Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Gebruiker on ma 13/02/2017 at 16:39:38,95. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13/02/2017 16:45:51 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Elex-tech deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\log deleted successfully C:\Program Files\Opera x64 deleted successfully C:\PROGRA~3\APN deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Gebruiker\AppData\Local\ActiveSync deleted successfully C:\Users\Gebruiker\AppData\Local\cache deleted successfully C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieSiteList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieUserList deleted successfully C:\Users\Gebruiker\AppData\Local\FSDART deleted successfully C:\Users\Gebruiker\AppData\Local\NetworkTiles deleted successfully C:\Users\Gebruiker\AppData\Local\Opera deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\cow.default user.js not found ---- Lines enabledAddons" modified from prefs.js ---- user_pref("extensions.enabledAddons", "quick_searchff%40gmail.com:5.4.11,default_newtabff%40gmail.com:5.4.21,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7 ---- Lines quick_start removed from prefs.js ---- user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- FireFox user.js and prefs.js backups ---- prefs_20171302_1718_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b67b3dbb-c1c9-49d2-b016-2748b0b5017e}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "mobilegeni daemon"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Elex-tech not found C:\Program Files (x86)\MiuiTab not found C:\Program Files (x86)\BatBrowse not found C:\Program Files (x86)\Mobogenie not found C:\ProgramData\desktopfind not found C:\Program Files (x86)\Elex-tech not found "C:\WINDOWS\tasks\UpdaterEX.job" not found C:\PROGRA~2\VstPlugins deleted C:\Users\Gebruiker\AppData\Roaming\TSv deleted C:\Users\Gebruiker\daemonprocess.txt deleted C:\Users\Gebruiker\.android deleted C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverFinder deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Gebruiker\Documents\Mobogenie deleted "C:\windows\Installer\17de2.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2017-02-13 15:34:16 1738AF59D7E2D56078A35CD2D2E1D5F4 111016 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2017-02-12 17:02:56 0E4AD4D8C0A8048C00CAD9CFA082A26E 176584 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMChameleon.sys 2017-02-12 17:02:33 E8922903632E78D9E60375E117089088 110536 ----a-w- C:\WINDOWS\Sysnative\drivers\farflt.sys 2017-02-12 17:02:32 D6067E2128F6AE309F9F39EE69DE85A0 91584 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2017-02-12 17:02:26 88BD122C3A35DE63D75D382DF75554CE 43968 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2017-02-12 17:02:19 BDE2FC7213C0897524C1357BAAE30239 251848 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2017-02-12 17:02:05 BE8117569CAA36E03683CC1BACEA1347 77416 ----a-w- C:\WINDOWS\Sysnative\drivers\mbae64.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2017-02-12 17:45:06 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2017-02-13 15:34:35 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2314-11-12 11:16:40 -------- d-----w- C:\Users\Gebruiker\AppData\Local\CrashDumps ====== C:\Users\Gebruiker ====== 2017-02-13 15:32:45 43B07D33AFD75E736069F4C17E7F80B6 739392 ----a-w- C:\Users\Gebruiker\Downloads\JavaSetup8u121.exe 2017-02-12 21:36:30 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2017-02-12 17:43:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2017-02-12 17:00:51 5B23FA755B8281CDD346DD31A09F1238 55566792 ----a-w- C:\Users\Gebruiker\Downloads\mb3-setup-consumer-3.0.6.1469.exe ====== C: exe-files == 2017-02-13 15:35:34 9F8C5EAF561629D9323720ED6A80E9F8 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2017-02-13 15:35:34 068F32452896883AC346F82C0F3C4652 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2017-02-13 15:35:34 03FBBFC587F2D6D06B6F085F2E745EC8 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2017-02-13 15:33:57 C985AF01EA996411BC9D7A13137EE457 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\rmiregistry.exe 2017-02-13 15:33:57 AB263A4210AE7104C31E0179AAF09721 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\servertool.exe 2017-02-13 15:33:57 A07322088F339B3CD49230B4BB99618C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\rmid.exe 2017-02-13 15:33:57 62128FBE88671C6CBAC00B82E16F0071 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\unpack200.exe 2017-02-13 15:33:57 5D883A670304684DAC4CE788DC866DC2 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\tnameserv.exe 2017-02-13 15:33:57 1C3EF5399F815FDC3C47D41CC529BCE8 52800 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssvagent.exe 2017-02-13 15:33:56 E9383995672CF0B911AD652A2D5469CF 70208 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe 2017-02-13 15:33:56 D644B1241088C3A6DFB233EDB3E8B4F9 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jjs.exe 2017-02-13 15:33:56 BF6BCC0BC35AE1E1CC220DD13D0C14DB 83008 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2launcher.exe 2017-02-13 15:33:56 9F8C5EAF561629D9323720ED6A80E9F8 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javaw.exe 2017-02-13 15:33:56 9F5FA433B4892218EEAE24C79126EEB3 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\java-rmi.exe 2017-02-13 15:33:56 8D07726A3CC4AE3835FFC6DBE9584468 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\kinit.exe 2017-02-13 15:33:56 6EDF068A2741192CB8C297FC4004AA6B 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\orbd.exe 2017-02-13 15:33:56 68417B588D482A945EA48C9F90AF26C2 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jabswitch.exe 2017-02-13 15:33:56 6791321A5CFEB19A85CC4265D368A0A0 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\policytool.exe 2017-02-13 15:33:56 5CF6A00237CF6318819FE63644210693 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\klist.exe 2017-02-13 15:33:56 5CE9A44FAAEC31DECA6CE7A368F6BE7F 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\keytool.exe 2017-02-13 15:33:56 347EF202FD465A219020FC2BFB1DEFAA 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\ktab.exe 2017-02-13 15:33:56 28048A3ED6A2E3DE080FAAD19A432356 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\pack200.exe 2017-02-13 15:33:56 068F32452896883AC346F82C0F3C4652 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\java.exe 2017-02-13 15:33:56 03FBBFC587F2D6D06B6F085F2E745EC8 268864 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javaws.exe 2017-02-13 15:32:45 43B07D33AFD75E736069F4C17E7F80B6 739392 ----a-w- C:\Users\Gebruiker\Downloads\JavaSetup8u121.exe 2017-02-13 15:25:40 F863934593E41C6957D9C02CEABFA20D 9604640 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\HVDOM3EE\TeamViewerQS_nl.exe 2017-02-13 14:28:20 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\714DCBA2-05B9-4B0F-91C6-EA7F5DFB78AC\DismHost.exe 2017-02-12 17:45:07 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2017-02-12 17:43:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2017-02-12 17:00:51 5B23FA755B8281CDD346DD31A09F1238 55566792 ----a-w- C:\Users\Gebruiker\Downloads\mb3-setup-consumer-3.0.6.1469.exe 2017-02-12 16:46:35 721158605BEC0ABE136238B0BAA809C5 48698472 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\56.0.2924.87\56.0.2924.87_chrome_installer.exe 2017-02-12 16:46:10 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdateCore.exe 2017-02-12 16:46:10 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleCrashHandler.exe 2017-02-12 16:46:10 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdateSetup.exe 2017-02-12 16:46:10 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdateComRegisterShell64.exe 2017-02-12 16:46:10 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleCrashHandler64.exe 2017-02-12 16:46:10 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdateOnDemand.exe 2017-02-12 16:46:10 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdateBroker.exe 2017-02-12 16:46:10 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdateWebPlugin.exe 2017-02-12 16:46:10 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{83484D26-FCB5-4957-BA17-3EB70B57475A}\GoogleUpdate.exe 2017-02-12 16:39:00 FC1EC1E1F5B894F21F994563EE0DEB5C 286960 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\tv_x64.exe 2017-02-12 16:39:00 B2E31ADD16C2E3E8408330443839C1FD 249584 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\tv_w32.exe 2017-02-12 16:39:00 6DD7BBF9FB00C2F9F51322F195548053 418272 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\uninstall.exe 2017-02-12 16:38:59 A3E61244246BBA5D12BD241AA44DD33B 8193264 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe 2017-02-12 16:38:57 6167289A8DE15CC4A0147A9B0985C7A6 192752 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\TeamViewer_Note.exe 2017-02-12 16:38:56 9448159D6DA7B048F75DA260CD92B46C 8920816 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe 2017-02-12 16:38:56 0845A0C0AD188ECE8D013174EA2E16D9 28041968 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TeamViewer\TeamViewer.exe 2017-02-12 16:38:35 F863934593E41C6957D9C02CEABFA20D 9604640 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\MT3WY1KH\TeamViewerQS_nl.exe 2017-02-09 17:24:22 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\5C5A9571-5DBD-46CE-A9C8-6D8B0B6507E8\DismHost.exe 2017-02-09 12:21:35 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\F85DC973-8974-4B12-9598-B237F1BAFE9A\DismHost.exe 2017-02-09 09:30:41 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\9B88DBFF-E0BD-4A8C-A20E-D8DCB5698D41\DismHost.exe 2017-02-09 08:39:23 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\642E7896-152F-4980-937E-EAA1CC9213D6\DismHost.exe 2017-02-07 11:01:29 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\6EAA121B-0B6F-4F95-B90F-39C3D7BCCD1E\DismHost.exe 2017-02-07 09:38:27 013237D28593A09BA95E94A23517F38B 12788328 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\56.0.2924.87\56.0.2924.87_55.0.2883.87_chrome_updater.exe === C: other files == 2017-02-13 15:33:57 821A76771E3F87FD065108A943FE9D70 14156 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\lib\deploy\ffjcext.zip 2017-02-12 21:49:52 7153523F793057773F2BDC6D54B3E07C 27689 ----atw- C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D02.tmp.zip 2017-02-12 17:02:56 0E4AD4D8C0A8048C00CAD9CFA082A26E 176584 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys 2017-02-12 17:02:33 E8922903632E78D9E60375E117089088 110536 ----a-w- C:\Windows\System32\drivers\farflt.sys 2017-02-12 17:02:32 D6067E2128F6AE309F9F39EE69DE85A0 91584 ----a-w- C:\Windows\System32\drivers\mwac.sys 2017-02-12 17:02:26 88BD122C3A35DE63D75D382DF75554CE 43968 ----a-w- C:\Windows\System32\drivers\mbam.sys 2017-02-12 17:02:19 BDE2FC7213C0897524C1357BAAE30239 251848 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2017-02-12 17:02:05 BE8117569CAA36E03683CC1BACEA1347 77416 ----a-w- C:\Windows\System32\drivers\mbae64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-508932142-994307121-1577570936-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Intel AppUp(R) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "TPUReg"="C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "SRS Premium Sound HD"="C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f=C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip /h" "Malwarebytes TrayApp"="C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" "TCrdMain"="%ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe " "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/01/2017 01:31] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [08/10/2015 18:34] C:\WINDOWS\tasks\WebReg HP Deskjet F4200 series.job --a-------- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe [29/04/2011 07:03] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0153B8FD-6548-4D9B-BA38-5BBC61766BCD}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\TOSHIBA\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe] "C:\WINDOWS\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\cow.default user_pref("browser.search.defaultenginename", "nice"); user_pref("browser.search.selectedEngine", "nice"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\cow.default - Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cow.default\extensions\quick_searchff@gmail.com - Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cow.default\extensions\default_newtabff@gmail.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cow.default 12B7772C549B1A9A7AC2C0062F1582FF - C:\windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Gebruiker\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Gebruiker\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - No path found[] Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Adobe Acrobat - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Google Docs Offline - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda MapsGalaxy - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcpehlgijbdajfafffojllcaecaecngb Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_myradioaccess.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_myradioaccess.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.nicesearches.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.nicesearches.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.easydialsearch.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_search.easydialsearch.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.piesearch.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.piesearch.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcpehlgijbdajfafffojllcaecaecngb deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pcpehlgijbdajfafffojllcaecaecngb_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pcpehlgijbdajfafffojllcaecaecngb_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://v9.com?type=hp&ts=1450258965&from=mych123&uid=toshibaxmq01abd050_33caspuzsxx33caspuzs&z=0434507c309b49529761c07gdzawdedo5w1betdqaw" "Default_Page_URL"="http://v9.com?type=hp&ts=1450258965&from=mych123&uid=toshibaxmq01abd050_33caspuzsxx33caspuzs&z=0434507c309b49529761c07gdzawdedo5w1betdqaw" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{3F37D811-0C46-4BF3-822F-414F26731905}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {3F37D811-0C46-4BF3-822F-414F26731905} Bing Url="Not_Found" {E733165D-CBCF-4FDA-883E-ADEF965B476C} Google Url="http://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-508932142-994307121-1577570936-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3F37D811-0C46-4BF3-822F-414F26731905} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3F37D811-0C46-4BF3-822F-414F26731905} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3F37D811-0C46-4BF3-822F-414F26731905} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverFinder deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\cow.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=246 folders=93 16991044 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\TEMP\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 13-02-2017 at 17:41:31,52 ======================