Zoek.exe v5.0.0.0 Updated 16-07-2014 Tool run by stadhouders on za 19-07-2014 at 17:23:06,67. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\stadhouders\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19-7-2014 17:28:24 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\AVS4YOU deleted successfully C:\Program Files\predm deleted successfully C:\Program Files\Sony Ericsson deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\Sony Ericsson deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1697967434-1681607132-3168893933-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-1697967434-1681607132-3168893933-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511951199} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611031146} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611031146} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611111177} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611111177} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atieclxx.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\ZooToolbar\WBrowserProtect.exe C:\Program Files\ZooToolbar\WBrokerProductivity.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe C:\Program Files\Garmin\Express Tray\ExpressTray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\NAV.exe C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\NST.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\PDF Architect\HelperService.exe C:\Program Files\PDF Architect\ConversionService.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\di2Re-Markable\m7Re-MarkableVx175.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\NST.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\NAV.exe C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\stadhouders\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\stadhouders\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\stadhouders\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\stadhouders\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe C:\Users\stadhouders\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\stadhouders\Downloads\zoek.exe C:\Program Files\video MediaPlay-Air\video MediaPlay-Air-nova.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k swprv ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Re-Markable deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Re-Markable deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951199}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611031146}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611111177}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "fst_nl_61"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #2"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Uniblue\SpeedUpMyPC not found C:\Program Files\Browser_AppS 1.1 deleted C:\Program Files\globalUpdate deleted C:\Program Files\di2Re-Markable deleted C:\Program Files\1 Media Player deleted C:\ProgramData\IePluginServices deleted C:\ProgramData\WindowsMangerProtect deleted C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 deleted C:\Users\stadhouders\appdata\locallow\ZooToolbar deleted C:\Users\stadhouders\AppData\Roaming\DownLite deleted C:\Users\stadhouders\AppData\Roaming\pdfforge deleted C:\PROGRA~2\Package Cache deleted C:\Users\stadhouders\AppData\Local\iLivid deleted C:\Users\stadhouders\AppData\Local\globalUpdate deleted C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx deleted C:\Windows\System32\Tasks\SystemSockets deleted C:\Windows\System32\Tasks\Browser Updater deleted C:\Windows\Tasks\SpeedUpMyPC Maintenance.job deleted C:\Windows\Tasks\SpeedUpMyPC Startup.job deleted C:\Windows\Tasks\6032d33f-1ba1-4231-baa1-523f85a53c0f-2.job deleted C:\Windows\Tasks\6032d33f-1ba1-4231-baa1-523f85a53c0f-4.job deleted C:\Windows\Tasks\6032d33f-1ba1-4231-baa1-523f85a53c0f-7.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-1.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-11.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-2.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-3.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-5.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-5_user.job deleted C:\Windows\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-6.job deleted C:\Windows\Tasks\a5529e60-71d1-4a6c-aec4-17e54897674d-2.job deleted C:\Windows\Tasks\a5529e60-71d1-4a6c-aec4-17e54897674d-4.job deleted C:\Windows\Tasks\a5529e60-71d1-4a6c-aec4-17e54897674d-7.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-1.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-11.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-2.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-3.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-5.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-5_user.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-6.job deleted C:\Windows\Tasks\b4485999-768d-4989-88ae-ed0beab63105-7.job deleted C:\Windows\system32\Tasks\6032d33f-1ba1-4231-baa1-523f85a53c0f-2 deleted C:\Windows\system32\Tasks\6032d33f-1ba1-4231-baa1-523f85a53c0f-4 deleted C:\Windows\system32\Tasks\6032d33f-1ba1-4231-baa1-523f85a53c0f-7 deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-1 deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-11 deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-2 deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-3 deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-5 deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-5_user deleted C:\Windows\system32\Tasks\8b591b5c-b064-4d74-84de-e1383eb0786e-6 deleted C:\Windows\system32\Tasks\a5529e60-71d1-4a6c-aec4-17e54897674d-2 deleted C:\Windows\system32\Tasks\a5529e60-71d1-4a6c-aec4-17e54897674d-4 deleted C:\Windows\system32\Tasks\a5529e60-71d1-4a6c-aec4-17e54897674d-7 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-1 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-11 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-2 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-3 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-5 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-5_user deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-6 deleted C:\Windows\system32\Tasks\b4485999-768d-4989-88ae-ed0beab63105-7 deleted C:\Users\stadhouders\Downloads\iLividSetup-r120-n-bc (1).exe deleted C:\Users\stadhouders\Downloads\iLividSetup-r120-n-bc.exe deleted C:\Users\stadhouders\Downloads\wzmp_8.exe deleted C:\Users\stadhouders\Searches deleted C:\Users\stadhouders\Downloads\SoftonicDownloader_voor_pdfcreator (1).exe deleted C:\Users\stadhouders\Downloads\SoftonicDownloader_voor_pdfcreator.exe deleted C:\Users\stadhouders\Downloads\bs_SpeedBit_Video_Downloader (1).exe deleted C:\Users\stadhouders\Downloads\bs_SpeedBit_Video_Downloader (2).exe deleted C:\Users\stadhouders\Downloads\bs_SpeedBit_Video_Downloader.exe deleted C:\Users\stadhouders\AppData\LocalLow\SimplyTech deleted C:\Windows\tasks\Re-Markable Update.job deleted C:\Windows\system32\tasks\ProtectedSearch deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\Windows\system32\tasks\globalUpdateUpdateTaskMachineCore deleted C:\Windows\system32\tasks\globalUpdateUpdateTaskMachineUA deleted C:\Windows\Launcher.exe deleted C:\Windows\system32\config\systemprofile\Searches deleted "C:\Windows\Installer\43af4c.msi" deleted "C:\Users\stadhouders\AppData\Local\{164D61C6-3F72-4AD1-BA4B-4A1EE63FA05B}" deleted "C:\Program Files\video MediaPlay-Air\video MediaPlay-Air-nova.exe" deleted "C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe" deleted "C:\Program Files\ZooToolbar\cinshlpr.dll" deleted "C:\Program Files\ZooToolbar\InstallHelper.dll" deleted "C:\Program Files\ZooToolbar\System.Data.SQLite.dll" deleted "C:\Program Files\ZooToolbar\WBrokerProductivity.exe" deleted "C:\Program Files\ZooToolbar\WBrowserProtect.exe" deleted "C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe" deleted "C:\Program Files\video MediaPlay-Air\video MediaPlay-Air-nova.exe" deleted "C:\Program Files\ZooToolbar\cinshlpr.dll" deleted "C:\Program Files\ZooToolbar\InstallHelper.dll" deleted "C:\Program Files\ZooToolbar\System.Data.SQLite.dll" deleted "C:\Program Files\ZooToolbar\WBrokerProductivity.exe" deleted "C:\Program Files\ZooToolbar\WBrowserProtect.exe" deleted "C:\Program Files\video MediaPlay-Air\video MediaPlay-Air-nova.exe" deleted "C:\Program Files\video MediaPlay-Air" not deleted "C:\Program Files\TheTorntv V10" not deleted "C:\Program Files\SupTab" deleted "C:\Program Files\ZooToolbar" not deleted "C:\Program Files\SupTab" deleted "C:\Program Files\TheTorntv V10" not deleted "C:\Program Files\video MediaPlay-Air" not deleted "C:\Program Files\ZooToolbar" not deleted "C:\Program Files\video MediaPlay-Air" not deleted "C:\Program Files\SupTab" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3584 MB CPU Info: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz CPU Speed: 2617,9 MHz Sound Card: Hoofdtelefoon (High Definition | Display Adapters: ATI Radeon HD 5670 | ATI Radeon HD 5670 | ATI Radeon HD 5670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: TAP-Win32 Adapter V9 | Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH24NS90 Ports: COM1 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 931,4GB | I: 465,8GB | J: 931,5GB | Q: 0,0MB Hard Disks - Free: C: 111,9GB | I: 25,2GB | J: 87,0GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/20/10 | A_M_I_ - 8001020 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. P5KPL-AM SE Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norton AntiVirus On-access scanning disabled (Outdated) Anti-Spyware: Norton AntiVirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 36.0.1985.125 Internet Explorer Version: 11.0.9600.17207 Google Chrome version: 36.0.1985.125 Adobe Reader version: 10.1.9.22 Sun Java version: 1.7.0_55 (32-bit) Shockwave Player version: 12.0.9r149 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-07-16 18:35:25 B31EA8E2B6F244CE7C7058190AAE4252 984 ----a-w- C:\Windows\disney.ini ====== C:\Users\STADHO~1\AppData\Local\Temp ==== 2014-07-19 12:13:54 9CD4202E3C00335BDEFF91C7FAFEE1A8 45056 ------r- C:\Users\stadhouders\AppData\Local\Temp\{DAD2E0BF-37B2-4372-8F6A-E9D7786579ED}\{2CEB567E-6706-425E-BA1D-143900682925}\_ISUSER.DLL 2014-07-19 12:10:13 A06ED9FCD8F114E270AA64C46063D8C3 552214 ----a-r- C:\Users\stadhouders\AppData\Local\Temp\{93B9256F-A265-4139-B5B5-EA72A334ED2E}\ISSetup.dll 2014-07-16 18:38:46 9CD4202E3C00335BDEFF91C7FAFEE1A8 45056 ------r- C:\Users\stadhouders\AppData\Local\Temp\{19F9FB50-3C26-46A0-9DD7-7D27D002D6FF}\{2CEB567E-6706-425E-BA1D-143900682925}\_ISUSER.DLL 2014-07-16 18:33:47 A06ED9FCD8F114E270AA64C46063D8C3 552214 ----a-r- C:\Users\stadhouders\AppData\Local\Temp\{7E6DCFAD-F57D-4D92-995B-A599BF3B49D7}\ISSetup.dll 2014-07-16 13:57:36 AC6AD5D9B99757C3A878F2D275ACE198 2 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\34a3ce477d40e146a51a450b31c4f9c5\wrap_oal.dll 2014-07-16 13:57:36 92CD70804FFC314248FA075547B6BA9E 2105928 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\34a3ce477d40e146a51a450b31c4f9c5\mono-1-vc.dll 2014-07-16 13:57:35 2D000E4E331F826A99D65760112C8256 8077896 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\34a3ce477d40e146a51a450b31c4f9c5\webplayer_win.dll 2014-07-15 11:01:42 A223D78DBF1C1F4984E35EB15B0DE047 21847656 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\app.exe 2014-07-15 08:56:26 AC6AD5D9B99757C3A878F2D275ACE198 2 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\2951dea3ed303f488c01e050b31fb112\wrap_oal.dll 2014-07-15 08:56:26 92CD70804FFC314248FA075547B6BA9E 2105928 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\2951dea3ed303f488c01e050b31fb112\mono-1-vc.dll 2014-07-15 08:56:25 2D000E4E331F826A99D65760112C8256 8077896 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\2951dea3ed303f488c01e050b31fb112\webplayer_win.dll 2014-07-14 16:20:05 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\psuser.dll 2014-07-14 16:20:04 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\psmachine.dll 2014-07-14 16:20:04 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\psmachine.dll 2014-07-14 16:20:04 91A8742EEDF3E9F3EC0711F23B7BECF1 220672 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\npGoogleUpdate4.dll 2014-07-14 16:20:04 91A8742EEDF3E9F3EC0711F23B7BECF1 220672 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\npGoogleUpdate4.dll 2014-07-14 16:20:04 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\psuser.dll 2014-07-14 16:20:03 F9C8C865DAA66172F9DFA4B370E7085F 761856 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\goopdate.dll 2014-07-14 16:20:03 F9C8C865DAA66172F9DFA4B370E7085F 761856 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\goopdate.dll 2014-07-14 16:20:03 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\GoogleUpdateOnDemand.exe 2014-07-14 16:20:03 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\GoogleUpdateOnDemand.exe 2014-07-14 16:20:02 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\GoogleUpdateHelper.msi 2014-07-14 16:20:02 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\GoogleUpdateHelper.msi 2014-07-14 16:20:02 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\GoogleUpdateBroker.exe 2014-07-14 16:20:02 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\GoogleUpdateBroker.exe 2014-07-14 16:20:02 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\GoogleUpdate.exe 2014-07-14 16:20:02 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\GoogleUpdate.exe 2014-07-14 16:20:02 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.447879\GoogleCrashHandler.exe 2014-07-14 16:20:02 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.293181\GoogleCrashHandler.exe 2014-07-14 16:15:04 B08F2918F90D173343C4FA992A7F8F6D 584888 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\113Etmp\lly_webssearches.exe 2014-07-14 16:15:03 7CB12BA303C035292511AD57179C092B 1810650 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\E10tmp\re-markable_2040-2083.exe 2014-07-14 16:15:03 2C98F07387609054B741FED3B2790E0C 3311112 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\F97tmp\freesofttoday.exe 2014-07-14 16:15:03 12637265641F5147D1246B6DCE955760 1291512 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\C88tmp\speedupmypc.exe 2014-07-14 16:12:01 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\psmachine.dll 2014-07-14 16:12:01 F9C8C865DAA66172F9DFA4B370E7085F 761856 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\goopdate.dll 2014-07-14 16:12:01 91A8742EEDF3E9F3EC0711F23B7BECF1 220672 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\npGoogleUpdate4.dll 2014-07-14 16:12:01 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\psuser.dll 2014-07-14 16:12:00 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\GoogleUpdateHelper.msi 2014-07-14 16:12:00 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\GoogleUpdateBroker.exe 2014-07-14 16:12:00 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\GoogleUpdate.exe 2014-07-14 16:12:00 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\GoogleUpdateOnDemand.exe 2014-07-14 16:12:00 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.11912\GoogleCrashHandler.exe 2014-07-14 14:13:15 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\psmachine.dll 2014-07-14 14:13:15 B47FD964DCE09DF964854C989A2580A9 220672 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\npGoogleUpdate4.dll 2014-07-14 14:13:15 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\psuser.dll 2014-07-14 14:13:15 1A9B66E12DDC7814CA52C48C05841BC0 761856 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\goopdate.dll 2014-07-14 14:13:14 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\GoogleUpdateHelper.msi 2014-07-14 14:13:14 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\GoogleUpdateBroker.exe 2014-07-14 14:13:14 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\GoogleUpdate.exe 2014-07-14 14:13:14 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\GoogleUpdateOnDemand.exe 2014-07-14 14:13:14 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\comh.224887\GoogleCrashHandler.exe 2014-07-12 23:12:15 64D004F0F67793956EB1E24A31AED8F7 21032208 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.211_NetStorage.exe 2014-07-06 10:47:45 92CD70804FFC314248FA075547B6BA9E 2105928 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\0b589d7d8adacd48a27dd3afe5c7b220\mono-1-vc.dll 2014-07-06 10:47:45 2D000E4E331F826A99D65760112C8256 8077896 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\0b589d7d8adacd48a27dd3afe5c7b220\webplayer_win.dll 2014-07-06 10:46:39 AC6AD5D9B99757C3A878F2D275ACE198 2 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\9fb29c7af494524a8571ecbc7b24bf10\wrap_oal.dll 2014-07-06 10:46:39 92CD70804FFC314248FA075547B6BA9E 2105928 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\9fb29c7af494524a8571ecbc7b24bf10\mono-1-vc.dll 2014-07-06 10:46:38 2D000E4E331F826A99D65760112C8256 8077896 ----a-w- C:\Users\stadhouders\AppData\Local\Temp\UnityWebPlayer\temp\9fb29c7af494524a8571ecbc7b24bf10\webplayer_win.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-07-11 07:27:55 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\System32\qedit.dll 2014-07-11 07:27:24 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-07-11 07:27:23 82C8F94A8DFF5D451E1A81B88E9FB4BD 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-07-11 07:27:23 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-07-11 07:27:21 7115E24471C95AA89422A3625BD10FC3 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-11 07:27:20 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-07-11 07:27:20 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\System32\urlmon.dll 2014-07-11 07:27:19 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-07-11 07:27:19 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-07-11 07:27:19 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-07-11 07:27:18 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\System32\msfeeds.dll 2014-07-11 07:27:18 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-07-11 07:27:18 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-07-11 07:27:17 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-07-11 07:27:16 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-07-11 07:27:16 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-07-11 07:27:16 3B840119F286743FCFE953C5DEF40136 595968 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-07-11 07:27:15 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-07-11 07:27:15 2D396E0D33817173E7EB7EE1B0AFCA28 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-07-11 07:27:14 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\System32\wininet.dll 2014-07-11 07:27:13 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\System32\ieui.dll 2014-07-11 07:27:13 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\System32\dxtrans.dll 2014-07-11 07:27:12 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\System32\ieframe.dll 2014-07-11 07:27:11 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\System32\mshtmled.dll 2014-07-11 07:27:10 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-07-11 07:27:10 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-07-11 07:27:09 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\System32\iertutil.dll 2014-07-11 07:27:08 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-07-11 07:27:08 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\System32\mshtml.dll 2014-07-11 07:27:06 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\System32\jscript9.dll 2014-07-11 07:27:06 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\System32\vbscript.dll 2014-07-11 07:26:55 2A58DBC1BADEA2F496099F8CB068E698 2350080 ----a-w- C:\Windows\System32\win32k.sys 2014-07-11 07:26:54 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\System32\osk.exe 2014-07-11 07:26:23 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\System32\kerberos.dll 2014-07-11 07:26:22 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\System32\schannel.dll 2014-07-11 07:26:22 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2014-07-11 07:26:21 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\System32\wdigest.dll 2014-07-11 07:26:21 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\System32\ncrypt.dll 2014-07-11 07:26:21 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2014-07-11 07:26:19 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\System32\credssp.dll 2014-07-11 07:25:57 5E4EEC0A6A97D6D211D4589EFC0F24EE 404480 ----a-w- C:\Windows\System32\aepdu.dll 2014-07-11 07:25:53 E3DE0483931C257917CE70A336B9A635 302592 ----a-w- C:\Windows\System32\aeinv.dll 2014-07-11 07:25:24 EA4B76A3E19C7335A61B111E09205098 1059840 ----a-w- C:\Windows\System32\lsasrv.dll ====== C:\Windows\system32\drivers ===== 2014-07-11 07:26:32 D0B388DA1D111A34366E04EB4A5DD156 338944 ----a-w- C:\Windows\System32\drivers\afd.sys 2014-06-23 10:15:38 2227824DA14F26ACE56A8236323A4915 123544 ----a-w- C:\Windows\System32\drivers\RapportKELL.sys ====== C:\Windows\Tasks ====== 2014-07-14 17:26:30 69397A50A61E39FF06DBE176239FB0CD 3130 ----a-w- C:\Windows\system32\Tasks\{CA3951CE-2BBE-44A3-BFD9-C7EAD83CC6FD} 2014-07-14 17:25:07 7E9E71DBD2EC4CA0CEA8413F2FE99580 3136 ----a-w- C:\Windows\system32\Tasks\{91947AAC-9E05-4A6E-A0CE-FE10FEB6AFCA} 2014-07-14 17:23:31 120F295B6477996BBF05461EEFFFE95C 3142 ----a-w- C:\Windows\system32\Tasks\{FDAD9539-5CB9-4DB5-B41C-CD932D349D77} 2014-07-14 17:16:57 D55F252F5D8BE164B1674931B972BE92 3188 ----a-w- C:\Windows\system32\Tasks\{04F4BFD3-EEDE-48CE-AE69-5ADE243290FD} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-19 12:11:22 -------- d-----w- C:\Program Files\Disney Interactive 2014-07-15 11:01:45 -------- d-----w- C:\Program Files\ZooToolbar 2014-07-14 16:20:00 -------- d-----w- C:\Program Files\video MediaPlay-Air 2014-07-14 14:13:12 -------- d-----w- C:\Program Files\TheTorntv V10 2014-07-12 22:57:05 -------- d-----w- C:\Program Files\Sony Media Go Install 2014-07-12 20:58:11 -------- d-----w- C:\Program Files\iPod 2014-07-12 20:58:09 -------- d-----w- C:\Program Files\iTunes 2014-06-26 20:52:40 -------- d-----w- C:\Program Files\Trusteer ======= C: ===== ====== C:\Users\stadhouders\AppData\Roaming ====== 2014-06-30 14:43:02 -------- d-----w- C:\Users\Default\AppData\Local\Trusteer 2014-06-30 14:43:02 -------- d-----w- C:\Users\Default User\AppData\Local\Trusteer 2014-06-28 12:05:15 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Trusteer 2014-06-26 20:53:05 -------- d-----w- C:\Users\stadhouders\AppData\Local\Trusteer ====== C:\Users\stadhouders ====== 2014-07-19 12:13:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive 2014-07-19 00:28:30 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\stadhouders\Downloads\RSIT (2).exe 2014-07-19 00:09:06 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\stadhouders\Downloads\RSIT (1).exe 2014-07-15 11:02:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1 Media Player 2014-07-15 11:00:51 B9F24AD302F658FC03679F0F38D73BE5 921552 ----a-w- C:\Users\stadhouders\Downloads\1Player (1).exe 2014-07-15 10:40:19 CFCEFDAD573D189F2259BBFACFB89FA4 921552 ----a-w- C:\Users\stadhouders\Downloads\1Player.exe 2014-07-14 16:17:22 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol 2014-07-14 16:15:29 AA8268680B45EF90538738970AF19F41 1210512 ----a-w- C:\Users\stadhouders\Downloads\Setup (5).exe 2014-07-14 16:14:52 6971BC625FF990128D918EC097AE4F1E 1210512 ----a-w- C:\Users\stadhouders\Downloads\Setup (4).exe 2014-07-14 16:14:34 EF791B6B3AB24EF11DEF67693A06AAE4 1210512 ----a-w- C:\Users\stadhouders\Downloads\Setup (3).exe 2014-07-14 16:09:43 2C169A82DAAD98702119DE90167B0480 369496 ----a-w- C:\Users\stadhouders\Downloads\The_Hunger_Catching_Fire_(2013)_BRRip_NL_subs_DutchReleaseTeam (3).exe 2014-07-14 16:08:51 2C169A82DAAD98702119DE90167B0480 369496 ----a-w- C:\Users\stadhouders\Downloads\The_Hunger_Catching_Fire_(2013)_BRRip_NL_subs_DutchReleaseTeam (2).exe 2014-07-14 13:56:43 2C169A82DAAD98702119DE90167B0480 369496 ----a-w- C:\Users\stadhouders\Downloads\The_Hunger_Catching_Fire_(2013)_BRRip_NL_subs_DutchReleaseTeam (1).exe 2014-07-14 13:56:42 2C169A82DAAD98702119DE90167B0480 369496 ----a-w- C:\Users\stadhouders\Downloads\The_Hunger_Catching_Fire_(2013)_BRRip_NL_subs_DutchReleaseTeam.exe 2014-07-12 21:01:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-26 20:52:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging 2014-06-26 20:51:13 -------- d-----w- C:\ProgramData\Trusteer ====== C: exe-files == 2014-07-19 12:17:40 1108B166160D6023AF76435B074052B6 455600 ----a-w- C:\Program Files\InstallShield Installation Information\{2CEB567E-6706-425E-BA1D-143900682925}\setup.exe 2014-07-19 12:11:24 7A40DD5B97578429C62CC2D4D5768713 697344 ------w- C:\Program Files\Disney Interactive\Donald Duck\Donald.exe 2014-07-12 23:13:25 6E0105823B4FE91632C9DA8314418417 655536 ----a-w- C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe 2014-07-12 23:02:51 E50E8ED076F079C033ECE5F80FD9A41A 23626456 ----a-w- C:\Program Files\Sony Media Go Install\B64072D6-3955-4ce6-BB4F-BDA62E58EEA1\sdkupdate.exe 2014-07-12 20:48:42 AA3621250F5654CCAFF1CCDA6558BB80 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.3.0.54\SetupAdmin.exe === C: other files == 2014-07-14 16:12:35 69515B09C0BA2BE7A2BE1ADFDFA66BED 34452 ----a-w- C:\Users\stadhouders\Downloads\subtitlesnl.com-688The.Hunger.Games.Catching.Fire.2013.IMAX.EDITION.1080p.BluRay.x264-PublicHD.zip 2014-07-14 13:55:45 B217727DADC09FFF19A719488F7A7453 36894 ----a-w- C:\Users\stadhouders\Downloads\Ondertitel.com-658-The.Hunger.Games.Catching.Fire.2013.720p.BluRay.x264.YIFY.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-1697967434-1681607132-3168893933-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" "Google Update"="C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "Steam"="C:\Program Files\Steam\Steam.exe -silent" "Facebook Update"="C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "iSkysoft Helper Compact.exe"="C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" "Wondershare Helper Compact.exe"="C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "BrowserPlugInHelper"="C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" "Google Update"="C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe /c" "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" "Steam"="C:\Program Files\Steam\Steam.exe -silent" "Facebook Update"="C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\amd_dc_opt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="amd_dc_opt" "hkey"="HKLM" "command"="C:\\Program Files\\AMD\\Dual-Core Optimizer\\amd_dc_opt.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\stadhouders\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Monitor" "hkey"="HKLM" "command"="C:\\Windows\\PixArt\\PAC207\\Monitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony PC Companion] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sony PC Companion" "hkey"="HKCU" "command"="\"C:\\Program Files\\Sony\\Sony PC Companion\\PCCompanion.exe\" /Background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk" "backup"="C:\\Windows\\pss\\Microsoft Office.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\MIF5BA~1\\Office10\\OSA.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^stadhouders^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk] "path"="C:\\Users\\stadhouders\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2010 Schermopname en Snel starten.lnk" "backup"="C:\\Windows\\pss\\OneNote 2010 Schermopname en Snel starten.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\VIRTUA~1\\CVH.EXE /quietlaunch \"ONENOTEM 9014006204130000\" /tsr" "item"="OneNote 2010 Schermopname en Snel starten" ==== Startup Folders ====================== 2010-10-17 15:57:15 961 ----a-w- C:\Users\Fam. Stadhouders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk 2010-10-17 15:57:15 961 ----a-w- C:\Users\FAM~1.STA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001Core.job --a------ C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe [30-03-2014 18:34] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001UA.job --a------ C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe [30-03-2014 18:34] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-04-2012 23:40] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-04-2012 23:40] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001Core.job --a------ C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe [19-04-2012 17:37] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001UA.job --a------ C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe [19-04-2012 17:37] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-stadhouders-PC-stadhouders" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001Core" [C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001UA" [C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001Core" [C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1697967434-1681607132-3168893933-1001UA" [C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\WSCStub.exe"] "C:\Windows\system32\tasks\{3205F985-8BFA-4081-A970-BF64D752193C}" [C:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLive.exe] "C:\Windows\system32\tasks\{E5B7C8F4-E8F9-45CA-9FC8-CFB1F527FA40}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsProgressBar] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe] "C:\Windows\system32\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe] "C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe] "C:\Windows\system32\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.6.3\coFFPlgn" [19-07-2014 14:03] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{B6B871E3-5059-E5FE-BB9E-E76269FFCA3D}"="C:\Program Files\di2Re-Markable\175.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\STADHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Undetermined - %ProfilePath%\extensions\{62fd68e4-96ce-47c3-b909-22545ca64a38} ProfilePath: C:\Users\STADHO~1\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0 - Undetermined - %ProfilePath%\extensions\{62fd68e4-96ce-47c3-b909-22545ca64a38} ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\Exts\Chrome.crx[07-02-2014 02:42] pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx[] video MediaPlay-Air - stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf Google Wallet - stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Norton Identity Protection - stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob ==== Chrome Fix ====================== C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.webssearches.com_0.localstorage deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.webssearches.com_0.localstorage-journal deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\chjfoceniepjhehcmligfchekogooejd deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnaojefanpmakfgcaliphepgoiiafmpf_0.localstorage deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dnaojefanpmakfgcaliphepgoiiafmpf_0.localstorage-journal deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dnaojefanpmakfgcaliphepgoiiafmpf_0 deleted successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dnaojefanpmakfgcaliphepgoiiafmpf deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://istart.webssearches.com/?type=hp&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804" "Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804&q={searchTerms}" "Start Page"="http://istart.webssearches.com/?type=hp&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804&q={searchTerms}" "Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://istart.webssearches.com/web/?type=ds&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804&q={searchTerms}" "SearchAssistant"="http://istart.webssearches.com/web/?type=ds&ts=1405354567&from=tugs&uid=WDCXWD10EALX-009BA0_WD-WCATR960380403804&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {437A23BA-F245-4C38-B192-8E60EFADA59A} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}&rlz=1I7GGNI_nl" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGNI_nlNL504" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1697967434-1681607132-3168893933-1001\Software\Mozilla\Firefox\Extensions\{B6B871E3-5059-E5FE-BB9E-E76269FFCA3D} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:14056;https=127.0.0.1:14056" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browser_AppS 1.1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\video MediaPlay-Air deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== HijackThis Entries ====================== O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\coIEPlg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [BrowserPlugInHelper] C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\stadhouders\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Facebook Update] "C:\Users\stadhouders\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\21.4.0.13\NAV.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\NST.exe O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe ==== Empty IE Cache ====================== C:\Users\stadhouders\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\stadhouders\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Fam. Stadhouders\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\stadhouders\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\stadhouders\AppData\Local\Orbitum\User Data\Default\Cache emptied successfully C:\Users\FAM~1.STA\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1887 folders=554 477932400 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fam. Stadhouders\AppData\Local\Temp emptied successfully C:\Users\hedev\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Users\stadhouders\AppData\Local\Temp will be emptied at reboot C:\Users\FAM~1.STA\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\STADHO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\video MediaPlay-Air" not found "C:\Program Files\TheTorntv V10" not found "C:\Program Files\ZooToolbar" not found "C:\Program Files\TheTorntv V10" not found "C:\Program Files\video MediaPlay-Air" not found "C:\Program Files\ZooToolbar" not found "C:\Program Files\video MediaPlay-Air" not found ==== EOF on za 19-07-2014 at 20:49:10,67 ======================