Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Gebruiker on do 17/04/2014 at 9:06:21,96. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek 2.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 17/04/2014 9:08:13 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Acro Software deleted successfully C:\Program Files\Activeris AntiMalware deleted successfully C:\Program Files\Nero deleted successfully C:\Program Files\RoyalShopPerAppp deleted successfully C:\Program Files\SalesChecker deleted successfully C:\Program Files\savvinsshhop deleted successfully C:\Users\Gebruiker\AppData\Roaming\Canon deleted successfully C:\Users\Gebruiker\AppData\Roaming\Download Manager deleted successfully C:\Users\Gebruiker\AppData\Roaming\UltraVNC deleted successfully C:\Users\Gebruiker\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Gebruiker\AppData\Local\CrashDumps deleted successfully C:\Users\Gebruiker\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-603196676-56825728-1553932796-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAA3C06A-BB01-BA82-5B8F-89E74A770107} deleted successfully HKEY_USERS\S-1-5-21-603196676-56825728-1553932796-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAA3C06A-BB01-BA82-5B8F-89E74A770107} deleted successfully HKEY_USERS\S-1-5-21-603196676-56825728-1553932796-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3DA81344-1002-42BF-AC93-E12CCB1FED9E} deleted successfully HKEY_USERS\S-1-5-21-603196676-56825728-1553932796-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully HKEY_USERS\S-1-5-21-603196676-56825728-1553932796-1000\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAA3C06A-BB01-BA82-5B8F-89E74A770107} deleted successfully HKEY_CLASSES_ROOT\CLSID\{CAA3C06A-BB01-BA82-5B8F-89E74A770107} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAA3C06A-BB01-BA82-5B8F-89E74A770107} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== c:\progra~1\optimizer not found C:\ProgramData\dEal44mae deleted C:\Windows\system32\appdata deleted C:\Users\Gebruiker\AppData\LocalLow\{230E093C-5134-8838-096C-C3ECBD84A4BB} deleted C:\Users\Gebruiker\AppData\LocalLow\{3C1C710A-007C-4771-885B-DACB99F235E1} deleted C:\Users\Gebruiker\AppData\LocalLow\{3DDD1196-A2A5-35F9-8C04-E2706D562308} deleted C:\Users\Gebruiker\AppData\LocalLow\{CAA3C06A-BB01-BA82-5B8F-89E74A770107} deleted C:\Users\Gebruiker\AppData\Local\avgchrome deleted C:\Users\Gebruiker\AppData\LocalLow\DataMngr deleted C:\Windows\system32\sasnative32.exe deleted C:\Windows\System32\InstallUtil.InstallLog deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\Gebruiker\AppData\Local\AnyProtectScannerSetup.exe deleted "C:\Users\Gebruiker\AppData\Roaming\driver\driver.html" deleted "C:\Users\Gebruiker\AppData\Roaming\driver" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-04-07 15:35:20 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-04-06 19:25:59 EC3943C1838A51246751AA9A2CACB6AC 601400 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\UpdateWizard_85205\tulic.dll 2014-04-06 19:25:59 5D98C7A746137AE06D907D98E7882313 2163000 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\UpdateWizard_85205\SilentUpdater.exe 2014-04-06 19:18:45 64AAADD364A6F0BA10673BC4274EC608 4096000 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\Lang_nl-NL.msi 2014-04-06 17:23:38 3C74C26999F2060BC6302448F173A342 340464 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\uninst1.exe ====== Java Cache ===== 2014-03-21 11:13:27 5C04309DE589AE31CD481D4D994F5344 99 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap ====== C:\Windows\system32 ===== 2014-04-16 10:04:23 F9B5BFDBDFE770EF2E9D6105C6C2FA0E 110592 ----a-w- C:\Windows\System32\CNC490I.dll 2014-04-16 10:04:23 F36DF06A6046E7D574FFADF0259386ED 303104 ----a-w- C:\Windows\System32\CNC490L.dll 2014-04-16 10:04:23 BB13EBC7467DAA8D39188CC6B107AE99 106496 ----a-w- C:\Windows\System32\CNC490U.dll 2014-04-16 10:04:23 76783FCB42E603A5839E33E97130D02D 1310720 ----a-w- C:\Windows\System32\CNC490C.dll 2014-04-10 18:53:12 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\System32\vbscript.dll 2014-04-10 18:53:11 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\System32\ieui.dll 2014-04-10 18:53:06 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-04-10 18:53:05 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-04-10 18:53:05 116632CE6DF92EA78C2B849E1279B1FA 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-04-10 18:53:04 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-04-10 18:53:04 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\System32\msfeeds.dll 2014-04-10 18:53:04 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-04-10 18:53:03 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-04-10 18:53:03 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\System32\dxtrans.dll 2014-04-10 18:53:02 E5E97E94DD9D69D8EE90CFA96156CD8A 575488 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-10 18:53:02 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-04-10 18:53:02 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-10 18:53:02 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-04-10 18:53:01 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-04-10 18:53:01 BECAA526B8A1823A36A1BA123B8C41A9 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-10 18:53:01 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-04-10 18:53:01 2101D94DED769CE86A3DE1152F4FCDF5 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-10 18:53:01 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-04-10 18:52:59 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\System32\iertutil.dll 2014-04-10 18:52:58 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\System32\wininet.dll 2014-04-10 18:52:58 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-04-10 18:52:58 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\System32\urlmon.dll 2014-04-10 18:52:57 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\System32\ieframe.dll 2014-04-10 18:52:56 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\System32\mshtml.dll 2014-04-10 18:52:56 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\System32\jscript9.dll 2014-04-09 07:24:33 F74FFA7654702F81884BDB41EB80DAC2 868352 ----a-w- C:\Windows\System32\kernel32.dll 2014-04-06 19:26:29 A0265D720F0F4B0496A2D679D64C2E83 35640 ----a-w- C:\Windows\System32\uxtuneup.dll 2014-04-06 19:23:58 C33CA1A7B95318D945F96A794E3C0DE7 25400 ----a-w- C:\Windows\System32\authuitu.dll 2014-04-06 19:23:58 7E78A1F4864C7D71FA38AF06478B8949 36152 ----a-w- C:\Windows\System32\TURegOpt.exe ====== C:\Windows\system32\drivers ===== 2014-04-16 17:56:06 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-04-16 17:55:47 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-04-16 17:55:47 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-04-16 17:55:47 0C6EA0109CFEDF441F06D031E9A8D1A9 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-04-09 07:24:35 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys 2014-04-09 07:24:35 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2014-04-09 07:24:35 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2014-04-09 07:24:34 C8DFF8D07755A66C7A4A738930F0FEAC 1212352 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-04-07 16:49:46 E987A9CB539147527F56943BB34B7375 142936 ----a-w- C:\Windows\System32\drivers\SYMEVENT.SYS 2014-04-07 16:49:46 A56FDE291912C739D5EDC705B4552D19 805 ----a-w- C:\Windows\System32\drivers\SYMEVENT.INF 2014-04-07 16:49:46 8128DD4852B101ABD9CFB2B93B7EEC0E 8194 ----a-w- C:\Windows\System32\drivers\SYMEVENT.CAT ====== C:\Windows\Tasks ====== 2014-04-16 07:40:26 B70E13A5FB6CF9E4FD355FE15F33C8B3 3758 ----a-w- C:\Windows\system32\Tasks\AutoKMS 2014-04-07 16:06:08 7AF288FE0349A1045C5BE98508430BB6 2750 ----a-w- C:\Windows\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-04-07 07:52:37 B0EA0EAEB4E57D0FB56A51150EA773A6 3670 ----a-w- C:\Windows\system32\Tasks\Adobe-online actualiseringsprogramma 2014-03-31 19:44:02 661500EC2F0DB913FF9DF6DD143C4351 3362 ----a-w- C:\Windows\system32\Tasks\{B4337A43-9EEC-4ACB-9390-61DA2EF5E099} 2014-03-21 07:12:51 D3E59287F7F8A530CE57192A36B63B9F 3094 ----a-w- C:\Windows\system32\Tasks\Activeris AntiMalware_startup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-15 19:44:06 -------- d-----w- C:\Program Files\trend micro 2014-04-07 08:09:26 712264 ----a-w- C:\Program Files\4zUninstall VideoDownloadConverter.dll 2014-04-07 08:09:26 194968 ----a-w- C:\Program Files\4zres.dll 2014-04-06 17:18:41 712264 ----a-w- C:\Program Files\8hUninstall Allin1Convert.dll 2014-04-06 17:18:41 194952 ----a-w- C:\Program Files\8hres.dll 2014-04-04 17:42:38 707728 ----a-w- C:\Program Files\39Uninstall MapsGalaxy.dll 2014-03-18 19:34:34 -------- d-----w- C:\Program Files\Browny02 2014-03-18 19:34:28 -------- d-----w- C:\Program Files\ControlCenter4 2014-03-18 19:34:12 -------- d-----w- C:\Program Files\Brother 2014-03-18 19:27:46 -------- d-----w- C:\Program Files\Common Files\ScanSoft Shared 2014-03-18 19:27:45 -------- d-----w- C:\Program Files\Nuance ======= C: ===== 2014-04-17 07:01:19 904480A33CBB91731AC687D6181276B2 29 ----a-w- C:\HeartbeatConfig.xml 2014-04-17 07:01:18 BC863E581138F3124F9D556D5EEDFCD6 29 ----a-w- C:\OLicenseHeartbeat.exe ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-04-10 19:10:02 -------- d-sh--w- C:\Users\Gebruiker\AppData\Locallow\EmieUserList 2014-04-10 19:08:47 -------- d-sh--w- C:\Users\Gebruiker\AppData\Local\EmieUserList 2014-04-10 19:08:47 -------- d-sh--w- C:\Users\Gebruiker\AppData\Local\EmieSiteList 2014-04-10 18:59:04 -------- d-sh--w- C:\Users\Gebruiker\AppData\Locallow\EmieSiteList 2014-04-07 08:22:22 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Apps 2014-04-07 08:22:21 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Deployment 2014-04-06 19:23:28 -------- d-----w- C:\Users\Gebruiker\AppData\Local\AVG 2014-03-31 19:25:46 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Canon Easy-WebPrint EX2 2014-03-31 19:25:46 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Canon Easy-WebPrint EX 2014-03-18 19:49:45 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Nuance 2014-03-18 19:45:22 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\FLEXnet 2014-03-18 19:44:11 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\ControlCenter4 2014-03-18 19:31:29 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\InstallShield 2014-03-18 19:28:30 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Nuance ====== C:\Users\Gebruiker ====== 2014-04-16 17:55:10 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Gebruiker\Desktop\mbam-setup-2.0.0.1000.exe 2014-04-16 17:38:22 04B47DEEB298AE90A0C42DEAED71F8BA 1426178 ----a-w- C:\Users\Gebruiker\Desktop\adwcleaner.exe 2014-04-16 10:05:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP490 series 2014-04-16 10:05:16 -------- d--h--w- C:\ProgramData\CanonBJ 2014-04-15 19:43:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Gebruiker\Desktop\RSIT.exe 2014-04-07 16:42:30 -------- d-----w- C:\ProgramData\PCSettings 2014-04-06 17:54:59 -------- d-----w- C:\ProgramData\RoyalShopPerAppp 2014-03-21 11:29:02 -------- d-----w- C:\ProgramData\e3a10b27f62df8d6 2014-03-21 11:12:22 -------- d-----w- C:\ProgramData\Oracle 2014-03-18 19:36:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2014-03-18 19:34:34 -------- d-----w- C:\ProgramData\ControlCenter4 2014-03-18 19:29:46 -------- d-----w- C:\ProgramData\zeon 2014-03-18 19:28:22 -------- d-----w- C:\ProgramData\ScanSoft 2014-03-18 19:28:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12 2014-03-18 19:27:45 -------- d-----w- C:\ProgramData\Nuance 2014-03-18 19:27:45 -------- d-----w- C:\ProgramData\FLEXnet 2014-03-18 19:22:27 -------- d-----w- C:\ProgramData\Brother ====== C: exe-files == 2014-04-17 07:01:18 BC863E581138F3124F9D556D5EEDFCD6 29 ----a-w- C:\OLicenseHeartbeat.exe 2014-04-16 17:55:10 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Gebruiker\Desktop\mbam-setup-2.0.0.1000.exe 2014-04-16 17:38:22 04B47DEEB298AE90A0C42DEAED71F8BA 1426178 ----a-w- C:\Users\Gebruiker\Desktop\adwcleaner.exe 2014-04-16 10:05:20 8386B91589F474107BF7F02A38F9A8E5 451928 ----a-w- C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series\DelDrv.exe 2014-04-16 10:05:04 F4AB2BCAFBDD2BABC78E893327CCFC23 58192 ----a-w- C:\Windows\System32\spool\drivers\w32x86\3\CNMVS9Y.EXE 2014-04-16 10:05:04 F4AB2BCAFBDD2BABC78E893327CCFC23 58192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mp490p3.inf_x86_neutral_afc5157baf61e686\CNMVS.EXE 2014-04-16 10:05:03 DBEA446923C8A0078D089C7758EDA943 18768 ----a-w- C:\Windows\System32\spool\drivers\w32x86\3\CNMSE9Y.EXE 2014-04-16 10:05:03 DBEA446923C8A0078D089C7758EDA943 18768 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mp490p3.inf_x86_neutral_afc5157baf61e686\CNMSE.EXE 2014-04-15 19:44:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-04-15 19:43:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Gebruiker\Desktop\RSIT.exe 2014-04-10 18:53:02 E5E97E94DD9D69D8EE90CFA96156CD8A 575488 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-10 18:53:02 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-10 18:53:01 BECAA526B8A1823A36A1BA123B8C41A9 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-10 18:53:01 2101D94DED769CE86A3DE1152F4FCDF5 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-10 18:52:59 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-10 18:52:58 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-10 18:52:58 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe === C: other files == 2014-04-16 17:56:06 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-04-16 17:55:47 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-04-16 17:55:47 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-04-16 17:55:47 0C6EA0109CFEDF441F06D031E9A8D1A9 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-603196676-56825728-1553932796-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe " "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Akamai NetSession Interface"="C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler " [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinVNC"="C:\Program Files\Brein Support\vnc\WinVNC.exe -servicehelper " "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe " "IndexSearch"="C:\Program Files\Nuance\PaperPort\IndexSearch.exe " "PaperPort PTD"="C:\Program Files\Nuance\PaperPort\pptd40nt.exe " "PDFHook"="C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe " "PDF5 Registry Controller"="C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe " "ControlCenter4"="C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun " "BrStsMon00"="C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe " "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Akamai NetSession Interface"="C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "ArcSoft Connection Service"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" "PPort12reminder"="\"C:\\Program Files\\Nuance\\PaperPort\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\ScanSoft\\PaperPort\\12\\Config\\Ereg\\Ereg.ini\"" ==== Startup Folders ====================== 2010-04-08 19:12:48 1047 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2010-02-19 09:06:45 1028 ---ha-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch VNC Service.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2014 10:32] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Activeris AntiMalware_startup" [C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\ArcSoft Connect Daemon" [C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] "C:\Windows\system32\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\Driver Whiz-RTMRules" [C:\Program Files\Driver Whiz\Driver Whiz\DriverWhiz.exe] "C:\Windows\system32\tasks\Driver Whiz-RTMScan" [C:\Program Files\Driver Whiz\Driver Whiz\DriverWhiz.exe] "C:\Windows\system32\tasks\Driver Whiz-RTMScanRunOnce" [C:\Program Files\Driver Whiz\Driver Whiz\DriverWhiz.exe] "C:\Windows\system32\tasks\Driver Whiz-RTMUpdater" [C:\Program Files\Driver Whiz\Driver Whiz\DriverWhiz.exe] "C:\Windows\system32\tasks\Gebruiker Local Autobackup 5 4" [C:\Program Files\Nero\Nero 10\Nero BackItUp\NBCore.exe] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe"] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\Start Registry Reviver" [C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe] "C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{00ADCCF7-F930-492D-8D59-6439517F99F8}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{035CAD74-68F4-4189-8378-50C349051380}" [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] "C:\Windows\system32\tasks\{09C2764D-B9CD-4A25-8059-1D93C7E645EF}" [C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE] "C:\Windows\system32\tasks\{133055D3-A998-4656-AB21-56DB1A87717B}" [C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE] "C:\Windows\system32\tasks\{19D4009C-FB16-41C7-B677-3C2A556349A4}" [C:\hp_CLJ_2820-2840_Vista_Full_Solution\hpzsetup.exe] "C:\Windows\system32\tasks\{1C0E1182-C3D9-4B90-B759-880320DB1566}" [C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe] "C:\Windows\system32\tasks\{35A77550-2AFB-4479-B79B-1067283F357B}" [C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE] "C:\Windows\system32\tasks\{43480C8A-7CF6-4E49-AC4B-1E1D12996A48}" [C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE] "C:\Windows\system32\tasks\{5C821C04-5AD5-4096-967D-A2B109A5E1BF}" [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] "C:\Windows\system32\tasks\{6BD2E6EC-1430-4090-AFF9-627643B6C727}" [C:\hp_CLJ_2820-2840_Vista_Full_Solution\hpzsetup.exe] "C:\Windows\system32\tasks\{D92C7A04-1ED8-4000-9A03-CE94C081C88A}" [C:\Program Files\C-Logic\Venice\Venice.exe] "C:\Windows\system32\tasks\{DBA20D52-3A98-4CB7-B5EF-CBBB8DAE12D0}" [C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE] "C:\Windows\system32\tasks\{EB862BAF-7E80-42CA-AAEB-FDA1CC3805F8}" [C:\Program Files\Microsoft Office\Office12\MSACCESS.EXE] "C:\Windows\system32\tasks\{FB09B3FB-BBCD-4BFB-9F35-290A9CDC1BD5}" [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] "C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files\Norton Internet Security\Engine\21.2.0.38\SymErr.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files\Norton Internet Security\Engine\21.2.0.38\SymErr.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn" [17/04/2014 09:03] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx[11/03/2014 22:44] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?ocid=U218DHP&pc=U218" "Secondary Start Pages"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://be.msn.com/default.aspx?ocid=U218DHP&pc=U218" "Secondary Start Pages"="http://be.msn.com/default.aspx?ocid=U218DHP&pc=U218" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {9805D2CF-3F97-4EE6-9F5A-57AB1FEDEAE9} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7GGLL_nl" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=15 folders=14 1747189 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 17/04/2014 at 17:19:48,42 ======================