Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by User on di 25-08-2015 at 10:58:31,15. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\User\Mijn documenten\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 25-8-2015 11:02:00 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Comodo deleted successfully C:\Program Files\Graboid deleted successfully C:\Program Files\TomTom DesktopSuite deleted successfully C:\Documents and Settings\All Users\Menu Start\Programma's\Comodo deleted successfully C:\Documents and Settings\All Users\Menu Start\Programma's\DriverRestore deleted successfully C:\Documents and Settings\User\Menu Start\Programma's\FoxTab FLV Player deleted successfully C:\Documents and Settings\User\Menu Start\Programma's\Youtube To MP3 deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\APN deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\BlueStacksSetup deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\YouTube Downloader deleted successfully C:\Documents and Settings\LocalService\Application Data\QuickScan deleted successfully C:\Documents and Settings\User\Application Data\Allmyapps deleted successfully C:\Documents and Settings\User\Application Data\FreeBurner deleted successfully C:\Documents and Settings\User\Application Data\Malwarebytes deleted successfully C:\Documents and Settings\User\Application Data\Octoshape deleted successfully C:\Documents and Settings\User\Application Data\WinRAR deleted successfully C:\Documents and Settings\User\Local Settings\Application Data\NokiaAccount deleted successfully C:\Documents and Settings\User\Local Settings\Application Data\tango deleted successfully C:\Documents and Settings\User\Local Settings\Application Data\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9C42510-9B41-42c1-9DCD-7282A2D07C61} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{559828D0-5D8D-4ED1-956A-CDD3CAA2748} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5835EEA2-726A-4B97-8F43-E5557DD383FB} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B78D170-494E-48F3-B6E6-BB7925429DF} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E8DA20D-32FB-4923-9847-6E9A9A805EF2} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E66592B-8E7C-4A14-88A5-8BF21032F651} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EA58E24-A69-44C5-B5FD-9DDE945A93CA} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1D7488-771-44C0-9D75-CD98877DAFD4} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD8CE7A1-A104-42E3-A12E-4181D24164E7} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2B36F91-471C-42B2-A8B6-D8E910AD545} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE4BB180-E121-4E62-B190-1C7658AE499} deleted successfully HKEY_CLASSES_ROOT\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_CLASSES_ROOT\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{C9C42510-9B41-42c1-9DCD-7282A2D07C61} deleted successfully ==== Installed Programs ====================== Adobe Reader X (10.1.11) - Nederlands Apple Software Update Beveiligingsupdate for Windows XP (KB941569) Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2482017) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2497640) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2530548) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 7 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2799329) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2817183) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2829530) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2838727) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2846071) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2847204) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2862772) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2870699) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2879017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2888505) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2898785) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2909210) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2909921) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2925418) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2936068) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2964358) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Beveiligingsupdate voor Windows Media Player (KB2378111) Beveiligingsupdate voor Windows Media Player (KB2834904-v2) Beveiligingsupdate voor Windows Media Player (KB2834904) Beveiligingsupdate voor Windows Media Player (KB952069) Beveiligingsupdate voor Windows Media Player (KB954155) Beveiligingsupdate voor Windows Media Player (KB968816) Beveiligingsupdate voor Windows Media Player (KB973540) Beveiligingsupdate voor Windows Media Player (KB975558) Beveiligingsupdate voor Windows Media Player (KB978695) Beveiligingsupdate voor Windows Media Player 11 (KB936782) Beveiligingsupdate voor Windows Media Player 11 (KB954154) Beveiligingsupdate voor Windows XP (KB2079403) Beveiligingsupdate voor Windows XP (KB2115168) Beveiligingsupdate voor Windows XP (KB2121546) Beveiligingsupdate voor Windows XP (KB2160329) Beveiligingsupdate voor Windows XP (KB2229593) Beveiligingsupdate voor Windows XP (KB2259922) Beveiligingsupdate voor Windows XP (KB2279986) Beveiligingsupdate voor Windows XP (KB2286198) Beveiligingsupdate voor Windows XP (KB2296011) Beveiligingsupdate voor Windows XP (KB2296199) Beveiligingsupdate voor Windows XP (KB2347290) Beveiligingsupdate voor Windows XP (KB2360937) Beveiligingsupdate voor Windows XP (KB2387149) Beveiligingsupdate voor Windows XP (KB2393802) Beveiligingsupdate voor Windows XP (KB2412687) Beveiligingsupdate voor Windows XP (KB2419632) Beveiligingsupdate voor Windows XP (KB2423089) Beveiligingsupdate voor Windows XP (KB2436673) Beveiligingsupdate voor Windows XP (KB2440591) Beveiligingsupdate voor Windows XP (KB2443105) Beveiligingsupdate voor Windows XP (KB2476490) Beveiligingsupdate voor Windows XP (KB2476687) Beveiligingsupdate voor Windows XP (KB2478960) Beveiligingsupdate voor Windows XP (KB2478971) Beveiligingsupdate voor Windows XP (KB2479628) Beveiligingsupdate voor Windows XP (KB2479943) Beveiligingsupdate voor Windows XP (KB2481109) Beveiligingsupdate voor Windows XP (KB2483185) Beveiligingsupdate voor Windows XP (KB2485376) Beveiligingsupdate voor Windows XP (KB2485663) Beveiligingsupdate voor Windows XP (KB2503658) Beveiligingsupdate voor Windows XP (KB2503665) Beveiligingsupdate voor Windows XP (KB2506212) Beveiligingsupdate voor Windows XP (KB2506223) Beveiligingsupdate voor Windows XP (KB2507618) Beveiligingsupdate voor Windows XP (KB2507938) Beveiligingsupdate voor Windows XP (KB2508272) Beveiligingsupdate voor Windows XP (KB2508429) Beveiligingsupdate voor Windows XP (KB2509553) Beveiligingsupdate voor Windows XP (KB2510581) Beveiligingsupdate voor Windows XP (KB2511455) Beveiligingsupdate voor Windows XP (KB2524375) Beveiligingsupdate voor Windows XP (KB2535512) Beveiligingsupdate voor Windows XP (KB2536276-v2) Beveiligingsupdate voor Windows XP (KB2536276) Beveiligingsupdate voor Windows XP (KB2544893-v2) Beveiligingsupdate voor Windows XP (KB2544893) Beveiligingsupdate voor Windows XP (KB2555917) Beveiligingsupdate voor Windows XP (KB2562937) Beveiligingsupdate voor Windows XP (KB2566454) Beveiligingsupdate voor Windows XP (KB2567053) Beveiligingsupdate voor Windows XP (KB2567680) Beveiligingsupdate voor Windows XP (KB2570222) Beveiligingsupdate voor Windows XP (KB2570947) Beveiligingsupdate voor Windows XP (KB2584146) Beveiligingsupdate voor Windows XP (KB2585542) Beveiligingsupdate voor Windows XP (KB2592799) Beveiligingsupdate voor Windows XP (KB2598479) Beveiligingsupdate voor Windows XP (KB2603381) Beveiligingsupdate voor Windows XP (KB2618451) Beveiligingsupdate voor Windows XP (KB2619339) Beveiligingsupdate voor Windows XP (KB2620712) Beveiligingsupdate voor Windows XP (KB2621440) Beveiligingsupdate voor Windows XP (KB2624667) Beveiligingsupdate voor Windows XP (KB2631813) Beveiligingsupdate voor Windows XP (KB2633171) Beveiligingsupdate voor Windows XP (KB2639417) Beveiligingsupdate voor Windows XP (KB2641653) Beveiligingsupdate voor Windows XP (KB2646524) Beveiligingsupdate voor Windows XP (KB2647518) Beveiligingsupdate voor Windows XP (KB2653956) Beveiligingsupdate voor Windows XP (KB2655992) Beveiligingsupdate voor Windows XP (KB2659262) Beveiligingsupdate voor Windows XP (KB2660465) Beveiligingsupdate voor Windows XP (KB2676562) Beveiligingsupdate voor Windows XP (KB2685939) Beveiligingsupdate voor Windows XP (KB2686509) Beveiligingsupdate voor Windows XP (KB2691442) Beveiligingsupdate voor Windows XP (KB2695962) Beveiligingsupdate voor Windows XP (KB2698365) Beveiligingsupdate voor Windows XP (KB2705219) Beveiligingsupdate voor Windows XP (KB2707511) Beveiligingsupdate voor Windows XP (KB2709162) Beveiligingsupdate voor Windows XP (KB2712808) Beveiligingsupdate voor Windows XP (KB2718523) Beveiligingsupdate voor Windows XP (KB2719985) Beveiligingsupdate voor Windows XP (KB2723135) Beveiligingsupdate voor Windows XP (KB2724197) Beveiligingsupdate voor Windows XP (KB2727528) Beveiligingsupdate voor Windows XP (KB2731847) Beveiligingsupdate voor Windows XP (KB2753842-v2) Beveiligingsupdate voor Windows XP (KB2753842) Beveiligingsupdate voor Windows XP (KB2757638) Beveiligingsupdate voor Windows XP (KB2758857) Beveiligingsupdate voor Windows XP (KB2761226) Beveiligingsupdate voor Windows XP (KB2770660) Beveiligingsupdate voor Windows XP (KB2778344) Beveiligingsupdate voor Windows XP (KB2779030) Beveiligingsupdate voor Windows XP (KB2780091) Beveiligingsupdate voor Windows XP (KB2799494) Beveiligingsupdate voor Windows XP (KB2802968) Beveiligingsupdate voor Windows XP (KB2807986) Beveiligingsupdate voor Windows XP (KB2808735) Beveiligingsupdate voor Windows XP (KB2813170) Beveiligingsupdate voor Windows XP (KB2813345) Beveiligingsupdate voor Windows XP (KB2820197) Beveiligingsupdate voor Windows XP (KB2820917) Beveiligingsupdate voor Windows XP (KB2829361) Beveiligingsupdate voor Windows XP (KB2834886) Beveiligingsupdate voor Windows XP (KB2839229) Beveiligingsupdate voor Windows XP (KB2845187) Beveiligingsupdate voor Windows XP (KB2847311) Beveiligingsupdate voor Windows XP (KB2849470) Beveiligingsupdate voor Windows XP (KB2850851) Beveiligingsupdate voor Windows XP (KB2850869) Beveiligingsupdate voor Windows XP (KB2859537) Beveiligingsupdate voor Windows XP (KB2862152) Beveiligingsupdate voor Windows XP (KB2862330) Beveiligingsupdate voor Windows XP (KB2862335) Beveiligingsupdate voor Windows XP (KB2864063) Beveiligingsupdate voor Windows XP (KB2868038) Beveiligingsupdate voor Windows XP (KB2868626) Beveiligingsupdate voor Windows XP (KB2876217) Beveiligingsupdate voor Windows XP (KB2876315) Beveiligingsupdate voor Windows XP (KB2876331) Beveiligingsupdate voor Windows XP (KB2883150) Beveiligingsupdate voor Windows XP (KB2884256) Beveiligingsupdate voor Windows XP (KB2892075) Beveiligingsupdate voor Windows XP (KB2893294) Beveiligingsupdate voor Windows XP (KB2893984) Beveiligingsupdate voor Windows XP (KB2898715) Beveiligingsupdate voor Windows XP (KB2900986) Beveiligingsupdate voor Windows XP (KB2914368) Beveiligingsupdate voor Windows XP (KB2916036) Beveiligingsupdate voor Windows XP (KB2922229) Beveiligingsupdate voor Windows XP (KB2929961) Beveiligingsupdate voor Windows XP (KB2930275) Beveiligingsupdate voor Windows XP (KB923561) Beveiligingsupdate voor Windows XP (KB923789) Beveiligingsupdate voor Windows XP (KB938464-v2) Beveiligingsupdate voor Windows XP (KB946648) Beveiligingsupdate voor Windows XP (KB950760) Beveiligingsupdate voor Windows XP (KB950762) Beveiligingsupdate voor Windows XP (KB950974) Beveiligingsupdate voor Windows XP (KB951066) Beveiligingsupdate voor Windows XP (KB951376-v2) Beveiligingsupdate voor Windows XP (KB951748) Beveiligingsupdate voor Windows XP (KB952004) Beveiligingsupdate voor Windows XP (KB952954) Beveiligingsupdate voor Windows XP (KB954459) Beveiligingsupdate voor Windows XP (KB954600) Beveiligingsupdate voor Windows XP (KB955069) Beveiligingsupdate voor Windows XP (KB956572) Beveiligingsupdate voor Windows XP (KB956744) Beveiligingsupdate voor Windows XP (KB956802) Beveiligingsupdate voor Windows XP (KB956803) Beveiligingsupdate voor Windows XP (KB956844) Beveiligingsupdate voor Windows XP (KB957097) Beveiligingsupdate voor Windows XP (KB958644) Beveiligingsupdate voor Windows XP (KB958687) Beveiligingsupdate voor Windows XP (KB958690) Beveiligingsupdate voor Windows XP (KB958869) Beveiligingsupdate voor Windows XP (KB959426) Beveiligingsupdate voor Windows XP (KB960225) Beveiligingsupdate voor Windows XP (KB960715) Beveiligingsupdate voor Windows XP (KB960803) Beveiligingsupdate voor Windows XP (KB960859) Beveiligingsupdate voor Windows XP (KB961371) Beveiligingsupdate voor Windows XP (KB961373) Beveiligingsupdate voor Windows XP (KB961501) Beveiligingsupdate voor Windows XP (KB963027) Beveiligingsupdate voor Windows XP (KB968537) Beveiligingsupdate voor Windows XP (KB969059) Beveiligingsupdate voor Windows XP (KB969898) Beveiligingsupdate voor Windows XP (KB969947) Beveiligingsupdate voor Windows XP (KB970238) Beveiligingsupdate voor Windows XP (KB970430) Beveiligingsupdate voor Windows XP (KB971468) Beveiligingsupdate voor Windows XP (KB971486) Beveiligingsupdate voor Windows XP (KB971557) Beveiligingsupdate voor Windows XP (KB971633) Beveiligingsupdate voor Windows XP (KB971657) Beveiligingsupdate voor Windows XP (KB971961) Beveiligingsupdate voor Windows XP (KB972270) Beveiligingsupdate voor Windows XP (KB973346) Beveiligingsupdate voor Windows XP (KB973354) Beveiligingsupdate voor Windows XP (KB973507) Beveiligingsupdate voor Windows XP (KB973525) Beveiligingsupdate voor Windows XP (KB973869) Beveiligingsupdate voor Windows XP (KB973904) Beveiligingsupdate voor Windows XP (KB974112) Beveiligingsupdate voor Windows XP (KB974318) Beveiligingsupdate voor Windows XP (KB974392) Beveiligingsupdate voor Windows XP (KB974571) Beveiligingsupdate voor Windows XP (KB975025) Beveiligingsupdate voor Windows XP (KB975467) Beveiligingsupdate voor Windows XP (KB975560) Beveiligingsupdate voor Windows XP (KB975561) Beveiligingsupdate voor Windows XP (KB975562) Beveiligingsupdate voor Windows XP (KB975713) Beveiligingsupdate voor Windows XP (KB977165-v2) Beveiligingsupdate voor Windows XP (KB977816) Beveiligingsupdate voor Windows XP (KB977914) Beveiligingsupdate voor Windows XP (KB978037) Beveiligingsupdate voor Windows XP (KB978251) Beveiligingsupdate voor Windows XP (KB978262) Beveiligingsupdate voor Windows XP (KB978338) Beveiligingsupdate voor Windows XP (KB978542) Beveiligingsupdate voor Windows XP (KB978601) Beveiligingsupdate voor Windows XP (KB978706) Beveiligingsupdate voor Windows XP (KB979309) Beveiligingsupdate voor Windows XP (KB979482) Beveiligingsupdate voor Windows XP (KB979559) Beveiligingsupdate voor Windows XP (KB979683) Beveiligingsupdate voor Windows XP (KB979687) Beveiligingsupdate voor Windows XP (KB980195) Beveiligingsupdate voor Windows XP (KB980218) Beveiligingsupdate voor Windows XP (KB980232) Beveiligingsupdate voor Windows XP (KB980436) Beveiligingsupdate voor Windows XP (KB981322) Beveiligingsupdate voor Windows XP (KB981349) Beveiligingsupdate voor Windows XP (KB981852) Beveiligingsupdate voor Windows XP (KB981957) Beveiligingsupdate voor Windows XP (KB981997) Beveiligingsupdate voor Windows XP (KB982132) Beveiligingsupdate voor Windows XP (KB982214) Beveiligingsupdate voor Windows XP (KB982665) Beveiligingsupdate voor Windows XP (KB982802) CCleaner DriverRestore Essenti‰le update voor Windows Media Player 11 (KB959772) Folder Crypto Password Google Chrome Google Farsi Input Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix voor Windows Media Player [zie Q828026 voor meer informatie] Hotfix voor Windows Media Player 11 (KB939683) Hotfix voor Windows XP (KB2158563) Hotfix voor Windows XP (KB2443685) Hotfix voor Windows XP (KB2570791) Hotfix voor Windows XP (KB2633952) Hotfix voor Windows XP (KB2756822) Hotfix voor Windows XP (KB2779562) Hotfix voor Windows XP (KB942288-v3) Hotfix voor Windows XP (KB952287) Hotfix voor Windows XP (KB961118) Hotfix voor Windows XP (KB970653-v3) Hotfix voor Windows XP (KB976098-v2) Hotfix voor Windows XP (KB979306) Hotfix voor Windows XP (KB981793) Java(TM) 6 Update 38 jetAudio Basic VX Junk Mail filter update Logitech Desktop Messenger Logitech IM Video Companion Logitech ImageStudio Malwarebytes Anti-Malware versie 2.1.8.1057 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft National Language Support Downlevel APIs Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVC80_x86_v2 MSVC90_x86 MSVCRT Nokia Connectivity Cable Driver NVIDIA Drivers PC Connectivity Solution RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2) Segoe UI SkypeT 7.8 Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD TeamViewer 10 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Update voor Windows Internet Explorer 8 (KB2447568) Update voor Windows XP (KB2141007) Update voor Windows XP (KB2345886) Update voor Windows XP (KB2467659) Update voor Windows XP (KB2541763) Update voor Windows XP (KB2607712) Update voor Windows XP (KB2616676) Update voor Windows XP (KB2641690) Update voor Windows XP (KB2661254-v2) Update voor Windows XP (KB2718704) Update voor Windows XP (KB2736233) Update voor Windows XP (KB2749655) Update voor Windows XP (KB2863058) Update voor Windows XP (KB2904266) Update voor Windows XP (KB2934207) Update voor Windows XP (KB951978) Update voor Windows XP (KB955759) Update voor Windows XP (KB955839) Update voor Windows XP (KB961503) Update voor Windows XP (KB967715) Update voor Windows XP (KB968389) Update voor Windows XP (KB971029) Update voor Windows XP (KB971737) Update voor Windows XP (KB973687) Update voor Windows XP (KB973815) WebFldrs XP Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Installer Clean Up Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 WinRAR archiver YouTube Downloader Toolbar v4.3 YTD Video Downloader 3.9.6 ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\TeamViewer\TeamViewer_Service.exe C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Logitech\ImageStudio\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Logitech\ImageStudio\LowLight.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Mijn documenten\Downloads\zoek.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Comodo not found C:\Program Files\Graboid not found C:\Program Files\TomTom DesktopSuite not found C:\Program Files\ComPlus Applications deleted C:\Program Files\WindowsUpdate deleted C:\Program Files\Windows Live SkyDrive deleted C:\Program Files\Zoom Player deleted C:\Program Files\Yahoo! deleted C:\Program Files\globalUpdate deleted C:\Documents and Settings\NetworkService\Application Data\Yahoo! deleted C:\Documents and Settings\User\Application Data\Yahoo! deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Allmyapps deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\YTD Video Downloader deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallMate deleted C:\Documents and Settings\NetworkService\Local Settings\Application Data\myBabylon_English deleted C:\Documents and Settings\NetworkService\Local Settings\Application Data\myBabylon_English2 deleted C:\Documents and Settings\NetworkService\Local Settings\Application Data\myBabylon_English3 deleted C:\Documents and Settings\User\Local Settings\Application Data\globalUpdate deleted C:\Documents and Settings\User\Local Settings\Application Data\avgchrome deleted C:\Documents and Settings\User\Local Settings\Application Data\CrashRpt deleted C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader deleted C:\WINDOWS\tasks\WinZipDriverUpdater_UPDATES.job deleted C:\WINDOWS\tasks\At1.job deleted C:\WINDOWS\tasks\At2.job deleted C:\WINDOWS\Launcher.exe deleted C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk deleted C:\Documents and Settings\User\Local Settings\Application Data\setup.exe deleted ==== System Specs ====================== Windows: Windows XP Home Edition Service Pack 3 (Build 2600) Memory (RAM): 960 MB CPU Info: Intel(R) Celeron(R) CPU E1400 @ 2.00GHz CPU Speed: 1964,3 MHz Sound Card: Realtek HD Audio output | Display Adapters: NVIDIA GeForce 7050 / NVIDIA nForce 610i | NetMeeting driver | RDPDD Chained DD Monitors: 1x; Plug en Play-monitor | Screen Resolution: 1024 X 768 - 32 bit Network: Network Present Network Adapters: NVIDIA nForce Networking Controller - Pakketplanner-minipoort CD / DVD Drives: 1x (F: | ) F: SONY CD-RW CRX210E1 Ports: COM1 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 55,9GB | D: 46,9GB | E: 9,0GB Hard Disks - Free: C: 32,7GB | D: 37,9GB | E: 9,0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/15/08 | 071508 - 20080715 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI MS-7366 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning enabled (Updated) Anti-Virus: avast! Antivirus On-access scanning disabled (Updated) Default Browser: Google Chrome 44.0.2403.157 Internet Explorer version: 8.0.6001.18702 Google Chrome version: 44.0.2403.157 Adobe Reader version: 10.1.11.8 Sun Java version: 1.6.0_38 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\User\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2015-08-11 09:48:31 CCB3D97B2AF65660D4866BBDF10AA5FE 28672 ----a-w- C:\WINDOWS\System32\CIMSVRps.dll 2015-08-11 09:48:31 5F17D483D473F7D45CD956471093D42F 233472 ----a-w- C:\WINDOWS\System32\CIMVIEW.dll 2015-08-11 09:48:31 3B44D8B4EB1A1E684584EE90EC7460D1 466944 ----a-w- C:\WINDOWS\System32\CIMSVR.exe 2015-08-11 09:48:31 337E30ACB755B4EC2E94BD60BAD40BD8 147456 ----a-w- C:\WINDOWS\System32\MimicICM.dll ====== C:\WINDOWS\system32\drivers ===== 2015-08-07 12:11:44 B833B70FE639F01FB36CEDABE57EF031 14720 ----a-w- C:\WINDOWS\System32\drivers\kbdhid.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-08-24 16:30:42 -------- d-----w- C:\Program Files\trend micro 2015-08-15 10:15:22 -------- d-----w- C:\Program Files\Common Files\Skype 2015-08-15 10:15:11 -------- d-----r- C:\Program Files\Skype ======= C: ===== ====== C:\Documents and Settings\User\Application Data ====== 2015-08-12 08:51:00 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp 2015-08-11 10:18:41 -------- d-----w- C:\Documents and Settings\User\Local Settings\Application Data\PCHealth 2015-08-09 08:23:54 -------- d-----w- C:\Documents and Settings\User\Application Data\TeamViewer ====== C:\Documents and Settings\User ====== 2015-08-22 18:02:40 -------- d--h--r- C:\Documents and Settings\User\Onlangs geopend ====== C: exe-files == 2015-08-24 16:30:42 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe 2015-08-22 07:22:16 E2AB465A4F48E9E64FE028374249B881 981584 ----a-w- C:\Program Files\Google\Update\Install\{67ABBDCF-72D4-40CB-B52C-E344D838A912}\44.0.2403.157_44.0.2403.155_chrome_updater.exe 2015-08-22 07:21:32 E2AB465A4F48E9E64FE028374249B881 981584 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.157\44.0.2403.157_44.0.2403.155_chrome_updater.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "WebCamRT.exe"="" "SSUPRDReminder"="C:\Program Files\System Speedup\SystemSpeedup.exe -rem" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "TkBellExe"="C:\program files\real\realplayer\update\realsched.exe -osboot" "LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" "LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "WebCamRT.exe"="" "SSUPRDReminder"="C:\Program Files\System Speedup\SystemSpeedup.exe -rem" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NMBgMonitor" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CDC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="cdc" "hkey"="HKLM" "command"="\"C:\\Program Files\\CD Copy Master\\cdc.exe\" Hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FCPAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="fppservice" "hkey"="HKLM" "command"="C:\\Program Files\\Everstrike Software\\Folder Crypto Password\\fppservice.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FDPRO-516] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FighterLauncher" "hkey"="HKCU" "command"="C:\\Program Files\\Fighters\\FighterLauncher.exe FDPRO" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleUpdate" "hkey"="HKCU" "command"="\"C:\\Documents and Settings\\User\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LVCOMS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LVCOMS" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Logitech\\QCDriver3\\LVCOMS.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger (Yahoo!)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="YahooMessenger" "hkey"="HKCU" "command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msseces" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaOviSuite2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaOviSuite" "hkey"="HKCU" "command"="C:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvCpl" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvMcTray" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PoivY] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PoivY" "hkey"="HKCU" "command"="\"C:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe\" -nosplash -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDCPL" "hkey"="HKLM" "command"="RTHDCPL.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Search Protection] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SearchProtection" "hkey"="HKCU" "command"="C:\\Program Files\\Yahoo!\\Search Protection\\SearchProtection.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleToolbarNotifier" "hkey"="HKCU" "command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\program files\\real\\realplayer\\update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOMERunner" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VoipBuster] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VoipBuster" "hkey"="HKCU" "command"="\"C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe\" -nosplash -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VoipConnect] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VoipConnect" "hkey"="HKCU" "command"="\"C:\\Program Files\\VoipConnect.com\\VoipConnect\\VoipConnect.exe\" -nosplash -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VoipStunt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VoipStunt" "hkey"="HKCU" "command"="\"C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe\" -nosplash -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Voipwise] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Voipwise" "hkey"="HKCU" "command"="\"C:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe\" -nosplash -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCamRT.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YSearchProtection] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SearchProtection" "hkey"="HKLM" "command"="\"C:\\Program Files\\Yahoo!\\Search Protection\\SearchProtection.exe\"" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Documents and Settings\\User\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe\" /c" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "TkBellExe"="\"C:\\program files\\real\\realplayer\\update\\realsched.exe\" -osboot" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [30-07-2008 12:34] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-06-2015 17:07] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-06-2015 17:07] C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:bLdTX0FP sP8C:\Program Files\Microsoft Security Client\MpCmdRun.exe [] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27-02-2014 01:28] C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [14-08-2013 15:19] C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [14-08-2013 15:19] C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [14-08-2013 15:19] C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ [Undetermined Task] C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14-08-2013 17:13] C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14-08-2013 17:13] C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14-08-2013 17:13] C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14-08-2013 17:13] C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-1177238915-1417001333-1004.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [14-08-2013 17:13] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\bwyg6sk3.default user_pref("browser.search.defaulturl", ""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [14-05-2014 13:54] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{1fa7db89-22a1-4461-9482-c37800dd633a}"="C:\Program Files\View-Password-soft\157.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\bwyg6sk3.default - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\bwyg6sk3.default 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM F51ECBBA611C75E47578295D5241630F - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat D654525C0902C21118AD29217E4ECB49 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 1F352B5944AF5C2204D9EFF7F845C5AF - C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll - Google Update F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 96B3689320E9B16EDF38B7A5001C35F0 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) BE126CB7049E89ED6F3038016668B502 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin 3A9E1940B4459CC97FDCBB24FCB69004 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 0B4EC04713DC3438D52FF403348B3825 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java(TM) Platform SE 6 U38 7A75CCAA7E3CE0B14F7428F1731CF4C9 - C:\WINDOWS\system32\Npindeo.dll - Intel Indeo® video 5.1 PD Plug-In 3CB231F12674D3CB0AC1F5EDE9578E85 - C:\WINDOWS\system32\npwmsdrm.dll - Microsoft® Windows Media Services 5BF37947AF594EAC3D6F8405405D2541 - C:\WINDOWS\system32\npdeployJava1.dll - Java Deployment Toolkit 6.0.380.5 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight 3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows® ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.157 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 15:24] mnjcjnijcaieohbonadbjobhhhcbdbdo - C:\Documents and Settings\All Users\Application Data\Browse2save\mnjcjnijcaieohbonadbjobhhhcbdbdo.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bakijjialdiiboeaknfpmflphhmljfkd - No path found[] fcfenmboojpjinhpgggodefccipikbpd - No path found[] Docs - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealDownloader - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Gmail - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf ytbyclick D1 - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmjkkfcmfikddklhnfbifdngpcjndhhb Google Wallet - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Angry Birds - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Google Docs - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Chrome Web Store Payments - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Preferences "homepage": "http://www.search.ask.com/?gct=hp", "startup_urls": [ "http://www.google.nl/" ] C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Preferences {"incidents_sent":"743AA37DBEAC07D445ADB3168DA4340BC1BDCC1FFD6D134E88370F9BC6CA6F6B"},"search_provider_overrides":"C685D143E20E986D647A4FD794F8F34635A6771FA270180D4567B741725744EF","session":{"restore_on_startup":"DA804B934870EE7FBC292D9E6D5E6BC1CB5E2FFFF5A63BA112DA40FDAAA20021","startup_urls":"C0CE2A1DB160379D39A52147EAC57C4F743D61F42E5B3D3CDB5E81CE7B963801"},"software_reporter":{"prompt_reason":"4F4D48000BAF92796DB390AFA12ED305CB74EB97D522467D567B3BD0D1000C08","prompt_seed":"A7270783083727F26427684B562FEC1BD8124FA07E44CFC60EFDE448B4B090E6","prompt_version":"60399750C9551D80388EE42436749D477A18130C5E0651954660337AC3220645"},"sync":{"remaining_rollback_tries":"BB00E5EA1DCA2DD92A10954C9A7A0EB4D093AEA425361263FED8F5CBDD100A4A"}},"super_mac":"5A38606FB4247C77B477E598AB3D80A7C7965F750DE252D71E54CDD150F77768"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.nl/"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=nl-nl" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937" "Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com" "(Default)"="http://www.google.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=2937" "Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomSearch"="http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html" "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com/" "Search Page"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://www.google.com" "Default_Search_URL"="http://www.google.com/" "Search Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=nl-nl" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomSearch"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-507921405-1177238915-1417001333-1004\Software\mozilla\Firefox\Extensions\{1fa7db89-22a1-4461-9482-c37800dd633a} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\jqs@sun.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mnjcjnijcaieohbonadbjobhhhcbdbdo deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDC deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FDPRO-516 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PoivY deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipConnect deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipStunt deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voipwise deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection deleted successfully ==== HijackThis Entries ====================== O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SSUPRDReminder] C:\Program Files\System Speedup\SystemSpeedup.exe -rem O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Profile 3\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=29 folders=26 4577396 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\User\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\User\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 25-08-2015 at 11:22:43,71 ======================