
Zoek.exe Version 4.0.0.5 Updated 13-October-2013
Tool run by Feyenoord on zo 13-10-2013 at 20:42:50,18.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Feyenoord\Desktop\Hulpprogramma forum voor pc problemen\zoekzip\zoek.com [Script inserted] [Checkboxes used]

==== System Restore Info ======================

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

Deleted from C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\prefs.js:

Added to C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}] 

==== Deleting Files \ Folders ======================

"C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\extensions\508988c4c52b2@508988c4c52eb.com" not found 
"C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\extensions\50898ba6af887@50898ba6af8c1.com" not found 
"C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\extensions\addon@freecorder.com" not found 
"C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack" not found 
"C:\Program Files\SPEEDbit Video Downloader" not found 
"C:\Program Files\SearchPredict" not found 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\FEYENO~1\AppData\Local\Temp ====
2013-10-13 09:06:03	3BE7E9281A4492A0D13D46A7145A0AFF	1160704	----a-w-	C:\Users\Feyenoord\AppData\Local\Temp\speccycpuid.dll
2013-10-12 19:30:35	178A34E5554DCE485E1262DDF027960C	2237968	----a-w-	C:\Users\Feyenoord\AppData\Local\Temp\3BB84195-0796-494B-9FFE-281858207315.exe
2013-10-09 13:01:16	FAA354835C405FD35AFD7A27093B76E5	4121952	----a-w-	C:\Users\Feyenoord\AppData\Local\Temp\Temp1_tdsskiller.zip\TDSSKiller.exe
2013-10-09 13:01:16	FAA354835C405FD35AFD7A27093B76E5	4121952	----a-r-	C:\Users\Feyenoord\AppData\Local\Temp\{C06E3216-3AE0-4ECC-B64E-CE6ECBFF0C89}.exe
2013-10-01 13:25:36	9981CAFF28C302408BDBC20962890809	6739896	----a-w-	C:\Users\Feyenoord\AppData\Local\Temp\TeamViewer\Version8\update.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2013-10-11 23:38:28	6C3B87CFF97CFAA1388D3B97900CED09	17226632	----a-w-	C:\Windows\System32\FlashPlayerInstaller.exe
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2013-10-11 10:58:15	ABF2E77F36FDE1F4F46AC9DE4F1CB9A6	4182	----a-w-	C:\Windows\system32\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-13 14:37:46	50053120	----a-w-	C:\Program Files\GUTEBAC.tmp
2013-10-13 14:37:46	--------	d-----w-	C:\Program Files\GUMEBAB.tmp
2013-10-13 08:53:40	4188160	----a-w-	C:\Program Files\GUT5E85.tmp
2013-10-13 08:53:40	--------	d-----w-	C:\Program Files\GUM5E84.tmp
2013-10-11 18:37:49	--------	d-----w-	C:\Program Files\SpywareBlaster
2013-10-06 18:48:28	--------	d-----w-	C:\Program Files\Trusteer
======= C: =====
2013-10-08 19:53:30	F54A68BA8E6E7D528A6655C610ADB232	2251	----a-w-	C:\DelFix.txt
====== C:\Users\Feyenoord\AppData\Roaming ======
2013-10-10 15:24:04	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\temp
2013-10-10 15:24:04	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2013-10-10 15:24:04	--------	d-----w-	C:\Users\Manolo\AppData\Local\temp
2013-10-10 15:24:04	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2013-10-10 15:24:04	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
2013-10-07 07:22:05	--------	d-----w-	C:\Users\Feyenoord\AppData\Local\Temp
====== C:\Users\Feyenoord ======
2013-10-13 08:43:02	A0E9A27B051ACEB918F7DBB88BBF3DB3	5552488	----a-w-	C:\Users\Feyenoord\Desktop\spsetup123.exe
2013-10-12 08:57:11	178A34E5554DCE485E1262DDF027960C	2237968	----a-w-	C:\Users\Feyenoord\Desktop\tdsskiller.exe
2013-10-11 18:37:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2013-10-11 18:16:05	30D0AD41CC60C6A62277BB350A1EBE4E	4369632	----a-w-	C:\Users\Feyenoord\Desktop\ccsetup406.exe
2013-10-08 19:51:58	1A14242EB1E14069DDDFAAA3BCC45149	706916	----a-w-	C:\Users\Feyenoord\Desktop\delfix.exe
2013-10-06 20:16:05	09D024F5167E0019AAE70092A13CCE6A	232016	----a-w-	C:\Users\Feyenoord\Desktop\DriverTurboSetup.exe
2013-10-06 18:48:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging

====== C: exe-files ==
2013-10-11 18:46:45	6B74CD3C871F728CDAF887E8ECBFE8F4	1593776	------w-	C:\EEK\start.exe
2013-10-11 18:46:44	DC3C17C18CECFB1B855682F43DE3F153	2559344	------w-	C:\EEK\Run\a2cmd.exe
2013-10-11 18:46:44	CA13B34B327982D5C07667CE56B05106	4988048	------w-	C:\EEK\Run\a2emergencykit.exe
2013-10-11 18:46:44	59900A239E2E57EA6635ED984B31FE6C	3754368	------w-	C:\EEK\Run\a2HiJackFree.exe
2013-10-11 18:46:44	3D7E47A121A58F7E1E639419E7CB28C0	1153912	------w-	C:\EEK\Run\BlitzBlank.exe
=== C: other files ==
2013-10-12 09:28:59	41A193EC5451521CADDF20B9DB294A35	180	---ha-w-	C:\Program Files\Common Files\X10\Common\x10prod.sys
2013-10-11 18:46:46	E264626EEA468F0325C244CB9ECDDEB4	57024	------w-	C:\EEK\Run\cleanhlp64.sys
2013-10-11 18:46:46	B0CC0B50441372157F31C4C023D43A3E	22056	------w-	C:\EEK\Run\a2ddax86.sys
2013-10-11 18:46:46	85F1DDEA3C10921190CDBA107B22590C	50200	------w-	C:\EEK\Run\cleanhlp32.sys
2013-10-11 18:46:45	D27A8B7BB0E15DFBFC6B4E774EE17AD9	26176	------w-	C:\EEK\Run\a2ddax64.sys
2013-10-11 18:46:44	91A5B1985EFADC296720FC36E55C7A5B	56	------w-	C:\EEK\EmergencyKitScanner.bat
2013-10-11 18:46:44	8B5B86249D663FA50D4CA86497EC4F35	60	------w-	C:\EEK\CommandlineScanner.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-391695699-2751641936-1081476981-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -h"
"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"
"RtHDVCpl"="RtHDVCpl.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"FG_Monitor"="C:\Program Files\Folder Guard\FGKey.exe /Start"
"emsisoft anti-malware"="C:\Program Files\Emsisoft Anti-Malware\a2guard.exe /d=60"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\Windows\\System32\\guard32.dll C:\\Windows\\System32\\guard32.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS4ServiceManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS4ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BigDogPath323Domino]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BigDogPath323Domino"
"hkey"="HKLM"
"command"="C:\\Windows\\Domino.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BigDogPath323VMSnap]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BigDogPath323VMSnap"
"hkey"="HKLM"
"command"="C:\\Windows\\VMSnap23.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter3]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ControlCenter3"
"hkey"="HKLM"
"command"="C:\\Program Files\\Brother\\ControlCenter3\\brctrcen.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Family Tree Builder Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Family Tree Builder Update"
"hkey"="HKLM"
"command"="C:\\Program Files\\MyHeritage\\Bin\\FTBCheckUpdates.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FG_Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FG_Monitor"
"hkey"="HKLM"
"command"="C:\\Program Files\\Folder Guard\\FGKey.exe /Start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IAAnotif"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IndexSearch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ScanSoft\\PaperPort\\IndexSearch.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ISUSPM"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -scheduler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes Anti-Malware (reboot)]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Malwarebytes Anti-Malware (reboot)"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Malwarebytes' Anti-Malware (reboot)"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Monitor"
"hkey"="HKLM"
"command"="C:\\Windows\\PixArt\\PAC207\\Monitor.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mylbx]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mylbx"
"hkey"="HKLM"
"command"="C:\\Program Files\\My Lockbox\\mylbx.exe /a"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PaperPort PTD"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ScanSoft\\PaperPort\\pptd40nt.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Philips Device Listener]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Philips Device Listener"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Philips\\Philips Songbird Resources\\Autolauncher\\PhilipsDeviceListener.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PPort11reminder]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PPort11reminder"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ScanSoft\\PaperPort\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\ScanSoft\\PaperPort\\11\\Config\\Ereg\\Ereg.ini"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSBkgdUpdate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SSBkgdUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\"  -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TVEService]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TVEService"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\HomeCinema\\TV Enhance\\TVEService.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Service Manager.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Service Manager.lnk"
"backup"="C:\\Windows\\pss\\Service Manager.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\MI6841~1\\80\\Tools\\Binn\\sqlmangr.exe /n"
"item"="Service Manager"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""
"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\"  -osboot"
"Bonus.SSR.FR10"="\"C:\\Program Files\\ABBYY FineReader 10\\Bonus.ScreenshotReader.exe\" /autorun"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21-09-2013 11:38]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [16-10-2009 00:30]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [16-10-2009 00:30]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\system32\tasks\Real Player-online actualiseringsprogramma" [C:\Program Files\Common Files\Real\Update_OB\realsched.exe]
"C:\Windows\system32\tasks\SmartDefragUpdate" [C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2012" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{2460BAEC-E8D0-4DFD-B015-9B77E27E3F87}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\NCH Software\debutShakeIcon" [C:\Program Files\NCH Software\Debut\Debut.exe]
"C:\Windows\system32\tasks\NCH Software\expressburnShakeIcon" [C:\Program Files\NCH Software\ExpressBurn\ExpressBurn.exe]
"C:\Windows\system32\tasks\NCH Software\videopadShakeIcon" [C:\Program Files\NCH Software\VideoPad\VideoPad.exe]
"C:\Windows\system32\tasks\NCH Software\wavepadShakeIcon" [C:\Program Files\NCH Software\WavePad\WavePad.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"searchpredict@speedbit.com"="C:\Program Files\SearchPredict\PRFireFox" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"magicplayer@torrentstream.org"="C:\Users\Feyenoord\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org" [21-12-2012 15:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default
- Default Manager - %ProfilePath%\extensions\DefaultManager@Microsoft
- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- ThreeShips Helper Extension - %ProfilePath%\extensions\{9e1d7c80-43d1-11db-b0de-0800200c9a66}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- CSHelper - %ProfilePath%\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
- MAFIAAFire: ThePirateBay Dancing - %ProfilePath%\extensions\thepiratebay@mafiaafire.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- z - %AppDir%\extensions\{083674a4-522d-2942-3414-8a3ebc968f94}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ochbjojkpcmlfeagbaahkofepalngihg - C:\Users\Feyenoord\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx[12-10-2012 14:18]

YouTube - Feyenoord - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Feyenoord - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
TS Magic Player - Feyenoord - Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg
Gmail - Feyenoord - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Reset Google Chrome ======================

C:\Users\Feyenoord\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Feyenoord\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\searchpredict@speedbit.com deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard\FGKey.exe /Start
O4 - HKLM\..\Run: [emsisoft anti-malware] "C:\Program Files\Emsisoft Anti-Malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51A33A03-DC72-49B6-AD87-E36794BCE57B}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\Windows\System32\guard32.dll C:\Windows\System32\guard32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\system32\ASTSRV.EXE
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate1ca4de7257eaf83) (gupdate1ca4de7257eaf83) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Cryptainer service (ssoftservice) - Cypherix Software (India) Pvt. Ltd. - C:\Windows\system32\cryptainersrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

==== EOF on zo 13-10-2013 at 20:57:10,97 ======================