Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Koen on do 21-07-2016 at 15:31:39,72. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Koen\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-07-21-130941.log 23219 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Quick Stream AMD Steady Video Plug-In AMD Wireless Display v3.0 Asmedia ASM104x USB 3.0 Host Controller Driver Atheros Client Installation Program AVG AVG 2015 AVG 2016 AVG Protection AVG Zen Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Definition Update for Microsoft Office 2013 (KB3114830) 32-Bit Edition DVD Profiler Version 3.9.1 Fitbit Connect FMW 1 Fotogoed Designer 3.8.8 Free YouTube to MP3 Converter version 3.10.11.923 Game Collector Google Chrome Google Earth Google Update Helper Hotkey Service Microsoft .NET Framework 4.6.1 Microsoft Access MUI (English) 2013 Microsoft Access Setup Metadata MUI (English) 2013 Microsoft DCF MUI (English) 2013 Microsoft Excel MUI (English) 2013 Microsoft Groove MUI (English) 2013 Microsoft InfoPath MUI (English) 2013 Microsoft Lync MUI (English) 2013 Microsoft Office OSM MUI (English) 2013 Microsoft Office OSM UX MUI (English) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (English) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Espa¤ol Microsoft Office Shared MUI (English) 2013 Microsoft Office Shared Setup Metadata MUI (English) 2013 Microsoft OneNote MUI (English) 2013 Microsoft Outlook MUI (English) 2013 Microsoft PowerPoint MUI (English) 2013 Microsoft Publisher MUI (English) 2013 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Microsoft Word MUI (English) 2013 Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais Ralink RT2860 Wireless LAN Card Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2) Security Update for Microsoft InfoPath 2013 (KB3114833) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3039734) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3039746) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3039794) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3039798) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3054816) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3085572) 32-Bit Edition Security Update for Microsoft Outlook 2013 (KB3114829) 32-Bit Edition Security Update for Microsoft Publisher 2013 (KB3085561) 32-Bit Edition Security Update for Microsoft Word 2013 (KB3114824) 32-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD Update for Microsoft Access 2013 (KB3114735) 32-Bit Edition Update for Microsoft Excel 2013 (KB3114834) 32-Bit Edition Update for Microsoft InfoPath 2013 (KB3039714) 32-Bit Edition Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition Update for Microsoft Office 2013 (KB2880487) 32-Bit Edition Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition Update for Microsoft Office 2013 (KB2889863) 32-Bit Edition Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition Update for Microsoft Office 2013 (KB2975869) 32-Bit Edition Update for Microsoft Office 2013 (KB3023052) 32-Bit Edition Update for Microsoft Office 2013 (KB3023068) 32-Bit Edition Update for Microsoft Office 2013 (KB3039701) 32-Bit Edition Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition Update for Microsoft Office 2013 (KB3039766) 32-Bit Edition Update for Microsoft Office 2013 (KB3039778) 32-Bit Edition Update for Microsoft Office 2013 (KB3039800) 32-Bit Edition Update for Microsoft Office 2013 (KB3054783) 32-Bit Edition Update for Microsoft Office 2013 (KB3054785) 32-Bit Edition Update for Microsoft Office 2013 (KB3054805) 32-Bit Edition Update for Microsoft Office 2013 (KB3054819) 32-Bit Edition Update for Microsoft Office 2013 (KB3054856) 32-Bit Edition Update for Microsoft Office 2013 (KB3054941) 32-Bit Edition Update for Microsoft Office 2013 (KB3055006) 32-Bit Edition Update for Microsoft Office 2013 (KB3055007) 32-Bit Edition Update for Microsoft Office 2013 (KB3055011) 32-Bit Edition Update for Microsoft Office 2013 (KB3085479) 32-Bit Edition Update for Microsoft Office 2013 (KB3085506) 32-Bit Edition Update for Microsoft Office 2013 (KB3085570) 32-Bit Edition Update for Microsoft Office 2013 (KB3101487) 32-Bit Edition Update for Microsoft Office 2013 (KB3114488) 32-Bit Edition Update for Microsoft Office 2013 (KB3114499) 32-Bit Edition Update for Microsoft Office 2013 (KB3114715) 32-Bit Edition Update for Microsoft Office 2013 (KB3114816) 32-Bit Edition Update for Microsoft Office 2013 (KB3114828) 32-Bit Edition Update for Microsoft Office 2013 (KB3114835) 32-Bit Edition Update for Microsoft OneDrive for Business (KB3114841) 32-Bit Edition Update for Microsoft OneNote 2013 (KB3114344) 32-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB3054854) 32-Bit Edition Update for Microsoft PowerPoint 2013 (KB3114716) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition Update for Skype for Business 2015 (KB3039776) 32-Bit Edition Update for Skype for Business 2015 (KB3114831) 32-Bit Edition Visual Studio 2012 x86 Redistributables VLC media player Vuze ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\AsusService.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\Framework\Common\avgsvcx.exe C:\Program Files\AVG\Av\avgwdsvcx.exe C:\Program Files\Fitbit Connect\FitbitConnectService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe C:\Program Files\AVG\Framework\Common\avguix.exe C:\Program Files\AVG\Av\avgui.exe C:\Program Files\AMD Quick Stream\AMDQuickStream.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\system32\GWX\GWX.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\ctfmon.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\Users\Koen\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\DelFix.txt" not found ==== System Specs ====================== Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601) Memory (RAM): 2685 MB CPU Info: AMD E-450 APU with Radeon(tm) HD Graphics CPU Speed: 1692,8 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: AMD Radeon HD 6320 Graphics | AMD Radeon HD 6320 Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 802.11n-netwerkadapter | Atheros AR8152/8158 PCI-E Fast Ethernet Controller CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 241,0GB | D: 224,7GB Hard Disks - Free: C: 135,7GB | D: 223,5GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 06/17/11 | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. 1215B Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} Default Browser: Google Chrome 51.0.2704.106 Internet Explorer Version: 11.0.9600.18230 Google Chrome version: 51.0.2704.106 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Koen\AppData\Local\Temp ==== 2016-07-12 17:05:41 DE395ADB369470A953A11B8C300697E2 35680 ----a-w- C:\Users\Koen\AppData\Local\Temp\i4jdel0.exe 2016-07-12 17:00:00 A77A326C44EDA8E2DD2E54EB1BE6942B 12903088 ----a-w- C:\Users\Koen\AppData\Local\Temp\VuzeInstall\VuzeInstaller.exe 2016-07-08 15:03:09 AC6EA49EB2478AF4B5B82BF653E515E4 176125000 ----a-w- C:\Users\Koen\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win7-32bit.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2016-07-19 18:25:58 8640A1C4E8D776D515038D98B80D9720 187072 ----a-w- C:\Windows\System32\drivers\appexDrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-07-20 15:02:35 -------- d-----w- C:\Program Files\trend micro 2016-07-19 18:25:58 -------- d-----w- C:\Program Files\AMD Quick Stream 2016-07-19 18:21:32 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2016-07-19 18:20:20 -------- d-----w- C:\Program Files\AMD 2016-07-08 16:00:36 -------- d-----w- C:\Program Files\Common Files\AV 2016-07-06 19:09:22 -------- d-----w- C:\Program Files\Raptr Inc ======= C: ===== ====== C:\Users\Koen\AppData\Roaming ====== 2016-07-12 17:03:03 -------- d-----w- C:\Users\Koen\AppData\Roaming\Azureus 2016-07-08 15:56:02 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\AvgSetupLog 2016-07-08 15:54:55 -------- d-----w- C:\Users\Koen\AppData\Local\AvgSetupLog 2016-07-08 15:18:06 -------- d-----w- C:\Users\Koen\AppData\Local\AppEx Networks 2016-07-08 14:40:52 -------- d-----w- C:\Users\Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vuze Leap 2016-07-06 19:48:47 -------- d-----w- C:\Users\Koen\AppData\Roaming\Raptr 2016-07-06 19:09:35 -------- d-----w- C:\Users\Koen\AppData\Roaming\library_dir ====== C:\Users\Koen ====== 2016-07-20 15:01:55 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Koen\Downloads\RSIT.exe 2016-07-19 18:29:20 -------- d-----w- C:\ProgramData\ATI 2016-07-19 18:26:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream 2016-07-19 18:24:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2016-07-19 18:12:43 756A4FC93EE186D9D24FBDB68185350F 4952336 ----a-w- C:\Users\Koen\Downloads\autodetectutility (1).exe 2016-07-12 17:00:33 -------- d-----w- C:\Users\Koen\.oracle_jre_usage 2016-07-12 16:59:52 037D91C5C06601B3D6EAB400EF72157E 91808 ----a-w- C:\Users\Koen\Downloads\VuzeBittorrentClientInstaller.exe 2016-07-08 15:56:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2016-07-08 15:02:50 756A4FC93EE186D9D24FBDB68185350F 4952336 ----a-w- C:\Users\Koen\Downloads\autodetectutility.exe 2016-07-08 14:38:38 EB401501EAA05DF4AF73D7B08CACDD08 1378976 ----a-w- C:\Users\Koen\Downloads\VuzeLeapInstaller.exe 2016-07-08 14:20:24 1A0FB82F86A428E59A7439FC7F6D109D 328369528 ----a-w- C:\Users\Koen\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27.exe 2016-07-08 13:55:15 F2D733F1ED1F06AD282189D7B6855C5D 300814328 ----a-w- C:\Users\Koen\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit (1).exe 2016-07-08 13:46:26 F2D733F1ED1F06AD282189D7B6855C5D 300814328 ----a-w- C:\Users\Koen\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe 2016-07-08 13:34:23 F2D733F1ED1F06AD282189D7B6855C5D 300814328 ----a-w- C:\Users\Koen\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit (2).exe 2016-06-27 17:54:01 -------- d-----w- C:\Users\Koen\SkyDrive ====== C: exe-files == 2016-07-20 15:02:36 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Koen.exe 2016-07-20 15:01:55 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Koen\Downloads\RSIT.exe 2016-07-19 18:25:59 8CB907D104F7B4A9E2F11E9F43DC137E 10240 ----a-w- C:\Program Files\AMD Quick Stream\snetcfg.exe 2016-07-19 18:25:58 B858F029124BEBA523D51648A45E37E4 374464 ----a-w- C:\Program Files\AMD Quick Stream\AMDQuickStream.exe 2016-07-19 18:25:58 1B07C9475DC178D8EA814949F2536F49 723475 ----a-w- C:\Program Files\AMD Quick Stream\unins000.exe 2016-07-19 18:25:48 6E42CF0D47AF25DEA4CECDBE093D521C 10134 ----a-r- C:\Users\Koen\AppData\Roaming\Microsoft\Installer\{1B887E9E-9A72-42EE-91FB-ACCA1BF6FC35}\ARPPRODUCTICON.exe 2016-07-19 18:12:43 756A4FC93EE186D9D24FBDB68185350F 4952336 ----a-w- C:\Users\Koen\Downloads\autodetectutility (1).exe === C: other files == 2016-07-19 18:25:58 DDB24A59CC00F0E53EC95544E4A59241 68 ----a-w- C:\Program Files\AMD Quick Stream\Uninstalloem.bat 2016-07-19 18:25:58 8640A1C4E8D776D515038D98B80D9720 187072 ----a-w- C:\Windows\System32\DriverStore\FileRepository\appexmp.inf_x86_neutral_a3d39b993cd106f5\appexDrv.sys 2016-07-19 18:25:58 8640A1C4E8D776D515038D98B80D9720 187072 ----a-w- C:\Windows\System32\drivers\appexDrv.sys 2016-07-19 18:25:58 8640A1C4E8D776D515038D98B80D9720 187072 ----a-w- C:\Program Files\AMD Quick Stream\appexDrv.sys 2016-07-19 18:25:58 801ECAAE33D1207A3ABE405A00AE9893 26319 ----a-w- C:\Program Files\AMD Quick Stream\GroupPolicy.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2280848091-241635482-3604494453-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HotkeyMon"="AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe" "HotkeyService"="AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe" "AvgUi"="C:\Program Files\AVG\Framework\Common\avguirnx.exe /lps=fmw" "AVG_UI"="C:\Program Files\AVG\Av\avuirunnerx.exe C:\Program Files\AVG\Av\avgui.exe" "StartCCC"="C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SynAsusAcpi"="%ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Fitbit Connect] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Fitbit Connect" "hkey"="HKLM" "command"="\"C:\\Program Files\\Fitbit Connect\\Fitbit Connect.exe\" /autorun" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11-09-2015 20:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11-09-2015 20:18] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== Google Slides - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Pixlr-o-matic - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj Google Sheets - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Whitelisted domains - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom CircuitLab - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\haghanbgfkfpmepoohpigmglbfejljoj Custom Googleā„¢ Background - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg Webcam Toy - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade Google Maps - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Chrome Web Store Payments - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Web Store Payments - Koen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Koen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Koen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\system32\AsusService.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - C:\Program Files\Fitbit Connect\FitbitConnectService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8 folders=9 6713027 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Koen\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Koen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 21-07-2016 at 16:07:53,07 ======================