Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Patric2 on di 31/05/2016 at 12:42:57,62. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Patric2\Bureaublad\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-05-11-141255.log 66606 bytes C:\zoek-results2016-05-12-134144.log 7729 bytes C:\zoek-results2016-05-13-062026.log 48321 bytes C:\zoek-results2016-05-13-075811.log 946 bytes C:\zoek-results2016-05-13-140428.log 574623 bytes C:\zoek-results2016-05-14-165052.log 13045 bytes C:\zoek-results2016-05-15-132137.log 193816 bytes C:\zoek-results2016-05-16-122356.log 54133 bytes C:\zoek-results2016-05-17-075400.log 15113 bytes C:\zoek-results2016-05-18-071501.log 34180 bytes C:\zoek-results2016-05-18-162147.log 492089 bytes C:\zoek-results2016-05-20-095201.log 9291 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 32 Bit HP CIO Components Installer 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min ABBYY FineReader 5.0 Home Edition Additional interface language (Dutch) Adobe Acrobat 5.0 Adobe Flash Player 21 ActiveX Adobe Photoshop 7.0 Adobe Photoshop Album 2.0 Starter Edition Adobe Reader XI (11.0.07) - Nederlands Adobe Refresh Manager AOpen Multimedia Utilities AVG AVG 2016 AVG Protection AVG Zen Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969) Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566) Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143) Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127) Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653) Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615) Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533) Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759) Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215) Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2799329) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2817183) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2829530) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2838727) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2846071) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2847204) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2862772) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2870699) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2879017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2888505) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2898785) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2909210) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2909921) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2925418) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2936068) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2964358) Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961) Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455) Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207) Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Browser Manager BufferChm CADdy++ Elektrotechniek CCleaner CDex extraction audio CloneCD Creative Modem Blaster DI5733 Destinations DeviceDiscovery DocMgr DocProc Fax FaxTalk Communicator 4.5 FileZilla Client 3.5.2 FMW 1 FTDI FTD2XX USB Drivers Google Chrome Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 Hardlock Device Driver HASP Device Driver Hewlett-Packard ACLM.NET v1.1.0.0 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows Internet Explorer 7 (KB947864) HP Customer Participation Program 13.0 hp deskjet 6122 series HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Officejet 4500 G510n-z HP Product Detection HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPProductAssistant HPSSupply HTML-Kit Internet Explorer Exception pack IomegaWare IrfanView (remove only) Ken Ward's Zipper 1.4000 Labels, Cards & More Leesmij voor Internet Explorer LiveUpdate 3.2 (Symantec Corporation) Macromedia Flash MX 2004 Marvell Miniport Driver Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Data Access Components KB870669 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Professional Editie 2003 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MiraScan V4.03 Modulaire databanken veiligheid en milieu MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero - Burning Rom Network Norton WMI Update NVIDIA Display Driver Nvu 0.30 OCR Software by I.R.I.S. 13.0 Paint.NET v2.72 RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer RealProducer Basic 10 RealUpgrade 1.1 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2) Shop for HP Supplies SmartWebPrinting SoftBusters MorphBuster 2.2 SoftBusters PaintBuster 6.1 SolutionCenter SoundMAX Status Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD TextPad 5 Toolbox TrayApp Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update voor Windows Internet Explorer 8 (KB2598845) Update voor Windows Internet Explorer 8 (KB2632503) Update voor Windows Internet Explorer 8 (KB973874) Update voor Windows Internet Explorer 8 (KB976662) Update voor Windows Internet Explorer 8 (KB976749) Update voor Windows Internet Explorer 8 (KB980182) Visual Studio 2012 x86 Redistributables VPN Client WavePad Uninstall WebFldrs XP WebReg Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Management Framework Core Windows Media Format Runtime Windows Media Player 10 Windows XP Service Pack 3 Wisdom-soft MotionGIF 3.0 ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\msdtc.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\Framework\Common\avgsvcx.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\AVG\Framework\Common\avguix.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\CCleaner\CCleaner.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\System32\alg.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Documents and Settings\Patric2\Bureaublad\zoek.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\system32\svchost.exe -k HPService C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\svchost.exe -k imgsvc ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\AVG\AVG2014\avgnsx.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\AVG\AVG2014\avgdiagex.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\AVG\AVG2014\avgmfapx.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\AVG\AVG2014\avgemcx.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\RFQ9FWC0\360TS_Setup_Mini[1].exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\AVG\AVG2015\avgmfapx.exe"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Search Results Toolbar not found C:\Documents and Settings\Patric2\Local Settings\Application Data\FASTWiz.log deleted ==== Registry Search Results for "viprotocol" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ViProtocol.DLL] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol] @="viprotocol: protocol OLE" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE] @="ViProtocolOLE Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE\CurVer] @="ViProtocol.ViProtocolOLE.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1] @="ViProtocolOLE Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1\CLSID] ==== System Specs ====================== Windows: Windows XP Professional Service Pack 3 (Build 2600) Memory (RAM): 511 MB CPU Info: Intel(R) Pentium(R) 4 CPU 2.80GHz CPU Speed: 2718,5 MHz Sound Card: SoundMAX Digital Audio | Display Adapters: NVIDIA GeForce4 MX 4000 (Microsoft Corporation) | NetMeeting driver | RDPDD Chained DD Monitors: 1x; Plug en Play-monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45 - Pakketplanner-minipoort CD / DVD Drives: 2x (F: | G: | ) F: HL-DT-STCD-RW GCE-8525B | G: HL-DT-STDVD-ROM GDR8162B Ports: COM3 | COM1 | COM2 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 39,1GB | D: 39,1GB | E: 33,7GB Hard Disks - Free: C: 17,9GB | D: 37,2GB | E: 33,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 01/27/04 | A M I - 1000427 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. P4P800SE Country: België Language: NLB ==== System Specs (Software) ====================== AV: AVG Internet Security *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: 360 Internet Security *Disabled/Updated* {D737F2DE-FA43-4036-AF5B-911612E2D674} FW: AVG Internet Security *Enabled* Default Browser: Windows® Internet Explorer 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer version: 8.0.6001.18702 Google Chrome version: 49.0.2623.112 Adobe Reader version: 11.0.07.79 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\Patric2\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== 2016-05-04 15:00:14 7B40FDDABE52F124B37C1D31FC00F290 61696 ----a-w- C:\WINDOWS\System32\drivers\avgunivx.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-05-06 07:43:55 -------- d-----w- C:\Program Files\ESET ======= C: ===== 2016-05-27 07:44:40 38A4FAD721436FABF7920C818021F5BA 943 ----a-w- C:\XP-ipconfig.txt ====== C:\Documents and Settings\Patric2\Application Data ====== 2016-05-30 11:49:04 -------- d-----w- C:\Documents and Settings\LocalService\Application Data\360safe 2016-05-13 14:56:48 -------- d-----w- C:\Documents and Settings\Patric2\Application Data\AVG 2016-05-13 14:46:51 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\AvgSetupLog 2016-05-13 14:44:18 -------- d-----w- C:\Documents and Settings\Patric2\Local Settings\Application Data\AvgSetupLog 2016-05-13 14:44:18 -------- d-----w- C:\Documents and Settings\Patric2\Local Settings\Application Data\Avg 2016-05-10 08:00:19 -------- d-----w- C:\Documents and Settings\Patric2\Application Data\TuneUp Software ====== C:\Documents and Settings\Patric2 ====== 2016-05-27 07:40:17 F781232E0CC83C4DFBA7FC3C07AF78EC 2043 ----a-w- C:\Documents and Settings\Patric2\c ====== C: exe-files == 2016-05-30 13:15:57 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\96XGIY95\RSIT[1].exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe" "ABBYY Community Agent"="C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe" "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray" "AGRSMMSG"="AGRSMMSG.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Iomega Startup Options"="C:\Program Files\Iomega\Common\ImgStart.exe" "Iomega Drive Icons"="C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" "AvgUi"="C:\Program Files\AVG\Framework\Common\avguirnx.exe /lps=fmw" "AVG_UI"="C:\Program Files\AVG\Av\avuirunnerx.exe C:\Program Files\AVG\Av\avgui.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CallControl 4.5] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FTCtrl32" "hkey"="HKLM" "command"="C:\\Program Files\\FaxTalk Communicator\\FTCtrl32.exe /autoload" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2016 08:06] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2015 12:14] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2015 12:14] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [28/11/2013 15:33] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/06/2010 13:40] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 16:24] YouTube - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealDownloader - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Gmail - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Documents and Settings\Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "urls_to_restore_on_startup": [ "http://www.google.com/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nl ==== HijackThis Entries ====================== O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [ABBYY Community Agent] C:\Program Files\ABBYY FineReader 5.0 Home Edition\CAgent.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: viprotocol - (no CLSID) - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IomegaAccess - Iomega Corporation - C:\WINDOWS\system32\IomegaAccess.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: ZipToA - Iomega Corporation - C:\WINDOWS\system32\ZipToA.exe ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=504 folders=234 202033491 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\Patric2\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Patric2\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 31/05/2016 at 13:34:13,20 ======================