Zoek.exe v5.0.0.0 Updated 14-September-2014 Tool run by Stefan Kruithof on di 16-09-2014 at 10:21:18,24. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: V:\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 16-9-2014 10:22:18 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\AGEIA Technologies deleted successfully C:\Program Files\Samsung deleted successfully C:\Program Files\Sierra On-Line deleted successfully C:\Program Files\Common Files\Symantec Shared deleted successfully C:\Program Files\Common Files\XCPCSync.OEM deleted successfully C:\PROGRA~2\DAEMON Tools Net deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\WLInstaller deleted successfully C:\Users\Stefan Kruithof\AppData\Roaming\Broad Intelligence deleted successfully C:\Users\Stefan Kruithof\AppData\Roaming\DAEMON Tools Net deleted successfully C:\Users\Stefan Kruithof\AppData\Roaming\SampleView deleted successfully C:\Users\Stefan Kruithof\AppData\Roaming\WinRAR deleted successfully C:\Users\Stefan Kruithof\AppData\Local\GameSpy deleted successfully C:\Users\Stefan Kruithof\AppData\Local\PackageAware deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Windows\system32\drivers\ac1b6n2o.sys" not found C:\Users\Stefan Kruithof\AppData\LocalLow\Vuze_Remote deleted C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 deleted "C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\searchplugins\ask-search.xml" deleted "C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\searchplugins\askcom.xml" deleted "C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\searchplugins\conduit.xml" deleted "C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\searchplugins\daemon-search.xml" deleted "C:\Program Files\RocketTab\Client.exe" deleted "C:\Program Files\RocketTab" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\STEFAN~1\AppData\Local\Temp ==== 2014-09-16 08:12:12 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite63549.dll 2014-09-15 19:12:03 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite77706.dll 2014-09-15 19:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite23067.dll 2014-09-15 17:54:01 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite28681.dll 2014-09-15 17:15:14 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite61119.dll 2014-09-15 16:37:18 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite94894.dll 2014-09-15 09:18:19 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite24910.dll 2014-09-15 07:21:19 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite81827.dll 2014-09-14 19:07:28 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite82860.dll 2014-09-14 13:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite71944.dll 2014-09-14 09:31:03 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite48658.dll 2014-09-14 08:55:21 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite64155.dll 2014-09-13 19:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite43608.dll 2014-09-13 13:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite79108.dll 2014-09-13 12:16:37 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite44369.dll 2014-09-13 08:57:39 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite58966.dll 2014-09-13 07:30:12 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite16979.dll 2014-09-12 19:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite47539.dll 2014-09-12 17:24:14 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite80889.dll 2014-09-12 07:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite99134.dll 2014-09-12 06:44:21 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite87735.dll 2014-09-11 19:07:29 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite52792.dll 2014-09-11 18:56:15 C0FE25F036DBAD335A0227D4E7FA7511 28099 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\i4jdel0.exe 2014-09-11 17:32:53 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite40581.dll 2014-09-11 17:26:15 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite.dll 2014-09-11 07:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite66634.dll 2014-09-11 07:01:10 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite65849.dll 2014-09-10 19:07:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite54593.dll 2014-09-10 16:46:29 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\System.Data.SQLite89641.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-09-10 20:43:25 CF31528122289EA728C33F692E44ECCB 1383424 ----a-w- C:\Windows\System32\mshtml.tlb 2014-09-10 20:43:25 16C68BAFED304EC79F330388FD23173E 27648 ----a-w- C:\Windows\System32\jsproxy.dll 2014-09-10 20:43:24 DD5C785A52EAA334893E459ACDB1BD29 19456 ----a-w- C:\Windows\System32\corpol.dll 2014-09-10 20:43:24 D0154F1D601D20996BC2E766A9E5CF62 498688 ----a-w- C:\Windows\System32\msfeeds.dll 2014-09-10 20:43:24 63CF88ACF85E9419ABE5090B5BF285FD 271872 ----a-w- C:\Windows\System32\iertutil.dll 2014-09-10 20:43:24 39C70B4A0BBBFE50E99DA4D9C5C46448 671744 ----a-w- C:\Windows\System32\mstime.dll 2014-09-10 20:43:24 39542792BEAFEE20BEB99DEB5FC9EC7B 193024 ----a-w- C:\Windows\System32\iepeers.dll 2014-09-10 20:43:24 0EEF27C9FE100DE12D235381345D59A5 480768 ----a-w- C:\Windows\System32\mshtmled.dll 2014-09-10 20:43:23 9A15CFF79E93E95AB2365F813F356173 180736 ----a-w- C:\Windows\System32\ieui.dll 2014-09-10 20:43:23 7917757D2CF350284CB5E89C7D248CE1 347136 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-09-10 20:43:23 778CC721831FCB4C2A83E65B8FDC3D43 380928 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-09-10 20:43:23 6BC86FF3E49C57ED9631FBF2B82431F6 834048 ----a-w- C:\Windows\System32\wininet.dll 2014-09-10 20:43:23 6A3751463F982D7E9F38963EB1544F0F 106496 ----a-w- C:\Windows\System32\url.dll 2014-09-10 20:43:23 48958F39530B78D40DE63BF4E27CB3B8 1177600 ----a-w- C:\Windows\System32\urlmon.dll 2014-09-10 20:43:23 1F0390249283BC03285C390238542959 214528 ----a-w- C:\Windows\System32\dxtrans.dll 2014-09-10 20:43:22 A504EEC5EE46FFAE375F3097FFFE7404 389632 ----a-w- C:\Windows\System32\html.iec 2014-09-10 20:43:22 03BC49C194F43F84F15EE12D1D8B1CD0 6119936 ----a-w- C:\Windows\System32\ieframe.dll 2014-09-10 20:43:21 6625FC68EF30A689AF3EB47ADCBDFD3A 3636736 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2014-09-03 19:07:26 E4C9329FB0F74C32BDBF335936EC8F6C 4158 ----a-w- C:\Windows\system32\Tasks\RocketTab Update Task 2014-09-03 19:07:25 436FB1B2824DFDC55A5E3026EF1BB946 3372 ----a-w- C:\Windows\system32\Tasks\RocketTab ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-15 19:34:31 -------- d-----w- C:\Program Files\trend micro 2014-09-02 12:44:41 -------- d-----w- C:\Program Files\iPod ======= C: ===== ====== C:\Users\Stefan Kruithof\AppData\Roaming ====== 2014-09-13 11:05:32 -------- d-----w- C:\Users\Stefan Kruithof\AppData\Local\Adobe 2014-09-11 10:18:06 -------- d-----w- C:\Users\Stefan Kruithof\AppData\Roaming\LavasoftStatistics ====== C:\Users\Stefan Kruithof ====== 2014-09-02 12:45:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes ====== C: exe-files == 2014-09-15 19:34:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Stefan Kruithof.exe 2014-09-12 17:36:06 198DC8EE284854EBDCB0977FCEA50B18 2391632 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.120\37.0.2062.120_37.0.2062.103_chrome_updater.exe 2014-09-11 18:56:15 C0FE25F036DBAD335A0227D4E7FA7511 28099 ----a-w- C:\Users\Stefan Kruithof\AppData\Local\Temp\i4jdel0.exe 2014-09-10 20:43:25 2103521F022FC0A0BCD0AA8FB9E5BDE3 281600 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-09-10 20:43:22 98D1511E6F8DEA36256D1211094C12F4 304128 ----a-w- C:\Program Files\Internet Explorer\ieuser.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2486925755-1224064199-1594891254-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Stefan Kruithof\AppData\Local\Google\Update\GoogleUpdate.exe /c" "F.lux"="C:\Users\Stefan Kruithof\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VolPanel"="C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe /r" "UpdReg"="C:\Windows\UpdReg.EXE" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Stefan Kruithof\AppData\Local\Google\Update\GoogleUpdate.exe /c" "F.lux"="C:\Users\Stefan Kruithof\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk] "item"="Audible Download Manager" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Audible Download Manager.lnk" "backup"="C:\\Windows\\pss\\Audible Download Manager.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Program Files\\Audible\\Bin\\AudibleDownloadHelper.exe" ==== Startup Folders ====================== 2011-08-05 11:11:40 1838 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-12-2010 16:23] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-12-2010 16:23] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2486925755-1224064199-1594891254-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2486925755-1224064199-1594891254-1000UA.job --a------ C:\Users\Stefan Kruithof\AppData\Local\Google\Update\GoogleUpdate.exe [10-06-2009 18:38] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Ad-Aware Update (Weekly)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2486925755-1224064199-1594891254-1000Core" [C:\Users\Stefan Kruithof\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2486925755-1224064199-1594891254-1000UA" [C:\Users\Stefan Kruithof\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RocketTab" [cmd.exe] "C:\Windows\system32\tasks\RocketTab Update Task" [C:\Program Files\RocketTab\uninstall.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [24-06-2009 13:17] ==== Firefox Extensions ====================== ProfilePath: C:\Users\STEFAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default - British English Dictionary - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\extensions\en-GB@dictionaries.addons.mozilla.org - ChatZilla - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} - DownloadHelper - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Undetermined - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\extensions\crossriderapp3491@crossrider.com - ReminderFox - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} - Vuze Remote - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} - Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org - British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org - Rapportive - %ProfilePath%\extensions\rapportive@rapportive.com - Screengrab - %ProfilePath%\extensions\{02450954-cdd9-410f-b1da-db804e18c671} - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - Google Toolbar for Firefox - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} - ChatZilla - %ProfilePath%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} - ReminderFox - %ProfilePath%\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Vuze Remote - %ProfilePath%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} - TinEye Reverse Image Search - %ProfilePath%\extensions\tineye@ideeinc.com.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - 4chan - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi AppDir: C:\Program Files\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\Firefox\Profiles\x6mfw68k.default 14D06C3796CE3F6BA8F43CDF3AD65D76 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U67 0A6E5E3BEF374AA2F47071E7374EAD7B - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.670.1 FB5621842FDABF9F8359775573498FBC - C:\Users\Stefan Kruithof\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 5CB01CF141E021DAAE96991A5BA57944 - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer DD31F0C436E4F5E6FA9783FF8A80ADC1 - C:\Users\Stefan Kruithof\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 6E594B2243C3F218A51234F18E7F36C1 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player 79039398587F475ADA606D1A3B740A63 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.1.0.30401.0.dll - Silverlight Plug-In 5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5 87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5 5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5 B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5 DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5 B5371D2C9017EEE216B5361D600B3543 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery AE9C7C99459764D840E276DAFB65678E - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin E93467C5327C2760FCAB2B4670847496 - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll - DivX Player Netscape Plugin AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system 5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5 87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5 5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5 B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5 DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5 49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Stefan Kruithof\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[17-04-2012 18:20] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17-01-2012 11:45] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Stefan Kruithof\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[17-04-2012 18:20] YouTube - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Search by Image by Google - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm AdBlock Premium - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj Reddit Enhancement Suite - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb Google Wallet - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Stefan Kruithof\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:49315;https=127.0.0.1:49315;" "ProxyOverride.Bonjour.bak"="*.local" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyOverride.Bonjour.bak"="*.local" "ProxyEnable"=dword:00000000 ==== C:\zoek_backup content ====================== C:\zoek_backup (files=170 folders=50 35407382 bytes) ==== EOF on di 16-09-2014 at 10:28:11,05 ======================