Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Gert on do 07/01/2016 at 12:05:21,85. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gert\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 7/01/2016 12:07:54 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\TomTom DesktopSuite deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Gert\AppData\Local\ActiveSync deleted successfully C:\Users\Gert\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Gert\AppData\Local\EmieSiteList deleted successfully C:\Users\Gert\AppData\Local\EmieUserList deleted successfully C:\Users\Gert\AppData\Local\GHISLER deleted successfully C:\Users\Gert\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-87637798-3721241630-285177012-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-87637798-3721241630-285177012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-87637798-3721241630-285177012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 64 Bit HP CIO Components Installer 6500_E709_eDocs 6500_E709_Help 6500_E709a Adobe Acrobat Reader DC - Nederlands Adobe Refresh Manager AVG AVG 2016 AVG PC TuneUp AVG Protection AVG Web TuneUp AVG Zen bpd_scan BPDSoftware BPDSoftware_Ini BufferChm Definition Update for Microsoft Office 2010 (KB3114412) 32-Bit Edition Destinations DeviceDiscovery DocProc Fax FMW 1 Google Chrome Google Update Helper GPBaseService2 HP Customer Experience Enhancements HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Officejet 6500 E709 Series HP Solution Center 14.0 HP Support Assistant HP Support Solutions Framework HP Update HPProductAssistant HPSSupply MarketResearch Microsoft Office 2010 voor Thuisgebruik en Zakelijke toepassingen Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD MyDriveConnect 4.0.6.2383 Network64 OCR Software by I.R.I.S. 14.0 ProductContext Scan Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3114415) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2878230) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598244) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3054978) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3085594) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3101526) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shop for HP Supplies SolutionCenter Status Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TomTom HOME 2.7.3.1894 Toolbox Total Commander 64-bit (Remove or Repair) TrayApp Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114399) 32-Bit Edition Update for Microsoft Office 2010 (KB3114404) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3085604) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3101535) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio C++ 10.0 Runtime VLC media player WebReg WinRAR 5.21 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\SysWOW64\svchost.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe C:\Windows\syswow64\MsiExec.exe C:\Users\Gert\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gert\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TuneUp.UtilitiesSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\TomTom DesktopSuite not found C:\ProgramData\Avg_Update_0715tb deleted C:\ProgramData\AVG Security Toolbar deleted C:\Program Files\AVG Web TuneUp deleted C:\windows\SysNative\Tasks\0715tbUpdateInfo deleted C:\WINDOWS\tasks\0715tbUpdateInfo.job deleted C:\found.001 deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\Avg_Update_0215tb deleted C:\PROGRA~3\Avg_Update_1015avt deleted C:\PROGRA~3\Avg_Update_1215avt deleted C:\PROGRA~3\AVG Secure Search deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Gert\AppData\LocalLow\AVG Web TuneUp deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\html.dat" not deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavgx.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_nl.lng" not deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuuix.dll" deleted "C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.2.3\avgdttbx.dll" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\log4cplusU.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.3\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.3\log4cplusU.dll" deleted "C:\Program Files (x86)\AVG Web TuneUp" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp" not deleted "C:\Users\Gert\AppData\Local\AVG Web TuneUp" deleted "C:\PROGRA~2\AVG Web TuneUp" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\found.000" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.2.3" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3" deleted "C:\Users\Gert\AppData\Local\AVG Web TuneUp\Chrome" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.3" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.3" deleted ==== Registry Search Results for "{B658800C-F66E-4EF3-AB85-6C0C227862A9}" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\Programmable] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol] "CLSID"="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE\CLSID] @="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1\CLSID] @="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\Programmable] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\PROTOCOLS\Handler\viprotocol] "CLSID"="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16302 MB CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz CPU Speed: 3480,9 MHz Sound Card: Luidsprekers (2- High Definitio | Digitale uitvoer (High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 Monitors: 1x; Generic PnP Monitor | Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet-controller (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224BB Ports: COM2 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 930,7GB | E: 931,5GB Hard Disks - Free: C: 842,7GB | E: 331,8GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 07/13/12 | GBT - 42302e31 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. H61M-D2H-USB3 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Default Browser: Google Chrome 47.0.2526.106 Internet Explorer Version: 11.11.10586.0 Google Chrome version: 47.0.2526.106 Adobe Reader version: 15.9.20077.160923 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-12-13 01:36:51 7F19DC20DA68F9879A1CB955986C1699 1698 ------w- C:\WINDOWS\hpwmdl23.dat 2015-12-13 01:36:51 4FAC55422AD334F7466561471E6A9A3A 226442 ----a-w- C:\WINDOWS\hpwins23.dat ====== C:\Users\Gert\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2016-01-05 16:00:08 D9DBF8C9852127E2F2E2BACA6B6DA7D0 350 ----a-w- C:\WINDOWS\Tasks\HPCeeScheduleForGert.job 2016-01-05 16:00:08 1BA14DE8639CC9662DA859D9C1478726 3234 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPCeeScheduleForGert 2015-12-25 11:30:31 51573E13C4A44AA3CCAFB8C301150133 2904 ----a-w- C:\WINDOWS\Sysnative\Tasks\AVGPCTuneUp_Task_BkGndMaintenance 2015-12-13 01:27:01 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Hewlett-Packard ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-01-06 12:25:12 -------- d-----w- C:\Program Files\trend micro 2015-12-10 14:01:26 -------- d-----w- C:\Program Files\Common Files\AVG Secure Search ======= C:\PROGRA~2 ===== 2015-12-13 02:13:40 -------- d-----w- C:\PROGRA~2\AVG 2015-12-13 01:38:42 -------- d-----w- C:\PROGRA~2\COMMON~1\HP 2015-12-13 01:38:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Hewlett-Packard 2015-12-13 01:37:42 -------- d---a-w- C:\PROGRA~2\HP 2015-12-13 01:26:33 -------- d---a-w- C:\PROGRA~2\Hewlett-Packard 2015-12-08 20:00:07 -------- d-----w- C:\PROGRA~2\VideoLAN ======= C: ===== ====== C:\Users\Gert\AppData\Roaming ====== 2015-12-28 12:32:25 -------- d-----w- C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2015-12-24 08:36:42 -------- d-----w- C:\Users\Default\AppData\Local\AVG 2015-12-24 08:36:42 -------- d-----w- C:\Users\Default User\AppData\Local\AVG 2015-12-13 02:13:57 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog 2015-12-13 02:13:57 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg 2015-12-13 02:13:54 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg 2015-12-13 02:12:58 -------- d-----w- C:\Users\Gert\AppData\Local\AvgSetupLog 2015-12-13 01:41:52 -------- d-----w- C:\Users\Gert\AppData\Local\HP 2015-12-13 01:31:27 -------- d-----w- C:\Users\Gert\AppData\Local\Hewlett-Packard 2015-12-09 11:10:00 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing ====== C:\Users\Gert ====== 2016-01-06 12:25:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gert\Downloads\RSITx64.exe 2016-01-06 12:20:06 54760F6D9991A94FE0B6CD83AE8377B4 584288 ----a-w- C:\Users\Gert\Downloads\JavaSetup8u66.exe 2016-01-05 15:42:37 7AD80A3DB9DDAD5CB01998DD9FB404B8 127059552 ----a-w- C:\Users\Gert\Downloads\sup_2016_en_x64.exe 2015-12-13 02:15:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-12-13 02:14:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2015-12-13 02:13:40 -------- d---a-w- C:\ProgramData\Avg 2015-12-13 02:10:52 -------- d-----w- C:\ProgramData\Comodo 2015-12-13 01:43:41 -------- d-----w- C:\ProgramData\WEBREG 2015-12-13 01:40:00 -------- d---a-w- C:\ProgramData\HP Product Assistant 2015-12-13 01:39:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-12-13 01:29:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2015-12-13 01:28:54 -------- d-----w- C:\ProgramData\Hewlett-Packard 2015-12-08 20:00:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-12-08 15:59:37 -------- d-----r- C:\Users\Gert\3D Objects ====== C: exe-files == 2016-01-07 10:57:08 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Gert\AppData\Local\Temp\EC79516A-361F-4957-8ECB-C49375697A23\DismHost.exe 2016-01-07 10:17:28 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Gert\AppData\Local\Temp\46D389F1-01F4-4051-8E6C-EE289ACDB970\DismHost.exe 2016-01-06 12:25:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gert.exe 2016-01-06 12:25:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gert\Downloads\RSITx64.exe 2016-01-06 12:20:06 54760F6D9991A94FE0B6CD83AE8377B4 584288 ----a-w- C:\Users\Gert\Downloads\JavaSetup8u66.exe 2016-01-05 20:06:53 D58EB15860FCC8DC283FB9F9A1619D1E 691112 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe 2016-01-05 20:06:53 8C2F30118D43F21E7A44BFE2EABF3721 2245544 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-01-05 20:06:53 72168C84D5BD8FC40F0AE7B1709C32BC 3157928 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe 2016-01-05 15:56:43 AD51039C52EC0C31D3F2FA83721D6E61 703816 ----a-w- C:\Users\Gert\AppData\Local\Temp\sketchup_install\setup.exe 2016-01-05 15:42:37 7AD80A3DB9DDAD5CB01998DD9FB404B8 127059552 ----a-w- C:\Users\Gert\Downloads\sup_2016_en_x64.exe 2016-01-04 16:26:09 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Gert\AppData\Local\Temp\67915AF3-1FDE-4528-AD20-E8073BB48111\DismHost.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-87637798-3721241630-285177012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_32E6EDDFE2E53411D374648DC59D1FA4"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "OneDrive"="C:\Users\Gert\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-87637798-3721241630-285177012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_12\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_12\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_32E6EDDFE2E53411D374648DC59D1FA4"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "OneDrive"="C:\Users\Gert\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_12\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_12\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/09/2015 12:40] C:\WINDOWS\tasks\HPCeeScheduleForGert.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16/06/2015 09:51] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForGert" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{87358353-D056-49DE-B2F2-57D095DBB1D3}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gert\AppData\Roaming\TomTom\HOME\Profiles\fj6g3cni.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Slides - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo AVG Web TuneUp - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Google Search - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Dropbox for Gmail - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec Google Sheets - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Video Player - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdebnehfojpoccpaocfbelbclfnpbmij Google Docs Offline - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi iLivid - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf Chrome Web Store Payments - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ringshoppingkortrijknoord.be_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ringshoppingkortrijknoord.be_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.freelogoservices.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.freelogoservices.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.freelogoservices.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.freelogoservices.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.top-cruise-deals.com_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.top-cruise-deals.com_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage deleted successfully C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={27960FEB-23B7-48D9-8411-F0EF92F13209}&mid=c6947c8d597b47d29dd3416272076388-0499cd594e189ba870b6e8f880fc4d319d0c683c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-12 16:06:35&v=4.1.0.411&pid=wtu&sg=&sap=hp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_32E6EDDFE2E53411D374648DC59D1FA4] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gert\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_12\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_12\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (file missing) O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2993 folders=311 711838120 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Gert\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\AVG\AVG PC TuneUp\html.dat" not found "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_nl.lng" not found "C:\Program Files (x86)\AVG\AVG PC TuneUp" not found ==== EOF on do 07/01/2016 at 12:37:44,84 ======================