Zoek.exe v5.0.0.0 Updated 28-10-2014 Tool run by Karl on do 30/10/2014 at 20:26:29,79. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Karl\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 30/10/2014 20:29:07 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Karl\AppData\Roaming\Systweak deleted successfully C:\Users\Karl\AppData\Local\LSC deleted successfully C:\Users\Karl\AppData\Local\VirtualStore deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\ASP not found C:\Program Files (x86)\Tuneup Pro not found C:\Users\Karl\AppData\Roaming\Systweak not found C:\ProgramData\Systweak not found C:\Users\Karl\AppData\Roaming\Tuneup Pro not found "C:\Windows\tasks\Tuneup Pro_DEFAULT.job" not found "C:\Windows\tasks\Tuneup Pro_UPDATES.job" not found C:\ProgramData\WindowsMangerProtect deleted C:\Users\Karl\AppData\Roaming\sweet-page deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Karl\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-17 10:35:13 EA2A8D0716626620DD55391C94CE3EA6 19760 ----a-w- C:\Windows\Sysnative\roboot64.exe ====== C:\Windows\Sysnative\drivers ===== 2014-10-16 01:53:37 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2014-10-16 01:53:36 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-26 10:22:09 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-10-17 09:57:03 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard ======= C: ===== ====== C:\Users\Karl\AppData\Roaming ====== ====== C:\Users\Karl ====== 2014-10-26 10:21:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Karl\Downloads\RSITx64.exe 2014-10-26 10:10:10 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (5).exe 2014-10-26 10:09:30 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (4).exe 2014-10-26 09:50:26 5DCED6B6A9BF0C12079E8F9513B3C8C1 4974864 ----a-w- C:\Users\Karl\Downloads\ccsetup419 (1).exe 2014-10-26 09:49:30 5DCED6B6A9BF0C12079E8F9513B3C8C1 4974864 ----a-w- C:\Users\Karl\Downloads\ccsetup419.exe 2014-10-17 10:34:43 7A604230D917E192B0BF851A2C957E51 3436624 ----a-w- C:\Users\Karl\Downloads\setup.exe 2014-10-17 10:15:00 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (3).exe 2014-10-17 10:14:58 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (2).exe 2014-10-17 10:00:38 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (1).exe 2014-10-17 09:55:36 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer.exe 2014-10-06 18:10:23 BA8E43639F78712F5D652D2327521A08 250936 ----a-w- C:\ProgramData\SPL1392.tmp ====== C: exe-files == 2014-10-30 19:15:30 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Install\{65423B96-011B-4A7C-8A34-64039292BE79}\38.0.2125.111_38.0.2125.104_chrome_updater.exe 2014-10-30 19:15:30 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.111\38.0.2125.111_38.0.2125.104_chrome_updater.exe 2014-10-26 10:53:27 EDB10586A061A621BBA2CB32E5E3220B 190429 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe 2014-10-26 10:53:27 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe 2014-10-26 10:22:10 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Karl.exe 2014-10-26 10:21:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Karl\Downloads\RSITx64.exe 2014-10-26 10:10:10 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (5).exe 2014-10-26 10:09:30 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Karl\Downloads\SpyHunter-Installer (4).exe 2014-10-26 09:50:26 5DCED6B6A9BF0C12079E8F9513B3C8C1 4974864 ----a-w- C:\Users\Karl\Downloads\ccsetup419 (1).exe 2014-10-26 09:49:30 5DCED6B6A9BF0C12079E8F9513B3C8C1 4974864 ----a-w- C:\Users\Karl\Downloads\ccsetup419.exe 2014-10-24 17:09:18 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateBroker.exe 2014-10-24 17:09:18 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe 2014-10-24 17:09:18 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateSetup.exe 2014-10-24 17:09:14 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe 2014-10-24 17:09:14 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe 2014-10-24 17:09:14 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe 2014-10-24 17:09:13 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdate.exe 2014-10-24 17:09:10 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-127626438-780029098-1568441356-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "Power Manager Startup Utility"="C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe" "Lenovo Registration"="C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "LENOVO.TPKNRRES"="C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe" "lxeamon.exe"="C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe" "EzPrint"="C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe" "FAHConsole"="C:\Program Files\File Association Helper\FAHConsole.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/03/2014 19:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/03/2014 19:41] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\Windows\SysNative\tasks\LaunchSignup" [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"] "C:\Windows\SysNative\tasks\PMTask" [C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe] "C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] "C:\Windows\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe] "C:\Windows\SysNative\tasks\Lenovo\Message Center Plus Launcher" ["%programfiles(x86)%\Lenovo\message center plus\mcplaunch.exe"] "C:\Windows\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe] "C:\Windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\Windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\Windows\SysNative\tasks\Lenovo\LSC\LSCTaskService" [C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\TVT\LenovoWERMonitor" ["C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor_shim.exe"] "C:\Windows\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF" [22/06/2014 18:22] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20/09/2014 09:52] Google Docs - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Safe - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Norton Security Toolbar - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.sweet-page.com/?type=hp&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5" "Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5&q={searchTerms}" "Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5" "Start Page"="http://www.sweet-page.com/?type=hp&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5" "Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5&q={searchTerms}" "Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5" "Start Page"="http://www.sweet-page.com/?type=hp&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5" "Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{F54D201B-7D88-45CF-8D13-AB907F74A94E}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {33BB0A4E-99AF-4226-BDF6-49120163DE86} sweet-page Url="http://www.sweet-page.com/web/?type=ds&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5&q={searchTerms}" {757FB348-2263-4126-A0E6-61CAD0FDFA61} Unknown Url="Not_Found" {F54D201B-7D88-45CF-8D13-AB907F74A94E} Google Url="https://www.google.com/search?q={searchTerms}" ==== shortcuts on Users Desktops ====================== C:\Users\Karl\Desktop\Sync Folder.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe opensync ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aanvullende programma's installeren.lnk - C:\Program Files\MLPS\APPS\MUIInstaller\LENMNC.exe C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AutoCAD 2012 - English.lnk - C:\Program Files (x86)\Autodesk\AutoCAD 2012 - English\acad.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\DJ Intro.lnk - C:\Program Files (x86)\Serato\DJ Intro\Serato_DJ_Intro.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\Users\Public\Desktop\Inventor Fusion 2012.lnk - C:\Program Files (x86)\Autodesk\Inventor Fusion 2012\Inventor Fusion.exe C:\Users\Public\Desktop\Lenovo SHAREit.lnk - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\uistub.exe C:\Users\Public\Desktop\Startpagina Lexmark printer starten.LNK - C:\Program Files (x86)\Lexmark\Dashboard\LX__Dashboard.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\uistub.exe /lu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\NBRT.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\uistub.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\symerr.exe /support C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.6.0.32\inststub.exe /X /shortcut ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1412006695&from=cor&uid=ST500LM000-1EJ162_W371N5G5XXXXW371N5G5 C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Karl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect deleted successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=30 folders=5 2662414 bytes) ==== EOF on do 30/10/2014 at 20:37:04,41 ======================