22:23 13/01/2015 Zoek.exe v5.0.0.0 Updated 09-January-2015 Tool run by Jo on di 13/01/2015 at 18:29:54,26. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jo\Desktop\zoek(1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13/01/2015 19:26:39 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Jo\AppData\Roaming\rmi deleted successfully C:\Users\Jo\AppData\Roaming\WebExtend deleted successfully C:\Users\Jo\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2017788098-1052485686-552342231-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Creative Cloud Adobe Flash Player 15 Plugin Adobe Photoshop CC 2014 (32 Bit) Adobe Photoshop Lightroom 5.6 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center Apple Application Support Apple Software Update Avast Free Antivirus Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner D3DX10 Google Chrome Google Drive Google Update Helper Google+ Auto Backup HD Tune 2.55 HP Deskjet 3520 series Basissoftware van het apparaat HP Deskjet 3520 series Help HP Deskjet 3520 series Productverbeteringsonderzoek HP Deskjet 3520 series Setup Guide HP Photo Creations HP Update Junk Mail filter update Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Movie Maker Mozilla Firefox 34.0 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 31.3.0 (x86 nl) MSVCRT MSVCRT110 Photo Common Photo Gallery Picasa 3 QuickTime 7 Registry Reviver Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition Skype Click to Call SkypeT 6.21 TomTom HOME TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual Studio 2012 x86 Redistributables Windows 7 Upgrade Advisor Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\WUDFHost.exe C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe C:\Windows\system32\vssvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Jo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\CCleaner\CCleaner.exe C:\Users\Jo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Windows\system32\DllHost.exe C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Users\Jo\Desktop\zoek(1).exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.10 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vToolbarUpdater18.1.10 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\vToolbarUpdater18.1.10 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "PennyBee"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "PennyBee"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Users\Jo\AppData\Roaming\PennyBee deleted C:\Program Files\Common Files\AVG Secure Search deleted C:\ProgramData\Avg_Update_1214tb deleted C:\Users\Jo\AppData\Local\AVG Web TuneUp deleted C:\Users\Lieve K\AppData\Local\AVG Web TuneUp deleted C:\Program Files\GUMF038.tmp deleted C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\Program Files\AVG Web TuneUp deleted C:\Program Files\PennyBee deleted C:\Program Files\SupTab deleted C:\Users\Jo\AppData\Roaming\WB.CFG deleted C:\PROGRA~2\AVG Web TuneUp deleted C:\PROGRA~2\IePluginServices deleted C:\PROGRA~2\AVG Secure Search deleted C:\PROGRA~2\WindowsMangerProtect deleted C:\PROGRA~2\Package Cache deleted C:\Windows\system32\config\systemprofile\AppData\Local\ICSharpCode.net deleted C:\Users\Jo\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted C:\Users\Jo\AppData\LocalLow\AVG Web TuneUp deleted C:\Users\Lieve K\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\system32\tasks\PennyBee deleted C:\Windows\tasks\PennyBee.job deleted C:\Windows\system32\Tasks\LaunchSignup deleted C:\Windows\tasks\1214tbUpdateInfo.job deleted C:\Windows\system32\tasks\1214tbUpdateInfo deleted C:\Windows\system32\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 2815 MB CPU Info: AMD Phenom(tm) 8450 Triple-Core Processor CPU Speed: 2086,7 MHz Sound Card: Luidsprekers (High Definition A | Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | Digitale audio (HDMI) (High Def | Display Adapters: ATI Radeon HD 3400 Series | ATI Radeon HD 3400 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH20NS10 Ports: COM1 | COM2 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 566,2GB | D: 30,0GB Hard Disks - Free: C: 451,1GB | D: 22,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 06/12/08 | MEDION - 20080612 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDIONPC MS-7501 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Firefox 34.0 Internet Explorer Version: 11.0.9600.17501 Mozilla Firefox version: 34.0 (x86 nl) Google Chrome version: 39.0.2171.95 Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-30 12:02:17 B59EF013D567E5746F1DEE2565F747ED 43152 ----a-w- C:\Windows\avastSS.scr 2014-12-19 13:53:47 96CE07448CB47BD6BB19453D504EEFE5 162247923 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Jo\AppData\Local\Temp ==== 2015-01-12 13:09:31 C184C29CA97F5307056A32A03C46D0F0 6245888 ----a-w- C:\Users\Jo\AppData\Local\Temp\AutoDetectUtilApp.exe 2015-01-11 20:47:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jo\AppData\Local\Temp\GURE41F.exe 2015-01-04 21:26:32 224AF3A0CDA3591BB2012C265EE33CF0 819200 ------w- C:\Users\Jo\AppData\Local\Temp\7zS2500\FWUpdateEDO2Msi.msi 2015-01-04 21:26:32 196CA9FF278B1D697DA35D3A09128F4A 1806160 ----a-w- C:\Users\Jo\AppData\Local\Temp\7zS2500\InstallFWUpdateEdoMsi.exe 2015-01-04 21:09:41 F1117C7CF8DF6CD77F4EE0EC2678B35D 305612528 ----a-w- C:\Users\Jo\AppData\Local\Temp\{55FEB91F-E177-4810-9616-654C626E9398}\Dreamweaver_15_LS20.exe 2015-01-03 12:44:06 D6BBF7FF6984213C7F1F0F8F07C51E6A 553067 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0409.dll 2015-01-03 12:44:06 5EE37FCB4F10A5E95E6D191D01DA5CB0 339968 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0408.dll 2015-01-03 12:44:05 62850E91E5A496B1B53DF16754E521A9 339968 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0407.dll 2015-01-03 12:44:04 BE66EA498B8188FAEFAA50FF0D7A76EA 327680 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0406.dll 2015-01-03 12:44:02 CDB9841F728C1CB5BF3B15666EE2F1D5 327680 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0405.dll 2015-01-03 12:44:02 6B29601A050A6B66A36D79C6582A8942 274432 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0404.dll 2015-01-03 12:44:01 DCBEF44687886453A934FC971A096C6A 335872 ----a-w- C:\Users\Jo\AppData\Local\Temp\{F97B2C01-C24E-431F-9812-8D67A8F0301E}\_isres_0x0403.dll 2015-01-03 12:43:43 E7FCA99202C89EE509EA7C2E521026E6 27524096 ----a-w- C:\Users\Jo\AppData\Local\Temp\{5EC31133-C3D9-4044-BC0F-B2D492CDA816}\TomTom HOME.msi ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-01-10 21:18:54 197B2EE973E3BC2B0E32BED69549E41E 291352 ----a-w- C:\Windows\System32\aswBoot.exe ====== C:\Windows\system32\drivers ===== 2014-12-30 12:03:07 401E663D9CBAFB580FF37A1A44AC84D9 91496 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-12-30 12:03:05 0EFBC2962B156E8AC267F96D4D93EF06 206248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-12-30 12:03:02 1624D5AD126B8AFE2B2E85E5B8364EB6 423784 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2014-12-30 12:03:00 6544697080421E62E97AAFBD0A8AA391 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-12-30 12:02:57 73A9014A9C4B19AA093DA05ED4246E27 70384 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-12-30 12:02:56 9D23DE88C3B18BA87CD4587177CA6CEA 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-12-30 12:02:53 DE8D7912469E4BC5FAED78D9D1076888 81768 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-12-30 12:02:43 E73CBE3420ECFA8FF7D0467E170E335D 787800 ----a-w- C:\Windows\System32\drivers\aswsnx.sys ====== C:\Windows\Tasks ====== 2015-01-11 20:42:32 E4C03B0FE53FE176C32A232D9B044119 4018 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000UA 2015-01-11 20:42:32 9358FCB43A1A5E3C36E67C9FD61A774E 1054 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000UA.job 2015-01-11 20:42:31 535E0F9CD3BE52EDEAB38CEF73F06EB9 1002 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000Core.job 2015-01-11 20:42:31 1CD296DEDFB2BC6171F2E326CC80A2E8 3622 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000Core 2014-12-31 13:14:31 119E5CC5B0E368A113F53FDDEDE32667 352 ----a-w- C:\Windows\Tasks\AdobeAAMUpdater-1.0-PCVJ-Jo.job 2014-12-30 12:06:56 2AC133620B4CDA1EF162EB899E393A8D 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-11 13:23:22 -------- d-----w- C:\Program Files\HD Tune 2015-01-10 14:52:03 -------- d-----w- C:\Program Files\trend micro 2015-01-01 15:58:44 -------- d-----w- C:\Program Files\AMD ======= C: ===== ====== C:\Users\Jo\AppData\Roaming ====== 2015-01-11 20:42:12 -------- d-----w- C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2015-01-11 20:42:11 -------- d-----w- C:\Users\Jo\AppData\Local\Programs 2015-01-08 21:57:01 40B0C064CC022314156F00F001BBD2AD 109280 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-23 19:49:05 -------- d-----w- C:\Users\Jo\AppData\Roaming\U3 ====== C:\Users\Jo ====== 2015-01-13 16:47:43 D24A2D2FB7D67DEF4DBE06C3304A2BE2 5040384 ----a-w- C:\Users\Jo\Downloads\avastclear.exe 2015-01-12 13:09:15 CB1816FBB0D9B2BF2B05B7870A999E3A 5451464 ----a-w- C:\Users\Jo\Downloads\autodetectutility.exe 2015-01-11 13:23:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2015-01-11 13:21:01 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\Jo\Downloads\hdtune_255.exe 2015-01-08 22:17:07 F12FE98405679BDAD148C491D98E5166 38824552 ----a-w- C:\Users\Jo\Downloads\FileFormatConverters.exe 2015-01-08 22:17:07 84B45073854C34E033E5387D0E84DB5F 35962568 ----a-w- C:\Users\Jo\Downloads\Windows-KB890830-V5.19.exe 2015-01-08 22:09:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-01-08 22:08:51 729CDAB7188F18358F6610BEC517EF04 6958304 ----a-w- C:\Users\Jo\Downloads\Silverlight.exe 2015-01-07 01:01:42 345BF0611EF15789A827CA059DDEE71B 43243600 ----a-w- C:\Users\Jo\Downloads\hppc-ics.12992.exe 2015-01-03 13:08:03 -------- d-----w- C:\ProgramData\ReviverSoft 2015-01-03 13:07:13 EA5EEA1C196D50375BBAEA9122C8EDFF 4161536 ----a-w- C:\Users\Jo\Downloads\RegistryReviverInstaller.exe 2014-12-31 15:52:15 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Jo\Downloads\MicrosoftFixit.WinFileFolder.RNP.1343467300113021.3.2.Run.exe 2014-12-31 15:38:46 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Jo\Downloads\MicrosoftFixit.WinFileFolder.RNP.1343467300113021.3.1.Run.exe 2014-12-31 15:36:33 F1198794F3913A87544733520DBF19FA 347440 ----a-w- C:\Users\Jo\Downloads\MicrosoftFixit-portable.exe 2014-12-30 12:05:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C: exe-files == 2015-01-13 18:21:57 18926F1E756478DD4A48F60941406115 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2017788098-1052485686-552342231-1000\$IJT9WBW.exe 2015-01-13 17:30:43 92ABBC6E52E32F8F66684F90BF4A25CE 1295360 ----a-w- C:\$Recycle.Bin\S-1-5-21-2017788098-1052485686-552342231-1000\$RJT9WBW.exe 2015-01-13 16:47:43 D24A2D2FB7D67DEF4DBE06C3304A2BE2 5040384 ----a-w- C:\Users\Jo\Downloads\avastclear.exe 2015-01-12 13:09:31 C184C29CA97F5307056A32A03C46D0F0 6245888 ----a-w- C:\Users\Jo\AppData\Local\Temp\AutoDetectUtilApp.exe 2015-01-12 13:09:15 CB1816FBB0D9B2BF2B05B7870A999E3A 5451464 ----a-w- C:\Users\Jo\Downloads\autodetectutility.exe 2015-01-12 09:47:06 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2015-01-12 09:47:06 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2015-01-12 09:47:05 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2015-01-11 20:55:33 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2015-01-11 20:55:03 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2015-01-11 20:54:33 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2015-01-11 20:52:17 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\GoogleUpdate.exe 2015-01-11 20:52:08 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Jo\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2015-01-11 20:47:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jo\AppData\Local\Temp\GURE41F.exe 2015-01-11 20:42:30 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe 2015-01-11 20:42:11 74F35DFE6730D516F9C62D54160558A2 208213 ----a-w- C:\Users\Jo\AppData\Local\Programs\Google\Google+ Auto Backup\Uninstall.exe 2015-01-11 13:23:23 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 ----a-w- C:\Program Files\HD Tune\HDTune.exe 2015-01-11 13:23:22 CEFC20D14D9940D53505E9B9769139E7 682266 ----a-w- C:\Program Files\HD Tune\unins000.exe 2015-01-11 13:21:01 088812A121E0A9CEB40CE9C808C8A90C 642632 ----a-w- C:\Users\Jo\Downloads\hdtune_255.exe 2015-01-10 21:18:54 197B2EE973E3BC2B0E32BED69549E41E 291352 ----a-w- C:\Windows\System32\aswBoot.exe 2015-01-08 22:17:07 F12FE98405679BDAD148C491D98E5166 38824552 ----a-w- C:\Users\Jo\Downloads\FileFormatConverters.exe 2015-01-08 22:17:07 84B45073854C34E033E5387D0E84DB5F 35962568 ----a-w- C:\Users\Jo\Downloads\Windows-KB890830-V5.19.exe 2015-01-08 22:08:51 729CDAB7188F18358F6610BEC517EF04 6958304 ----a-w- C:\Users\Jo\Downloads\Silverlight.exe 2015-01-07 01:01:42 345BF0611EF15789A827CA059DDEE71B 43243600 ----a-w- C:\Users\Jo\Downloads\hppc-ics.12992.exe === C: other files == 2015-01-13 16:57:52 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI8162\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-13 16:57:52 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI8162\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-10 22:32:07 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI40482\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-10 22:32:07 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI40482\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-10 21:21:02 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI42602\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-10 21:21:02 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI42602\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-10 19:01:15 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI36602\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-10 19:01:15 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI36602\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-10 17:07:04 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI42122\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-10 17:07:04 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI42122\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-10 13:50:12 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI47882\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-10 13:50:12 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI47882\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-08 17:24:44 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI36322\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-08 17:24:44 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI36322\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-07 17:15:42 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI32482\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-07 17:15:42 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI32482\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-07 16:34:47 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI41162\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-07 16:34:47 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI41162\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-07 13:33:49 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI22202\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-07 13:33:49 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI22202\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-07 13:15:59 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI36162\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-07 13:15:59 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Jo\AppData\Local\Temp\_MEI36162\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2017788098-1052485686-552342231-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "SkyDrive"="C:\Users\Jo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart" "Google Update"="C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\Jo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Adobe Creative Cloud"="C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "SkyDrive"="C:\Users\Jo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart" "Google Update"="C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\Jo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Folders ====================== 2014-10-28 09:27:46 1938 ----a-w- C:\Users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/12/2014 20:23] C:\Windows\tasks\AdobeAAMUpdater-1.0-PCVJ-Jo.job --a------ C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [14/10/2014 05:34] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/11/2014 15:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/11/2014 15:34] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000Core.job --a------ C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [11/01/2015 21:42] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000UA.job --a------ C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [11/01/2015 21:42] C:\Windows\tasks\Start Registry Reviver for PCVJ@Jo(logon).job --a------ C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PCVJ-Jo" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000Core" [C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2017788098-1052485686-552342231-1000UA" [C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\Start Registry Reviver for PCVJ@Jo(logon)" [C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe] "C:\Windows\system32\tasks\{9B92E94A-8578-4EFA-B2D4-C9F118370564}" [C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe] "C:\Windows\system32\tasks\{B26C7805-2A2E-478E-9993-1EB04DA2EE35}" ["c:\program files\mozilla firefox\firefox.exe"] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Leader Technologies\PowerRegister\Seagate Product Registration (Jo)" [C:\Users\Jo\AppData\Roaming\Leadertech\PowerRegister\Seagate Product Registration.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/01/2015 14:01] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Jo\AppData\Roaming\TomTom\HOME\Profiles\ftdzmxvp.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\8xvqnz5i.default-1417300744505 D2377C9458EFEB094E38B8C874AA214C - C:\Users\Jo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update 9860727E477F17B88E39AF8B69B0407A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash 847C1A6B649D406FDB721E1BCE4E1E38 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.6 B239D122D14692FC5EFBA7121C770F61 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.6 0900BBAB5745ECEC21C5E8254F05B7B0 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.6 17D7FEB824594E6446059EB3987D1AA9 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.6 59492511D7A8BC90A2F6023218E80F9C - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.6 D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update EC34DA8DB1BEB238C31DA80BBA7CD1C9 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - AdobeAAMDetect 9419AA8A2799526EC32B473C2BB7A10D - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight 528C34F569285E55CCB56A4A83E05352 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - AdobeAAMDetect ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Lieve K\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30/12/2014 13:02] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Slides - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Drive App Launcher - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1414525688&from=cor&uid=WDCXWD6400AACS-00G8B0_WD-WCAUF005485254852&q={searchTerms}" "Search Bar"="http://www.google.com/ie" "Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1414525688&from=cor&uid=WDCXWD6400AACS-00G8B0_WD-WCAUF005485254852&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1414525688&from=cor&uid=WDCXWD6400AACS-00G8B0_WD-WCAUF005485254852&q={searchTerms}" "Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1414525688&from=cor&uid=WDCXWD6400AACS-00G8B0_WD-WCAUF005485254852&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/ie" "SearchAssistant"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {422AB165-0B21-4D87-8502-9BAC1D839A5D} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_nlBE609" ==== HijackThis Entries ====================== O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Jo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Google Update] "C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Jo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3520 series.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Empty IE Cache ====================== C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Lieve K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lieve K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRME08ZV will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Jo\AppData\Local\Mozilla\Firefox\Profiles\8xvqnz5i.default-1417300744505\cache2 emptied successfully C:\Users\Lieve K\AppData\Local\Mozilla\Firefox\Profiles\alouoyu0.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=481 folders=165 151593496 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jo\AppData\Local\Temp will be emptied at reboot C:\Users\Lieve K\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRME08ZV" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 13/01/2015 at 22:19:17,94 ======================