Zoek.exe v5.0.0.1 Updated 28-November-2015 Tool run by vincent on zo 29-11-2015 at 10:37:03,82. Microsoft Windows 8 Pro 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\vincent\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-11-2015 10:39:16 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~3\IntelDLM deleted successfully C:\PROGRA~3\Shared Space deleted successfully C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\vincent\AppData\Roaming\Malwarebytes deleted successfully C:\Users\vincent\AppData\Roaming\New Version Available deleted successfully C:\Users\vincent\AppData\Roaming\Opera Software deleted successfully C:\Users\vincent\AppData\Roaming\PowerISO deleted successfully C:\Users\vincent\AppData\Local\DriverToolkit deleted successfully C:\Users\vincent\AppData\Local\Opera Software deleted successfully C:\Users\vincent\AppData\Local\VirtualStore deleted successfully C:\Users\vincent\AppData\Local\VS Revo Group deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-855529338-709491476-424157239-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-855529338-709491476-424157239-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-855529338-709491476-424157239-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent Adobe Flash Player 19 NPAPI Adobe Reader XI (11.0.12) - Nederlands Adobe Refresh Manager Advanced SystemCare 8 Apple Application Support (32-bit) AVG AVG 2016 AVG Protection Bonjour CCleaner Driver Booster 2.4 FDB14 v2.0a FDB14 v2.0b FDB14 v2.0c FDB14 v2.0d FMW 1 Free YouTube to MP3 Converter version 3.12.50.1122 Google Chrome Google Update Helper HP ePrint HP FWUpdateEDO2 HP Photo Creations HP Photosmart 5510 series Basissoftware van het apparaat HP Photosmart 5510 series Haelp HP Photosmart 5510 series Productverbeteringsonderzoek HP Support Solutions Framework HP Unified IO HP Update HP Wireless Button Driver HPDiagnosticAlert Intel(R) Driver Update Utility 2.0 Intel(R) Processor Graphics Intel© Driver Update Utility IObit Malware Fighter 3 IObit Uninstaller Java 8 Update 51 Java 8 Update 60 Java Auto Updater Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 42.0 (x86 nl) Mozilla Maintenance Service MyDriveConnect 4.0.3.2180 NVIDIA-configuratiescherm 354.35 NVIDIA GeForce Experience 2.5.15.54 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 354.35 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.5.15.54 NVIDIA PhysX Systeem Software 9.15.0428 NVIDIA ShadowPlay 2.5.15.54 NVIDIA Update 2.5.15.54 NVIDIA Update Core NVIDIA Virtual Audio 1.2.31 OpenOffice 4.1.1 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader SHIELD Streaming SHIELD Wireless Controller Driver Smart Defrag 4 Speccy Start Menu 8 Surfing Protection Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TomTom HOME VC80CRTRedist - 8.0.50727.6195 Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio C++ 10.0 Runtime WinRAR 5.21 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Users\vincent\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdvancedSystemCareService8 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IMFservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StartMenuService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\StartMenuService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RegFilter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.1.8 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default ---- Lines aAVJYFVOD75109374HCDE39471360com72895 removed from prefs.js ---- user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.AVJYFVOD75109374@HCDE39471360.comaAVJYFVOD75109374HCDE39471360com72895_dbWasSet", tr user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.AVJYFVOD75109374@HCDE39471360.comaAVJYFVOD75109374HCDE39471360com72895_dbWasSet_FF25 user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.AVJYFVOD75109374@HCDE39471360.comasyncdb_dbWasSet", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.AVJYFVOD75109374@HCDE39471360.comasyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.AVJYFVOD75109374@HCDE39471360.comasyncinternaldb_dbWasSet", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.AVJYFVOD75109374@HCDE39471360.comasyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.InstallationThankYouPage", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.InstallationTime", 1443292995); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.active", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.addressbar", "NA"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.addressbarenhanced", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.backgroundver", 24); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.certdomaininstaller", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.changeprevious", false); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.cookie.InstallationTime.value", "%221443292995%22"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22002661%22%2C%22sub_id%22%3A% user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.description", "Lights out for YouTube"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.domain", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.enablesearch", false); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.homepage", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.iframe", false); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22cdcfd066f445ce8 user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22002661%22%2C%22sub_id%22 user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.__defualt_browser__.value", "%22ch%22"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22 user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.lastDailyReport", "1443623337240"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.lastUpdate", "1443623335736"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.manifesturl", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.name", "CinemaPlus-3.3c"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.newtab", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.opensearch", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.pluginsurl", "http://js.devbitrack.com/plugin/apps/72895/plugins/na/ff/plugins.json" user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.pluginsversion", 77); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.publisher", "Cinema Plus"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.searchstatus", 0); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.setnewtab", false); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.thankyou", ""); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.updateinterval", 360); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.72895.ver", 105); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.apps", "72895"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.bic", "1500e2e3287b8d570d7677d70898b09e"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.cid", 72895); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.firstrun", false); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.hadappinstalled", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.installationdate", 1443346920); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.installerAdditionalInfo", "{\"asw\":[0, -2147483579, 67108864, 8448],\"browser_name\":\"ff user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.modetype", "production"); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.reportInstall", true); user_pref("extensions.aAVJYFVOD75109374HCDE39471360com72895.statsDailyCounter", 4); ---- Lines yahoo removed from prefs.js ---- user_pref("avg.wtu.ext.setting_hp_list", "[{\"name\":\"AVG Secure Search\",\"value\":\"https://mysearch.avg.com\"},{\"name\":\"Google\",\"value\":\"ht ---- Lines surfing removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"iobitascsurfingprotection@iobit.com\":{\"d\":\"C:\\\\Users\\\\vincent\\\\AppData\\\\Roaming\\\\M ---- Lines surfing modified from prefs.js ---- user_pref("extensions.enabledAddons", "iobitascsurfingprotection%40iobit.com:2.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0"); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "1500e2e3287b8d570d7677d70898b09e"); ---- Lines mysearch removed from prefs.js ---- user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{2213751c-f927-432e-ada1-57b4f48fd ---- FireFox user.js and prefs.js backups ---- user_29-11-2015_1048_.backup prefs_29-11-2015_1048_.backup ProfilePath: C:\Users\vincent\AppData\Roaming\TomTom\HOME\Profiles\mein93oz.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_29-11-2015_1048_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 8"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IObit Malware Fighter"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCleaner64.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\maintenanceservice_tmp.exe] ==== Batch Command(s) Run By Tool====================== Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found C:\Program Files (x86)\Common Files\DVDVideoSoft deleted C:\Program Files (x86)\Popcorn Time deleted C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default\extensions\iobitascsurfingprotection@iobit.com deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\vincent\AppData\Roaming\ProductData deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse deleted C:\Users\vincent\AppData\LocalLow\ADSRemoval deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default\searchplugins\google-avast.xml deleted C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default\searchplugins\avg-secure-search.xml deleted C:\PROGRA~3\cis649A.exe deleted "C:\Windows\tasks\ASC8_SkipUac_vincent.job" deleted "C:\Windows\tasks\Uninstaller_SkipUac_vincent.job" deleted "C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default\searchplugins\bing-avast.xml" deleted "C:\Windows\SYSWOW64\IObitSmartDefragExtension.dll" deleted "C:\windows\SysNative\IObitSmartDefragExtension.dll" deleted "C:\Users\vincent\AppData\Roaming\ORDnmPLT5QWFMFOYK" deleted "C:\Users\vincent\AppData\Roaming\RHpOckXGPm8xQ7ogMMx" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\vcl120.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\datastate.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\FileSearch.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe" deleted "C:\Program Files (x86)\IObit\Start Menu 8\IObitStartMenuExtension.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe" deleted "C:\Program Files (x86)\IObit\Start Menu 8\StartMenuDll.dll" deleted "C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe" deleted "C:\Program Files (x86)\IObit\Start Menu 8\vcl120.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\vclx120.bpl" deleted "C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll" deleted "C:\Program Files (x86)\IObit" not deleted "C:\Program Files (x86)\IObit\IObit Uninstaller" deleted "C:\Program Files (x86)\IObit\Start Menu 8" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 12219 MB CPU Info: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz CPU Speed: 2425,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | NVIDIA GeForce GT 740M Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Bluetooth-apparaat (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Ralink RT3290 802.11bgn Wi-Fi Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (I: | ) I: hp CDDVDW SU-208CB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 105,0GB | D: 496,0MB | E: 998,0MB | F: 450,0MB | G: 350,0MB | H: 22,3GB Hard Disks - Free: C: 45,4GB | D: 123,6MB | E: 619,0MB | F: 423,9MB | G: 310,4MB | H: 1,5GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 2166 Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D} Default Browser: Google Chrome 46.0.2490.86 Internet Explorer Version: 10.0.9200.17054 Mozilla Firefox version: 42.0 (x86 nl) Google Chrome version: 46.0.2490.86 Adobe Reader version: 11.0.12.18 Sun Java version: 1.8.0_60 (32-bit) Sun Java version: 1.8.0_60 (64-bit) Flash Player version: 19.0.0.245 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\vincent\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-11-22 16:39:35 D36A2CEB5EF85F52704ABE6FD9F25243 21504 ----a-w- C:\Windows\Sysnative\umstartup.etl 2015-11-18 19:41:54 4425B2E3F26714FD18F47DF4C560AAA9 62584 ----a-w- C:\Windows\Sysnative\nvshext.dll ====== C:\Windows\Sysnative\drivers ===== 2015-11-06 01:07:40 B256572EE337C9BF88194C13EF153A99 40264 ----a-w- C:\Windows\Sysnative\drivers\nvpciflt.sys 2015-11-06 01:06:32 E3BC530DAF38B666FCF7F40A16B6979F 11105936 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2015-11-01 20:10:32 DC618A9667A1178BABBD4F0C858A03E5 887536 ----a-w- C:\Windows\Sysnative\drivers\Rt630x64.sys 2015-11-01 20:08:59 3D2A18B6CC394B1C936DBBFBE6CD2BB1 4613888 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2015-11-01 20:08:59 363D9529E5232F8B574436AF2BF0F361 3951402 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT ====== C:\Windows\Tasks ====== 2015-11-21 14:24:22 32E631D6EAF59DD8CD496A83E3D6336B 2398 ----a-w- C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_vincent 2015-11-08 16:44:09 AEEF77AC0177E5464EC984ED0B5F71A3 3184 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag4_Startup 2015-11-08 16:44:07 56888233109FA986A5678A31778245C3 3182 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag4_Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-11-28 17:56:23 -------- d-----w- C:\Program Files\trend micro 2015-11-28 10:24:40 -------- d-----w- C:\Program Files\Speccy 2015-11-21 15:03:32 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-11-21 14:34:54 -------- d-----w- C:\Program Files\Common Files\AV 2015-11-21 14:03:08 -------- d-----w- C:\Program Files\Bonjour ======= C:\PROGRA~2 ===== 2015-11-21 15:03:32 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2015-11-21 14:03:08 -------- d-----w- C:\PROGRA~2\Bonjour 2015-11-21 14:01:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple ======= C: ===== 2015-11-01 20:30:05 A2E70173ED701865EE262E4FF021E9BC 6944 ------w- C:\bootsqm.dat ====== C:\Users\vincent\AppData\Roaming ====== 2015-11-25 17:36:10 57F38A23C5EA4C1412E0EC45E7B8229D 1212680 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat ====== C:\Users\vincent ====== 2015-11-28 17:56:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\vincent\Downloads\RSITx64.exe 2015-11-28 10:24:10 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\vincent\Downloads\spsetup128.exe 2015-11-22 13:14:24 C9C248FC1C38A5BBF1D76A242B331D24 5145808 ----a-w- C:\Users\vincent\Downloads\windows.8.pro.x86.x64.nl.dutch.geactiveerd.h33t.tdm_downloader.exe 2015-11-22 12:58:32 A112A9B39D22E592C71F617CF379BB9B 5487040 ----a-w- C:\Users\vincent\Downloads\Windows8-Setup.exe 2015-11-22 12:53:29 EE8E61F376F7F3E309525C975642C989 1483336 ----a-w- C:\Users\vincent\Downloads\mediacreationtool.exe 2015-11-21 15:04:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-11-21 14:08:37 A72BA71C3217DD16B67D74D5DB8A0B85 8192 --sha-w- C:\Users\vincent\Thumbs.db 2015-11-20 16:31:00 CC2DF7564B49843D9E726F88DCE1093F 167839512 ----a-w- C:\Users\vincent\Downloads\iTunes6464Setup.exe 2015-11-01 20:17:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller ====== C: exe-files == 2015-11-28 17:56:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\vincent.exe 2015-11-28 17:56:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\vincent\Downloads\RSITx64.exe 2015-11-28 10:24:10 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\vincent\Downloads\spsetup128.exe 2015-11-26 23:00:27 6D654F3C1C0278C5208BA457704F27F1 6944808 ----a-w- C:\Users\vincent\AppData\Local\NVIDIA\NvBackend\Packages\00008340\DAO.20203697.exe 2015-11-26 10:25:24 E47EEA086F296801385DB0C027F2A89C 630200 ----a-w- C:\Users\vincent\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-11-26 10:25:22 DA50AA4A60EF3AC13EAE46CC94068851 172984 ----a-w- C:\Users\vincent\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2015-11-25 17:17:48 810CE84E84879715E3CD42E22CAAFF64 595864 ----a-w- C:\Users\vincent\AppData\Local\NVIDIA\NvBackend\Packages\0000832f\CoProc update.20200505.exe 2015-11-22 13:14:24 C9C248FC1C38A5BBF1D76A242B331D24 5145808 ----a-w- C:\Users\vincent\Downloads\windows.8.pro.x86.x64.nl.dutch.geactiveerd.h33t.tdm_downloader.exe 2015-11-22 12:58:32 A112A9B39D22E592C71F617CF379BB9B 5487040 ----a-w- C:\Users\vincent\Downloads\Windows8-Setup.exe 2015-11-22 12:53:29 EE8E61F376F7F3E309525C975642C989 1483336 ----a-w- C:\Users\vincent\Downloads\mediacreationtool.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-855529338-709491476-424157239-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LavasoftAdAwareService11] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LavasoftTcpService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SearchProtectionService] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-11-2015 11:42] C:\Windows\tasks\Wise Care 365.job --a-------- C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [] C:\Windows\tasks\Wise Turbo Checker.job --a-------- C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_vincent" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (vincent)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SmartDefrag4_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe] "C:\Windows\SysNative\tasks\SmartDefrag4_Update" [C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_vincent" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\Wise Care 365" [C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe] "C:\Windows\SysNative\tasks\Wise Turbo Checker" [C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\WiseCleaner\WPUSkipUAC" [C:\Program Files (x86)\Wise\Wise Program Uninstaller\WiseProgramUninstaller.exe] "C:\Windows\SysNative\tasks\WiseCleaner\WRCSkipUAC" [C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006"); user_pref("browser.search.defaultengine", "Google (avast)"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\vincent\AppData\Roaming\TomTom\HOME\Profiles\mein93oz.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\vincent\AppData\Roaming\Mozilla\Firefox\Profiles\b3riiftb.default 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash F114FBA6246530B89DD1E04351E0EAC5 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 Google Drive - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo FoxTrick - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfbbngccefbbndginomofgpagkjckik AVG Web TuneUp - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Adblock for Youtube - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk Google Search - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Lone Tree - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip Chrome Web Store Payments - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3jdlwnuo8nsnr.cloudfront.net_0.localstorage deleted successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_editorial.nl.softonic.com_0.localstorage deleted successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="https://safesearch.avira.com/#web/result?source=art&q=" "Search Bar"="https://www.google.com/?trackid=sp-006" "Default_Page_URL"="https://safesearch.avira.com/#web/result?source=art&q=" "Default_Search_URL"="https://safesearch.avira.com/#web/result?source=art&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://safesearch.avira.com/#web/result?source=art&q=" "Search Page"="https://safesearch.avira.com/#web/result?source=art&q=" "Search Bar"="https://www.google.com/?trackid=sp-006" "Default_Page_URL"="https://safesearch.avira.com/#web/result?source=art&q=" "Default_Search_URL"="https://safesearch.avira.com/#web/result?source=art&q=" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="https://safesearch.avira.com/#web/result?source=art&q=" "Search Page"="https://safesearch.avira.com/#web/result?source=art&q=" "Search Bar"="https://www.google.com/?trackid=sp-006" "Default_Page_URL"="https://safesearch.avira.com/#web/result?source=art&q=" "Default_Search_URL"="https://safesearch.avira.com/#web/result?source=art&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" HKLM\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} - http://www.google.com/search?q={searchTerms} HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" HKLM\Wow6432Node\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} - http://www.google.com/search?q={searchTerms} HKLM\Wow6432Node\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} HKCU\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} ==== Reset Google Chrome ====================== C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Web Data.protect was reset successfully C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCleaner.exe deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Z2W183P will be deleted at reboot C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3BAR1E1 will be deleted at reboot C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XAHFZ1ZS will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\vincent\AppData\Local\Mozilla\Firefox\Profiles\b3riiftb.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\vincent\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2730 folders=341 893736987 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\vincent\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\vincent\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\IObit" not found "C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Z2W183P" not found "C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3BAR1E1" not found "C:\Users\vincent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XAHFZ1ZS" not found ==== EOF on zo 29-11-2015 at 11:20:05,40 ======================