Zoek.exe v5.0.0.1 Updated 12-November-2015 Tool run by Niek Limpens on do 12-11-2015 at 20:00:25,37. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Niek Limpens\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2012-10-29-125456.log 579 bytes C:\zoek-results2015-11-11-201415.log 57187 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Samsung deleted successfully C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully C:\Users\Niek Limpens\AppData\Local\SpacialAudio deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3887351716-307149313-405428169-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D016600} deleted successfully HKEY_USERS\S-1-5-21-3887351716-307149313-405428169-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D016600} deleted successfully HKEY_USERS\S-1-5-21-3887351716-307149313-405428169-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D016E00} deleted successfully HKEY_USERS\S-1-5-21-3887351716-307149313-405428169-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D016E00} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D016600} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D016E00} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2013 Adobe Flash Player 19 ActiveX Adobe Flash Player 19 NPAPI Adobe Photoshop CS6 Adobe Reader X (10.1.0) - Nederlands Adobe Shockwave Player 11.5 Advertising Center AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD AVIVO64 Codecs AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In AMD VISION Engine Control Center ASIO4ALL ATI Catalyst Registration Audacity 1.3.13 (Unicode) AudioLabel AVG AVG 2016 AVG Protection Banished Basissoftware voor HP Officejet 6500 E710n-z BeamNG.drive Bonjour BulletStorm Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CollabNet Subversion Client 1.6.15 Combined Community Codec Pack 2009-09-09 ControlMK 0.232 Counter-Strike Counter-Strike: Source Creative ALchemy Creative Configuratiescherm voor geluid Creative Software AutoUpdate Creative Sound Blaster Properties x64 Edition Creative WaveStudio 7 D3DX10 DAMN NFO Viewer 2.10.0031 RC3 Diablo III DolbyFiles Dropbox eReg File Renamer - Basic FileZilla Client 3.7.3 Firebird 2.5.0.26074 (Win32) FMW 1 Freeplayer3 Full Tilt Poker Full Tilt Poker.Eu Google Chrome Google Earth Google Update Helper Half-Life 2 Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Officejet 6500 E710n-z Haelp HP USB Disk Storage Format Tool HydraVision ImagXpress ImgBurn Intel A/V Codecs V2.0 IrfanView (remove only) Java 8 Update 65 Java Auto Updater Java SE Development Kit 7 Update 7 (64-bit) JavaFX 2.1.1 JetBrains PhpStorm 3.0.1 Junk Mail filter update Logitech Gaming Software 5.10 Logitech SetPoint 6.15 Logitech Touch Mouse Server 1.0 Malwarebytes Anti-Malware versie 1.65.1.1000 ManiaPlanet Menu Templates - Starter Kit Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Application Error Reporting Microsoft Corporation Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft LifeCam Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Movie Templates - Starter Kit Mozilla Firefox 31.0 (x86 nl) Mozilla Maintenance Service MSI to redistribute MS VS2005 CRT libraries MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec MySQL Tools for 5.0 Nero 9 Nero BurnRights Nero ControlCenter Nero CoverDesigner Nero DiscSpeed Nero DriveSpeed Nero InfoTool Nero Installer Nero Live Nero PhotoSnap Nero Recode Nero Rescue Agent Nero ShowTime Nero StartSmart Nero Vision Nero WaveEditor NeroBurningROM NeroExpress NeroLiveGadget neroxml NetBeans IDE 7.2 NVIDIA PhysX OpenAL Origin PDF Settings CS6 Photo Common PokerStars QuickPar 0.9 Rapture3D 2.4.8 Game Razer Game Booster RollerCoaster Tycoon 2 SABnzbd 0.7.20 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Skype Click to Call SkypeT 6.14 SoundTrax Speccy SpeedFan (remove only) Spotify Steam Switch Sound File Converter Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD TeamViewer 8 The Lord of the Rings FREE Trial Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition VC9RunTime VC9RunTimeX64 Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Vuze WampServer 2.2 WD Anywhere Backup Winamp Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live OneCare safety scanner Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR 5.01 (64-bit) XMedia Recode version 3.1.1.8 ==== Running Processes ====================== C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Users\Niek Limpens\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe C:\Users\Niek Limpens\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\Niek Limpens\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Samsung not found ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4095 MB CPU Info: AMD Phenom(tm) II X4 920 Processor CPU Speed: 2824.1 MHz Sound Card: Headset Earphone (3- Logitech U | Digital Audio Interface (SB X-F | Speakers (SB X-Fi Xtreme Audio) | Digital Audio (S/PDIF) (High De | Display Adapters: ATI Radeon HD 4800 Series | ATI Radeon HD 4800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Linksys AE3000 | Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) CD / DVD Drives: 2x (D: | F: | ) D: PIONEER DVD-RW DVR-112D | F: YPY QVOD2VO5 Ports: COM1 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 931.5GB Hard Disks - Free: C: 243.7GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 03/05/09 | HPQOEM - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. GA-MA790X-UD4 Country: Netherlands Language: NLD ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 31.0 (x86 nl) Google Chrome version: 46.0.2490.86 Adobe Reader version: 10.1.0.534 Sun Java version: 1.8.0_65 (32-bit) Sun Java version: 1.8.0_65 (64-bit) Flash Player version: 19.0.0.245 Shockwave Player version: 11.5.6r606 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\NIEKLI~1\AppData\Local\Temp ==== 2015-11-12 18:56:20 AC5BB2F4A126A92DD245019AF9CE4966 6423216 ----a-w- C:\Users\Niek Limpens\AppData\Local\Temp\HitmanPro.exe 2015-11-12 18:44:37 A560DBA4BC0D93CE2CB25FD68C5D191E 71168 ----a-w- C:\Users\Niek Limpens\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgjia7q.dll 2015-11-11 20:56:37 251F683F4447E2FD4B7E37EE97C16622 834048 ----a-w- C:\Users\Niek Limpens\AppData\Local\Temp\MsgPlusUninstall.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-11-11 20:27:07 8E750AE4F0BF98AFE35BDDDA8B70AD4D 5286088 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-10-21 15:16:48 D2E83AA008426FC9408272035E50D40B 284080 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys 2015-10-21 15:15:02 0D853D9B288298D3C61D7FC94A659DB2 255408 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys 2015-10-19 07:03:24 788FA68A9319CC73413AFE97EFD642A1 313776 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-11-10 17:53:21 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-11-11 19:40:36 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Niek Limpens\AppData\Roaming ====== 2015-11-11 21:18:24 9440BBB02BC5C70070A6CAA892191F48 6188680 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2015-11-11 20:10:37 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-11-11 20:10:37 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-11-11 20:10:37 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-11-11 20:10:37 -------- d-----w- C:\Users\Niek Limpens\AppData\Local\Temp 2015-11-11 20:10:37 -------- d-----w- C:\Users\Mcx1-NIEKLIMPENS-PC\AppData\Local\temp 2015-11-11 20:10:37 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-11-11 20:10:37 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-11-11 19:40:10 -------- d-----w- C:\Users\Niek Limpens\AppData\Roaming\Sun 2015-10-26 09:42:38 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog 2015-10-26 08:05:52 -------- d-----w- C:\Users\Niek Limpens\AppData\Local\AvgSetupLog 2015-10-26 07:31:33 -------- d-----w- C:\Users\Niek Limpens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Niek Limpens ====== 2015-11-12 18:56:48 9F2EADD3075A79480DAA711CD841BEF3 2077392 ----a-w- C:\Users\Niek Limpens\Downloads\IE11-Windows6.1.exe 2015-11-11 19:41:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-11-11 19:40:03 -------- d-----w- C:\Users\Niek Limpens\.oracle_jre_usage 2015-11-11 19:36:39 461A1FEB2BE3C9AD35CD9206470BDA89 584288 ----a-w- C:\Users\Niek Limpens\Downloads\chromeinstall-8u65.exe 2015-11-10 17:52:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Niek Limpens\Desktop\RSITx64.exe ====== C: exe-files == 2015-11-12 18:51:56 4E9D8041D352A33332FD6F59A3A78B03 119408 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe 2015-11-11 20:04:09 EAC3CFF15F7C04FBECCFCFF666302B35 43334736 ----a-w- C:\Program Files (x86)\Google\Update\Install\{9461447C-3250-44E5-8780-A83EAD632559}\46.0.2490.86_chrome_installer.exe 2015-11-11 20:04:07 EAC3CFF15F7C04FBECCFCFF666302B35 43334736 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.86\46.0.2490.86_chrome_installer.exe 2015-11-11 19:39:00 A53E431775DF91EA016AF5817DF26B41 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-11-11 19:39:00 50CC4A65F784A51813A169EA33CF319A 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-11-11 19:38:59 4547FB479010206D8BEA10B2694C5C6D 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-11-11 19:38:27 FAE99E011922F5BE4CB2160E316D057B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmiregistry.exe 2015-11-11 19:38:27 FA5E33B54BD044F489BA4281B3D6ED95 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\servertool.exe 2015-11-11 19:38:27 CC0CF93D2BF12A423DA4134FFB9C324D 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssvagent.exe 2015-11-11 19:38:27 BBC68E5519B11A74B8208AA7B85F3B80 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmid.exe 2015-11-11 19:38:27 B61623580A304714A4E2FE6A5E73327F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\pack200.exe 2015-11-11 19:38:27 AA79E5830F4B6C29A5A976891ED0E86B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jjs.exe 2015-11-11 19:38:27 940EE00C074A46D638A756723964D65D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\orbd.exe 2015-11-11 19:38:27 857117663B1F28ABBA4E1C6110A09282 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\policytool.exe 2015-11-11 19:38:27 6211595DD15306DFD8E07B95E6F2984D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\tnameserv.exe 2015-11-11 19:38:27 56DCBCE6CF84B5F12185AF6DB7B85EB2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\keytool.exe 2015-11-11 19:38:27 4D2DDC988E4F67E7E07E78954FBEED2D 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\unpack200.exe 2015-11-11 19:38:27 2AA43B8A44341F90DCCFAE38107BA484 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2launcher.exe 2015-11-11 19:38:27 1A859E08A65ECBA7B687ACAED5EA5080 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ktab.exe 2015-11-11 19:38:27 1933BBD87F9759CC2D7DC2909C4CA0CD 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\klist.exe 2015-11-11 19:38:27 0AD21325149141252F05B32F7809F441 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\kinit.exe 2015-11-11 19:38:26 B6DBE62611DA178B2CA578BC2B7BBA30 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javacpl.exe 2015-11-11 19:38:26 A53E431775DF91EA016AF5817DF26B41 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe 2015-11-11 19:38:26 8ED50DA4BAE0046E05BEC0110CF20B17 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java-rmi.exe 2015-11-11 19:38:26 66B01DCB41FBE8C3CAB13D3F8ED4FA58 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jabswitch.exe 2015-11-11 19:38:26 50CC4A65F784A51813A169EA33CF319A 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaws.exe 2015-11-11 19:38:26 4547FB479010206D8BEA10B2694C5C6D 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe 2015-11-10 17:53:21 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Niek Limpens.exe 2015-11-09 09:44:25 881DE7AA23DDE0A2B8E37FAE38979A31 1143872 ----a-w- C:\Program Files (x86)\AVG\Av\Notification\Launcher.exe === C: other files == 2015-11-11 19:38:29 577B724A8DB4380F8B8F0098D1C9A722 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3887351716-307149313-405428169-1001\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Spotify Web Helper"="C:\Users\Niek Limpens\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Dropbox Update"="C:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Spotify Web Helper"="C:\Users\Niek Limpens\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Dropbox Update"="C:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "AdobeBridge"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "ATICustomerCare"="\"C:\\Program Files (x86)\\ATI\\ATICustomerCare\\ATICustomerCare.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR.exe Run" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesAirMessage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesAirMessage" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LifeCam] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LifeCam" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft LifeCam\\LifeExp.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RGSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RGSC" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe /silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VX6000] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VX6000" "hkey"="HKLM" "command"="C:\\Windows\\vVX6000.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WD Anywhere Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WD Anywhere Backup" "hkey"="HKLM" "command"="C:\\Program Files\\WD\\WD Anywhere Backup\\MemeoLauncher2.exe --silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Apache Web Server Monitor.lnk] "item"="Apache Web Server Monitor" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Apache Web Server Monitor.lnk" "backup"="C:\\Windows\\pss\\Apache Web Server Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\Zend\\Apache2\\bin\\APACHE~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Zend Controller.lnk] "item"="Zend Controller" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Zend Controller.lnk" "backup"="C:\\Windows\\pss\\Zend Controller.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\Zend\\ZENDSE~1\\bin\\ZENDCO~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Niek Limpens^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "item"="Dropbox" "path"="C:\\Users\\Niek Limpens\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\NIEKLI~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe" ==== Startup Folders ====================== 2015-05-12 10:05:45 1118 ----a-w- C:\Users\Niek Limpens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-11-2015 21:27] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3887351716-307149313-405428169-1001Core.job --a------ C:EC:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe [] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3887351716-307149313-405428169-1001UA.job --a------ C:EC:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-09-2015 19:28] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-09-2015 19:28] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3887351716-307149313-405428169-1001Core" [C:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3887351716-307149313-405428169-1001UA" [C:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java(TM) Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\Razer_Game_Booster_AutoUpdate" [C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3887351716-307149313-405428169-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3887351716-307149313-405428169-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{BF6C1065-3624-4D02-A05C-12906FA8E688}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{848C532B-9C5F-4EBE-83B2-0F014ADAB168}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] ==== Firefox Extensions ====================== ProfilePath: C:\Users\NIEKLI~1\AppData\Roaming\Mozilla\Firefox\Profiles\lhz2h9e2.default - SoundCloud Downloader - %ProfilePath%\extensions\{2b55ea1c-5d12-4fb5-bb9b-2067f8eda4ca}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Niek Limpens\AppData\Roaming\Mozilla\Firefox\Profiles\lhz2h9e2.default F114FBA6246530B89DD1E04351E0EAC5 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash 8E9A08E2092B3E1ADFF3C46BC1A5124B - C:\Windows\SysWoW64\TVUAx\npTVUAx.dll - TVU Web Player for FireFox 32A783FE8D78DB883368CA851E274DBE - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14-05-2013 12:27] Google Slides - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Skype Click to Call - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes "DefaultScope"="" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKCU\SearchScopes "DefaultScope"="{F2F858E0-9C9C-4931-A091-006422B0E8F0}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{F2F858E0-9C9C-4931-A091-006422B0E8F0} - http://www.google.nl/search?hl=nl&q={searchTerms} HKCU\Wow6432Node\SearchScopes "DefaultScope"="" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Niek Limpens\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Niek Limpens\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Niek Limpens\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} (IBM Lotus iNotes 8.5 Control) - https://webmail.saxion.nl/dwa85W.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mcx1-NIEKLIMPENS-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H017YLKT will be deleted at reboot C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JL0H82CT will be deleted at reboot C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2L6O4MA will be deleted at reboot C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8QN8DVM will be deleted at reboot C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Niek Limpens\AppData\Local\Mozilla\Firefox\Profiles\lhz2h9e2.default\Cache emptied successfully C:\Users\Niek Limpens\AppData\Local\Mozilla\Firefox\Profiles\lhz2h9e2.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Niek Limpens\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=249 folders=57 97835360 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Mcx1-NIEKLIMPENS-PC\AppData\Local\temp emptied successfully C:\Users\Niek Limpens\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\NIEKLI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H017YLKT" not found "C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JL0H82CT" not found "C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2L6O4MA" not found "C:\Users\Niek Limpens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8QN8DVM" not found ==== EOF on do 12-11-2015 at 20:29:15,97 ======================