Zoek.exe v5.0.0.0 Updated 19-10-2014 Tool run by Eigenaar on do 23-10-2014 at 13:25:49,09. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HY08WN0W\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 23-10-2014 13:31:24 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\anysee deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\muziekopjepc.nl deleted successfully C:\Program Files\OPSWAT deleted successfully C:\Users\Eigenaar\AppData\Roaming\PeerNetworking deleted successfully C:\Users\Eigenaar\AppData\Local\ms-drivers deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.5 deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater not found C:\Users\Eigenaar\.android deleted C:\Program Files\GUT8DCA.tmp deleted C:\Program Files\GUM8DAA.tmp deleted C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk deleted C:\Users\Eigenaar\AppData\Local\TempPSTEMPFILEon080901.tmp deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted "C:\Users\Eigenaar\AppData\Local\{AE269291-BA5B-486B-A251-FC3E8CB42BD5}" deleted "C:\ProgramData\113bf54a-3f74-4599-ba2b-4ed99fe5db15" deleted "C:\PROGRA~2\1fcba940-4dbd-4e73-84d0-64c7384ac69a\3ccd0ef8-df71-4229-85e5-03431f9c5d6e" deleted "C:\PROGRA~2\1fcba940-4dbd-4e73-84d0-64c7384ac69a\4ca1ee60-1127-413e-a5d7-c76fe35bd418" deleted "C:\PROGRA~2\1fcba940-4dbd-4e73-84d0-64c7384ac69a\bb737a05-743c-491a-a02b-261a3e3f8003" deleted "C:\Programdata\Windows\dsdd.dat" deleted "C:\Programdata\Windows\nudr.dat" deleted "C:\PROGRA~2\1fcba940-4dbd-4e73-84d0-64c7384ac69a" deleted "C:\Programdata\Windows" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-10-23 11:23:25 138DCCE16757A54749257816FCE28AC1 123 ----a-w- C:\Windows\NVC5.TXT ====== C:\Users\Eigenaar\AppData\Local\Temp ==== 2014-10-23 11:05:39 F71C911181BAEA6F4A1D39A01E452239 110592 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\{C8B34404-2E52-4C1F-A2B7-D26E46E5974D}\NvcInst.dll 2014-10-23 11:05:39 E196EDEC7CD0C2AE2A660FBF28360176 241664 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\{C8B34404-2E52-4C1F-A2B7-D26E46E5974D}\Nlicense.dll 2014-10-21 20:32:50 4753BF882002EC25CA7A42BBC6960A34 6144 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\g1_vha2p.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-10-16 17:35:57 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\System32\dfshim.dll 2014-10-16 17:35:57 842DE20A6487D830A458DDB5E0363F13 156824 ----a-w- C:\Windows\System32\mscorier.dll 2014-10-16 17:35:57 653DFC2662680AB61232E1531147558A 81560 ----a-w- C:\Windows\System32\mscories.dll 2014-10-16 17:33:24 69EEF0917300F377BC056FFF9C861649 2054656 ----a-w- C:\Windows\System32\win32k.sys 2014-10-16 01:05:18 90634CE0C5601BF19E93076052D2A3D6 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-10-16 01:05:18 89FACA9614F1C949106106BEB23D1EC0 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-10-16 01:05:17 E8B3EE6038623D549264AE37BD3E0209 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-10-16 01:05:17 E5C50FC8B9EDF1530EF230A687A5EB0B 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-10-16 01:05:17 29B990A63A3448A2AAC5FB9A441C8AF0 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2014-10-16 01:05:16 1524E24AC57E375F3C42481A9ACEE038 1138688 ----a-w- C:\Windows\System32\urlmon.dll 2014-10-16 01:05:16 09192845BF15D30A86E8AD012F232AEC 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-10-16 01:05:15 D93F3F1134C9CBC81D6F7D470A29E557 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-10-16 01:05:14 10B238C056068548211288D5DCC109DD 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-10-16 01:05:13 4037D4729F978F9677B4BD8E2D855BD7 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-10-16 01:05:12 A6F7BBEFFD204C45BD732A261A52EED4 231936 ----a-w- C:\Windows\System32\url.dll 2014-10-16 01:05:12 77742DDD19DB7503EEBF0A4A5A0AD6B1 1802752 ----a-w- C:\Windows\System32\iertutil.dll 2014-10-16 01:05:12 12486BDE40B31322A239D150C595BAF4 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-10-16 01:05:11 8163D88337C067C8B75BA80BEBC0B0CD 9739776 ----a-w- C:\Windows\System32\ieframe.dll 2014-10-16 01:05:11 3252D4791357FEE6C2BAF0619C041317 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-10-16 01:05:09 EE05498252DED63A6998C2629FFEFB89 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2014-10-16 01:05:09 9B2FD5A84AA985B0393E0BF33391F4EF 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-10-16 01:05:08 7F2188097B1D46554A7D1A31C787C978 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-10-16 01:05:08 5B170AD076338C48CDC77ABA487DD6FC 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-10-16 01:05:03 3E7834CD2A543D58443BBE38FD74E8EB 12364288 ----a-w- C:\Windows\System32\mshtml.dll 2014-10-16 01:05:01 1DDFA163F4FA305DE1F81CD80DE53F87 1810432 ----a-w- C:\Windows\System32\jscript9.dll 2014-10-16 01:02:54 1EB8CA23B805D3F8DBDAC8CAE7979B8B 66560 ----a-w- C:\Windows\System32\packager.dll ====== C:\Windows\system32\drivers ===== 2014-10-16 01:07:23 4E404505B3F62ECFBDBCBBCF0A72DBC5 143360 ----a-w- C:\Windows\System32\drivers\fastfat.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-22 14:23:12 -------- d-----w- C:\Program Files\Common Files\Java 2014-10-21 18:02:07 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== ====== C:\Users\Eigenaar ====== 2014-10-22 14:20:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-22 13:28:33 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\Users\Eigenaar\Downloads\JavaSetup8u25.exe ====== C: exe-files == 2014-10-22 14:21:01 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-10-22 14:21:01 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-10-22 14:21:01 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-10-22 14:20:26 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmid.exe 2014-10-22 14:20:26 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\unpack200.exe 2014-10-22 14:20:26 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ssvagent.exe 2014-10-22 14:20:26 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-10-22 14:20:26 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\servertool.exe 2014-10-22 14:20:26 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\tnameserv.exe 2014-10-22 14:20:25 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\pack200.exe 2014-10-22 14:20:25 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jjs.exe 2014-10-22 14:20:25 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\keytool.exe 2014-10-22 14:20:25 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\kinit.exe 2014-10-22 14:20:25 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\orbd.exe 2014-10-22 14:20:25 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\policytool.exe 2014-10-22 14:20:25 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-10-22 14:20:25 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\klist.exe 2014-10-22 14:20:25 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\ktab.exe 2014-10-22 14:20:24 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\jabswitch.exe 2014-10-22 14:20:24 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java.exe 2014-10-22 14:20:24 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe 2014-10-22 14:20:24 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\java-rmi.exe 2014-10-22 14:20:24 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe 2014-10-22 14:20:24 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe 2014-10-22 13:38:50 5A32E0156D2D014CEA7EEBD65BDE15DE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$IWYXWZJ.exe 2014-10-22 13:38:41 D34B3DDE245A2145FAB292FF41C3E3B3 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$II1571F.exe 2014-10-22 13:38:31 3DFE7D371D3259EDC5C0FB465B9A7F9B 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$IID64DT.exe 2014-10-22 13:38:24 43E0603CB7CCD03D509A62AD97F7EB96 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$IAK8JVQ.exe 2014-10-22 13:38:15 66247709AD426B3D23DE4AF46D58EE08 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$I90QSIG.exe 2014-10-22 13:38:00 78B551A9C5B6F2655E81CC077729174A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$IQ3G6JC.exe 2014-10-22 13:35:44 78C3B897E22C6C98F4CFFBD526F158FA 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$IX1KHDY.exe 2014-10-22 13:30:26 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2269768402-2839460773-3768887760-1000\$RX1KHDY.exe 2014-10-22 13:28:33 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\Users\Eigenaar\Downloads\JavaSetup8u25.exe 2014-10-21 18:02:25 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Eigenaar.exe 2014-10-21 18:01:35 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFRXV8HH\RSIT.exe 2014-10-19 06:37:52 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe 2014-10-19 06:37:51 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateBroker.exe 2014-10-19 06:37:45 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateSetup.exe 2014-10-19 06:37:23 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe 2014-10-19 06:37:22 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler64.exe 2014-10-19 06:37:21 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe 2014-10-19 06:37:16 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdate.exe 2014-10-19 06:37:02 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe === C: other files == 2014-10-22 14:20:26 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-10-16 17:33:24 69EEF0917300F377BC056FFF9C861649 2054656 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2269768402-2839460773-3768887760-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "TOSCDSPD"="TOSCDSPD.EXE" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" "DymoQuickPrint"="C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe /startup" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="RtHDVCpl.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto" "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe /start" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "DLSService"="C:\Program Files\DYMO\DYMO Label Software\DLSService.exe" "BtTray"="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" "WinampAgent"="C:\Program Files\Winamp\winampa.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe " "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "TOSCDSPD"="TOSCDSPD.EXE" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" "DymoQuickPrint"="C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe /startup" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\anysee_TR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="anysee_TR" "hkey"="HKLM" "command"="C:\\Program Files\\anysee\\anysee-E30Plus\\anysee_TR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonMyPrinter" "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon" ==== Startup Folders ====================== 2008-02-26 16:14:32 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2008-02-26 16:14:32 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2014 09:11] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-10-2014 08:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-10-2014 08:37] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-2269768402-2839460773-3768887760-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-2269768402-2839460773-3768887760-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [13-10-2012 14:23] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[13-10-2012 14:22] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.nl" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.startpagina.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {231668FB-6872-48D1-87CB-B874DCD6C8C0} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nl" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\anysee_TR deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HY08WN0W will be deleted at reboot C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=100 folders=6 103245358 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HY08WN0W" not found ==== EOF on do 23-10-2014 at 15:04:29,89 ======================