Zoek.exe v5.0.0.0 Updated 05-March-2015 Tool run by marjanne1 on di 31-03-2015 at 18:12:20,67. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Intuitie\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 31-3-2015 18:16:59 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\TomTom DesktopSuite deleted successfully C:\Users\Intuitie\AppData\Roaming\Nokia Ovi Suite deleted successfully C:\Users\Intuitie\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\marjanne1\AppData\Roaming\HpUpdate deleted successfully C:\Users\marjanne1\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\Intuitie\AppData\Local\MigWiz deleted successfully C:\Users\Intuitie\AppData\Local\PDFC deleted successfully C:\Users\marjanne1\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9B45CEAE-A0BB-4B2E-9030-7912DECD97C1} deleted successfully ==== Installed Programs ====================== Adobe AIR Adobe Digital Editions Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Photoshop 6.0 Adobe Reader XI (11.0.07) - Nederlands Adobe SVG Viewer Apple Application Support Apple Mobile Device Support Ask Toolbar ATI Catalyst Install Manager Audacity 1.3.14 (Unicode) Avira Free Antivirus Basissoftware voor HP Deskjet 3050 J610 series Bonjour Broadcom 802.11 Wireless LAN Adapter Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Compatibility Pack for the 2007 Office system CPQ Wallpaper DirectX 9 Runtime Encore File Shredder 2.5 Fotoservice Google Analytics Opt-out Browser Add-on Google Earth Google Update Helper Google+ Auto Backup Hewlett-Packard ACLM.NET v1.1.2.0 HP Advisor HP Common Access Service Library HP Customer Experience Enhancements HP Deskjet 3050 J610 series Haelp HP ESU for Microsoft Windows 7 HP Integrated Module with Bluetooth wireless technology HP Photo Creations HP Quick Launch Buttons HP Setup HP Software Setup HP Support Assistant HP Update HP User Guides 0133 HP Web Camera HP Webcam HP Webcam Driver HP Wireless Assistant IDT Audio Java 8 Update 40 Java Auto Updater LightScribe System Software LSI HDA Modem Malwarebytes Anti-Malware versie 2.0.4.1028 Marvell Miniport Driver Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office File Validation Add-In Microsoft Office Outlook Connector Microsoft Office Professional Editie 2003 Microsoft Office Suite Activation Assistant Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC100_CRT_SP1_x86 Mozilla Firefox 36.0.4 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 11.0.1 (x86 nl) MSVC80_x86_v2 MSVC90_x86 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MusicTime Deluxe 4 Nero BackItUp Nero BackItUp and Burn Nero BurnRights Nero Express Nero RescueAgent Nokia Connectivity Cable Driver Nokia Suite OGA Notifier 2.0.0048.0 Olympus Sonority paint.net PC Connectivity Solution PrimoPDF -- brought to you by Nitro PDF Software QLBCASL RealUpgrade 1.1 Roxio Activation Module Roxio Creator Audio Roxio Creator Business Roxio Creator Business v10 Roxio Creator Copy Roxio Creator Data Roxio Creator Tools Roxio Express Labeler 3 Roxio MyDVD Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Skype Click to Call SkypeT 7.0 SnapIt 3.7 Sonic CinePlayer Decoder Pack Speccy Spybot - Search & Destroy Synaptics Pointing Device Driver TomTom HOME TomTom HOME Visual Studio Merge Modules Uninstall 1.0.0.1 Visual C++ 8.0 CRT (x86) WinSXS MSM Windows-stuurprogrammapakket - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0) Windows 7 Default Setting Windows 7 Upgrade Advisor Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Sync Windows Media Player Firefox Plugin ==== Running Processes ====================== C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\wininit.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\atiesrxx.exe C:\windows\system32\winlogon.exe C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe C:\windows\system32\atieclxx.exe C:\windows\system32\WLANExt.exe C:\windows\system32\conhost.exe C:\windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\windows\System32\WUDFHost.exe C:\windows\system32\Dwm.exe C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe C:\windows\Explorer.EXE C:\windows\system32\taskhost.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\windows\system32\conhost.exe C:\windows\system32\DllHost.exe C:\windows\system32\conhost.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k bthsvcs C:\windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Intuitie\AppData\Roaming\Mozilla\Firefox\Profiles\v8szl689.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_31-03-2015_1842_.backup ProfilePath: C:\Users\Intuitie\AppData\Roaming\Thunderbird\Profiles\p37ht6lw.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_31-03-2015_1842_.backup ProfilePath: C:\Users\Intuitie\AppData\Roaming\TomTom\HOME\Profiles\kuso86sh.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_31-03-2015_1842_.backup ProfilePath: C:\Users\Intuitie\AppData\Roaming\Mozilla\Firefox\Profiles\fzunbre7.default prefs.js not found user.js not found ---- FireFox user.js and prefs.js backups ---- ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- "ApnUpdater"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Program Files\TomTom DesktopSuite not found "C:\$Recycle.Bin\S-1-5-18\$5570cb6e2aa76aeb32955cb8d0a22e4a" not found C:\Program Files\Windows Live SkyDrive deleted C:\Program Files\HEMA Fotoservice deleted C:\Users\Intuitie\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Intuitie\AppData\Roaming\GetRightToGo deleted C:\Users\Gast\AppData\Local\AskToolbar deleted C:\Users\Intuitie\AppData\Local\AskToolbar deleted C:\Users\marjanne1\AppData\Local\AskToolbar deleted C:\Users\Gast\AppData\LocalLow\AskToolbar deleted C:\Users\Intuitie\AppData\LocalLow\AskToolbar deleted C:\Users\marjanne1\AppData\LocalLow\AskToolbar deleted C:\windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted C:\windows\system32\config\systemprofile\Searches deleted C:\Users\Intuitie\AppData\Roaming\Mozilla\Firefox\Profiles\v8szl689.default\jetpack deleted C:\Users\Intuitie\AppData\Roaming\Mozilla\Firefox\Profiles\fzunbre7.default\CT2269050 deleted C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted "C:\$Recycle.Bin\S-1-5-21-2677771667-182058826-454707048-1002\$5570cb6e2aa76aeb32955cb8d0a22e4a\@" deleted "C:\Program Files\Ask.com\Updater\Updater.exe" deleted "C:\Program Files\Ask.com\Updater\Updater.exe" deleted "C:\$Recycle.Bin\S-1-5-21-2677771667-182058826-454707048-1002\$5570cb6e2aa76aeb32955cb8d0a22e4a" deleted "C:\$Recycle.Bin\S-1-5-21-2677771667-182058826-454707048-1002\$5570cb6e2aa76aeb32955cb8d0a22e4a\L" deleted "C:\$Recycle.Bin\S-1-5-21-2677771667-182058826-454707048-1002\$5570cb6e2aa76aeb32955cb8d0a22e4a\U" deleted "C:\Program Files\Ask.com" deleted "C:\Program Files\Ask.com" deleted "C:\Program Files\Ask.com\Updater" deleted "C:\Program Files\Ask.com\Updater" deleted ==== Registry Search Results for "$5570cb6e2aa76aeb32955cb8d0a22e4a" ====================== No instances of string "$5570cb6e2aa76aeb32955cb8d0a22e4a" found. ==== System Specs ====================== Operating System: Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 32-bits Manufacturer: Hewlett-Packard - Model: Compaq 615 Install Date: 16-12-2009 18:36:32 Last Boot: 31-3-2015 18:08:10 Processor: AMD Athlon(tm)X2 DualCore QL-66 Number of Processors: 2 Work Station Bootmode: Normal boot Total RAM: 1788 MB (free 673 MB - 37) Computername: MARJANNE Domain: WORKGROUP User: marjanne1 (Non-Administrator account) Local Disk: C:\ - NTFS - 131 GB (free 51 GB) Local Disk: E:\ - FAT32 - 1 GB (free 1 GB) CD \ DVD Drive: F:\ Removable Disk: G:\ - FAT - 1 GB (free 0 GB) Bootdevice: \Device\HarddiskVolume1 Windows update: 2015-03-12 07:56:16 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Avira Desktop On-access scanning disabled (Outdated) Anti-Spyware: Avira Desktop disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17691 Mozilla Firefox version: 36.0.4 (x86 en-US) Adobe Reader version: 11.0.07.79 Sun Java version: 1.8.0_40 (32-bit) Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\MARJAN~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\windows\system32 ===== ====== C:\windows\system32\drivers ===== 2015-03-11 07:36:38 9EED5E0B7BF784C491C2289A09920BDA 137656 ----a-w- C:\windows\System32\drivers\ksecpkg.sys 2015-03-11 07:36:38 4DAC97CF81FAE4B2988AEF0DF40D04AE 67512 ----a-w- C:\windows\System32\drivers\ksecdd.sys 2015-03-11 07:36:14 3051724F223EA48968B19567DE2A81F4 370488 ----a-w- C:\windows\System32\drivers\cng.sys 2015-03-11 07:36:13 644905A19D0F37F2233DFCE53BC4BC19 78784 ----a-w- C:\windows\System32\drivers\mountmgr.sys 2015-03-11 07:36:09 AEBC369F7DC72AB3F5B9BDF34FA0D43F 593920 ----a-w- C:\windows\System32\drivers\PEAuth.sys 2015-03-11 07:36:06 81F97D8F8B3FB94A451CC6F7CF8B2965 50176 ----a-w- C:\windows\System32\drivers\appid.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2015-03-30 14:50:45 -------- d-----w- C:\Program Files\trend micro 2015-03-24 08:08:26 -------- d-----w- C:\Program Files\Speccy 2015-03-14 12:22:24 -------- d-----w- C:\Program Files\Common Files\Java 2015-03-03 14:25:07 -------- d-----w- C:\Program Files\Microsoft Windows 7 Upgrade Advisor ======= ===== 2015-03-18 09:48:23 CFDC2F1C8431B5972E2848915ACCFC83 3901378 ----a-w- \Astrid 1971 in Friesland - origineel.jpg 2015-03-18 09:48:23 709199D252EF8D7B6F7ADD31D2A56B6E 239616 ----a-w- \F15.012 Patricia Serrano.doc 2015-03-18 09:48:23 5C2E35290D3B26428398ADCF1C4CE6A1 35840 ----a-w- \De kunst van intuïtie.doc ====== C:\Users\marjanne1\AppData\Roaming ====== 2015-03-31 16:21:07 -------- d-----w- C:\Users\Intuitie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten 2015-03-03 14:29:42 -------- d-----w- C:\Users\marjanne1\AppData\Local\Microsoft Corporation ====== C:\Users\marjanne1 ====== 2015-03-30 14:49:12 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Intuitie\Desktop\RSIT.exe ====== C: exe-files == 2015-03-30 14:50:49 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\marjanne1.exe === C: other files == 2015-03-31 16:44:29 A29030FB93B2E48EDD124749881406CE 943211 ----a-w- C:\Users\marjanne1\AppData\Local\Temp\sysspec\SysSpec.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2677771667-182058826-454707048-1006\Software\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" "MSPCLOCK"="rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}" "MSPQM"="rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}" "MSKSSRV"="rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}" "MSTEE.CxTransform"="rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\windows\inf\ksfilter.inf,MSTEE.Interface.Install" "MSTEE.Splitter"="rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\windows\inf\ksfilter.inf,MSTEE.Interface.Install" "WDM_DRMKAUD"="rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install" "*WerKernelReporting"="%SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe autorun=AUTORUN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaMServer" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Intuitie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weleda EyeSaver.lnk] "path"="C:\\Users\\Intuitie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Weleda EyeSaver.lnk" "backup"="C:\\windows\\pss\\Weleda EyeSaver.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\WELEDA~1\\WELEDA~1.EXE " "item"="Weleda EyeSaver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Olympus DVR Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RoxMediaDB10] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TomTomHOMEService] ==== Startup Folders ====================== 2010-12-10 19:56:51 1223 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk 2009-12-16 17:39:20 892 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2009-12-20 20:18:39 1956 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Name.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 14:50] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-10-2014 10:14] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-10-2014 10:14] C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2677771667-182058826-454707048-1006.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [27-09-2011 13:40] C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2677771667-182058826-454707048-1006.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [27-09-2011 13:40] ==== Other Scheduled Tasks ====================== "C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\HP Deskjet 3050 J610 series.exe" [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe] "C:\windows\system32\tasks\HpWebReg.exe" [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HpWebReg.exe] "C:\windows\system32\tasks\PhotoProduct.exe" [C:\Program Files\HP Photo Creations\PhotoProduct.exe] "C:\windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-2677771667-182058826-454707048-1002" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-2677771667-182058826-454707048-1006" [C:\Program Files\Real\RealUpgrade\realupgrade.exe] "C:\windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-2677771667-182058826-454707048-1002" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-2677771667-182058826-454707048-1006" [C:\Program Files\Real\RealUpgrade\realupgrade.exe] "C:\windows\system32\tasks\{4F4F9A2F-D96B-44D3-8B82-99B47A7ED761}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\windows\system32\tasks\{7ABAE4E1-68D9-4AB3-B73D-7626210CFD73}" [C:\Program Files\Skype\Phone\Skype.exe] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Intuitie\AppData\Roaming\Mozilla\Firefox\Profiles\v8szl689.default - Undetermined - goo.gl_lite@matthew.flaschen.gatech.edu - Undetermined - tinyurl.addon@fast-chat.co.uk - Undetermined - twitternotifier@naan.net - Undetermined - admin@fullrip.net - Undetermined - donottrackplus@abine.com - Undetermined - {E6C1199F-E687-42da-8C24-E7770CC3AE66} - Blur Formerly DoNotTrackMe - %ProfilePath%\extensions\donottrackplus@abine.com - goo.gl lite - %ProfilePath%\extensions\goo.gl_lite@matthew.flaschen.gatech.edu - Echofon - %ProfilePath%\extensions\twitternotifier@naan.net - FullRip.net Youtube Video Converter - %ProfilePath%\extensions\admin@fullrip.net.xpi - YouTube mp3 - %ProfilePath%\extensions\info@youtube-mp3.org.xpi - TinyURL Generator - %ProfilePath%\extensions\tinyurl.addon@fast-chat.co.uk.xpi - QuickJava - %ProfilePath%\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi ProfilePath: C:\Users\Intuitie\AppData\Roaming\Thunderbird\Profiles\p37ht6lw.default - Silvermel and Charamel XT - %ProfilePath%\extensions\silvermelxt@pardal.de - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi - Zindus - %ProfilePath%\extensions\{ad7d8a66-253b-11dc-977c-000c29a3126e}.xpi - Folderpane Tools - %ProfilePath%\extensions\{b243fe83-b8a7-47de-855d-21d865243d5d}.xpi - Google Contacts - %ProfilePath%\extensions\{BDD92442-0534-4D6F-A966-BAB7D561D781}.xpi ProfilePath: C:\Users\Intuitie\AppData\Roaming\TomTom\HOME\Profiles\kuso86sh.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.012.9370@tomtom.com ProfilePath: C:\Users\Intuitie\AppData\Roaming\Mozilla\Firefox\Profiles\fzunbre7.default - Undetermined - %ProfilePath%\extensions\twitternotifier@naan.net AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[] YouTube - Intuitie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Intuitie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf goo.gl URL Shortener - Intuitie\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk RealPlayer HTML5Video Downloader Extension - Intuitie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk Gmail - Intuitie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Intuitie\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "homepage": "http://www.google.com/", "urls_to_restore_on_startup": [ "http://www.google.com/" ] "urls_to_restore_on_startup": [ "http://www.google.com/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=92&bd=all&pf=cmnb" "First Home Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=92&bd=all&pf=cmnb" "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=92&bd=all&pf=cmnb" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{997F9FE4-D23F-4478-8C03-65D65B5D1691}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{997F9FE4-D23F-4478-8C03-65D65B5D1691}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "First Home Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=92&bd=all&pf=cmnb" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Google Analytics Opt-out Browser Add-on - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" O4 - HKLM\..\RunOnce: [MSPCLOCK] rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} O4 - HKLM\..\RunOnce: [MSPQM] rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} O4 - HKLM\..\RunOnce: [MSKSSRV] rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} O4 - HKLM\..\RunOnce: [MSTEE.CxTransform] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\windows\inf\ksfilter.inf,MSTEE.Interface.Install O4 - HKLM\..\RunOnce: [MSTEE.Splitter] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\windows\inf\ksfilter.inf,MSTEE.Interface.Install O4 - HKLM\..\RunOnce: [WDM_DRMKAUD] rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Name.lnk = C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/69.22/uploader2.cab O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Intuitie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Intuitie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\marjanne1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Intuitie\AppData\Local\Mozilla\Firefox\Profiles\v8szl689.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Intuitie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=63 folders=32 11286916 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Intuitie\AppData\Local\Temp will be emptied at reboot C:\Users\marjanne1\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot