Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Patric2 on wo 18/05/2016 at 8:42:26,07. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Patric2\Bureaublad\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-05-11-141255.log 66606 bytes C:\zoek-results2016-05-12-134144.log 7729 bytes C:\zoek-results2016-05-13-062026.log 48321 bytes C:\zoek-results2016-05-13-075811.log 946 bytes C:\zoek-results2016-05-13-140428.log 574623 bytes C:\zoek-results2016-05-14-165052.log 13045 bytes C:\zoek-results2016-05-15-132137.log 193816 bytes C:\zoek-results2016-05-16-122356.log 54133 bytes C:\zoek-results2016-05-17-075400.log 15113 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 32 Bit HP CIO Components Installer 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min ABBYY FineReader 5.0 Home Edition Additional interface language (Dutch) Adobe Acrobat 5.0 Adobe Flash Player 21 ActiveX Adobe Photoshop 7.0 Adobe Photoshop Album 2.0 Starter Edition Adobe Reader XI (11.0.07) - Nederlands Adobe Refresh Manager AOpen Multimedia Utilities AVG AVG 2016 AVG Protection AVG Zen Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969) Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566) Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143) Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127) Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653) Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615) Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533) Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759) Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215) Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2799329) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2817183) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2829530) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2838727) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2846071) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2847204) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2862772) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2870699) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2879017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2888505) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2898785) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2909210) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2909921) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2925418) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2936068) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2964358) Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961) Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455) Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207) Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Browser Manager BufferChm CADdy++ Elektrotechniek CCleaner CDex extraction audio CloneCD Creative Modem Blaster DI5733 Destinations DeviceDiscovery DocMgr DocProc Fax FaxTalk Communicator 4.5 FileZilla Client 3.5.2 FMW 1 FTDI FTD2XX USB Drivers Google Chrome Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 Hardlock Device Driver HASP Device Driver Hewlett-Packard ACLM.NET v1.1.0.0 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows Internet Explorer 7 (KB947864) HP Customer Participation Program 13.0 hp deskjet 6122 series HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Officejet 4500 G510n-z HP Product Detection HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPProductAssistant HPSSupply HTML-Kit Internet Explorer Exception pack IomegaWare IrfanView (remove only) Ken Ward's Zipper 1.4000 Labels, Cards & More Leesmij voor Internet Explorer LiveUpdate 3.2 (Symantec Corporation) Macromedia Flash MX 2004 Marvell Miniport Driver Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Data Access Components KB870669 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Editie 2003 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MiraScan V4.03 Modulaire databanken veiligheid en milieu MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero - Burning Rom Network Norton WMI Update NVIDIA Display Driver Nvu 0.30 OCR Software by I.R.I.S. 13.0 Paint.NET v2.72 RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer RealProducer Basic 10 RealUpgrade 1.1 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2) Shop for HP Supplies SmartWebPrinting SoftBusters MorphBuster 2.2 SoftBusters PaintBuster 6.1 SolutionCenter SoundMAX Status Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD TextPad 5 Toolbox TrayApp Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update voor Windows Internet Explorer 8 (KB2598845) Update voor Windows Internet Explorer 8 (KB2632503) Update voor Windows Internet Explorer 8 (KB973874) Update voor Windows Internet Explorer 8 (KB976662) Update voor Windows Internet Explorer 8 (KB976749) Update voor Windows Internet Explorer 8 (KB980182) Visual Studio 2012 x86 Redistributables VPN Client WavePad Uninstall WebFldrs XP WebReg Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Management Framework Core Windows Media Format Runtime Windows Media Player 10 Windows XP Service Pack 3 Wisdom-soft MotionGIF 3.0 ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\msdtc.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\AVG\Av\avgfws.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\Framework\Common\avgsvcx.exe C:\Program Files\AVG\Av\avgwdsvcx.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\Program Files\AVG\Framework\Common\avguix.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Program Files\AVG\Av\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\alg.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe C:\Documents and Settings\Patric2\Bureaublad\zoek.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\system32\svchost.exe -k HPService C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k netsvcs ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E50E0F5227E31B4C9692FAABE07044F] "D5C17343E668F26498A6AB57CEE0DEEA"=- "D5C17343E668F26498A6AB57CEE0DEEA"=- "D5C17343E668F26498A6AB57CEE0DEEA"=- ==== System Specs ====================== Windows: Windows XP Professional Service Pack 3 (Build 2600) Memory (RAM): 511 MB CPU Info: Intel(R) Pentium(R) 4 CPU 2.80GHz CPU Speed: 2780,8 MHz Sound Card: SoundMAX Digital Audio | Display Adapters: NVIDIA GeForce4 MX 4000 (Microsoft Corporation) | NetMeeting driver | RDPDD Chained DD Monitors: 1x; Plug en Play-monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45 - Pakketplanner-minipoort CD / DVD Drives: 2x (F: | G: | ) F: HL-DT-STCD-RW GCE-8525B | G: HL-DT-STDVD-ROM GDR8162B Ports: COM3 | COM1 | COM2 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 39,1GB | D: 39,1GB | E: 33,7GB Hard Disks - Free: C: 14,5GB | D: 37,2GB | E: 33,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 01/27/04 | A M I - 1000427 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. P4P800SE Country: België Language: NLB ==== System Specs (Software) ====================== AV: AVG Internet Security *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: 360 Internet Security *Disabled/Updated* {D737F2DE-FA43-4036-AF5B-911612E2D674} FW: AVG Internet Security *Enabled* Default Browser: Windows® Internet Explorer 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer version: 8.0.6001.18702 Google Chrome version: 49.0.2623.112 Adobe Reader version: 11.0.07.79 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-04-27 12:56:06 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2016-04-27 12:56:06 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2016-04-27 12:56:06 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2016-04-27 12:56:06 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2016-04-27 12:56:06 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe ====== C:\DOCUME~1\Patric2\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== 2016-05-04 15:00:14 7B40FDDABE52F124B37C1D31FC00F290 61696 ----a-w- C:\WINDOWS\System32\drivers\avgunivx.sys 2016-04-20 12:17:54 D783B6AB23AF56FC8F458A6C54EC36AA 240896 ----a-w- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys ====== C:\WINDOWS\Tasks ====== 2016-04-27 12:23:35 67158EEA45276F8C6C40AA3D96017AAB 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-05-06 07:43:55 -------- d-----w- C:\Program Files\ESET 2016-04-24 16:07:12 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Documents and Settings\Patric2\Application Data ====== 2016-05-13 14:56:48 -------- d-----w- C:\Documents and Settings\Patric2\Application Data\AVG 2016-05-13 14:46:51 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\AvgSetupLog 2016-05-13 14:44:18 -------- d-----w- C:\Documents and Settings\Patric2\Local Settings\Application Data\AvgSetupLog 2016-05-13 14:44:18 -------- d-----w- C:\Documents and Settings\Patric2\Local Settings\Application Data\Avg 2016-05-10 08:00:19 -------- d-----w- C:\Documents and Settings\Patric2\Application Data\TuneUp Software 2016-04-29 14:17:31 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\AvgSetupLog(2) 2016-04-29 14:13:44 -------- d-----w- C:\Documents and Settings\Patric2\Local Settings\Application Data\Avg(2) 2016-04-27 12:55:09 -------- d-----r- C:\Documents and Settings\Patric2\Menu Start\Programma's\Systeembeheer 2016-04-26 07:54:51 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\AVG 2016-04-26 07:44:18 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg ====== C:\Documents and Settings\Patric2 ====== 2016-05-15 12:27:11 56427CD7A2529AEAB14A7FEA8F945554 6882192 ----a-w- C:\Documents and Settings\Patric2\Bureaublad\ccsetup517.exe ====== C: exe-files == 2016-05-15 12:27:11 56427CD7A2529AEAB14A7FEA8F945554 6882192 ----a-w- C:\Documents and Settings\Patric2\Bureaublad\ccsetup517.exe 2016-05-15 11:25:51 B8E221C3BD5C88BF5A6096BF22DFE0CE 1012360 ----a-w- C:\Program Files\AVG\Av\Notification\Launcher.exe 2016-05-15 11:16:40 F3A62199EB209A9472C35DB86C220287 273680 ----a-w- C:\Program Files\AVG\Av\avgndisx.exe 2016-05-13 14:57:03 483C10E4803990419AE8AABE2ABB8413 78608 ----a-w- C:\WINDOWS\Profiles\All Users\Application Data\Avg\Setup\av\avguirux.exe 2016-05-13 14:56:59 109FB80EEFB61CB32703A2CBCC94C1CE 6059744 ----a-w- C:\WINDOWS\Profiles\All Users\Application Data\Avg\Setup\av\avgmfapx.exe 2016-05-13 14:45:48 076FE44992359FEA654AD3CB04A29E6E 1787664 ----a-w- C:\Program Files\AVG\Setup\avgsetupwrkx.exe 2016-05-13 14:45:38 539A84DED87DC5E6FD047192004334ED 704272 ----a-w- C:\Program Files\AVG\Setup\avgntdumpx.exe 2016-05-13 14:45:37 1EDFFD3A693CC4CCE0A50D54CB23F686 3288848 ----a-w- C:\Program Files\AVG\Setup\avgsetupx.exe 2016-05-11 07:48:36 E8B364111F317A60DF073826E628FF6F 92824 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe 2016-05-11 07:48:36 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Program Files\Google\Update\1.3.30.3\GoogleUpdateSetup.exe 2016-05-11 07:48:36 54D932590CEAB260ADC4FF79797B21D9 92824 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe 2016-05-11 07:48:36 108CB30A5B4C5247E414A3086458FCFC 92824 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleUpdateBroker.exe 2016-05-11 07:48:35 A425CDCEB9D26E9A5ABAFA259799D447 312472 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler64.exe 2016-05-11 07:48:35 56FE3C885B0901601549E23E7A435984 250008 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe 2016-05-11 07:48:35 50FCC5C822A6B4FC6F377EE9F9F37C7B 152216 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleUpdate.exe 2016-05-11 07:48:35 13FF5C375BD0C702EA1252E79592692F 135832 ----atw- C:\Program Files\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe 2016-05-11 07:48:31 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe" "ABBYY Community Agent"="C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe" "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray" "AGRSMMSG"="AGRSMMSG.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Iomega Startup Options"="C:\Program Files\Iomega\Common\ImgStart.exe" "Iomega Drive Icons"="C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" "AvgUi"="C:\Program Files\AVG\Framework\Common\avguirnx.exe /lps=fmw" "AVG_UI"="C:\Program Files\AVG\Av\avuirunnerx.exe C:\Program Files\AVG\Av\avgui.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CallControl 4.5] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FTCtrl32" "hkey"="HKLM" "command"="C:\\Program Files\\FaxTalk Communicator\\FTCtrl32.exe /autoload" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2016 08:06] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2015 12:14] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2015 12:14] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [28/11/2013 15:33] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/06/2010 13:40] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 16:24] YouTube - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealDownloader - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Gmail - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Documents and Settings\Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "urls_to_restore_on_startup": [ "http://www.google.com/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nl ==== HijackThis Entries ====================== O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [ABBYY Community Agent] C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: viprotocol - (no CLSID) - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IomegaAccess - Iomega Corporation - C:\WINDOWS\system32\IomegaAccess.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: ZipToA - Iomega Corporation - C:\WINDOWS\system32\ZipToA.exe ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=501 folders=232 202026791 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\Patric2\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Patric2\LOCALS~1\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on wo 18/05/2016 at 9:15:01,28 ======================