Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Michelle on za 30-05-2015 at 9:33:13,66. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\Michelle\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== ==== Empty Folders Check ====================== C:\Program Files\Lavasoft deleted successfully C:\Program Files\RegClean Pro deleted successfully C:\Users\Michelle\AppData\Roaming\PeerNetworking deleted successfully C:\Users\Michelle\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Michelle\AppData\Local\F-Secure deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{76577871-04EC-495E-A12B-91F7C3600AFA} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_CLASSES_ROOT\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_CLASSES_ROOT\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} deleted successfully HKEY_CLASSES_ROOT\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 ABBYY FineReader 9.0 Sprint Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 17 ActiveX Adobe Flash Player 17 NPAPI Adobe Reader XI (11.0.08) Apple Application Support Apple Mobile Device Support Apple Software Update Ask Toolbar Ask.com Search Assistant 1.0.1 Atheros Driver Installation Program Atheros Wi-Fi Protected Setup Library Bing Bar Bonjour Camera Assistant Software for Toshiba CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibiliteitspakket voor het 2007 Microsoft Office system Computer Security 14.115.100.0 (release) Conduit Engine Corel PaintShop Photo Pro X3 D3DX10 Definition Update for Microsoft Office 2010 (KB3015642) 32-Bit Edition Dropbox DVD MovieFactory for TOSHIBA DVDVideoSoft Toolbar DVDVideoSoftTB Toolbar Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON Scan EPSON SX420W Series Handboek EpsonNet Print EpsonNet Setup 3.2 F-Secure CCF Reputation F-Secure CCF Scanning 1.51.111.300 (release) F-Secure Network CCF 1.02.141 F-Secure SafeSearch 1.03.159.0 (release) Free Audio CD Burner version 1.4 Free Studio version 5.2.1 Free YouTube to MP3 Converter version 3.8 Geluiddemper v. cd/dvd-station GIMP 2.8.0 Google Chrome Google Desktop Google Toolbar for Internet Explorer Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Huishoudboekje Hyves Desktop ICA iCloud Intel(R) Graphics Media Accelerator Driver Intel© Matrix Storage Manager IPM_PSP_CL IPM_PSP_COM iTunes Java 8 Update 45 Java Auto Updater Junk Mail filter update Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2010 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Microsoft Works Microsoft XML Parser MobileMe Control Panel MSVCRT NetWaiting Netwerkhandleiding EPSON SX420W Series OGA Notifier 2.0.0048.0 Online Safety 2.115.2783.1598 Picasa 3 Printer EPSON SX420W Series verwijderen PSPPContent PSPPRO_DCRAW QLICT Afstandsbediening v2.9 QuickTime Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader RegClean-Pro RegClean Pro Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft Excel 2010 (KB2965240) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965242) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2999412) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2999420) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965237) 32-Bit Edition Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Segoe UI Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Setup Skype Click to Call SkypeT 7.3 Spelling Dictionaries Support For Adobe Reader 8 Squash Toernooi Planner Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD ToggleDU Toolbar TOSHIBA-handleidingen TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup Toshiba Online Product Information TOSHIBA Recovery Disc Creator TOSHIBA Supervisor Password Toshiba TEMPRO TOSHIBA Value Added Package TRDCReminder TRORDCLauncher Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition Update for Microsoft Office 2010 (KB2965291) 32-Bit Edition Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition Update for Microsoft Office 2010 (KB2999439) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2986252) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3015585) 32-Bit Edition Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Player Firefox Plugin Ziggo Internetbeveiliging Zylom Games Player Plugin ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Michelle\Desktop\zoek.exe C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] ==== Deleting Files \ Folders ====================== C:\Program Files\Lavasoft not found C:\Program Files\RegClean Pro not found C:\Program Files\ConduitEngine not found C:\Program Files\ToggleDU deleted C:\found.002 deleted C:\found.001 deleted C:\Program Files\DVDVideoSoft deleted C:\Users\Michelle\appdata\locallow\DVDVideoSoft deleted C:\Program Files\RCP deleted C:\Users\Michelle\appdata\locallow\ToggleDU deleted C:\Users\Michelle\AppData\LocalLow\Conduit deleted C:\Users\Michelle\AppData\LocalLow\DVDVideoSoftTB deleted C:\Program Files\Common Files\DVDVideoSoft\TB deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\Common Files\Plasmoo deleted C:\found.000 deleted C:\found.003 deleted C:\found.004 deleted C:\Users\Michelle\AppData\Roaming\Systweak deleted C:\Users\Michelle\AppData\Local\CRE deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3 deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro deleted C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant deleted C:\Users\Michelle\Downloads\rcpsetup_r.exe deleted C:\Users\Michelle\AppData\LocalLow\PriceGong deleted C:\Users\Michelle\AppData\LocalLow\ConduitEngine deleted C:\Windows\system32\Tasks\Express FilesUpdate deleted C:\Windows\system32\roboot.exe deleted C:\Users\Public\Desktop\RegClean Pro.lnk deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 2940 MB CPU Info: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz CPU Speed: 2175,3 MHz Sound Card: Not detected Display Adapters: | RDP Encoder Mirror Driver Monitors: 1x; Screen Resolution: 1024 X 768 - 32 bit Network: Network Present Network Adapters: Atheros AR5007EG Wireless Network Adapter | Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (F: | ) F: HL-DT-STDVDRAM GSA-T50N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 116,3GB | E: 115,1GB Hard Disks - Free: C: 31,5GB | E: 95,0GB Manufacturer *: INSYDE BIOS Info: AT/AT COMPATIBLE | 12/09/08 | TOSINV - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA Portable PC Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Internetbeveiliging On-access scanning disabled (Outdated) Anti-Spyware: Internetbeveiliging disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 43.0.2357.65 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 43.0.2357.65 Adobe Reader version: 11.0.8.4 Sun Java version: 1.8.0_45 (32-bit) Flash Player version: 17.0.0.169 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-05-27 05:17:47 E6D96A03EC87C593B8C652D72EE488A7 243988739 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Michelle\AppData\Local\Temp ==== 2015-05-28 16:21:13 0CFC0308F76EC217C457F54DDFCB3077 43008 ----a-w- C:\Users\Michelle\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp60og9m.dll ====== Java Cache ===== 2015-05-20 09:24:32 7B5E8E34124E93E58C9A7505B787A5C5 7027 ----a-w- C:\Users\Michelle\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\a41df12-3ceae4dd ====== C:\Windows\system32 ===== 2015-05-17 07:58:40 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Windows\System32\javaw.exe 2015-05-17 07:58:40 204FBC5577EEF260B5FEA3326148CF4A 96352 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2015-05-17 07:58:40 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Windows\System32\java.exe 2015-05-17 01:40:47 1F0D502BC5D6182D7A636159C264087A 279040 ----a-w- C:\Windows\System32\schannel.dll 2015-05-17 01:33:58 CBA95FBDE27662FAAA858AE58E0FADE0 682496 ----a-w- C:\Windows\System32\d2d1.dll 2015-05-17 01:33:58 AEE7C58920645BB220494D57624B42D3 2065408 ----a-w- C:\Windows\System32\win32k.sys 2015-05-17 01:33:58 98015C454056155F0D46F0DE1C72DF6E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll 2015-05-17 01:33:58 94EBB43229FEA98C333AB95B2AB4E3AD 1029120 ----a-w- C:\Windows\System32\d3d10.dll 2015-05-17 01:33:58 8B6797FD857825E2B92B5FC3E0EDDDBB 486400 ----a-w- C:\Windows\System32\d3d10level9.dll 2015-05-17 01:33:58 7FA9C752EAE7008D5E9D7BE77D123337 160768 ----a-w- C:\Windows\System32\d3d10_1.dll 2015-05-17 01:33:58 4DF962B25836D4FDF3FB95F153049C89 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll 2015-05-17 01:33:58 1CD62FB3EF08C8604C6F6C95F122C2AF 189952 ----a-w- C:\Windows\System32\d3d10core.dll 2015-05-17 01:33:57 D99970433339F19E402FD585475FF64E 1072640 ----a-w- C:\Windows\System32\DWrite.dll 2015-05-17 01:33:57 7417E869AE5AAC3026329E7749698110 801792 ----a-w- C:\Windows\System32\FntCache.dll 2015-05-17 01:31:13 6769322D44A6CCE277649C3EC6940442 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2015-05-17 01:06:58 4F0A7910FC7D8A66433FA9961EEF8BB5 279552 ----a-w- C:\Windows\System32\services.exe 2015-05-16 18:00:17 F2511880009AB153D4BECCB4E0EAAC41 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2015-05-16 18:00:17 BCB865F60972F2AFF8F68EF9F8B51D26 421888 ----a-w- C:\Windows\System32\vbscript.dll 2015-05-16 18:00:17 4348AE88F9D2B6EBC947388B7AB1095C 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2015-05-16 18:00:16 9EA5CE640128C7505517A0CE65799A1F 1139200 ----a-w- C:\Windows\System32\urlmon.dll 2015-05-16 18:00:16 4CDA5C5B0F2E0C79BDDBE4C970C6B30A 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-05-16 18:00:16 46C73A08B7138DFB441AF232986B00CA 11776 ----a-w- C:\Windows\System32\mshta.exe 2015-05-16 18:00:16 3A9A64D4B0FF82BF5DCFEF505E2C3141 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2015-05-16 18:00:16 2DE5293B30594E6B00F830C79F064C1C 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2015-05-16 18:00:15 A85E987F28A070FCD8CC7B19CC785C29 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2015-05-16 18:00:15 0E4DCF6B4CBCEA9DB49C30C0068AFBDE 1804288 ----a-w- C:\Windows\System32\iertutil.dll 2015-05-16 18:00:14 DF45675D9EDC2B4BF7F5772C45B677A7 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-05-16 18:00:13 E38E89A0939A42F5EE4292DFC48772DF 1129472 ----a-w- C:\Windows\System32\wininet.dll 2015-05-16 18:00:12 F5473F22FF31E87AB65CE80CB5D3889F 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2015-05-16 18:00:12 B7BDAC132A964E09DEE852A8CBA257FA 176640 ----a-w- C:\Windows\System32\ieui.dll 2015-05-16 18:00:12 96B2A5B595288AA3D0C31B5F52E486BC 718336 ----a-w- C:\Windows\System32\jscript.dll 2015-05-16 18:00:12 43E24792F17B228E6DC287937B5DFAEE 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-05-16 18:00:11 B157A39B96E499FA8550B71AECCA5F43 231936 ----a-w- C:\Windows\System32\url.dll 2015-05-16 18:00:08 3BA966C1E38B25E3A870328024CE0E43 1810944 ----a-w- C:\Windows\System32\jscript9.dll 2015-05-16 18:00:08 13762AC3D34A1D3FD514E90036A1FBFD 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2015-05-16 18:00:07 F9B916F2A1CCD005EB4C24CAB469E0A6 367616 ----a-w- C:\Windows\System32\html.iec 2015-05-16 18:00:07 EAC46E5C1E22DB880D922507BB534867 9750528 ----a-w- C:\Windows\System32\ieframe.dll 2015-05-16 18:00:00 32AEC023256F682A02549764F81F811B 12379136 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-28 19:30:54 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Michelle\AppData\Roaming ====== 2015-05-26 18:46:56 D3CEA539819626CB721DFBA77C297606 680 ----a-w- C:\Users\Michelle\AppData\Local\d3d9caps.dat ====== C:\Users\Michelle ====== 2015-05-28 19:29:49 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Michelle\Downloads\RSIT.exe ====== C: exe-files == 2015-05-30 06:49:18 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Temp\GURFFB2.exe 2015-05-28 19:30:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michelle.exe 2015-05-28 19:29:49 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Michelle\Downloads\RSIT.exe 2015-05-27 14:51:31 277A41EB7D2DAA7105DF85BFC2F1C9AD 60456 ----a-w- C:\ProgramData\f-secure\GUTS2\orsp-win-v2\1432729310\fsorsp.exe 2015-05-27 14:51:30 AAD44E235E567401AB51571D06891C69 199720 ----a-w- C:\ProgramData\f-secure\GUTS2\orsp-win-v2\1432729310\orspupd.exe 2015-05-27 14:51:30 652F932B64BE6B9320E501DDBFAACA95 80936 ----a-w- C:\ProgramData\f-secure\GUTS2\orsp-win-v2\1432729310\orspdiag.exe 2015-05-27 14:51:29 FE0B93CE6EFAD628152BA700C44266A2 207912 ----a-w- C:\ProgramData\f-secure\GUTS2\hydrawin\1432650247\install.exe 2015-05-27 14:01:52 BD0A5F310120FFDF38BB2892CD69D61B 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1992519123-4132911643-3822553869-1000\$IKD28JN.exe 2015-05-27 13:59:46 DD912207F0C8B7FAC146D1001C4BDA91 4531644 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1992519123-4132911643-3822553869-1000\$RKD28JN.exe === C: other files == 2015-05-26 08:59:41 DDA886136E50D00BFFD202AAE37A55E5 55336 ----a-w- C:\ProgramData\f-secure\GUTS2\mlcwin\1432625178\fsbts_x64.sys 2015-05-26 08:59:41 C46C9E277A193CFDD2BAF0874A2F7450 43560 ----a-w- C:\ProgramData\f-secure\GUTS2\mlcwin\1432625178\fsbts.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "TOSCDSPD"="TOSCDSPD.EXE" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Google Update"="C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "EPSON2265D9 (Epson Stylus SX420W)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_S4FE8.tmp /EF HKCU" "Epson Stylus SX420W(Netwerk)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_SB649.tmp /EF HKCU" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" [HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #6"="C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icscards.nl/nlic/portal/anwb/?ns_campaign=notification.anwb&ns_mchannel=e-mail.notification&ns_source=internal.20150505&ns_linkname=tekstlink&ns_fee=0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "NDSTray.exe"="NDSTray.exe" "cfFncEnabler.exe"="cfFncEnabler.exe" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "Google EULA Launcher"="c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA" "Toshiba TEMPO"="C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="RtHDVCpl.exe" "Skytel"="Skytel.exe" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe /start" "jswtrayutil"="C:\Program Files\Jumpstart\jswtrayutil.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "Corel File Shell Monitor"="c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe" "EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Huishoudboekje"="C:\Program Files\DATA BECKER\Huishoudboekje\quick.exe" "F-Secure Hoster (45123)"="C:\Program Files\Internetbeveiliging\fshoster32.exe -app -hosterid:1" "F-Secure Manager"="C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe " "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe " "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "TOSCDSPD"="TOSCDSPD.EXE" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Google Update"="C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "EPSON2265D9 (Epson Stylus SX420W)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_S4FE8.tmp /EF HKCU" "Epson Stylus SX420W(Netwerk)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU C:\Windows\TEMP\E_SB649.tmp /EF HKCU" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #6"="C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icscards.nl/nlic/portal/anwb/?ns_campaign=notification.anwb&ns_mchannel=e-mail.notification&ns_source=internal.20150505&ns_linkname=tekstlink&ns_fee=0" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~2\\GOEC62~1.DLL" ==== Startup Folders ====================== 2008-08-19 11:40:54 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2008-08-19 11:40:54 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2015-04-24 15:03:35 1051 ----a-w- C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16-04-2015 18:37] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-10-2014 04:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000Core.job --a------ C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [26-10-2014 00:20] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000UA.job --a------ C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [26-10-2014 00:20] C:\Windows\tasks\Scheduled scanning task.job --a------ C:\PROGRA1\INTERN3\apps\COMPUT1\ANTI-V1\fsav.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000Core" [C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1992519123-4132911643-3822553869-1000UA" [C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Scheduled scanning task" [C:\PROGRA~1\INTERN~3\apps\COMPUT~1\ANTI-V~1\fsav.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{C2AB3416-5164-4923-82ED-5A68766413B5}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{FB0A90B0-EF1F-4681-B4DC-5FB09CA3A10E}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{448bb7fc-4480-4bbb-86d5-dacf656c0480}"="C:\Program Files\Internetbeveiliging\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https" [17-04-2015 22:48] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaahlfahldnilidgnlikdckbfehhca - No path found[] ahilkiibpgjnonbhdfkkgjddddmapala - C:\Users\Michelle\AppData\Local\CRE\ahilkiibpgjnonbhdfkkgjddddmapala.crx[] jmjjnhpacphpjmnnlnccpfmhkcloaade - C:/Program Files/Internetbeveiliging/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx[17-04-2015 22:46] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10-10-2011 12:09] plmlpkfpkijnlijgalnjaacllnjmoamo - C:\Users\Michelle\AppData\Local\Temp\tbch.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ahilkiibpgjnonbhdfkkgjddddmapala - C:\Users\Michelle\AppData\Local\CRE\ahilkiibpgjnonbhdfkkgjddddmapala.crx[] gkmikccifolokanfakbeadbmgchomeli - C:\Program Files\Internetbeveiliging\apps\SafeSearch\Chrome\main.crx[19-06-2014 10:28] FLV Runner - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala Google Docs - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Booking.com for Chromeâ„¢ - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip Search by F-Secure - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkmikccifolokanfakbeadbmgchomeli Bookmark Manager - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Browsing Protection by F-Secure - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade Skype Click to Call - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Preferences "manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Users\\Michelle\\AppData\\Local\\Google\\Chrome\\Application\\36.0.1985.143\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072109997120199","lastpingday":"13077270004796549","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"9D0872EA85CBE06615FA2B71D7E15F68A016E0C043DF97DE6FA82BFD4749AC9B"},"default_search_provider":{"keyword":"0A543C0246DEEF6D6AD6D98CCE6F8D185BA171F467FA4F891154B782C9E4F06D","name":"F5A12BACD4BD1A8188504E507A0B5D21D2810FA4CB79606898B7E4FA874892A8","search_url":"450AA78D96C06ACA83E887B64626914FD67FC0752957C6AF6DAAE48B497D7FC4"},"default_search_provider_data":{"template_url_data":"534CFD007BAB943A4670903E2FEA303E97038D0E9274A14234ECA7A535F07887"},"extensions":{"settings":{"aaaaahaeginbdcckocjkhbciadcafnep":"7647247A5EBE91E10F6595506376A95C577BC15A0F0836C5B07C7D65213247EF","aaaaahlfahldnilidgnlikdckbfehhca":"94EF062E257651CA61D8B3A4EDEF111A0FED9DDC8B73C8E6EBD59F8FAC8DE48A","aaaaaiabcopkplhgaedhbloeejhhankf":"53399F7E85BEE776E4A9F4D50150BC97D7829FB8866C1DB894D1C2FF53854487","ahfgeienlihckogmohjhadlkjgocpleb":"FE0F561B55C174F8DBCBDD953CE03590BCE87274E80F99644A2748C6176B2ECD","ahilkiibpgjnonbhdfkkgjddddmapala":"B44D5BDBBFB8FDC9E582C095B9F193604929983D01B6F889623250DB0C58227F","aohghmighlieiainnegkcijnfilokake":"7600CB9B1E8802BCCB201E2CDBFD5C7AFEF65390B9CDF436A3BC58E4A7A5BF41","apdfllckaahabafndbhieahigkjlhalf":"BFF4E8903C1BCA6B47898EB2C1C994C70EA4D6BC94E3497E7B5F6C0EA63D295D","bepbmhgboaologfdajaanbcjmnhjmhfn":"B889182AF5095289E5A5BF005AABCF5C51C8DA4D32B776BC12B0743E7E8BCE5B","blpcfgokakmgnkcojhhkbfbldkacnbeo":"B46D6CC44132736CBF5794133C2DC3BC511170A093EBC9AB243B39DBD9E2297C","coobgpohoikkiipiblmjeljniedjpjpf":"CD16FD6E34CA0205B1151ADD61F27DFB66A26F363E12187309E119E7771DB674","eemcgdkfndhakfknompkggombfjjjeno":"4C091F55B21557B879765FC18300F1D16F6F3902902F3D85B73085F6CDD1D81A","ennkphjdgehloodpbhlhldgbnhmacadg":"914F3A7A793568597119E666A024345EB0C50B7C53C78E7F9D550A2D223AB6D2","fgkeilefmpmbamgcejhjpiecahcbipip":"12CC85D91F44015E2C8E1FBF9BDA5B9C7419B01C21B2D19D8DE7ACB678C1ACC1","gfdkimpbcpahaombhbimeihdjnejgicl":"3A69C2D36773D6CC595227D37C3C8C5CC4E69CA7893C357AFF7A1631D9930FA1","gkmikccifolokanfakbeadbmgchomeli":"9901501BAD1140E55CE93D369ABE2BF7893BC0D909812DAA2FECD990F356D5CF","gmlllbghnfkpflemihljekbapjopfjik":"F730299D12CE553B9E48CD4E898DDC4BF939D975B92EB4E179082FE58F9F1030","jmjjnhpacphpjmnnlnccpfmhkcloaade":"74A1A9087C9E2A114DBA14AB62922A5BB05CF71C9EB9768A25C76075ACEECDF4","kmendfapggjehodndflmmgagdbamhnfd":"654A0489EEB5EADCA5DEBABF99092B0E978FB0EC17F869AB6830465734B0AA12","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"8FDEBE9B040A170EC0CDE683A66B18D2FC5FE2628F821F50D1B8618D9A4AF400","mfehgcgbbipciphmccgaenjidiccnmng":"E4D114F194739DC4EC8F1B780623852E1624F2B9B17FB62E296FFA4FB369C429","mfffpogegjflfpflabcdkioaeobkgjik":"43FACB9D9580939146F5991F46DB6EF9EAC684557AB76B2D00EC837CC4DF924F","mgndgikekgjfcpckkfioiadnlibdjbkf":"78A60AF647F9B217498486C86B66345CA6F895DDDC2BAED20B0795E47B15E365","mhjfbmdgcfjbbpaeojofohoefgiehjai":"997FA0B1BEF2004E96CCFA34F64B225C72DABB07A70C6C771B8DC7A5C777EBDD","neajdppkdcdipfabeoofebfddakdcjhd":"8B7A0C77BA058D139F9D621C7C695245D23188ADE1492744B3CAEC87D70FD346","nkeimhogjdpnpccoofpliimaahmaaome":"180E960F2AE42E73B3285240EF3BC2DDC2FE51D704D2F87C01DE7EE385DF647B","nmmhkkegccagdldgiimedpiccmgmieda":"E238AA136924D9EE61D1510014ADCB8E8BBF53CEC56ED6626EC8771144E10869","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"52FBEF92CB8E521CB41AE25D404F8305490B787DE2C465E81267C25F44F02F32","pjkljhegncpnkpknbcohdijeoejaedia":"327322494A1AFE9541F904FA7D46785063CB756B5CA5C1548E7F38D5CD9EF535"}},"google":{"services":{"last_username":"5A4462AC6758ECC0FE52380D59E765AE94E93633F89D58E7AE893871A01102D2","username":"D0B7CF88C3DC49917C7129E797085D3AEEBE92B99E9F0AAE28026CA7064E1287"}},"homepage":"C2F7D3C4A31E14CFCFDD108C10B10C36141B361435BF39C24AE77DFFB52B763A","homepage_is_newtabpage":"C3A1D4E773DF45F987B2B7109F174CC09BC4257578FA44CE9E37157FB3993D21","pinned_tabs":"C2414D5BED91E77CE430455C8CA2B1EFB9EF0CC9BBC28F2B4C4FA3B170960175","prefs":{"preference_reset_time":"3F4605C94AB179779246232B15C9A90B6E5BDF3556F470744388E63726985952"},"profile":{"reset_prompt_memento":"921BC713B2A1C751E1C566096734411C9991266B4DB29104237892AE7C39F929"},"safebrowsing":{"incidents_sent":"7CAF2A362BC8D6E165ECA1BB4D0E3B0279A6E0D15013493572C309CF8E02EA1C"},"search_provider_overrides":"E1EF81B0EB3A63FC2C56B32A0B8F288D391F73493250B407F31A968C8C9CAC84","session":{"restore_on_startup":"BB264F4971C0870B8E7D2BE74734C4EFDC451CEF72AAB91DB2F86D867F207F31","startup_urls":"C5D9BC9EFFC6DC059F23BB57ECE28DFE857E5EC29B3FA2A3A98DEC465481B183"},"software_reporter":{"prompt_reason":"F2D8F6199CCD6B2BD4CD87BE0E2DD67F2D8DE6F113C75211FB6C20F37B08D5E1","prompt_seed":"C06AAC8A08F5E24B86D6A166F1D385ABC34F16B1BFF2314BD18974747D60BB2B","prompt_version":"A1D3076E4E444DE4E118E2977C2A86B4A8245A4A5E5F3E49C7F4535F5096BA2E"},"sync":{"remaining_rollback_tries":"9E713034B71C5FE0CD33BC46DD57151B52DE554C5712EDD7FFFC18D14ABF83B2"}},"super_mac":"4AE5CD736A343E15D8627A8EE1350CACD8A0EDC68177E7F92374C583AE04DED3"},"session":{"restore_on_startup":4,"startup_urls":["http://www.vvchaam.nl/"]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"},"sync":{"remaining_rollback_tries":0}} ==== Chromium Fix ====================== C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala deleted successfully C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ahilkiibpgjnonbhdfkkgjddddmapala_0.localstorage deleted successfully C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ahilkiibpgjnonbhdfkkgjddddmapala_0 deleted successfully C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahilkiibpgjnonbhdfkkgjddddmapala deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT2269050" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{D4359B43-B7E8-4BB8-8C8E-125F148DF020}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {29ADE21B-BCF1-47ED-B239-A1E45EB22990} Google Url="http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_nl" {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=CnzcSvFEm7rYDuBZslU1tM_b8UM?q={searchTerms}" {D4359B43-B7E8-4BB8-8C8E-125F148DF020} Google Url="http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_nl" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-1992519123-4132911643-3822553869-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoft Toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ToggleDU Toolbar deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Browsing Protection - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files\Internetbeveiliging\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Corel File Shell Monitor] c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Huishoudboekje] C:\Program Files\DATA BECKER\Huishoudboekje\quick.exe O4 - HKLM\..\Run: [F-Secure Hoster (45123)] "C:\Program Files\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [EPSON2265D9 (Epson Stylus SX420W)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S4FE8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Epson Stylus SX420W(Netwerk)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_SB649.tmp" /EF "HKCU" O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKCU\..\RunOnce: [Application Restart #6] C:\Users\Michelle\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://www.icscards.nl/nlic/portal/anwb/?ns_campaign=notification.anwb&ns_mchannel=e-mail.notification&ns_source=internal.20150505&ns_linkname=tekstlink&ns_fee=0 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Michelle\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\fshoster32.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\Windows\system32\SAgent4.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3861 folders=801 1333879602 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Michelle\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Michelle\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Michelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on za 30-05-2015 at 10:02:12,44 ======================