Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Van Alphen on wo 04-05-2016 at 11:49:37,58. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Van Alphen\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 4-5-2016 12:17:58 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\Van Alphen\AppData\Local\calibre-cache deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe C:\Users\Van Alphen\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\WinZip\WZUpdateNotifier.exe C:\Users\Van Alphen\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe C:\Users\Van Alphen\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.73_windows_x86_64.exe C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.73_windows_x86_64.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Van Alphen\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Van Alphen\AppData\Roaming\calibre deleted ==== Folders Found ====================== 2016-04-25 12:50:04 2016-04-25 12:50:04 -------- d-----w- C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Amazon Browser Settings 2016-04-25 12:50:04 2016-04-25 12:50:04 -------- d-----w- C:\AdwCleaner\FileQuarantine\C\Users\Van Alphen\AppData\Local\Amazon Browser Settings 2016-04-21 10:14:40 2016-04-21 10:14:40 -------- d-----w- C:\Program Files (x86)\Amazon 2016-04-21 10:14:40 2016-04-21 10:14:40 -------- d-----w- C:\Program Files (x86)\Amazon\Amazon1ButtonApp 2016-05-03 16:52:33 2016-05-03 16:52:34 -------- d-----w- C:\Users\Van Alphen\Documents\Calibre Library\Edgar Rice Burroughs\Tarzan en de Amazonen (2) ==== Files Found ====================== --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App File Version: 2.3.4 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: Amazon1ButtonBrowserHelper.dll File type: ----a-w- File size: 275264 Created time: 2016-02-17 11:28:38 Modified time: 2016-02-17 11:28:38 MD5: 1A535106FCBE4C422CD09CE2E8C393AC SHA1: D1CA5B7DB5E3FD2EF0B44E5D714829E0ECDC3F16 --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper64.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App File Version: 2.3.4 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: Amazon1ButtonBrowserHelper.dll File type: ----a-w- File size: 284960 Created time: 2016-02-17 11:28:46 Modified time: 2016-02-17 11:28:46 MD5: 2FC4E981A732A21EC32B452D989BF661 SHA1: E36B7AE3697561CCACF70B785EB198DD75A1F3F1 --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonRuntime.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App File Version: 2.3.4 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: Amazon1ButtonRuntime.dll File type: ----a-w- File size: 1028416 Created time: 2016-02-17 11:28:54 Modified time: 2016-02-17 11:28:54 MD5: 878027C0A75C23CC84431A9BD5F5BCEA SHA1: 6EC2B73553D321BF08AC2E6BAF14E252087FE830 --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe --- Company: Amazon Inc. File Description: The Amazon 1Button App File Version: 2.3.4 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: Amazon1ButtonService.exe File type: ----a-w- File size: 436032 Created time: 2016-02-17 11:28:26 Modified time: 2016-02-17 11:28:26 MD5: 976966A13B587E2FEB883B516D868B6B SHA1: 9BD1E27E38628A346FEBB8B87DE31FA3EE8BFD8A --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App File Version: 2.3.4 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: AmazonAppIE.dll File type: ----a-w- File size: 1217312 Created time: 2016-02-17 11:29:00 Modified time: 2016-02-17 11:29:00 MD5: 20A1B0AD4870908C50FA032DD2328384 SHA1: 1EDC2C6471549906B020B6E7DCD5060041F60350 --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App File Version: 2.3.4 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: AmazonAppIE.dll File type: ----a-w- File size: 1270048 Created time: 2016-02-17 11:29:06 Modified time: 2016-02-17 11:29:06 MD5: 9BF56F1C00580A26301584C2E5B1F696 SHA1: 4BDC3D3A28E597CC3AC33C47169DF3F8CB889A22 --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App Extension File Version: 2.2.0 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: AmazonExtIE.dll File type: ----a-w- File size: 384800 Created time: 2016-02-17 11:29:24 Modified time: 2016-02-17 11:29:24 MD5: C44FDDA17E0DCA9EFEC04D4BC780EDCE SHA1: CC2F04536A233A1A03C5BF7AE8681D5D3B0FA840 --- C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll --- Company: Amazon Inc. File Description: The Amazon 1Button App Extension File Version: 2.2.0 Product Name: The Amazon 1Button App Copyright: (c) 2013 Amazon Inc. All rights reserved. Original Filename: AmazonExtIE.dll File type: ----a-w- File size: 385824 Created time: 2016-02-17 11:29:42 Modified time: 2016-02-17 11:29:42 MD5: D8DECD72CD183E1F5BDB10339EF5BC7A SHA1: BB0C77B7C81165D5F9CBFFAE6B2277B9F86ACC57 --- C:\Users\Van Alphen\AppData\Roaming\Microsoft\Windows\Recent\Burroughs, Edgar Rice - Tarzan en de Amazonen.epub.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25039 Created time: 2016-05-03 16:50:50 Modified time: 2016-05-03 16:50:50 MD5: 9CA1D076AA02C91ADCF794BE0C52CDD8 SHA1: F82EEBA68A90837F3CA89FB895765CD468B2F3E3 --- C:\Users\Van Alphen\Desktop\Nieuwe map (3)\E-books op achternaam deel 4\Burroughs, Edgar Rice - Tarzan en de Amazonen.epub --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 125358 Created time: 2013-11-13 13:39:08 Modified time: 2010-09-12 18:41:24 MD5: 43D986F2693AB224EE9932B2CCA36D4F SHA1: E9B359DE653B8218183210D187223282CD11B3B5 --- C:\Users\Van Alphen\Documents\Calibre Library\Edgar Rice Burroughs\Tarzan en de Amazonen (2)\Tarzan en de Amazonen - Edgar Rice Burroughs.epub --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 125358 Created time: 2016-05-03 16:52:34 Modified time: 2016-05-03 16:52:34 MD5: 43D986F2693AB224EE9932B2CCA36D4F SHA1: E9B359DE653B8218183210D187223282CD11B3B5 --- C:\Windows\Installer\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}\amazonIcon.exe --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-r- File size: 17542 Created time: 2016-04-21 10:14:40 Modified time: 2016-04-21 10:14:40 MD5: FD6DDC467E7D664501DB47EE637B73AD SHA1: 9AC7B009461EAA145C5328419916779F507DD662 ==== Registry Search Results for "amazon" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\Software\Amazon] [HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\Software\Amazon\Amazon1ButtonApp] [HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\Software\Amazon\Amazon1ButtonApp] "Location"="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}] "StubPath"="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonTaskbarApp.exe /pin:" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}] @="Amazon 1Button App Configuration" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION] "Amazon1ButtonTaskbarApp.exe"=dword:00002711 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}] "Publisher"="Amazon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}] "DisplayName"="Amazon 1Button App" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime] @="The Amazon 1Button App for Internet Explorer Runtime Server" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway] @="The Amazon 1Button App Gateway" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.GadgetGateway] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.GadgetGateway\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Amazon1ButtonRuntime.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AmazonAppIE.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}] @="Amazon1ButtonService Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}] "LocalService"="Amazon 1Button App Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{87BDDAA1-CB99-4B47-89F6-7651D7731BC6}] @="Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{ABD8D96F-8F32-4167-B31F-FED987846B81}] @="AmazonAppIE" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D2E5FFD9-E488-4844-8C6D-051AA67C99F2}] @="Amazon1ButtonRuntime" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonRuntime.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}\ProgID] @="Amazon1ButtonRuntime.Amazon1ButtonRuntime" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}\VersionIndependentProgID] @="Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonBrowserHelper.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}\ProgID] @="Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}\VersionIndependentProgID] @="Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}\ProgID] @="AmazonAppIE.AppGateway" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}\ProgID] @="AmazonAppIE.GadgetWindow" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}\VersionIndependentProgID] @="AmazonAppIE.GadgetWindow" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C] "ProductName"="Amazon 1Button App" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C] "ProductIcon"="C:\\Windows\\Installer\\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}\\amazonIcon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C\SourceList] "PackageName"="Amazon1ButtonApp.msi" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FD1B7376-A344-48BD-857D-C87B4D8502EF}] @="IAmazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48DDEC26-CEC3-478E-9566-0842DAF10CEA}\1.0] @="Amazon1ButtonRuntimeLib" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48DDEC26-CEC3-478E-9566-0842DAF10CEA}\1.0\0\win32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonRuntime.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{48DDEC26-CEC3-478E-9566-0842DAF10CEA}\1.0\HELPDIR] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0] @="Amazon1ButtonBrowserHelper64Lib" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0\0\win32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonBrowserHelper.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0\0\win64] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonBrowserHelper64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0\HELPDIR] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0] @="AmazonAppIE64Lib" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0\0\win32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0\0\win64] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0\HELPDIR] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonRuntime.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}\ProgID] @="Amazon1ButtonRuntime.Amazon1ButtonRuntime" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}\VersionIndependentProgID] @="Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonBrowserHelper.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}\ProgID] @="Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}\VersionIndependentProgID] @="Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}] @="The Amazon 1Button App for Internet Explorer" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}\ProgID] @="AmazonAppIE.AppGateway" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}\InprocServer32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}\ProgID] @="AmazonAppIE.GadgetWindow" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}\VersionIndependentProgID] @="AmazonAppIE.GadgetWindow" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FD1B7376-A344-48BD-857D-C87B4D8502EF}] @="IAmazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\Amazon1ButtonBrowserHelper.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\Amazon1ButtonRuntime.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\AmazonAppIE.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}] @="Amazon1ButtonService Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}] "LocalService"="Amazon 1Button App Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{87BDDAA1-CB99-4B47-89F6-7651D7731BC6}] @="Amazon1ButtonBHO" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{ABD8D96F-8F32-4167-B31F-FED987846B81}] @="AmazonAppIE" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{D2E5FFD9-E488-4844-8C6D-051AA67C99F2}] @="Amazon1ButtonRuntime" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{48DDEC26-CEC3-478E-9566-0842DAF10CEA}\1.0] @="Amazon1ButtonRuntimeLib" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{48DDEC26-CEC3-478E-9566-0842DAF10CEA}\1.0\0\win32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonRuntime.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{48DDEC26-CEC3-478E-9566-0842DAF10CEA}\1.0\HELPDIR] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0] @="Amazon1ButtonBrowserHelper64Lib" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0\0\win32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonBrowserHelper.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0\0\win64] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\Amazon1ButtonBrowserHelper64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{921462B2-5269-45A2-AA8D-F8F7A3690255}\1.0\HELPDIR] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0] @="AmazonAppIE64Lib" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0\0\win32] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0\0\win64] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\AmazonAppIE64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}\1.0\HELPDIR] @="C:\\Program Files (x86)\\Amazon\\Amazon1ButtonApp\\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Amazon 1Button App Service] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Amazon 1Button App Service] "DisplayName"="Amazon 1Button App Service" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Amazon 1Button App Service] "Description"="The Amazon 1Button App Service provides easy Internet Explorer access and automatic updates" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Amazon 1Button App Service] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Amazon 1Button App Service] "DisplayName"="Amazon 1Button App Service" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Amazon 1Button App Service] "Description"="The Amazon 1Button App Service provides easy Internet Explorer access and automatic updates" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Amazon 1Button App Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Amazon 1Button App Service] "DisplayName"="Amazon 1Button App Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Amazon 1Button App Service] "Description"="The Amazon 1Button App Service provides easy Internet Explorer access and automatic updates" [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon] [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp] [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp] "RootWebsite"="www.amazon.com" [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp\Storage] [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp\Storage] "ubp_root"="https://www.amazon.com" [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp\StorageIE] [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp\StorageIE] "ubp_root"="https://www.amazon.com" [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\Microsoft\Amazon1ButtonApp] [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit] "LastKey"="Computer\\HKEY_CLASSES_ROOT\\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO" [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\amazon.com] ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4009 MB CPU Info: Intel(R) Pentium(R) CPU G620 @ 2.60GHz CPU Speed: 2637,2 MHz Sound Card: Luidsprekers (Realtek High Defi | S22B350 (Intel(R) Display Audio | Realtek Digital Output (Realtek | Realtek Digital Output(Optical) | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; SyncMaster SB350_S22B350H (HDMI) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH22NS70 Ports: COM1 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 244,0GB | D: 4,0GB Hard Disks - Free: C: 126,7GB | D: 3,5GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 06/16/10 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. V-P8H61E. Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} Internet Explorer Version: 11.0.9600.18282 Google Chrome version: 50.0.2661.94 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-04-17 11:14:23 F0071C341584B1B7123E6ACAE74ABD88 1004 ----a-w- C:\Windows\CompatibilityIssues.txt 2016-04-17 10:53:43 D1E75542EC8D1B4851765A57AC63618E 1908 ----a-w- C:\Windows\diagerr.xml 2016-04-17 10:53:43 1D0323483ACC8F1896C4E0A219F6A2F1 2562 ----a-w- C:\Windows\diagwrn.xml ====== C:\Users\VANALP~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-05-01 13:54:46 C1A2A1884A48ABFB5F24B2CFAE6786FD 2130944 ----a-w- C:\Windows\SysWOW64\networkmap.dll 2016-05-01 13:54:46 A38D1734B1A81EC69B20C275212508B1 41472 ----a-w- C:\Windows\SysWOW64\networkitemfactory.dll 2016-04-21 10:26:25 D0C0D9F3E64C97730DF0F130D0D5B307 97856 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-04-21 10:26:25 441104963F07A84A64DE3C3244909388 782240 ----a-w- C:\Windows\SysWOW64\deployJava1.dll 2016-04-21 10:26:24 1B197A0ED28DB310AB67591567C3787A 861088 ----a-w- C:\Windows\SysWOW64\npDeployJava1.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-05-01 13:54:46 D58977F1E9CE4C7F70C5C3718E44CD74 53248 ----a-w- C:\Windows\Sysnative\networkitemfactory.dll ====== C:\Windows\Sysnative\drivers ===== 2016-04-20 12:17:48 AA0F6296C155056B2C7C8757F68AF2D0 307456 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2016-04-18 07:04:22 7DF02FF624320FA49B76D62209FDFF6F 71936 ----a-w- C:\Windows\Sysnative\drivers\avguniva.sys 2016-04-14 08:54:20 33D1284A1E0DF9FE4288221DD7269792 51968 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys 2016-04-13 13:41:12 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-04-13 13:41:12 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-04-13 13:41:11 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-04-13 13:41:11 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-04-13 13:41:10 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-04-13 13:41:10 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-04-13 13:40:43 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\Sysnative\drivers\disk.sys 2016-04-08 12:17:57 0300934A429A0C83DA6892787B787A53 4803840 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2016-04-08 12:17:56 D084C906633567FDD403340E3EF3BD06 5576400 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT 2016-04-08 12:15:33 160EA4FA0CEF7BE1FFCAA697B2900080 1027840 ----a-w- C:\Windows\Sysnative\drivers\Rt64win7.sys ====== C:\Windows\Tasks ====== 2016-04-09 14:45:33 49723E3E2E2C1A420677B232223EFF0D 2972 ----a-w- C:\Windows\Sysnative\Tasks\{E78686D1-A1FF-4DCC-9B93-465D7571DAC2} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-05-03 10:14:12 -------- d-----w- C:\Program Files\Speccy 2016-04-29 12:19:59 -------- d-----w- C:\Program Files\WinZip ======= C:\PROGRA~2 ===== 2016-04-21 10:14:40 -------- d-----w- C:\PROGRA~2\Amazon ======= C: ===== ====== C:\Users\Van Alphen\AppData\Roaming ====== 2016-04-29 12:20:33 -------- d-----w- C:\Users\Van Alphen\AppData\Local\Nico Mak Computing 2016-04-29 12:20:11 -------- d-----w- C:\Users\Van Alphen\AppData\Local\WinZip 2016-04-22 12:09:39 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-04-22 12:09:39 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-04-22 12:09:39 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-04-22 12:09:39 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-04-22 12:09:38 -------- d-----w- C:\Users\Van Alphen\AppData\Local\Temp 2016-04-21 10:03:36 -------- d-----w- C:\Users\Van Alphen\AppData\Roaming\Sun 2016-04-21 09:57:48 -------- d-----w- C:\Users\Van Alphen\AppData\Locallow\Oracle 2016-04-20 18:45:58 -------- d-----w- C:\Users\Van Alphen\AppData\Local\Shareaza 2016-04-20 15:14:07 -------- d-----w- C:\Users\Van Alphen\AppData\Locallow\BitTorrent 2016-04-18 17:40:39 -------- d-----w- C:\Users\Van Alphen\AppData\Local\CrashDumps 2016-04-17 14:43:20 -------- d-----w- C:\Users\Default\AppData\Local\Google 2016-04-17 14:43:20 -------- d-----w- C:\Users\Default User\AppData\Local\Google 2016-04-17 13:03:41 2ADAAD32663BB3473FD72D081D59D2F4 7609 ----a-w- C:\Users\Van Alphen\AppData\Local\Resmon.ResmonCfg ====== C:\Users\Van Alphen ====== 2016-05-03 10:13:21 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Van Alphen\Downloads\spsetup129 (1).exe 2016-05-03 10:13:12 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Van Alphen\Downloads\spsetup129.exe 2016-05-01 13:52:56 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip (3).exe 2016-05-01 13:46:26 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip (2).exe 2016-05-01 13:43:58 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip (1).exe 2016-05-01 13:43:39 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip.exe 2016-04-29 13:31:16 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter 2016-04-29 12:20:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2016-04-29 12:20:11 -------- d-----w- C:\ProgramData\WinZip 2016-04-29 12:19:14 -------- d-----w- C:\ProgramData\UniqueId 2016-04-29 12:18:51 938B2BBCDF1F567FC88F6B7EA30F3559 706016 ----a-w- C:\Users\Van Alphen\Downloads\winzip20.exe 2016-04-25 12:38:31 64458AEFB3418EE74EA69CA3A4E2CFB1 3580480 ----a-w- C:\Users\Van Alphen\Downloads\AdwCleaner.exe 2016-04-21 10:03:36 -------- d-----w- C:\Users\Van Alphen\.oracle_jre_usage 2016-04-21 10:02:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-21 10:02:11 -------- d-----w- C:\ProgramData\Oracle 2016-04-21 09:56:35 0CB6F89AFC44CECD411191296383A85B 738368 ----a-w- C:\Users\Van Alphen\Downloads\chromeinstall-8u91.exe 2016-04-20 18:45:58 1821CBEDD103D80D3BEDECC8A8F13EB9 11370931 ----a-w- C:\Users\Van Alphen\Downloads\Shareaza_2-7-1-0_Win32.exe 2016-04-20 18:45:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shareaza ====== C: exe-files == 2016-05-04 10:46:12 E6AF74BE6B61122D8165BB5218545A34 78608 ----a-w- C:\ProgramData\AVG\Setup\av\avguirux.exe 2016-05-04 10:46:12 DD531DA3779B35F1F4B019AF810F9489 6059744 ----a-w- C:\ProgramData\AVG\Setup\av\avgmfapx.exe 2016-05-03 22:22:28 FCF0E237981DDA0B89CD61804607F2C0 102 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_3.73_windows_x86_64.exe 2016-05-03 22:22:26 FCF0E237981DDA0B89CD61804607F2C0 102 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_3.73_windows_x86_64.exe 2016-05-03 10:13:21 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Van Alphen\Downloads\spsetup129 (1).exe 2016-05-03 10:13:12 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Van Alphen\Downloads\spsetup129.exe 2016-05-01 13:52:56 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip (3).exe 2016-05-01 13:46:26 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip (2).exe 2016-05-01 13:43:58 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip (1).exe 2016-05-01 13:43:39 F0A249C4B48E3C07AEAF596E9605654D 2324072 ----a-w- C:\Users\Van Alphen\Downloads\448993_intl_x64_zip.exe 2016-04-29 12:28:07 0DB3F3A518C764250C7878C34B8D1FE3 1581048 ----a-w- C:\Users\Van Alphen\AppData\Local\Google\Chrome\User Data\SwReporter\6.48.6\software_reporter_tool.exe 2016-04-29 12:18:51 938B2BBCDF1F567FC88F6B7EA30F3559 706016 ----a-w- C:\Users\Van Alphen\Downloads\winzip20.exe 2016-04-28 20:00:46 0D0F67521AF36DA6073EAC83F9000FE6 966744 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.94\50.0.2661.94_50.0.2661.87_chrome_updater.exe === C: other files == 2016-05-03 22:22:28 343DC72CC5C62DB6C85A1E0853C1BB8E 99 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_database.zip 2016-05-03 22:22:28 08E3E62F2B6A9BA4A5798F44A1598F26 116 ----a-w- C:\ProgramData\BOINC\slots\1\input_rb_05_03_65176_109281__t000__ab_robetta.zip 2016-05-03 22:22:26 343DC72CC5C62DB6C85A1E0853C1BB8E 99 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_database.zip 2016-05-03 22:22:26 08E3E62F2B6A9BA4A5798F44A1598F26 116 ----a-w- C:\ProgramData\BOINC\slots\0\input_rb_05_03_65176_109281__t000__ab_robetta.zip 2016-05-03 22:22:14 6D4D0776E8E6F4C499D71C7439194238 8596569 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\input_rb_05_03_65190_109298__t000__0_C2_robetta.zip 2016-05-03 22:22:11 E08E777465D2E5CD1E145F10ADFA71CF 3735593 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\input_rb_05_03_65176_109281__t000__ab_robetta.zip 2016-04-29 13:41:50 7E3623D7A42D0180565EF66E547D45C5 6645 ----a-w- C:\Users\Van Alphen\Documents\NieuweZip.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3618103154-1282251522-2710838709-1000\Software\Microsoft\Windows\CurrentVersion\Run] "boincmgr"="C:\Program Files\BOINC\boincmgr.exe /a /s" "BitTorrent"="C:\Users\Van Alphen\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "DelaypluginInstall"="C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "boincmgr"="C:\Program Files\BOINC\boincmgr.exe /a /s" "BitTorrent"="C:\Users\Van Alphen\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "boinctray"="C:\Program Files\BOINC\boinctray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "GwxControlPanelMonitor"="C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe /traymode" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcSoft Connection Service" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Van Alphen\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\boinctray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="boinctray" "hkey"="HKLM" "command"="\"C:\\Program Files\\BOINC\\boinctray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonMyPrinter" "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonQuickMenu" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GUDelayStartup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GUDelayStartup" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Glary Utilities 5\\StartupManager.exe\" -delayrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GwxControlPanelMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GwxControlPanelMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\UltimateOutsider\\GWX Control Panel\\GWX_control_panel.exe\" /traymode" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MultiScreen] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MultiScreen" "hkey"="HKCU" "command"="C:\\Program Files\\MultiScreen\\MultiScreen.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Windows\\SysWOW64\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SystemExplorerAutoStart] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SystemExplorerAutoStart" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\System Explorer\\SystemExplorer.exe\" /TRAY" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.exe.lnk] "item"="GammaTray.exe" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GammaTray.exe.lnk" "backup"="C:\\Windows\\pss\\GammaTray.exe.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\MAGICT~1\\GAMMAT~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk] "item"="GammaTray" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GammaTray.lnk" "backup"="C:\\Windows\\pss\\GammaTray.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\MAGICT~1\\GAMMAT~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Clone EX.LNK] "item"="PC Clone EX" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\PC Clone EX.LNK" "backup"="C:\\Windows\\pss\\PC Clone EX.LNK.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\PCCLON~1\\PCCLON~1.EXE" ==== Startup Folders ====================== 2016-04-29 12:20:21 1937 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk 2016-04-29 12:20:22 2207 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update-melder.lnk 2016-04-29 12:20:21 1928 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-07-2015 14:20] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 18:54] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 18:54] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GlaryInitialize 5" [C:\Program Files (x86)\Glary Utilities 5\Initialize.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GU5SkipUAC" [C:\Program Files (x86)\Glary Utilities 5\Integrator.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\Win Update" [C:\Users\Van Alphen\AppData\Local\Updater\winupd.exe] "C:\Windows\SysNative\tasks\{10D79905-E515-4705-B9B7-25EB7CEBC387}" [C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE] "C:\Windows\SysNative\tasks\{11159865-2790-4F9E-BA75-0004B5686BDC}" [C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE] "C:\Windows\SysNative\tasks\{21EFDC14-BD01-4934-8BC1-A0C5EE6FFE9E}" [C:\Program Files (x86)\iWisoft Free Video Converter\VideoConverter.exe] "C:\Windows\SysNative\tasks\{32217736-5AF4-46B5-9377-242FE2491D80}" [C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE] "C:\Windows\SysNative\tasks\{3CF69292-2B83-4C80-A628-C79C6D8E5053}" [C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE] "C:\Windows\SysNative\tasks\{50193277-E5EF-49E1-BEE8-5FAFB7747112}" [C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE] "C:\Windows\SysNative\tasks\{AE767F5B-7FEB-444F-8828-FE31525443BC}" [C:\Program Files (x86)\Shareaza\Shareaza.exe] "C:\Windows\SysNative\tasks\{AF45C991-5474-4F56-8889-2479F7F54654}" [C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE] "C:\Windows\SysNative\tasks\{BCD43002-0596-411C-98AE-A7364AA61E2B}" [C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE] "C:\Windows\SysNative\tasks\{E78686D1-A1FF-4DCC-9B93-465D7571DAC2}" [C:\Program Files (x86)\Shareaza\Shareaza.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\NCH Software\PrismSevenDays" [C:\Program Files (x86)\NCH Software\Prism\Prism.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\VANALP~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "WSVCU@Wondershare.com"="C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com" [10-02-2016 21:30] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] Google Slides - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Rapport - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof YouTube - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Sheets - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Wondershare Video Converter Ultimate 7.1.0 - {451C804F-C205-4F03-B48E-537EC94937BF} - C:\PROGRA~3\WONDER~1\VIDEOC~1\WSBROW~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [boincmgr] "C:\Program Files\BOINC\boincmgr.exe" /a /s O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Van Alphen\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe O4 - Global Startup: Update-melder.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Amazon 1Button App Service - Amazon Inc. - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Van Alphen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Van Alphen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Van Alphen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2110 folders=222 397107139 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Van Alphen\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\VANALP~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 04-05-2016 at 13:42:06,83 ======================