Zoek.exe v5.0.0.0 Updated 06-February-2015 Tool run by Michel on vr 06/02/2015 at 17:30:37,79. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michel\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-11-07-154242.log 64467 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\COMMON~1\XPressUpdate deleted successfully C:\PROGRA~3\3637822563 deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\PhotoStitch deleted successfully C:\PROGRA~3\tmp deleted successfully C:\Users\Michel\AppData\Roaming\HpUpdate deleted successfully C:\Users\Michel\AppData\Local\Adobe deleted successfully C:\Users\Michel\AppData\Local\Plarium deleted successfully C:\Users\Michel\AppData\Local\PokerStars.BE deleted successfully C:\Users\Michel\AppData\Local\Sparta deleted successfully C:\Users\Michel\AppData\Local\StormFall deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583DB049-4601-4DFB-9E3-61632F28920} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5ED8D08-10D-4427-B076-B5E8C366AA9} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE192FE5-E6A-46F6-8930-B586B7E83485} deleted successfully HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB1BDF3B-99D9-49CE-B266-57E0C6A11B79} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 64 Bit HP CIO Components Installer Adobe Flash Player 16 ActiveX Ashampoo Burning Studio 14 v.14.0.1 ASUS GPU Tweak AVG PC TuneUp 2015 AVG PC TuneUp 2015 (nl-NL) AVG Web TuneUp bl CANON iMAGE GATEWAY MyCamera Download Plugin CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.10 Canon Utilities EOS Sample Music Canon Utilities EOS Utility Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX Canon Utilities Movie Uploader for YouTube Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner Citrix XenApp Web Plugin D3DX10 Definition Update for Microsoft Office 2013 (KB2910926) 64-Bit Edition ESET NOD32 Antivirus Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper GrabIt 1.7.2 Beta 6 (build 1008) HP FWUpdateEDO2 HP Officejet 6600 Basissoftware van het apparaat HP Officejet 6600 Haelp HP Officejet 6600 Productverbeteringsonderzoek HP Photo Creations HP Update HPDiagnosticAlert I.R.I.S. OCR ImagXpress Intel(R) Desktop Utilities Intel(R) Integrator Toolkit 5 Intel(R) Management Engine Components Intel(R) Network Connections 16.8.46.0 Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client Junk Mail filter update K-Lite Codec Pack 10.6.5 Basic KMSpico v9.2.3 Kruidvat fotoservice LightScribe System Software MAGIX 3D Maker (embeded) MAGIX Screenshare MAGIX Speed burnR Media Go Media Go Video Playback Engine 1.116.101.02020 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Access MUI (Dutch) 2013 Microsoft Application Error Reporting Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 32-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneDrive Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Word MUI (Dutch) 2013 Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 MiPony 2.1.0 Movie Maker MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) neroxml Nitro Pro 8 NVIDIA-configuratiescherm 340.52 NVIDIA 3D Vision controllerstuurprogramma 340.50 NVIDIA 3D Vision stuurprogramma 340.52 NVIDIA GeForce Experience 2.1 NVIDIA Grafisch stuurprogramma 340.52 NVIDIA HD Audio-stuurprogramma 1.3.30.1 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.1220 NVIDIA ShadowPlay 14.6.22 NVIDIA Stereoscopic 3D Driver NVIDIA Update 14.6.22 NVIDIA Update Core NVIDIA Virtual Audio 1.2.23 Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais PC Connectivity Solution ph Photo Common Photo Gallery Photodex Presenter Popcorn Time PowerISO ProShow Gold QuickPar 0.9 Realtek High Definition Audio Driver Revo Uninstaller Pro 3.0.7 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Excel 2013 (KB2910929) 64-Bit Edition Security Update for Microsoft Office 2013 (KB2726958) 64-Bit Edition Security Update for Microsoft Word 2013 (KB2910916) 64-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition SHIELD Streaming SketchUp 8 Sony Ericsson Update Engine Spotnet TomTom HOME TomTom HOME Visual Studio Merge Modules Update for Microsoft Access 2013 (KB2863859) 64-Bit Edition Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition Update for Microsoft Office 2013 (KB2889858) 64-Bit Edition Update for Microsoft Office 2013 (KB2889938) 64-Bit Edition Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition Update for Microsoft Office 2013 (KB2899501) 64-Bit Edition Update for Microsoft Office 2013 (KB2899505) 64-Bit Edition Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB2910907) 64-Bit Edition Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition Visual Studio 2008 x64 Redistributables VLC media player 2.1.2 Vuze WBFS Manager 3.0 WD SmartWare Winamp Winamp Applicatie Detect WinArchiver Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Apparaatcentrum WinRAR 4.20 (64-bit) Xtra Controller Ex ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service KMSELDI deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Service KMSELDI deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UPDATE service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\UPDATE service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\5e9aae86 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\5e9aae86 deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\KMSpico deleted C:\Program Files (x86)\Popcorn Time deleted C:\PROGRA~3\klecakjnngpcnjpneghaofhhadbfbaeo deleted C:\PROGRA~2\AVG Web TuneUp deleted C:\PROGRA~2\MiPony deleted C:\Users\Michel\AppData\Roaming\appdataFr2.bin deleted C:\Users\Michel\AppData\Roaming\MAGIX deleted C:\Users\Michel\AppData\Roaming\GoldenGate deleted C:\Users\Michel\AppData\Roaming\Mipony deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\ciomparEnbuy deleted C:\PROGRA~3\giftitapp deleted C:\PROGRA~3\gimmishop deleted C:\PROGRA~3\deal4deal deleted C:\PROGRA~3\freedeal deleted C:\PROGRA~3\MAGIX deleted C:\PROGRA~3\Package Cache deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony deleted C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url deleted C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony deleted C:\Users\Michel\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Michel\Desktop\Play Games Online.url deleted C:\Users\Michel\Desktop\MiPony.lnk deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Michel\AppData\Local\Temp ==== 2015-02-05 21:25:06 960BA8683FA51138F89F3984237CB28D 856888 ----a-w- C:\Users\Michel\AppData\Local\Temp\UpdateWizard_82623\tulnga.dll 2015-02-05 21:25:06 8BBF8A03F32FA4E5484B10DED436C1D0 730936 ----a-w- C:\Users\Michel\AppData\Local\Temp\UpdateWizard_82623\tulngx.dll 2015-02-05 21:25:06 11BC3CBC8D4FEAE74C768E40843C891A 4618552 ----a-w- C:\Users\Michel\AppData\Local\Temp\UpdateWizard_82623\SilentUpdater.exe 2015-02-05 21:25:06 00EAF5D547E4B39FC85CA36D2DF1A406 1209656 ----a-w- C:\Users\Michel\AppData\Local\Temp\UpdateWizard_82623\tulic.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-01-16 19:16:47 74D30C2EF66C2EB19F17ED5423AA8038 386680 ----a-w- C:\Windows\Sysnative\drivers\sptd.sys 2015-01-13 22:31:30 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-06 15:47:43 -------- d-----w- C:\Program Files\ESET ======= C:\PROGRA~2 ===== 2015-01-16 19:51:31 -------- d-----w- C:\PROGRA~2\ISO to USB 2015-01-16 19:29:55 -------- d-----w- C:\PROGRA~2\Alcohol Soft ======= C: ===== ====== C:\Users\Michel\AppData\Roaming ====== ====== C:\Users\Michel ====== 2015-02-06 15:47:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-02-06 15:47:44 -------- d-----w- C:\ProgramData\ESET 2015-02-05 15:28:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Michel\Downloads\RSITx64.exe 2015-02-05 15:00:06 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Michel\Downloads\adwcleaner_4.109.exe 2015-01-26 16:05:43 F904AEA2544DF0D9BC37ACAD4D3C76E0 37141984 ----a-w- C:\Users\Michel\Downloads\Kies3Setup.exe 2015-01-24 18:49:07 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2015-01-16 19:30:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% ====== C: exe-files == 2015-02-06 15:35:26 429DA3397F12DB317F49CB0CD16787BE 297936473 ----a-w- C:\Users\Michel\Downloads\GrabIt Downloads\Vinny27 _amp_ Skunk1966 - Eset Beveiligingspakket v8_0_304_1 _32_64 bit_ Nederlands (Unattended)\V27SK1966ESPV820J\V27SK1966ESPV820J\Eset v8.0.304.1 A.I.O NL Unattended.exe 2015-02-05 21:25:06 11BC3CBC8D4FEAE74C768E40843C891A 4618552 ----a-w- C:\Users\Michel\AppData\Local\Temp\UpdateWizard_82623\SilentUpdater.exe 2015-02-05 20:17:00 4D2FEE9F11CB37DA0996A5A8B35505D6 4960768 ----a-w- C:\Users\Michel\AppData\Local\NVIDIA\NvBackend\Packages\00006f06\DAO.19297138.exe 2015-02-05 15:28:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Michel\Downloads\RSITx64.exe 2015-02-05 15:01:12 7DE0DB50295568E240EBE5F432A66E49 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3624815036-1722546690-1708832409-1000\$I00IE1S.exe 2015-02-05 15:00:06 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Michel\Downloads\adwcleaner_4.109.exe 2015-02-04 20:15:23 1431747A4BE3D2E0F42A0B4866EF4004 4960880 ----a-w- C:\Users\Michel\AppData\Local\NVIDIA\NvBackend\Packages\00006e8d\DAO.19293414.exe 2015-02-03 20:15:04 D112878FB22D96732B9614DF9F9BC20C 4903600 ----a-w- C:\Users\Michel\AppData\Local\NVIDIA\NvBackend\Packages\00006e68\DAO.19288523.exe === C: other files == 2015-02-05 21:25:04 673A033DA212A7A22B1F0F1907A660DE 21725520 ----a-w- C:\Users\Michel\AppData\Local\Temp\UpdateWizard_82623\package_15.0.1001.238_to_15.0.1001.373.zip 2015-01-31 19:43:04 92F4452FA2D134C0DF550CCC97DFC270 708497 ----a-w- C:\Users\Michel\Downloads\OneDrive-2015-01-31.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP Officejet 6600 (NET)"="C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe -deviceID CN3BU8SHPT05RN:NW -scfn HP Officejet 6600 (NET) -AutoStart 1" "AlcoholAutomount"="C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Officejet 6600 (NET)"="C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe -deviceID CN3BU8SHPT05RN:NW -scfn HP Officejet 6600 (NET) -AutoStart 1" "AlcoholAutomount"="C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "HP Software Update"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrotray.exe\"" "hkey"="HKLM" "item"="Acrobat Assistant 8.0" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE] "command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup" "hkey"="HKLM" "item"="PWRISOVM.EXE" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASGT] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Windows Mobile Device Center"="%windir%\\WindowsMobile\\wmdc.exe" ==== Startup Folders ====================== 2012-11-06 21:47:13 1318 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk 2012-11-06 21:47:13 1373 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/02/2015 21:04] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/05/2013 21:54] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/05/2013 21:54] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [26/11/2014 22:33] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 1237e0a0db7f408d92dbdf79ee3b30d83ae4d64be94045cbbb86be0cc1688c4f" [C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 659db56721754e5586344279edf1cfe8dfee14d0a63045eba700c13574187b94" [C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Officejet 6600" ["C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Java(TM) Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe] "C:\Windows\SysNative\tasks\{F494B5AE-51FF-48E3-B642-B564AD513CA0}" [msiexec.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Michel\AppData\Roaming\TomTom\HOME\Profiles\rreq7e8c.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 38.0.2125.111 (Possible outdated, latest Stable version: 40.0.2214.94) Google Drive - Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_customers-research.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MiPony deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3832 folders=763 411112530 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Michel\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Michel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 06/02/2015 at 17:44:43,26 ======================