Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by lionel on za 30/01/2016 at 10:02:24,29. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\lionel\Downloads\zoek (2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe C:\Program Files\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWlan.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\WUDFHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_286_ActiveX.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\lionel\Downloads\zoek (2).exe C:\Windows\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 30/01/2016 10:04:04 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\ProductData deleted successfully C:\Users\lionel\AppData\Roaming\HpUpdate deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Installed Programs ====================== Adobe Flash Player 20 ActiveX Adobe Photoshop Elements 7.0 Adobe Reader X (10.1.16) - Nederlands Adobe Refresh Manager Basissoftware voor HP Deskjet 3050 J610 series Belgium e-ID middleware 4.0.7 (build 7466) Bing Bar Platform Bluesoleil2.7.0.35 VoIP Release 080317 CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner CDBurnerXP Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibiliteitspakket voor het 2007 Microsoft Office system D3DX10 Dropbox Dropbox Update Helper Glary Utilities 5.42 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Deskjet 3050 J610 series Haelp HP Update HPDiagnosticAlert HPDiagnosticCoreDll IncrediMail Java 8 Update 60 Java 8 Update 66 Java Auto Updater Junk Mail filter update LightScribe System Software Malwarebytes Anti-Malware versie 2.2.0.1024 Mesh Runtime Messenger Companion Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Picture It Photo Standard 9 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Works Microsoft Works 6-9 Converter Microsoft Works Suite-invoegtoepassing Microsoft Word Mozilla Firefox 43.0.4 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 38.5.1 (x86 nl) MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyDriveConnect 4.0.7.2442 Nero 7 Essentials neroxml NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Display Control Panel NVIDIA Grafisch stuurprogramma 311.06 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenOffice 4.1.0 Paint Shop Pro 7 Anniversary Edition Photo Notifier and Animation Creator Picasa 3 PIXresizer Productverbeteringonderzoek HP Deskjet 3050 J610 series PVSonyDll Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista RealWorld Photos Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft .NET Framework 4.5.2 (KB3072310) Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft .NET Framework 4.5.2 (KB3099869) Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085616) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114541) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114457) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114546) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114540) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687406) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114549) 32-Bit Edition Segoe UI Sitecom WiFi USB adapter N300 Driver and Utility Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Surfing Protection Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TomTom HOME TomTom HOME Visual Studio Merge Modules TP-LINK TL-WN823N Driver Update Detector 5.10.1.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114544) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.6195 VIA Platform apparaatbeheer VisiPics V1.31 Visual Studio C++ 10.0 Runtime VLC media player Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] ==== Deleting Files \ Folders ====================== "C:\DelFix" not found "C:\Windows\zoek-delete.exe" not found C:\Program Files\MSN Toolbar deleted C:\AVG_Remover deleted C:\Users\lionel\AppData\Roaming\IObit deleted C:\Users\lionel\AppData\Roaming\ProductData deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\lionel\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2016-01-30 08:35:58 6F47495F78F86E93E6309392E405FA69 399080 ----a-w- C:\Windows\System32\FNTCACHE.DAT 2016-01-19 08:44:50 737DB8E4E1136DC1E3E91CA019F66DFA 42920 ----a-w- C:\Windows\System32\TURegOpt.exe 2016-01-19 08:44:48 F4F36D2AA4C3A686F749BF1C46F84C37 32680 ----a-w- C:\Windows\System32\authuitu.dll ====== C:\Windows\system32\drivers ===== 2016-01-15 09:55:06 672850B63B45CA3B05E66D09FBE54D10 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-01-26 15:16:51 -------- d-----w- C:\Program Files\Mozilla Thunderbird 2016-01-18 09:33:33 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2016-01-15 10:10:03 -------- d-----w- C:\Program Files\trend micro ======= C: ===== 2016-01-19 08:36:43 9DE0B90D51495DA6C3EDF6F0A6BEC03F 2053 ----a-w- C:\DelFix.txt ====== C:\Users\lionel\AppData\Roaming ====== 2016-01-30 08:46:43 098152F3BE806025CE05B969C24003F1 109184 ----a-w- C:\Users\lionel\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-17 09:32:57 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-01-17 09:32:57 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-01-17 09:32:57 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2016-01-17 09:32:57 -------- d-----w- C:\Users\TEMP\AppData\Local\Temp 2016-01-17 09:32:56 -------- d-----w- C:\Users\lionel\AppData\Local\Temp 2016-01-17 09:32:56 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-01-17 09:32:56 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\lionel ====== 2016-01-29 16:46:58 E38F964D09275CAB0DA2383F5BBC0868 6828320 ----a-w- C:\Users\lionel\Downloads\ccsetup514.exe 2016-01-26 15:15:42 6383490AB95F74653226A59DB979C51C 34611600 ----a-w- C:\Users\lionel\Downloads\Thunderbird Setup 38.5.1.exe 2016-01-24 09:35:41 643A46FBFC827C7982AA1268F67337D4 491784 ----a-w- C:\Users\lionel\Downloads\incredimail_install (1).exe 2016-01-24 09:25:09 8242F8925FBEFA34CDB6EA43EBDEB775 491784 ----a-w- C:\Users\lionel\Downloads\incredimail_install(2).exe 2016-01-19 16:54:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-01-19 16:50:26 FCF6FF2B5300C3C87586A955CF30E058 55976344 ----a-w- C:\Users\lionel\Downloads\Dropbox_v3.12.6.exe 2016-01-19 16:41:29 BD4122D5B2830C8DB3992CB9D2920F0E 6677440 ----a-w- C:\Users\lionel\Downloads\ccsetup510 (1).exe 2016-01-19 16:40:41 BD4122D5B2830C8DB3992CB9D2920F0E 6677440 ----a-w- C:\Users\lionel\Downloads\ccsetup510.exe 2016-01-18 09:31:47 647767F564F143CCA03CA4A780990CDA 46158512 ----a-w- C:\Users\lionel\Downloads\Firefox-Setup-43-0-4_NL.exe ====== C: exe-files == 2016-01-29 16:46:58 E38F964D09275CAB0DA2383F5BBC0868 6828320 ----a-w- C:\Users\lionel\Downloads\ccsetup514.exe 2016-01-26 15:16:52 FE4B4BE949269D324975A003CFB43551 955584 ----a-w- C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe 2016-01-26 15:16:52 DB67271F2F0CF35A8F70AF28DC25E874 304072 ----a-w- C:\Program Files\Mozilla Thunderbird\updater.exe 2016-01-26 15:16:52 D6741A1460B29110238F46A00575E0A7 22984 ----a-w- C:\Program Files\Mozilla Thunderbird\WSEnable.exe 2016-01-26 15:16:52 D2757353D0B370FCC49D4CEA5E9D0740 146888 ----a-w- C:\Program Files\Mozilla Thunderbird\maintenanceservice.exe 2016-01-26 15:16:52 AB66522A7C069CD609CD12E0B63D6CDF 276936 ----a-w- C:\Program Files\Mozilla Thunderbird\plugin-container.exe 2016-01-26 15:16:52 5E82082349104C5ABBAF9DA24C384D2B 170368 ----a-w- C:\Program Files\Mozilla Thunderbird\maintenanceservice_installer.exe 2016-01-26 15:16:52 59A082F20B26C3BBF81EDACC1E7A0F81 490952 ----a-w- C:\Program Files\Mozilla Thunderbird\thunderbird.exe 2016-01-26 15:16:52 1C9C6AE812F6130FE752F2531813BBB6 288200 ----a-w- C:\Program Files\Mozilla Thunderbird\crashreporter.exe 2016-01-26 15:15:42 6383490AB95F74653226A59DB979C51C 34611600 ----a-w- C:\Users\lionel\Downloads\Thunderbird Setup 38.5.1.exe 2016-01-24 09:37:16 0C93718599A68D1E5A0E76A706874833 26960 ----a-w- C:\Program Files\IncrediMail\Bin\AE\aeldr.exe 2016-01-24 09:36:08 F6B4A60E12E6ABC22372002ED3284E39 260520 ----a-w- C:\Program Files\IncrediMail\Bin\ImNotfy.exe 2016-01-24 09:36:08 876B1FD3D809AA5D7C5531F7EACAC2F0 121256 ----a-w- C:\Program Files\IncrediMail\Bin\ImSetup.exe 2016-01-24 09:36:08 738971DDF260A456A9E4D87BE3CD3314 68008 ----a-w- C:\Program Files\IncrediMail\Bin\ImLpp.exe 2016-01-24 09:36:08 6B9701B1AB88B51DA2864055B507C8AC 104872 ----a-w- C:\Program Files\IncrediMail\Bin\ImPackr.exe 2016-01-24 09:36:08 546F142DC5901FADA5E83E8A70D2625E 113064 ----a-w- C:\Program Files\IncrediMail\Bin\ImpCnt.exe 2016-01-24 09:36:08 50EE17A8C40685C98E3CE23875FFFB32 297384 ----a-w- C:\Program Files\IncrediMail\Bin\ImApp.exe 2016-01-24 09:36:08 043E2C2382D21C3353F4E06BE5276D30 444840 ----a-w- C:\Program Files\IncrediMail\Bin\IncMail.exe 2016-01-24 09:36:08 01059454DEEC4D70D625C0B6F2033016 129368 ----a-w- C:\Program Files\IncrediMail\Bin\ImBpp.exe 2016-01-24 09:35:41 643A46FBFC827C7982AA1268F67337D4 491784 ----a-w- C:\Users\lionel\Downloads\incredimail_install (1).exe 2016-01-24 09:25:09 8242F8925FBEFA34CDB6EA43EBDEB775 491784 ----a-w- C:\Users\lionel\Downloads\incredimail_install(2).exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dropbox" "hkey"="HKLM" "command"="\"C:\\Program Files\\Dropbox\\Client\\Dropbox.exe\" /systemstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ehTray.exe" "hkey"="HKCU" "command"="C:\\Windows\\ehome\\ehTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GUDelayStartup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GUDelayStartup" "hkey"="HKCU" "command"="\"C:\\Program Files\\Glary Utilities 5\\StartupManager.exe\" -delayrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InCD" "hkey"="HKLM" "command"="C:\\Program Files\\Nero\\Nero 7\\InCD\\InCD.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightScribe Control Panel" "hkey"="HKCU" "command"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyDriveConnect.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MyDriveConnect.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\MyDrive Connect\\TomTom MyDrive Connect.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SecurDisc] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SecurDisc" "hkey"="HKLM" "command"="C:\\Program Files\\Nero\\Nero 7\\InCD\\NBHGui.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Defender" "hkey"="HKLM" "command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TP-LINK Wireless Configuration Utility.lnk" "backup"="C:\\Windows\\pss\\TP-LINK Wireless Configuration Utility.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\TP-LINK\\TP-LIN~1\\TWCU.exe -nogui" "item"="TP-LINK Wireless Configuration Utility" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^lionel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\lionel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\lionel\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^lionel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^wkcalrem.LNK] "path"="C:\\Users\\lionel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\wkcalrem.LNK" "backup"="C:\\Windows\\pss\\wkcalrem.LNK.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\WORKSS~1\\WkCalRem.exe " "item"="wkcalrem" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2014-02-27 09:04:16 1112 ----a-w- C:\Users\lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WKCALREM.LNK ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [22/01/2016 12:51] C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files\Dropbox\Update\DropboxUpdate.exe [19/01/2016 17:51] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files\Dropbox\Update\DropboxUpdate.exe [19/01/2016 17:51] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\Driver Booster SkipUAC (lionel)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\system32\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\system32\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\system32\tasks\GlaryInitialize 5" [C:\Program Files\Glary Utilities 5\Initialize.exe] "C:\Windows\system32\tasks\GU5SkipUAC" [C:\Program Files\Glary Utilities 5\Integrator.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\hpUrlLauncher.exe" [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\utils\hpUrlLauncher.exe] "C:\Windows\system32\tasks\Java Platform SE Auto Updater" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [13/12/2015 10:07] ==== Firefox Extensions ====================== ProfilePath: C:\Users\lionel\AppData\Roaming\Mozilla\Firefox\Profiles\nnqp82dx.default - Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@firefox.mozilla.org.xpi ProfilePath: C:\Users\lionel\AppData\Roaming\Thunderbird\Profiles\tqkdnywb.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\lionel\AppData\Roaming\TomTom\HOME\Profiles\pvqn3gcl.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\lionel\AppData\Roaming\Mozilla\Firefox\Profiles\nnqp82dx.default F169116C1BA501AB4D0D66D41FF496B5 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat FC5D7AF1FC3A63782E19B375E2312D1C - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 07A722522C5CB75AEBF837E0411415C0 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision 75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In D6015DB8EA402753421FF62CA3909B62 - C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U66 776C6B8D53C56500BC355D513F11A105 - C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.660.18 C63C3E4DFC05BAD9B34C0F884150547C - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 8BA469072B5A692B659F856C7E97A230 - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll - NPCIG.dll 4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Drive - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="https://www.google.com/search?q={searchTerms}" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\lionel\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\lionel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=144 folders=32 23311383 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\lionel\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\lionel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on za 30/01/2016 at 10:20:57,80 ======================