Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Coban on za 07-05-2016 at 10:17:06,02. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Coban\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 7-5-2016 10:17:58 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\PCSettings deleted successfully C:\Users\Coban\AppData\Roaming\MPC-HC deleted successfully C:\Users\Coban\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Coban\AppData\Local\Skype deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent ABBYY FineReader 9.0 Sprint Adobe Acrobat Reader DC - Nederlands Adobe Acrobat XI Pro Adobe AIR Adobe Download Assistant Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Refresh Manager Adobe Shockwave Player 12.1 Agatha Christie - Peril at End House AllShare Framework DMS Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update ATI Catalyst Install Manager AuthenTec TrueAPI AviSynth 2.5 Basishandleiding EPSON SX440 Series Bejeweled 2 Deluxe Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Bonjour Bounce Symphony Broadcom 802.11 Wireless LAN Adapter Build-a-lot 2 Cake Mania Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chuzzle Deluxe CyberLink YouCam D3DX10 DAEMON Tools Lite Diner Dash 2 Restaurant Rescue DivX Setup Dora's World Adventure Download Navigator Energy Star Digital Logo Epson Connect Printer Setup Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON Scan EPSON SX440 Series Printer Uninstall EpsonNet Print ESU for Microsoft Windows 7 Evernote v. 4.2.2 Farm Frenzy FATE - The Traitor Soul Final Drive Nitro Football Manager 2012 Free YouTube To MP3 Converter Gebruikershandleiding EPSON SX440 Series Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HandBrake 0.10.1 HD Tune 2.55 Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Auto HP Client Services HP Connection Manager HP Customer Experience Enhancements HP Documentation HP DVB-T TV Tuner 8.0.64.43 HP Games HP On Screen Display HP Power Manager HP Quick Launch HP Setup HP Setup Manager HP SimplePass 2011 HP Software Framework HP Support Assistant HP Support Solutions Framework iCloud IDT Audio Intel(R) Control Center Intel(R) Display Audio Driver Intel(R) Management Engine Components Intel(R) Rapid Storage Technology iTunes Java 8 Update 91 Java Auto Updater JDownloader 2 Junk Mail filter update Kodi KPN Installatie Assistent LockHunter 2.0 beta 2, 32 bit Magic Desktop Mah Jong Medley Mesh Runtime Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.1 (Nederlands) Microsoft .NET Framework 4.6.1 (NLD) Microsoft Application Error Reporting Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server Compact 3.5 SP1 x64 English Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD More Games from HP Games Mozilla Firefox 43.0.1 (x86 nl) Mozilla Maintenance Service MPC-HC 1.7.8 (64-bit) MSVCRT MSVCRT_amd64 MusicStation Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Netwerkhandleiding EPSON SX440 Series Norton Bootable Recovery Tool Wizard Norton Security Penguins Plants vs. Zombies - Game of the Year PM Stitch Creator 3 Trial Poker Superstars III Polar Bowler Polar Golfer Polaris Office Sync PX Profile Update Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recovery Manager Renesas Electronics USB 3.0 Host Controller Driver Samsung Link 2.0.0.1503181422 Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3143693) Servicetool Skype Click to Call Skypet 7.21 Slingo Supreme Speccy SubSync Subtitle Edit 3.4.12 swMSM Synaptics TouchPad Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Torque Tunatic Update Installer for WildTangent Games App Validity WBF DDK VC80CRTRedist - 8.0.50727.6195 Veetle TV Virtual Villagers 4 - The Tree of Life VLC media player VobSub v2.23 (Remove Only) WIDCOMM Bluetooth Software WildTangent Games App for HP Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.00 (64-bit) Xvid Video Codec Zuma Deluxe ==== Running Processes ====================== C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Users\Coban\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted C:\PROGRA~3\{6511AE77-911F-4CA2-A15A-510F904C6E3E} deleted C:\PROGRA~3\{9AFAA151-B99A-445C-9941-187A5C7E83E3} deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8140 MB CPU Info: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz CPU Speed: 2246,4 MHz Sound Card: Luidsprekers en hoofdtelefoons | Communicatie-hoofdtelefoons (ID | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi-adapter | Realtek PCIe GBE Family Controller | Bluetooth-apparaat (Personal Area Network) CD / DVD Drives: 2x (E: | G: | ) E: hp DVDRAM GT31N | G: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 578,3GB | D: 17,5GB | F: 99,3MB Hard Disks - Free: C: 74,7GB | D: 1,9GB | F: 79,4MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 01/23/13 | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 17FA Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: Norton Security *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Security *Disabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0} Default Browser: Google Chrome 50.0.2661.94 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 43.0.1 (x86 nl) Google Chrome version: 50.0.2661.94 Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) Flash Player version: 21.0.0.213 Shockwave Player version: 12.1.1r151 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-05-04 09:54:25 8DB16D88B6A8D356F7CDA655AE2DCDCC 825541767 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Coban\AppData\Local\Temp ==== 2016-05-04 09:03:53 EA54955003DA5A577BA2232582F8B4E5 933768 ----a-w- C:\Users\Coban\AppData\Local\Temp\DivXSetup.exe 2016-05-03 11:47:33 DE4D789B6124AD62DC057785D0A96249 43556480 ----a-w- C:\Users\Coban\AppData\Local\Temp\SkypeSetup.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-05-03 12:27:20 9069FD5257A6A4F3AF8A88B5C07359AB 2364928 ----a-w- C:\Windows\SysWOW64\msi.dll 2016-05-03 12:27:20 66A8DBDC308EC11D654A3553A5131E16 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll 2016-05-03 12:27:20 61DE3EA1791D7CDCB3904AF5A0788BFA 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll 2016-05-03 12:27:20 2C55FD34A7F54C79EC8682A1125A0E97 25088 ----a-w- C:\Windows\SysWOW64\msimsg.dll 2016-05-03 12:27:00 B51A17A1820E8940C0F99D5CCE6CD97E 6656 ----a-w- C:\Windows\SysWOW64\KBDAZEL.DLL 2016-05-03 12:27:00 A326E8C5F54D675AC83639FC9ADA8CDA 69120 ----a-w- C:\Windows\SysWOW64\nlsbres.dll 2016-05-03 12:27:00 4D1ED276529A0EA7177A6830BC842A92 6656 ----a-w- C:\Windows\SysWOW64\kbdgeoqw.dll 2016-05-03 12:27:00 4768E74F674F6DF9AEF172F738A1342B 7168 ----a-w- C:\Windows\SysWOW64\KBDAZE.DLL 2016-05-03 12:22:20 CB52DEF1B1E1B9950F29548F2F19115A 316416 ----a-w- C:\Windows\SysWOW64\webio.dll 2016-05-03 12:22:20 9AEA39620AAC682DA4A57BC415B827DA 351744 ----a-w- C:\Windows\SysWOW64\winhttp.dll 2016-05-03 12:22:20 1F1D2BEAB6295511F5FF121ADDC1FF28 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-05-03 12:27:55 2CE2E6C71FD01B1DF8992EE5768A8CAD 22528 ----a-w- C:\Windows\Sysnative\icaapi.dll 2016-05-03 12:27:21 CB3F6D92BAA4726A6E2C2CA87659C0CB 1940992 ----a-w- C:\Windows\Sysnative\authui.dll 2016-05-03 12:27:21 A862873A7FF93D9C127F82BFC47C70FB 3243008 ----a-w- C:\Windows\Sysnative\msi.dll 2016-05-03 12:27:20 C60509E8FDD15B99BF09A5E1E3EF25E7 114624 ----a-w- C:\Windows\Sysnative\consent.exe 2016-05-03 12:27:20 2D0B5F22436DACC0115C39FCE41DD30F 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll 2016-05-03 12:27:20 0B49CA61DB9D8C21F309F794D74909A0 25088 ----a-w- C:\Windows\Sysnative\msimsg.dll 2016-05-03 12:27:20 046E837786271237A76C50F7CE1F5BC6 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll 2016-05-03 12:27:00 E77440D732DA943BA77C38BD9C8FF75D 7168 ----a-w- C:\Windows\Sysnative\kbdgeoqw.dll 2016-05-03 12:27:00 CD33834D9CADE5847806EF981888811C 69120 ----a-w- C:\Windows\Sysnative\nlsbres.dll 2016-05-03 12:27:00 8A4415ED740AA7303FDC98853F7DF6C2 7168 ----a-w- C:\Windows\Sysnative\KBDAZEL.DLL 2016-05-03 12:27:00 307C6A4E1A08B232E6E6A1A0839C5616 7168 ----a-w- C:\Windows\Sysnative\KBDAZE.DLL 2016-05-03 12:22:20 C9C06F8E9EB7939BCED9EB5674058D27 444416 ----a-w- C:\Windows\Sysnative\winhttp.dll 2016-05-03 12:22:20 3CDA7F5C412D07AA8BC04694AA21402D 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2016-05-03 12:22:20 1351A63BEC87BF81E540251966648C5D 396800 ----a-w- C:\Windows\Sysnative\webio.dll ====== C:\Windows\Sysnative\drivers ===== 2016-05-03 12:27:55 19BEDA57F3E0A06B8D5EB6D619BD5624 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2016-04-17 19:51:47 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-04-17 19:51:47 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-04-17 19:51:47 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-04-17 19:51:47 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-04-17 19:51:46 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-04-17 19:51:46 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-04-17 19:51:43 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\Sysnative\drivers\disk.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-04-22 10:18:33 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Coban\AppData\Roaming ====== 2016-05-06 16:39:52 -------- d-----w- C:\Users\Coban\AppData\Locallow\uTorrent 2016-05-04 09:45:54 -------- d-----w- C:\Users\Coban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps 2016-05-04 09:45:10 -------- d-----w- C:\Users\Coban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C:\Users\Coban ====== 2016-05-06 15:47:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Coban\Downloads\RSITx64.exe 2016-05-04 09:23:19 A278A6848D6F70A5F5751AC9FB671F0F 987728 ----a-w- C:\Users\Coban\Downloads\ChromeSetup.exe ====== C: exe-files == 2016-05-06 15:47:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Coban\Downloads\RSITx64.exe 2016-05-05 20:45:40 0DB3F3A518C764250C7878C34B8D1FE3 1581048 ----a-w- C:\Users\Coban\AppData\Local\Google\Chrome\User Data\SwReporter\6.48.6\software_reporter_tool.exe 2016-05-04 09:26:39 CAB1197941ABB82BDC63E4DC0376E0FB 51967392 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\50.0.2661.94\50.0.2661.94_chrome_installer_win64.exe 2016-05-04 09:24:18 B966A8C2BEF3504978FD5F3A0F016607 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1327584340-4008737961-4063509114-1001\$IF5L858.exe 2016-05-04 09:23:19 A278A6848D6F70A5F5751AC9FB671F0F 987728 ----a-w- C:\Users\Coban\Downloads\ChromeSetup.exe 2016-05-04 09:03:53 EA54955003DA5A577BA2232582F8B4E5 933768 ----a-w- C:\Users\Coban\AppData\Local\Temp\DivXSetup.exe 2016-05-03 12:27:20 C60509E8FDD15B99BF09A5E1E3EF25E7 114624 ----a-w- C:\Windows\System32\consent.exe 2016-05-03 12:26:58 11DB1879DE4EB5DEDCCAE5399E349C4A 59087056 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1327584340-4008737961-4063509114-1001\$RF5L858.exe 2016-05-03 11:47:33 DE4D789B6124AD62DC057785D0A96249 43556480 ----a-w- C:\Users\Coban\AppData\Local\Temp\SkypeSetup.exe 2016-05-02 20:21:13 0561FDEF6367121744D8FF7516BD3EE4 8521304 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.94\50.0.2661.94_49.0.2623.112_chrome_updater.exe 2016-05-01 10:32:04 8FC5DFCFB4612FF94B79651E314ED18D 39304 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\Detect_EOSStatus_AU.exe 2016-04-30 10:13:23 448DFA3A9ADCDACCBAF4108CDA08E37F 399472 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_BE5D89D8B9F08786.exe 2016-04-30 10:13:19 10C7582276BA5614D81DF46A9E16DC24 308336 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_13D64232A255CA16.exe 2016-04-30 10:13:16 F8C875A26AF343D9EF8020583E98A241 1104496 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F3B2E431EE169D71.exe 2016-04-30 10:12:08 467237FB6807FAD8D7B0368C7830FB01 530032 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.7619.1252\GoogleToolbarInstaller_updater_signed.exe === C: other files == 2016-05-06 17:44:21 315FE8A00631445F619EF8F6F00F54AB 757008 ----a-w- C:\Users\Coban\AppData\Roaming\Kodi\addons\packages\script.module.liveresolver-0.1.33.zip 2016-05-06 17:44:12 8A6E6EBCEDC4772BDB93B52639038B8B 202652 ----a-w- C:\Users\Coban\AppData\Roaming\Kodi\addons\packages\plugin.video.prosport-0.48.zip 2016-05-06 17:44:07 32E279B59BFCF126EC6CEA2AF105EC23 2491545 ----a-w- C:\Users\Coban\AppData\Roaming\Kodi\addons\packages\plugin.video.cloudtv-4.5.6.zip 2016-05-06 16:41:38 87B54E3D28B31F245BBB8507C8BBB276 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1327584340-4008737961-4063509114-1001\$IJ8WM3B.zip 2016-05-06 16:41:08 3B46FE92687A500B4528AD81553F26F2 26584 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1327584340-4008737961-4063509114-1001\$RJ8WM3B.zip 2016-05-03 12:27:55 19BEDA57F3E0A06B8D5EB6D619BD5624 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2016-05-02 20:22:44 1FF6964587AC9795D45D0B4E2A0133E0 229700 ----a-w- C:\Users\Coban\AppData\Roaming\Kodi\addons\packages\plugin.video.movie4k-1.4.5.zip 2016-05-01 19:19:58 D9D10522C5A5EEBE56923B1D3B552297 2491345 ----a-w- C:\Users\Coban\AppData\Roaming\Kodi\addons\packages\plugin.video.cloudtv-4.5.5.zip 2016-05-01 10:30:15 2E8BF2FBABC1ADE74801A54CBE82BECC 2762150 ----a-w- C:\Users\Coban\AppData\Roaming\Kodi\addons\packages\plugin.video.SportsDevil-201620162016.04.19.2NL.zip ==== Orphaned Tasks deleted from Registry ====================== HPCeeScheduleForCOBAN-HP$ deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Norton Download Manager{NS2250424-SHPD-FSD51083}"="C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\NIS.exe /m" [HKEY_USERS\S-1-5-21-1327584340-4008737961-4063509114-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Norton Download Manager{NS2250424-SHPD-FSD51083}"="C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\NIS.exe /m" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\730EC8BC70AF1CF4762F584DB61104CA38861B1D._service_run] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="730EC8BC70AF1CF4762F584DB61104CA38861B1D._service_run" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 11.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07-04-2016 20:44] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 19:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 19:33] C:\Windows\tasks\HPCeeScheduleForCoban.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForCoban" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\WSCStub.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{4D9CA7BB-4295-445D-BDC3-4F47CF3FC0CB}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{068B1322-EBFB-4EC3-855A-99619D2BF49E}" [C:\Program Files (x86)\Seagate\Seagate_Media\ManagerApp\stxmediamanager.exe] "C:\Windows\SysNative\tasks\{38945818-3F24-437F-BBD1-E706FFE46DD3}" [C:\Program Files (x86)\Seagate\Seagate_Media\ManagerApp\stxmediamanager.exe] "C:\Windows\SysNative\tasks\{BE65A1D9-4520-4C57-92BF-8E12A53F0871}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.1.0.104.161/nl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled] "C:\Windows\SysNative\tasks\{EFD553F2-D2E4-4111-BF60-DEB20F67FE5B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Norton Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Security\Norton Error Processor" [C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon" [06-03-2016 14:55] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon" [06-03-2016 14:55] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Coban\AppData\Roaming\Mozilla\Firefox\Profiles\xvhnoopi.default - KPN Servicetool - %ProfilePath%\extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} AppDir: C:\Program Files (x86)\Mozilla Firefox - TrueSuite Website Logon - %AppDir%\extensions\websitelogon@truesuite.com - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Coban\AppData\Roaming\Mozilla\Firefox\Profiles\xvhnoopi.default E37EAD09D28AE19D8A39B6A95F47513A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll - Shockwave for Director / Shockwave for Director 57C7E359ED8D049132EED23EFA444C63 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\Exts\Chrome.crx[21-02-2016 08:41] dfaldikcoaplhepekpbngkepfcoiihef - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[22-08-2011 05:50] efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[18-12-2015 00:27] hkhkiakolggnnicallabhkobalpeplpi - No path found[] iikflkcanblccfahdhdonehdalibjnif - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08-01-2016 11:47] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 15:13] Google Slides - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Cast - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Norton Security Toolbar - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Videostream for Google Chromecastâ„¢ - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl Website Logon - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef Google Sheets - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Norton Identity Safe - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Chrome Web Store Payments - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Coban\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=nis&pvid=21.6.0.32" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=nis&pvid=21.6.0.32" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{C7520077-EF9A-4B72-AA51-A2C62C8016BE} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGHP_nlNL457 HKCU\SearchScopes\{C7520077-EF9A-4B72-AA51-A2C62C8016BE} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_nlNL457 HKCU\Wow6432Node\SearchScopes "DefaultScope"="" HKCU\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==== HijackThis Entries ====================== O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-18\..\Run: [Norton Download Manager{NS2250424-SHPD-FSD51083}] C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\NIS.exe /m (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Norton Download Manager{NS2250424-SHPD-FSD51083}] C:\Program Files (x86)\Norton Internet Security\Engine\22.5.5.15\NIS.exe /m (User 'Default user') O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Security (NS) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Coban\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Coban\AppData\Local\Mozilla\Firefox\Profiles\xvhnoopi.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Coban\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=88 folders=35 170573900 bytes) ==== Empty Temp Folders ====================== C:\Users\Coban\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Coban\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Coban\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on za 07-05-2016 at 10:45:20,24 ======================