Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by Hans on ma 09-06-2014 at 21:00:41,54. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\hans\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-06-09-185312.log 1758 bytes ==== Running Processes ====================== C:\windows\system32\csrss.exe C:\windows\system32\wininit.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\winlogon.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\Hpservice.exe C:\windows\system32\vcsFPService.exe C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\system32\WLANExt.exe C:\windows\system32\conhost.exe C:\windows\System32\spoolsv.exe c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe C:\windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe C:\windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe C:\windows\System32\svchost.exe -k HPZ12 C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\atieclxx.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\windows\system32\svchost.exe -k HPService c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe C:\windows\system32\svchost.exe -k bthsvcs C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\servicing\TrustedInstaller.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files (x86)\Bluetooth Suite\BtTray.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\windows\system32\SearchIndexer.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\iPod\bin\iPodService.exe c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\windows\system32\wbem\wmiprvse.exe C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe C:\windows\system32\sppsvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe C:\windows\system32\igfxext.exe C:\windows\system32\igfxsrvc.exe C:\Users\hans\Desktop\zoek.exe C:\windows\system32\conhost.exe C:\Program Files (x86)\WinRAR\WinRAR.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\windows\system32\Macromed\Flash\FlashUtil64_13_0_0_206_ActiveX.exe C:\windows\system32\vssvc.exe C:\windows\System32\svchost.exe -k swprv C:\windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\windows\System32\svchost.exe -k WerSvcGroup C:\windows\system32\SearchProtocolHost.exe ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Validity deleted successfully C:\Users\hans\AppData\Roaming\DMCache deleted successfully C:\Users\hans\AppData\Roaming\WinRAR deleted successfully C:\Users\administrator\AppData\Local\PDFC deleted successfully C:\Users\Eigenaar\AppData\Local\PDFC deleted successfully C:\Users\Eigenaar\AppData\Local\VirtualStore deleted successfully C:\Users\hans\AppData\Local\PDFC deleted successfully C:\Users\martin\AppData\Local\PDFC deleted successfully C:\Users\martin\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min 64 Bit HP CIO Components Installer Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Adobe Digital Editions Adobe Flash Player 13 ActiveX Adobe Flash Player 13 Plugin Adobe Reader X (10.1.0) - Nederlands Advanced IP Scanner AMD APP SDK Runtime Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft TotalMedia ArcSoft Webcam Sharing Manager ATI Catalyst Install Manager avast Free Antivirus Basissoftware voor HP Photosmart Plus B210 series BlackBerry App World Browser Plugin Bonjour BufferChm Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module D3DX10 Destinations Device Access Manager for HP ProtectTools DeviceDiscovery DeviceManagementQFolder DocMgr DocProc Drive Encryption For HP ProtectTools Energy Star Digital Logo Face Recognition for HP ProtectTools Fax File Sanitizer For HP ProtectTools Galerie de photos Windows Live Google Chrome Google Earth Google Update Helper GPBaseService2 Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Auto HP Color LaserJet CM2320 MFP Series 3.1 HP Connection Manager HP Customer Experience Enhancements HP Customer Participation Program 13.0 HP DayStarter HP Document Manager 2.0 HP Documentation HP ESU for Microsoft Windows 7 HP HD Webcam [Fixed] HP Hotkey Support HP Imaging Device Functions 13.0 HP Officejet 4500 G510n-z HP Photosmart Plus B210 series Haelp HP Power Assistant HP ProtectTools Security Manager HP QuickWeb HP Setup HP Smart Web Printing 4.5 HP SoftPaq Download Manager HP Software Framework HP Software Setup HP Solution Center 13.0 HP Support Assistant HP System Default Settings HP Update HP Wallpaper hppCLJCM2320 hppFaxDrvCM2320 hppFaxUtilityCM2320 hppFonts hppManualsCM2320 hppQFolderCM2320 HPProductAssistant hppScanToCM2320 hppSendFaxCM2320 HPSSupply iCloud IDT Audio ImgBurn Intel(R) Display Audio Driver Intel(R) Identity Protection Technology 1.0.71.0 Intel(R) Management Engine Components Intel(R) Rapid Storage Technology iTunes Java(TM) 7 Update 5 (64-bit) JMicron Flash Media Controller Driver MarketResearch Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft_VC90_CRT_x86 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MusicBee Network64 OCR Software by I.R.I.S. 13.0 PDF Complete Special Edition Pixsta Pokki Pokki Download Helper Privacy Manager for HP ProtectTools PX Profile Update Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Driver Installation Program Raccolta foto di Windows Live Realtek Ethernet Controller All-In-One Windows Driver Scan SDK Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition Shop for HP Supplies SkypeT 6.11 SmartWebPrinting SolutionCenter Spotify Status Synaptics Pointing Device Driver TeamViewer 7 Theft Recovery for HP ProtectTools Toolbox TrayApp Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Validity Fingerprint Sensor Driver VIP Access SDK x64(1.0.0.50) Visual Studio 2008 x64 Redistributables WebReg Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinRAR WinZip 14.5 WMV9/VC-1 Video Playback Xobni Xobni Core ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\hans\AppData\Roaming\Babylon deleted C:\Users\hans\AppData\Local\Babylon deleted C:\Users\hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki deleted C:\user.js deleted "C:\Users\hans\AppData\Local\Pokki\analytics.db" deleted "C:\Users\hans\AppData\Local\Pokki\engine_update.db" deleted "C:\Users\hans\AppData\Local\Pokki\notifications.db" deleted "C:\Users\hans\AppData\Local\Pokki\ocdeskband_0.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\avcodec-54.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\avformat-54.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\avutil-51.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\chrome_100_percent.pak" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\en-US.pak" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\icudt.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\libPokki.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll" deleted "C:\Users\hans\AppData\Local\Pokki\Engine\resources.pak" deleted "C:\Users\hans\AppData\Local\Pokki\Pokkies\installed_pokkies.db" not deleted "C:\Users\hans\AppData\Local\Pokki\UserData\lockfile" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cookies-journal" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\QuotaManager" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\QuotaManager-journal" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Visited Links" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Shortcuts" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Visited Links" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\QuotaManager" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\QuotaManager-journal" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Visited Links" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cookies" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Network Action Predictor" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\databases\Databases.db" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State\000055.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State\MANIFEST-000054" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\User StyleSheets\Custom.css" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State\000055.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State\MANIFEST-000054" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Extension State\000043.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Extension State\MANIFEST-000042" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\000055.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\MANIFEST-000054" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets\Custom.css" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\000055.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\MANIFEST-000054" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\databases\Databases.db" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Extension State\000055.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Extension State\MANIFEST-000054" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Local Storage\file__0.localstorage" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Local Storage\file__0.localstorage-journal" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\User StyleSheets\Custom.css" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\databases\file__0\1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_2" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_3" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cache\index" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\000055.log" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\LOCK" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\MANIFEST-000054" deleted "C:\Users\hans\AppData\Local\Pokki" not deleted "C:\Users\hans\AppData\Local\Pokki\Engine" deleted "C:\Users\hans\AppData\Local\Pokki\Pokkies" not deleted "C:\Users\hans\AppData\Local\Pokki\UserData" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\databases" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\Extension State" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44\User StyleSheets" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\83453a3d886e527a470b5bb8291dd338de4b1e44-websheet\Extension State" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\Default\Extension State" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\databases" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Extension State" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\Local Storage" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\User StyleSheets" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications\databases\file__0" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Cache" deleted "C:\Users\hans\AppData\Local\Pokki\UserData\notifications-websheet\Extension State" deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3007 MB CPU Info: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz CPU Speed: 2091.7 MHz Sound Card: Luidsprekers / HP (IDT High Def | Display Adapters: Mobile Intel(R) HD Graphics | Mobile Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #4 | Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter | Bluetooth-apparaat (Personal Area Network) #2 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (G: | ) G: hp DVD A DS8A5LH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 7 Button Wheel Mouse Present Hard Disks: C: 275.0GB | E: 17.8GB | F: 5.0GB Hard Disks - Free: C: 200.9GB | E: 2.7GB | F: 2.1GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 09/14/11 | HPQOEM - f Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 167C Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 34.0.1847.116 Internet Explorer Version: 11.0.9600.17041 Google Chrome version: 34.0.1847.116 Adobe Reader version: 10.1.0.534 Sun Java version: 1.7.0_05 (64-bit) Flash Player version: 13.0.0.206 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\hans\AppData\Local\Temp ==== 2014-06-09 18:52:30 3304FDFB4F7424B385C308B812FB019C 71680 ----a-w- C:\Users\hans\AppData\Local\Temp\ZAScan.exe ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== ====== C:\windows\Sysnative\drivers ===== ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\hans\AppData\Roaming ====== ====== C:\Users\hans ====== ====== C: exe-files == 2014-06-09 18:52:30 3304FDFB4F7424B385C308B812FB019C 71680 ----a-w- C:\Users\hans\AppData\Local\Temp\ZAScan.exe 2014-06-09 16:24:53 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe 2014-06-09 16:24:53 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe 2014-06-09 16:24:51 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe 2014-06-09 16:24:51 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe 2014-06-09 16:24:51 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateBroker.exe 2014-06-09 16:24:46 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateSetup.exe 2014-06-09 16:24:36 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe 2014-06-09 16:24:34 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe 2014-06-09 16:24:33 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe 2014-06-09 16:24:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe 2014-06-09 16:24:22 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe 2014-06-09 16:24:22 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe 2014-06-09 16:24:21 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe 2014-06-09 16:24:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdate.exe 2014-06-09 16:22:51 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe 2014-06-09 16:22:48 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Users\hans\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe === C: other files == 2014-06-09 18:53:45 C49E4403393707706D2422F61F5F1F92 66913 ----a-w- C:\Users\hans\Desktop\bluescreenview.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Spotify"="C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1"="C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" "Pokki"="C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"="C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\hans\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "HP HD Webcam [Fixed]_Monitor"="C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "DTRun"="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Spotify"="C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1"="C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" "Pokki"="C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"="C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\hans\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "MfeEpePcMonitor"="C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" "HPPowerAssistant"="C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden" "BtTray"="C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2012-02-07 20:05:31 1755 ----a-w- C:\Users\hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Show Zoho CRM.lnk 2011-11-02 13:17:23 2059 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02-05-2014 18:33] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-02-2012 16:12] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-02-2012 16:12] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159Core.job --a------ C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe [03-11-2011 12:46] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159UA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159Core" [C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159UA" [C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{C188FA4A-3F94-4362-BF66-18213AD96508}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02-11-2011 15:19] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21-08-2012 11:10] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx[] Lucidchart Diagrams - Online - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn Google Drive - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Pixlr-o-matic - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj Gmail Offline - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Google Calendar - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Wunderlist - To-do and Task list - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc avast WebRep - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Quick Markup: Brainstorming - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnchgfmijphalpadifffpofoakjdffag Google Wallet - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage deleted successfully C:\Users\hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage-journal deleted successfully C:\Users\hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_instagram-for-chrome.nl.softonic.com_0.localstorage deleted successfully C:\Users\hans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_instagram-for-chrome.nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.babylon.com/?AF=109985&babsrc=HP_ss&mntrId=425d9bf5000000000000f2df9a913d66" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Spotify] "C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Pokki] C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1] "C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\hans\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Show Zoho CRM.lnk = C:\AdventNet\ZohoCRM\bin\zohocrm_tray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\hans\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hans\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\hans\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4025 folders=108 228335013 bytes) ==== Empty Temp Folders ====================== C:\Users\administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp emptied successfully C:\Users\hans\AppData\Local\Temp will be emptied at reboot C:\Users\martin\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\hans\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\hans\AppData\Local\Pokki\Pokkies\installed_pokkies.db" not found "C:\Users\hans\AppData\Local\Pokki" not found "C:\Users\hans\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LXDRL8W9\assets.videostrip.com" not found "C:\Users\hans\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LXDRL8W9\static.muzu.tv" not found ==== EOF on ma 09-06-2014 at 21:35:32,89 ======================