3291F9A65422A4E8D44D 939088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_46.0.2490.71_chrome_updater.exe === C: other files == 2015-10-27 18:24:52 577B724A8DB4380F8B8F0098D1C9A722 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2771351034-1752285704-1091563883-1008\Software\Microsoft\Windows\CurrentVersion\Run] "Wisdom-soft ScreenHunter 5.1 Free"="C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Google Update"="D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" "StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Wisdom-soft ScreenHunter 5.1 Free"="C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Google Update"="D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RunDLLEntry"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"D:\\Henk\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\!SASCORE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD FUEL Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Creative ALchemy AL6 Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Creative Audio Engine Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CTAudSvcService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMScheduler] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sdAuxService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\sdCoreService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Sound Blaster X-Fi MB Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ThreatFire] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TomTomHOMEService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VIAKaraokeService] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16-10-2015 22:36] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job --a------ C:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe [] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job --a------ C:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe [] C:\Windows\tasks\Google Software Updater.job --a------ C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [07-09-2011 18:49] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 22:24] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 22:24] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job --a------ C:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job --a------ C:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\HPCeeScheduleForHenk.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core" [D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA" [D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Google Software Updater" [C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core" [D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA" [D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForHenk" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1010 series" ["C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\ShouldIRemoveIt_Notifications" [C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{722E2EDB-48D9-45C6-B267-3418D47ED143}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E1139F21-08C1-44BB-A074-AB90112287DD}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{77CFD4D3-DDEB-4AA5-B501-8E1389EA906C}" [C:\Program Files\Alwil Software\Avast5\AvastUI.exe] "C:\Windows\SysNative\tasks\{EFBB3A01-09C5-412F-8123-89935713112A}" [C:\Program Files\Alwil Software\Avast5\AvastUI.exe] ==== Firefox Start and Search pages ====================== ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default user_pref("browser.startup.homepage", "www.google.nl"); user_pref("browser.search.defaulturl", "https://www.google.com/search"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.bdtoolbar.orig_keyword_url", "chrome://browser-region/locale/region.properties"); user_pref("keyword.URL", "https://www.google.com/search"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [10-10-2015 19:35] ==== Firefox Extensions ====================== ProfilePath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default - Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF ProfilePath: D:\Henk\AppData\Roaming\TomTom\HOME\Profiles\iy0ambly.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director 684F2DF31062413E094280891DCB6EE1 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll - Shockwave for Director / Shockwave for Director 863AF0003392FEBC2667A8A790DED955 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash D8D88FC2ECB4F0F54051086A4901C182 - D:\Henk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 7D127425BBE91DF37448A7F44C1DDA52 - D:\Henk\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - D:\Henk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin A0D63D14016C75D718F5432B13FC6576 - D:\Henk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 4CD25DDA1221224BB92591756ED12602 - D:\Henk\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer FE5EBC41BC74FEB22D64FCB715F067F5 - D:\Henk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator DDC4B753983AF90EEDA7360C16D4D39A - D:\Henk\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx[19-03-2015 17:01] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[19-03-2015 17:01] Google Drive - AppData\Local - Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf TV - AppData\Local - Profile 3\Extensions\beobeededemalmllhkmnkinmfembdimh YouTube - AppData\Local - Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - AppData\Local - Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - AppData\Local - Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Sport bubble shooter - AppData\Local - Profile 3\Extensions\djpbeidibgdgnhcgoamegepdcgmnlbaj Tribal Wars 2 - AppData\Local - Profile 3\Extensions\eobjhojdadaenpabnnicegiibjiagibj Avast SafePrice - AppData\Local - Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Unblock Car 3D - AppData\Local - Profile 3\Extensions\ndaflanlochpiijbgjgofgmnbgmhgkmd Chrome Web Store Payments - AppData\Local - Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - AppData\Local - Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{4B277E1C-679C-412E-96BE-C5952ECECF40}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {11CA2252-3D7E-4008-BA1B-F25370CCBCA7} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" {4B277E1C-679C-412E-96BE-C5952ECECF40} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" {AA84B8B2-32D7-4EC2-AFA8-F7225E7FD860} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}" {F901C088-3558-4AF5-B93A-6A73358FDDC1} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Wisdom-soft ScreenHunter 5.1 Free] C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully D:\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully D:\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully D:\Henk\backup system files\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== D:\Henk\AppData\Local\\Google\Chrome\User Data\Profile 3\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=144 folders=67 51931466 bytes) ==== Empty Temp Folders ====================== D:\Henk\AppData\Local\\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 28-10-2015 at 17:19:01,70 ======================