Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Gebruiker on vr 25/03/2016 at 18:58:57,31. Running in: Normal Mode No Internet Access Detected Launched: D:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== Failed to create System Restore Point ==== Empty Folders Check ====================== C:\Program Files\MTV20160128 deleted successfully C:\Program Files\NeoSmart Technologies deleted successfully C:\Program Files\trend micro deleted successfully C:\PROGRA~2\TXQMPC deleted successfully C:\Users\Gebruiker\AppData\Roaming\LightGate deleted successfully C:\Users\Gebruiker\AppData\Roaming\Opera Software deleted successfully C:\Users\Gebruiker\AppData\Roaming\SpringFiles deleted successfully C:\Users\Gebruiker\AppData\Roaming\systweak deleted successfully C:\Users\Gebruiker\AppData\Roaming\talimama deleted successfully C:\Users\Gebruiker\AppData\Local\Adobe deleted successfully C:\Users\Gebruiker\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QMUdisk deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QMUdisk deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Sharp Angle deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Sharp Angle deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "rec_be_192"=- "rec_be_184"=- "cessrs.exe -start"=- "mbot_be_014010212"=- "gmsd_be_005010235"=- "HomePageHelper"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msiql"=- ==== Deleting Files \ Folders ====================== C:\Program Files\MTV20160128 not found C:\Program Files\NeoSmart Technologies not found C:\Program Files\trend micro not found "C:\Program Files\rec_be_184\rec_be_184.exe" not found "C:\Program Files\rec_be_192\rec_be_192.exe" not found C:\Program Files\mbot_be_014010212 deleted C:\Users\Gebruiker\AppData\Roaming\UPUpdata deleted C:\Program Files\RCP deleted C:\Program Files\Tencent deleted C:\Program Files\60602E55-1455229961-A324-B79C-4E45435F4349 deleted C:\Program Files\60602E55-1455232675-A324-B79C-4E45435F4349 deleted C:\Program Files\SearchesToYesbnd deleted C:\Program Files\Common Files\Tencent deleted C:\extensions deleted C:\Users\Gebruiker\AppData\Roaming\uninstall_temp.ico deleted C:\Users\Gebruiker\AppData\Roaming\Tencent deleted C:\Windows\system32\config\systemprofile\AppData\Roaming\Tencent deleted C:\PROGRA~2\xcgui_debug.txt deleted C:\PROGRA~2\Tencent deleted C:\Users\Gebruiker\AppData\Local\gmsd_be_005010235 deleted C:\Users\Gebruiker\AppData\Local\60602E55-1455233789-A324-B79C-4E45435F4349 deleted C:\Users\Gebruiker\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 deleted C:\Users\Gebruiker\AppData\Local\mbot_be_014010212 deleted C:\Users\Gebruiker\AppData\Local\Installer deleted C:\Windows\System32\drivers\{117feb5f-3af6-434f-bdc0-9568483a3ec2}Gt.sys deleted C:\Windows\System32\drivers\{3ddc039a-2c4d-47e1-99a5-3a33888ac872}Gt.sys deleted C:\Windows\System32\drivers\{4bf99d86-1f37-4311-a79d-5136408f4421}Gt.sys deleted C:\Windows\System32\drivers\{e764433c-1dc3-4660-8ad4-19c7ae7282fc}Gt.sys deleted C:\Windows\system32\roboot.exe deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Users\Gebruiker\AppData\Roaming\SilTom.exe deleted C:\Users\Gebruiker\AppData\Roaming\Uni-Lab.exe deleted C:\PROGRA~2\HomePage.exe deleted C:\PROGRA~2\LightGate.exe deleted C:\PROGRA~2\MTViewbuildmtview_316.exe deleted C:\PROGRA~2\service.exe deleted C:\Program Files\Sharp Angle deleted "C:\ProgramData\msiql.exe" deleted "C:\PROGRA~2\msiql.exe" deleted "C:\Program Files\gmsd_be_005010235\gmsd_be_005010235.exe" deleted "C:\Program Files\gmsd_be_005010235\gmsd_be_005010235.exe" deleted "C:\Program Files\gmsd_be_005010235\gmsd_be_005010235.exe" deleted "C:\Program Files\gmsd_be_005010235" not deleted "C:\Program Files\gmsd_be_005010235" not deleted "C:\Program Files\gmsd_be_005010235" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2016-03-22 14:51:04 BD48A7B8ACEE5D728FFD8A146DBD52F9 745472 ----a-w- C:\Windows\System32\NETw4c32.dll 2016-03-22 14:51:04 301974DE3041E71587C64AC508719524 2777088 ----a-w- C:\Windows\System32\NETw4r32.dll 2016-03-22 14:46:54 B46F04E5E77D7C314AF98EB937735348 7680 ----a-w- C:\Windows\System32\CIRCoInst.dll ====== C:\Windows\system32\drivers ===== 2016-03-22 14:51:57 F081ED0B8BD09D7F50AC9A30BBBB06BC 285184 ----a-w- C:\Windows\System32\drivers\yk60x86.sys 2016-03-22 14:51:04 38D720E0C8B0ECB9A019980265679798 2252800 ----a-w- C:\Windows\System32\drivers\NETw4v32.sys 2016-03-22 14:46:54 E4B04A0D8B237ECF026D849439F1BCCE 46592 ----a-w- C:\Windows\System32\drivers\itecir.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-03-22 14:47:10 -------- d-----w- C:\Program Files\DIFX 2016-03-22 14:46:53 -------- d--h--w- C:\Program Files\InstallShield Installation Information 2016-03-07 18:36:45 -------- d-----w- C:\Program Files\CleanBrowser ======= C: ===== 2016-02-29 19:38:37 DC59F2577AB66BAA482864BB28D965B3 1628 ----a-r- C:\Yeabeats Browser.lnk ====== C:\Users\Gebruiker\AppData\Roaming ====== 2016-03-22 14:46:51 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\InstallShield 2016-03-07 19:36:44 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\uTorrent 2016-03-07 18:39:27 -------- d-----w- C:\Users\Gebruiker\AppData\Local\app 2016-02-29 19:47:25 A280F43DFB22A8BAB1C72D4671F7A167 5120 ----a-w- C:\Users\Gebruiker\AppData\Roaming\GiftBag.db 2016-02-29 19:37:17 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\LightGate 2016-02-29 19:10:43 3DB8178A33B197E1B9A92B229981A93A 126464 ----a-w- C:\Users\Gebruiker\AppData\Roaming\noah.dat 2016-02-29 19:10:43 3ACDF10E663D9DC1DCF509C7B7B7D780 18432 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Main.dat 2016-02-29 19:10:43 0457973A274720F642D6CF59F6EC4202 64752 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Config.xml 2016-02-29 19:10:41 18BCA112D1F2D615B95C561FB174F6EE 8003072 ----a-w- C:\Users\Gebruiker\AppData\Roaming\agent.dat 2016-02-29 19:10:40 4B1F3875912C78AF828C9AEBC1AA2FC2 1895721 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Uni-Lab.tst 2016-02-29 19:10:31 B740BA3DEBD61187D6B2EF17D21991DB 5568 ----a-w- C:\Users\Gebruiker\AppData\Roaming\md.xml 2016-02-29 19:10:31 3DB8178A33B197E1B9A92B229981A93A 126464 ----a-w- C:\Users\Gebruiker\AppData\Roaming\lobby.dat 2016-02-29 19:10:31 38FA8C3094A5892FD881C50DCA7B33A8 54272 ----a-w- C:\Users\Gebruiker\AppData\Roaming\ApplicationHosting.dat 2016-02-29 19:10:28 2553D1240AA311FDFBF7C7F799CEE529 72855 ----a-w- C:\Users\Gebruiker\AppData\Roaming\SilTom.tst 2016-02-29 19:10:23 EF51F530529B96D1DD850646C0AF827B 651312 ----a-w- C:\Users\Gebruiker\AppData\Roaming\JobAntouch.bin ====== C:\Users\Gebruiker ====== 2016-02-29 19:37:03 D0CA7FC5EDB3F8C3324651079AD6C538 10365 ----a-w- C:\ProgramData\webad.xml 2016-02-29 19:36:48 4FD3329B7B15B5BD62CE7401D44F4F3D 2415616 ----a-w- C:\ProgramData\msearch 2016-02-29 19:11:32 -------- d-----w- C:\ProgramData\Hayzumflexs 2016-02-29 19:10:32 -------- d-----w- C:\ProgramData\CloudPrinter 2016-02-24 22:07:53 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2016-03-22 14:51:57 BE3541BFDA8A81C474224EB84E977004 521128 ----a-w- C:\drivers\lan\102443\DPInst.exe 2016-03-22 14:51:03 B3A3C7B35696991B106CD0CF882C6581 2916264 ----a-w- C:\drivers\wlan\115034\DPInst.exe 2016-03-22 14:51:03 1E8150A27BA4D0F41624A82A8E12896A 235784 ----a-w- C:\drivers\wlan\115034\iProdifx.EXE 2016-03-22 14:47:11 048ABFEB7F5B34D3ADF7AFB3C5907FA9 794080 ----a-w- C:\Program Files\DIFX\F46A63020E122F0A\DPInst.exe 2016-03-22 14:46:55 DA2DB81E5FD20F0696F2814F183216D1 929248 ----a-w- C:\Windows\ITECIR\x64AMD\DPInst.exe 2016-03-22 14:46:54 048ABFEB7F5B34D3ADF7AFB3C5907FA9 794080 ----a-w- C:\Windows\ITECIR\x86\DPInst.exe 2016-03-22 14:46:53 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.exe 2016-03-22 14:46:45 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\drivers\CIR\setup.exe === C: other files == 2016-03-22 14:51:57 F081ED0B8BD09D7F50AC9A30BBBB06BC 285184 ----a-w- C:\Windows\System32\DriverStore\FileRepository\yk60x86.inf_566c36d5\yk60x86.sys 2016-03-22 14:51:57 F081ED0B8BD09D7F50AC9A30BBBB06BC 285184 ----a-w- C:\Windows\System32\drivers\yk60x86.sys 2016-03-22 14:51:57 F081ED0B8BD09D7F50AC9A30BBBB06BC 285184 ----a-w- C:\drivers\lan\102443\yk60x86.sys 2016-03-22 14:51:04 38D720E0C8B0ECB9A019980265679798 2252800 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netw4v32.inf_28433588\NETw4v32.sys 2016-03-22 14:51:04 38D720E0C8B0ECB9A019980265679798 2252800 ----a-w- C:\Windows\System32\drivers\NETw4v32.sys 2016-03-22 14:51:04 38D720E0C8B0ECB9A019980265679798 2252800 ----a-w- C:\drivers\wlan\115034\NETw4v32.sys 2016-03-22 14:51:03 CD83E7F18C36014EB28A81F4E004A707 2599936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netw2.inf_6243d326\NETw2v32.sys 2016-03-22 14:51:03 CD83E7F18C36014EB28A81F4E004A707 2599936 ----a-w- C:\drivers\wlan\115034\NETw2v32.sys 2016-03-22 14:46:55 A05DE15CECE80427EAD47BE335367EE6 47104 ----a-w- C:\Windows\ITECIR\x64AMD\itecir.sys 2016-03-22 14:46:54 E4B04A0D8B237ECF026D849439F1BCCE 46592 ----a-w- C:\Windows\System32\DriverStore\FileRepository\itecir.inf_05612447\itecir.sys 2016-03-22 14:46:54 E4B04A0D8B237ECF026D849439F1BCCE 46592 ----a-w- C:\Windows\System32\drivers\itecir.sys 2016-03-22 14:46:54 E4B04A0D8B237ECF026D849439F1BCCE 46592 ----a-w- C:\Windows\ITECIR\x86\itecir.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1155876799-3676025384-4087702406-1000\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "SystemClose"="D:\Documents\systemfile.exe" "MTview"="C:\Program Files\MTV20160128\MTView.exe -mini" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "LightGate"="C:\ProgramData\LightGate.exe" "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AeLookupSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ALG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AudioEndpointBuilder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Audiosrv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BFE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BITS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Browser] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CertPropSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\clr_optimization_v4.0.30319_32] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\COMSysApp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CryptSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DFSR] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Dhcp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Dnscache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dot3svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DPS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EapHost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehRecvr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehSched] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehstart] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EMDMgmt] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Eventlog] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EventSystem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\fdPHost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FDResPub] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FontCache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FontCache3.0.0.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ggbugreport] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GoogleChromeUpService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hidserv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hkmsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\idsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IKEEXT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IPBusEnum] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iphlpsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\KeyIso] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\KtmRm] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LanmanServer] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LanmanWorkstation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\lltdsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\lmhosts] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MMCSS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MpsSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MSDTC] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MSiSCSI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\msiserver] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\napagent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Netlogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Netman] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\netprofm] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NlaSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nsi] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\p2pimsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\p2psvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PcaSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\pla] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PNRPAutoReg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PNRPsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PolicyAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ProtectedStorage] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\quxizobyzbt] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\QWAVE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasAuto] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasMan] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RemoteRegistry] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RpcLocator] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SamSs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SCardSvr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SCPolicySvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDRSVC] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\seclogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SENS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SessionEnv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ShellHWDetection] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SLUINotify] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SNMPTRAP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Spooler] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SSDPSRV] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SstpSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\stisvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\swprv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SysMain] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TabletInputService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TapiSrv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TBS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TermService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Themes] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\THREADORDER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TrkWks] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TrustedInstaller] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UI0Detect] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Update Sharp Angle] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\upnphost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Util Sharp Angle] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UxSms] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vds] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VSS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\W32Time] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wcncsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WcsPlugInService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WdiServiceHost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WdiSystemHost] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WebClient] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wecsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wercplsupport] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WerSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinDefend] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinHttpAutoProxySvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Winmgmt] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinRM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Winsere] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wlansvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wmiApSrv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPDBusEnum] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPFFontCache_v0400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wscsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WSearch] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wuauserv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wudfsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\zigipyro] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\zutuzuni] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03/09/2015 11:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03/09/2015 11:33] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{28B539BA-8384-475A-B343-0F16556C6E01}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\WinTaske" ["C:\Program Files\WinTaske\WinTaske\WinTaske.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [17/08/2015 17:30] ==== Chromium Look ====================== YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 电脑管家上网防护 - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvBqaSNaBVRRT2tAEqFAepoObTLA1iYtc3tckfl92swz7JSArF9wx1rFMMvqF1YrDauIL9GU0e63GNrjEtymNstkydST" "Search Page"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" "Search Bar"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" "SearchAssistant"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.yeabests.cc/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvBqaSNaBVRRT2tAEqFAepoObTLA1iYtc3tckfl92swz7JSArF9wx1rFMMvqF1YrDauIL9GU0e63GNrjEtymNstkydST" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {ielnksrch} Search the web Url="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBKhl918K0qpwZ-oGyKHypSvgFBLZ-TSe3CZ3DhoGjeJFEaP6BYdfALkWhR7fAewupoOwLEwopI4-XCyqEeBwXWzTP9yvwZupGGnjtsbUqcEBWTvwDiYoyTllvCIXYV5fHDDJgJSkgMrM8_y3tfs3lLtA-Rn8xfbMPQRvpMJLg7HyHvma_Psxd4&q={searchTerms}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1430 folders=660 327470406 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found "C:\Program Files\gmsd_be_005010235" not found "C:\Program Files\gmsd_be_005010235" not found "C:\Program Files\gmsd_be_005010235" not found ==== EOF on vr 25/03/2016 at 19:25:51,14 ======================