Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by Fabio en Kim on za 14/06/2014 at 23:20:47,13. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQ2UKZ75\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 14/06/2014 23:28:39 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\WebSpades deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\374311380 deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\PlotSoft deleted successfully C:\Users\Fabio en Kim\AppData\Roaming\Google deleted successfully C:\Users\Fabio en Kim\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Fabio en Kim\AppData\Roaming\TP deleted successfully C:\Users\Fabio en Kim\AppData\Roaming\WinRAR deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d} deleted successfully HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EB421E4D-12F0-47F2-8DA9-994685CD4E2B} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\programdata\miniapp\sw-booster\SW-Booster.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\PROGRA~2\MYWEBF~2\bar\1.bin\5abarsvc.exe C:\Program Files (x86)\Online Games Manager\ogmservice.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605 ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaulturl", "http://websearch.searchsun.info/?pid=724&r=2014/05/02&hid=18133215223256189933&lg=EN&cc=BE&l=1&q="); ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark._paMembers_.BUTTON_STRUCTURE", "[{\"b\":221359831,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221359832, user_pref("extensions.toolbar.mindspark._paMembers_.firstKnownVersion", "6.33.3.52561"); user_pref("extensions.toolbar.mindspark._paMembers_.homepage", "http://home.tb.ask.com/index.jhtml?ptb=8CE7565D-5258-484C-9B68-FDCFC2189B1B&n=780bf79c user_pref("extensions.toolbar.mindspark._paMembers_.initialized", true); user_pref("extensions.toolbar.mindspark._paMembers_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._paMembers_.installation.installDate", "2014050204"); user_pref("extensions.toolbar.mindspark._paMembers_.installation.partnerId", "^Z1^yyyyyy^YYA^be"); user_pref("extensions.toolbar.mindspark._paMembers_.installation.partnerSubId", ""); user_pref("extensions.toolbar.mindspark._paMembers_.installation.pixelUrl", "http://www.filmfanatic.com/install_pixels.jhtml?partner=^Z1^yyyyyy^YYA^be user_pref("extensions.toolbar.mindspark._paMembers_.installation.success", true); user_pref("extensions.toolbar.mindspark._paMembers_.installation.toolbarId", "8CE7565D-5258-484C-9B68-FDCFC2189B1B"); user_pref("extensions.toolbar.mindspark._paMembers_.installKeysSource", "Cookies"); user_pref("extensions.toolbar.mindspark._paMembers_.installType", "XPI"); user_pref("extensions.toolbar.mindspark._paMembers_.isCompliantUninstallImplementation", true); user_pref("extensions.toolbar.mindspark._paMembers_.lastActivePing", "1402740464207"); user_pref("extensions.toolbar.mindspark._paMembers_.lastKnownVersion", "6.52.4.4618"); user_pref("extensions.toolbar.mindspark._paMembers_.options.defaultSearch", false); user_pref("extensions.toolbar.mindspark._paMembers_.options.homePageEnabled", false); user_pref("extensions.toolbar.mindspark._paMembers_.options.keywordEnabled", false); user_pref("extensions.toolbar.mindspark._paMembers_.options.tabEnabled", false); user_pref("extensions.toolbar.mindspark._paMembers_.partnerPixelFired", true); user_pref("extensions.toolbar.mindspark._paMembers_.successUrl", "http://www.filmfanatic.com/installComplete.jhtml"); user_pref("extensions.toolbar.mindspark._paMembers_.toolbarCollapsed", true); user_pref("extensions.toolbar.mindspark._paMembers_.weather.location", "10001"); user_pref("extensions.toolbar.mindspark.lastInstalled", "filmfanatic2@mindspark.com"); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "145bd567982fbc7fdb1ba2c991c71112"); ---- Lines ffxtbr modified from prefs.js ---- user_pref("extensions.enabledAddons", "paffxtbr%40FilmFanatic.com:6.52.4.4618,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1"); user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files ( ---- Lines extensions.4S4 removed from prefs.js ---- user_pref("extensions.4S4.epoch", "1402826868"); user_pref("extensions.4S4.url", "http://toolkitjob.info/sync2/?q=hfZ9oeV8hfa7tNbPhd9EtMqLDe49CNU0nUkMCMlNhd9Fqda8rTnFrHa8qdYMBzqUojw9rdgFqdwErdC9pih7h ---- Lines extensions.5KZ6 removed from prefs.js ---- user_pref("extensions.5KZ6.epoch", "1402826867"); user_pref("extensions.5KZ6.url", "http://jpiservice.info/sync2/?q=hfZ9ofq7CShEAen0qHC6tMqLDe49CNU0nUkMCMlNhd9Fqda7rdkFqjs7rdaMBzqUojw9rdgFqdwErdC9qGh7 ---- Lines extensions.Hr28 removed from prefs.js ---- user_pref("extensions.Hr28.epoch", "1402826866"); user_pref("extensions.Hr28.url", "http://jpiproxy.info/sync2/?q=hfZ9oeZJh7YMCyVUojaMg708BNmGWj8cmihGheDUojw9rdgFrjw7rdnGrGhIC7n0rjnEqTw9rjaEqHa4tNhVCT ---- Lines extensions.MEfnZW9vm removed from prefs.js ---- user_pref("extensions.MEfnZW9vm.epoch", "1402826866"); user_pref("extensions.MEfnZW9vm.url", "http://groupstyleusa.info/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8cmihGheDUojw9rdkGqTwFrdsGrihIC7n0rjnEqTw9rjaE ---- Lines extensions._8E removed from prefs.js ---- user_pref("extensions._8E.epoch", "1402826865"); user_pref("extensions._8E.url", "http://safe-easy.com/sync2/?q=hfZ9ofq7BNnMCyVUojCGqchTB6lKDzt4oktxtNtVh7n0rjnEqjaGrjs8qTaGtMFHhd9Fqda7rjnFrda7rTaMDMl ---- Lines extensions._LZrsgHnd removed from prefs.js ---- user_pref("extensions._LZrsgHnd.epoch", "1402826866"); user_pref("extensions._LZrsgHnd.url", "http://fasten-tech.com/sync2/?q=hfZ9ofV9CShEAen0qHs9tMqLDe49CNU0nUkMCMlNhd9Fqda8rdsFrTk7rTnMBzqUojw9rdgFqdwErdC ---- Lines extensions.rqa8xnFkBy removed from prefs.js ---- user_pref("extensions.rqa8xnFkBy.epoch", "1402826866"); user_pref("extensions.rqa8xnFkBy.url", "http://foreveryboxzip.ru/sync2/?q=hfZ9oeJQAchEAen0rchTB6lKDzt4oktxtNtVh7n0rjnEqja4rjkErdn9tMFHhd9Fqda7rjnFrda6 ---- Lines extensions.weycZ removed from prefs.js ---- user_pref("extensions.weycZ.epoch", "1402826867"); user_pref("extensions.weycZ.url", "http://json-jpi.info/sync2/?q=hfZ9ofDSBShEAen0qHs9tMqLDe49CNU0nUkMCMlNhd9Fqda8rdsFrTk6rjYMBzqUojw9rdgFqdwErdC9pih7h ---- FireFox user.js and prefs.js backups ---- user_20141406_2346_.backup prefs_20141406_2346_.backup ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqijcl9p.default ---- Lines dokotoolbar removed from prefs.js ---- user_pref("extensions.dokotoolbar.admin", false); user_pref("extensions.dokotoolbar.aflt", "babsst"); user_pref("extensions.dokotoolbar.appId", "{43083724-E0DA-43B9-B7D5-4C5EB0781850}"); user_pref("extensions.dokotoolbar.autoRvrt", "false"); user_pref("extensions.dokotoolbar.dfltLng", "nl"); user_pref("extensions.dokotoolbar.excTlbr", false); user_pref("extensions.dokotoolbar.ffxUnstlRst", true); user_pref("extensions.dokotoolbar.id", "c4763eae00000000000000ffaeafc257"); user_pref("extensions.dokotoolbar.instlDay", "15994"); user_pref("extensions.dokotoolbar.instlRef", "sst"); user_pref("extensions.dokotoolbar.newTab", false); user_pref("extensions.dokotoolbar.prdct", "dokotoolbar"); user_pref("extensions.dokotoolbar.prtnrId", "dokotoolbar"); user_pref("extensions.dokotoolbar.rvrt", "false"); user_pref("extensions.dokotoolbar.smplGrp", "none"); user_pref("extensions.dokotoolbar.tb_url", "http://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=C47600FFAEAFC257&affID=125836&tsp=5037"); user_pref("extensions.dokotoolbar.tlbrId", "base"); user_pref("extensions.dokotoolbar.tlbrSrchUrl", "http://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=C47600FFAEAFC257&affID=125836&tsp=503 user_pref("extensions.dokotoolbar.vrsn", "1.8.26.9"); user_pref("extensions.dokotoolbar.vrsni", "1.8.26.9"); user_pref("extensions.dokotoolbar.vrsnTs", "1.8.26.921:36:51"); ---- Lines conduit modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files ( ---- Lines WebSearch removed from prefs.js ---- user_pref("extensions.toolbar.mindspark._5aMembers_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=A109898B-8979-42C8-9FCD-458653334F86&n=77f ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark._5aMembers_.hp.user.defined", true); user_pref("extensions.toolbar.mindspark._5aMembers_.initialized", true); user_pref("extensions.toolbar.mindspark._5aMembers_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._5aMembers_.installation.installDate", "2013102316"); user_pref("extensions.toolbar.mindspark._5aMembers_.installation.partnerId", "GRfox000"); user_pref("extensions.toolbar.mindspark._5aMembers_.installation.partnerSubId", ""); user_pref("extensions.toolbar.mindspark._5aMembers_.installation.success", true); user_pref("extensions.toolbar.mindspark._5aMembers_.installation.toolbarId", "A109898B-8979-42C8-9FCD-458653334F86"); user_pref("extensions.toolbar.mindspark._5aMembers_.lastActivePing", "1382537116467"); user_pref("extensions.toolbar.mindspark._5aMembers_.weather.location", "10001"); user_pref("extensions.toolbar.mindspark.lastInstalled", "mywebface@mindspark.com"); ---- Lines ffxtbr modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files ( ---- FireFox user.js and prefs.js backups ---- user_20141406_2346_.backup prefs_20141406_2346_.backup ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Thunderbird\Profiles\l0h1m7z0.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141406_2346_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14F1CBA0-CD7A-0C7E-466E-D17C1DCCBF7E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1EF5DC02-5D43-CB39-419E-6029B8DAD40B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24971994-14D7-DB27-B584-FC6F64C1A8AA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B745F5C-0FD5-D414-9D3D-AB7FF7FACD66}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DE24FB6-5FFC-06DF-FF84-A342BBB9477C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88FAEEBD-DBBF-E8D0-34BB-1EF2697CEF13}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8C9295DB-325A-A523-DB79-0236F023286B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3A3E48A-5DC4-FB02-E037-1B3A3A6C305C}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"=- "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\374311380 not found C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\aldrjpv@aooiia.com deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\azt8.mp@vqrlpwlmok.org deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\fgj4t.aoe@qakdbaeey.co.uk deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\i4gbcp@uou.com deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\p0b7_ojwb@pauuab-.co.uk deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\paffxtbr@FilmFanatic.com deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\w.ynd@qmf-.org deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\x2dkofq@oye-rtl.edu deleted C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\yeeorv@eqgk-.co.uk deleted C:\ProgramData\ExstraCOiuuPon deleted C:\ProgramData\SaveerAdDoan deleted C:\ProgramData\FFiinDBEstDeale deleted C:\ProgramData\DIgaiSaaver deleted C:\ProgramData\TaakETHeCoupon deleted C:\Program Files (x86)\YoutubeAdblocker deleted C:\Program Files (x86)\Searcch-NewTab deleted C:\Program Files (x86)\save neutt deleted C:\Program Files (x86)\ConduitEngine deleted C:\Program Files (x86)\IncrediMail_MediaBar_2 deleted C:\ProgramData\4331afc319390373 deleted C:\Windows\syswow64\appdata deleted C:\Users\Fabio en Kim\AppData\LocalLow\{14F1CBA0-CD7A-0C7E-466E-D17C1DCCBF7E} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{1EF5DC02-5D43-CB39-419E-6029B8DAD40B} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{24971994-14D7-DB27-B584-FC6F64C1A8AA} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{4B745F5C-0FD5-D414-9D3D-AB7FF7FACD66} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{4DE24FB6-5FFC-06DF-FF84-A342BBB9477C} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{88FAEEBD-DBBF-E8D0-34BB-1EF2697CEF13} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{8C9295DB-325A-A523-DB79-0236F023286B} deleted C:\Users\Fabio en Kim\AppData\LocalLow\{E3A3E48A-5DC4-FB02-E037-1B3A3A6C305C} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{14F1CBA0-CD7A-0C7E-466E-D17C1DCCBF7E} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{1EF5DC02-5D43-CB39-419E-6029B8DAD40B} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{24971994-14D7-DB27-B584-FC6F64C1A8AA} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{4B745F5C-0FD5-D414-9D3D-AB7FF7FACD66} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{4DE24FB6-5FFC-06DF-FF84-A342BBB9477C} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{88FAEEBD-DBBF-E8D0-34BB-1EF2697CEF13} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{8C9295DB-325A-A523-DB79-0236F023286B} deleted C:\Users\Fabio en Kim\AppData\Local\Packages\windows_ie_ac_001\AC\{E3A3E48A-5DC4-FB02-E037-1B3A3A6C305C} deleted C:\PROGRA~3\YoutubeAdblocker deleted C:\PROGRA~3\save neutt deleted C:\PROGRA~3\Searcch-NewTab deleted C:\PROGRA~2\BitLord 2 deleted C:\PROGRA~2\GamesBar deleted C:\PROGRA~2\Conduit deleted C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\Users\Fabio en Kim\AppData\Roaming\EZDownloader deleted C:\Users\Fabio en Kim\AppData\Roaming\BitLord deleted C:\Users\Fabio en Kim\AppData\Roaming\Systweak deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\Trymedia deleted C:\Users\Fabio en Kim\AppData\Local\iLivid deleted C:\Users\Fabio en Kim\AppData\Local\AVG Security Toolbar deleted C:\Users\Fabio en Kim\AppData\Local\avgchrome deleted C:\Users\Fabio en Kim\AppData\Local\Conduit deleted C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Fabio en Kim\Downloads\avg_free_stb_all_2011_1204_cnet.exe deleted C:\Users\Fabio en Kim\AppData\LocalLow\AVG Security Toolbar deleted C:\Users\Fabio en Kim\AppData\LocalLow\IncrediMail_MediaBar_2 deleted C:\Users\Fabio en Kim\AppData\LocalLow\PriceGong deleted C:\Users\Fabio en Kim\AppData\LocalLow\Conduit deleted C:\Users\Fabio en Kim\AppData\LocalLow\ConduitEngine deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\END deleted C:\Windows\Syswow64\ConduitEngine.tmp deleted C:\Windows\Syswow64\sho1BD1.tmp deleted C:\Windows\Syswow64\sho9BB6.tmp deleted C:\Windows\Syswow64\shoE2A9.tmp deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Fabio en Kim\Documents\Optimizer Pro deleted C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\searchplugins\conduit-search.xml deleted C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\searchplugins\WebSearch.xml deleted C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\jqijcl9p.default\CT2724386 deleted C:\Users\Fabio en Kim\Desktop\iLivid.lnk deleted C:\Users\Fabio en Kim\Downloads\The Counselor (2013) BRRip (xvid) NL Subs. DMT.exe deleted "C:\ProgramData\Performancer\Performancer_x64.dll" deleted "C:\PROGRA~3\Performancer\Performancer_x64.dll" deleted "C:\PROGRA~2\MyWebFace_5a\bar\1.bin\5abarsvc.exe" deleted "C:\PROGRA~2\MyWebFace_5a\bar\1.bin\T8RES.DLL" deleted "C:\ProgramData\Performancer" not deleted "C:\PROGRA~3\Performancer" not deleted "C:\PROGRA~2\MyWebFace_5a" not deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\Users\Fabio en Kim\Documents\BitLord" deleted "C:\PROGRA~2\MyWebFace_5a\bar" not deleted "C:\PROGRA~2\MyWebFace_5a\bar\1.bin" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) (Build 7600) Memory (RAM): 3894 MB CPU Info: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz CPU Speed: 2307,4 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | ATI Mobility Radeon HD 5470 | ATI Mobility Radeon HD 5470 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: TAP-Win32 Adapter V9 | Microsoft Virtual WiFi Miniport Adapter | Broadcom 4313 (802.11b/g/n) CD / DVD Drives: 1x (E: | ) E: hp CDDVDW TS-L633N Ports: COM3 | COM4 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 578,4GB | D: 17,4GB | Q: 0,0MB Hard Disks - Free: C: 433,4GB | D: 2,5GB | Q: 0,0MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 11/09/11 | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 143A Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Firefox 29.0.1 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 29.0.1 (x86 nl) Google Chrome version: 34.0.1847.131 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_55 (32-bit) Flash Player version: 13.0.0.214 Shockwave Player version: 11.6.8r638 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\FABIOE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-06-14 21:19:19 2A13CF137B9C5728E86DA6FB882DC22D 2964 ----a-w- C:\Windows\Sysnative\Tasks\{7E25B6C0-E1B1-4DA2-85DC-F5A3D8307DBB} 2014-06-14 21:18:05 2A13CF137B9C5728E86DA6FB882DC22D 2964 ----a-w- C:\Windows\Sysnative\Tasks\{CC53644C-079C-4B14-8012-2FDF1DEF8D87} 2014-06-14 14:25:02 935BBD72DB8D84B89AF9513A826C66E1 3008 ----a-w- C:\Windows\Sysnative\Tasks\{E8E1A8A9-88D1-4D63-9CB5-B07A6106AF1F} 2014-06-06 17:47:00 5B1763A164F8DCDB4C299B0841107DE9 3228 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForFabio en Kim 2014-06-06 17:47:00 48636635934C3B7E81F714A900B530AF 360 ----a-w- C:\Windows\Tasks\HPCeeScheduleForFabio en Kim.job 2014-06-03 15:01:28 C434707D602D13FC502F6F466895480D 3384 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-14 15:16:14 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-06-14 14:21:36 -------- d-----w- C:\PROGRA~2\Trend Micro 2014-06-11 17:20:17 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird ======= C: ===== ====== C:\Users\Fabio en Kim\AppData\Roaming ====== 2014-06-13 21:13:47 B464C29270D63815625379994EA8C81C 987528 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-06-06 21:29:17 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\Fabio en Kim\AppData\Local\recently-used.xbel ====== C:\Users\Fabio en Kim ====== 2014-06-14 15:15:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fabio en Kim\Downloads\RSITx64.exe 2014-06-05 15:14:44 -------- d-----w- C:\ProgramData\Performancer ====== C: exe-files == 2014-06-14 15:16:15 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Fabio en Kim.exe 2014-06-14 15:15:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fabio en Kim\Downloads\RSITx64.exe 2014-06-11 17:20:20 EB313ABDC842ECD860AEE78DBEA3CCD4 901232 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe 2014-06-11 17:20:20 B247B655785E659EFA579E5089D50B45 390256 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2014-06-11 17:20:20 2D388825897E01BF440F78823DA9DCD7 275056 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe 2014-06-11 17:20:20 18D226DE67745BFDECBEF00182AC9BFD 22640 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe 2014-06-11 17:20:19 BB08D58A90F8DD9E9642F59211E1969D 18544 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe 2014-06-11 17:20:19 AFCE22055443AA82E32052AACF64E89E 194176 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe 2014-06-11 17:20:18 F60E017313E0F1EEB21D87C434CF538D 119408 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe 2014-06-11 17:20:18 96F17050399EC71B2E0FA025770586A6 117360 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe 2014-06-09 15:38:28 A2A89E87EA3BB6921FF526CD6DEDA824 13501272 ----a-w- C:\Program Files\Box\Box Sync\BoxSync.exe 2014-06-09 15:37:42 C1014CBD4CA8CAEC4873D0C5F0FCF0BE 30232 ----a-w- C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN338350VK05XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "SkyDrive"="C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN338350VK05XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "SkyDrive"="C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" "BoxSync"="c:\Program Files\Box\Box Sync\BoxSync.exe -m" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2013-09-20 16:12:14 1952 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6520 series (netwerk).lnk 2010-12-30 11:59:54 1239 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk 2011-04-13 20:50:20 1239 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk 2013-11-18 19:31:41 1109 ----a-w- C:\Users\Fabio en Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk 2010-12-25 13:42:37 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19/05/2014 17:06] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/07/2011 16:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/07/2011 16:07] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [25/07/2011 11:11] C:\Windows\tasks\HPCeeScheduleForDICRISTOFALO$.job --a------ [Undetermined Task] C:\Windows\tasks\HPCeeScheduleForFabio en Kim.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 03:53] C:\Windows\tasks\SW-Booster-S-1052359469.job --ah----- C:\programdata\miniapp\sw-booster\SW-Booster.exe [02/05/2013 14:57] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 0766afab10984bee93ae23da6aa9101a3d95c82066784680a8da7eddc5a8a469" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - dc1ffc6dd38d4d2cb56b54e4b6a8b643cefdecb8d1274666ae69058f01b9de7a" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - e2cbce1573be4b78bce7324f79a3f4c8b464a75c6829485982790e81fef29d17" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForDICRISTOFALO$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForFabio en Kim" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 6520 series" ["C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3483026535-1613976268-3221359994-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SW-Booster-S-1052359469" [c:\programdata\miniapp\sw-booster\SW-Booster.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{56B10FB9-597D-4770-8490-15FDAA275E56}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{7E25B6C0-E1B1-4DA2-85DC-F5A3D8307DBB}" [C:\Users\Fabio en Kim\Desktop\zoek.exe] "C:\Windows\SysNative\tasks\{9EC998EE-5F3C-42B2-A0AA-DAA2994C4B43}" [F:\Watchtower\Watchtower Library 2012\O\WTLibrary.exe] "C:\Windows\SysNative\tasks\{CC53644C-079C-4B14-8012-2FDF1DEF8D87}" [C:\Users\Fabio en Kim\Desktop\zoek.exe] "C:\Windows\SysNative\tasks\{E8E1A8A9-88D1-4D63-9CB5-B07A6106AF1F}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN338350VK" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [01/07/2013 11:04] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25/12/2010 15:44] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605 - Undetermined - C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\extensions\paffxtbr@FilmFanatic.com ProfilePath: C:\Users\FABIOE~1\AppData\Roaming\Thunderbird\Profiles\l0h1m7z0.default - AttachmentExtractor - %ProfilePath%\extensions\{35834d20-efdb-4f78-ab77-9635fb4e56c4}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Fabio en Kim\AppData\Roaming\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605 A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 4AE054AAF74F93566720766CBC9A0E64 - C:\Users\Fabio en Kim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player A64F2C388DC26BE3E469EDC3657B14F4 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) C45F7E59F2A0A6D3C4E90117F4752414 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) F7AEAD4303A056F2D1685B43024776CA - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) FA0A3008589567CB7196620B05C9F28D - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 07A722522C5CB75AEBF837E0411415C0 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 215BBC07AAD6CB4772D2A1CA5E048C37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) 8F323545429C457FE6F8CED13E62AB3D - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 31DA97B4682187C6639BBE2215814FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[16/04/2013 03:11] YoutubeAdblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Administrator\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Administrator\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo SaveerAdDoan - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apikmacepoedmlngbebpbbeedapeimhh RoboSaver - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\beecdinljlhgnfiaagfgbolbnefpekfd YoutubeAdblocker - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo TakeTHHeCoupOn - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkacbknkmdkajaagneohgfaeofhjbab Bookmarks Tagger - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpiecafonfminhngabegejbligdagjfc Doko Toolbar - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\edcikfknpchdehdlmjpbofgkoaonaijg MinimumoPriicee - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjgafijiabfdnilkcccklaiakgdnjna AdBlock Premium - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj RealDownloader - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji save neT - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh Humble New Tab Page - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj AVG Security Toolbar - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof System Drive - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo Google Wallet - Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda YoutubeAdblocker - Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - Gast\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - Gast\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - Gast\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo YoutubeAdblocker - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo Searcch-NewTab - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph save neT - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh System Drive - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo ==== Chrome Fix ====================== C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage-journal deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apikmacepoedmlngbebpbbeedapeimhh deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gchljpcdlpakjicjcojpkoiafjfnjeph deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\blibdkeefpkglnfipngdbojhbcldhgpo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blibdkeefpkglnfipngdbojhbcldhgpo_0.localstorage deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blibdkeefpkglnfipngdbojhbcldhgpo_0.localstorage-journal deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkacbknkmdkajaagneohgfaeofhjbab deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\beecdinljlhgnfiaagfgbolbnefpekfd deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\edcikfknpchdehdlmjpbofgkoaonaijg deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_edcikfknpchdehdlmjpbofgkoaonaijg_0.localstorage deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\igiehlnbmbfohfgpkekbagaafpchnpoh deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igiehlnbmbfohfgpkekbagaafpchnpoh_0.localstorage deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igiehlnbmbfohfgpkekbagaafpchnpoh_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njoipeaphfnaplplihpbgndfojhdhmjo_0.localstorage deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njoipeaphfnaplplihpbgndfojhdhmjo_0.localstorage-journal deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpiecafonfminhngabegejbligdagjfc deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjgafijiabfdnilkcccklaiakgdnjna deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj deleted successfully C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{A963B397-9F38-4AC8-A474-29EABA907BDD}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5C20593D-2550-4FEA-BDA7-D9EB1346DCC5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {97A18302-F4DB-47D7-B1B2-D977467FBC9C} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {A963B397-9F38-4AC8-A474-29EABA907BDD} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} deleted successfully HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3483026535-1613976268-3221359994-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{AF94B35C-3AC5-4030-9F9C-15FB4E3DC339} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\89f35078-7dca-4b04-9e53-7ea57a5e380c deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\c9dc01c4-cf91-46f6-ab84-890d94c939be deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{10A0E600-D246-BD63-F465-4C849C688998} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98449C67-C7AF-BB53-112D-26C916814611} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{dfc86759} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [HP Photosmart 6520 series (NET)] "C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN338350VK05XP:NW" -scfn "HP Photosmart 6520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabio en Kim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6520 series (netwerk).lnk = ? O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://ccff02.minfin.fgov.be/CCFF_Authentication/static/app-layout/signature/html/capicom.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWebFaceService (MyWebFace_5aService) - Unknown owner - C:\PROGRA~2\MYWEBF~2\bar\1.bin\5abarsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Fabio en Kim\AppData\Local\Mozilla\Firefox\Profiles\draogfpj.default-1382538325605\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fabio en Kim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3845 folders=992 34926176636 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fabio en Kim\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\FABIOE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Fabio en Kim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\ProgramData\Performancer" not found "C:\PROGRA~3\Performancer" not found "C:\PROGRA~2\MyWebFace_5a" not found "C:\Users\Fabio en Kim\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QJRAT62C\games2.spele.be" not found "C:\Users\Fabio en Kim\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QJRAT62C\games2.spele.nl" not found "C:\Users\Fabio en Kim\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QJRAT62C\ubistatic16-a.akamaihd.net" not found "C:\Users\Fabio en Kim\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QJRAT62C\www.esprit.com" not found "C:\Users\Fabio en Kim\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QJRAT62C\www8.agame.com" not found ==== EOF on zo 15/06/2014 at 0:37:07,59 ======================