Zoek.exe v5.0.0.0 Updated 28-07-2014 Tool run by Fam. Van Hal on di 29-07-2014 at 19:46:55,50. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Fam. Van Hal\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-7-2014 19:48:53 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\BearShare Applications deleted successfully C:\PROGRA~2\FLVM Player deleted successfully C:\PROGRA~2\melondrea deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\AVG Security Toolbar deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Ralink deleted successfully C:\Users\Fam. Van Hal\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Fam. Van Hal\AppData\Roaming\_MDLogs deleted successfully C:\Users\Fam. Van Hal\AppData\Local\CheckCode deleted successfully C:\Users\Fam. Van Hal\AppData\Local\CUSTPDF Writer deleted successfully C:\Users\Fam. Van Hal\AppData\Local\PackageAware deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0E298565-92F8-4E04-A8C7-1739C5015121} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C86D9F3C-9C01-45C8-BE98-65BC43093509} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\CodecCompileSoftware.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Sitecom\Common\RaUI.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\DefaultDriverMinimal.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Windows\SysWOW64\BackupPythonTooltip\BackupPythonTooltip.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Fam. Van Hal\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RgFltX64 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\RgFltX64 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\FAM~1.VAN\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default user.js not found ---- Lines Search modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\ ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.order.1", "Ask.com"); ---- Lines ask.com modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_29-07-2014_1957_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command] @="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\FLVM Player not found C:\ProgramData\AVG January 2013 Campaign deleted C:\Users\Fam. Van Hal\AppData\Roaming\Mozilla\FIREFOX\Profiles\iw2yh397.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} deleted C:\Program Files (x86)\DVDVideoSoftTB deleted C:\ProgramData\374311380 deleted C:\ProgramData\WindowsMangerProtect deleted C:\Users\Fam. Van Hal\AppData\Roaming\webssearches deleted C:\ProgramData\Systweak deleted C:\PROGRA~3\34143 deleted C:\PROGRA~3\5357 deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\babylon.xml deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\avg-secure-search.xml deleted C:\PROGRA~2\IMESHA~1 deleted C:\PROGRA~2\AskPartnerNetwork deleted C:\PROGRA~2\Conduit deleted C:\Users\Fam. Van Hal\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Fam. Van Hal\AppData\Roaming\pdfforge deleted C:\Users\FAM~1.VAN\AppData\Roaming\systweak deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Systweak deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\AskPartnerNetwork deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\boost_interprocess deleted C:\Users\Fam. Van Hal\AppData\Local\APN deleted C:\Users\Fam. Van Hal\AppData\Local\BearShare deleted C:\Users\Fam. Van Hal\AppData\Local\iMesh deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Fam. Van Hal\Searches deleted C:\Users\Fam. Van Hal\AppData\LocalLow\DVDVideoSoftTB deleted C:\Users\Fam. Van Hal\AppData\LocalLow\imeshbandmltbpi deleted C:\Users\Fam. Van Hal\AppData\LocalLow\BabylonToolbar deleted C:\Users\Fam. Van Hal\AppData\LocalLow\DataMngr deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\FAM~1.VAN\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default\searchplugins\askcom.xml deleted C:\Users\FAM~1.VAN\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default\searchplugins\Mysearchdial.xml deleted C:\Users\FAM~1.VAN\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default\searchplugins\Web Search.xml deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\CodecCompileSoftware.exe" deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\DefaultDriverMinimal.exe" deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\msvcp100.dll" deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\msvcr100.dll" not deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\QtCore4.dll" deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\QtNetwork4.dll" deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\CodecCompileSoftware.exe" deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\DefaultDriverMinimal.exe" deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\msvcp100.dll" deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\msvcr100.dll" not deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\QtCore4.dll" deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\QtNetwork4.dll" deleted "C:\Windows\Syswow64\BackupPythonTooltip\BackupPythonTooltip.exe" deleted "C:\Windows\Syswow64\BackupPythonTooltip\msvcp100.dll" deleted "C:\Windows\Syswow64\BackupPythonTooltip\msvcr100.dll" not deleted "C:\Windows\Syswow64\BackupPythonTooltip\QtCore4.dll" deleted "C:\Windows\Syswow64\BackupPythonTooltip\QtNetwork4.dll" deleted "C:\Windows\SYSWOW64\BackupPythonTooltip\BackupPythonTooltip.exe" deleted "C:\Windows\SYSWOW64\BackupPythonTooltip\msvcp100.dll" deleted "C:\Windows\SYSWOW64\BackupPythonTooltip\msvcr100.dll" not deleted "C:\Windows\SYSWOW64\BackupPythonTooltip\QtCore4.dll" deleted "C:\Windows\SYSWOW64\BackupPythonTooltip\QtNetwork4.dll" deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware" not deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware" not deleted "C:\Windows\Syswow64\BackupPythonTooltip" not deleted "C:\Windows\SYSWOW64\BackupPythonTooltip" not deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\desktop" not deleted "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\service" deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\desktop" not deleted "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\service" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6072 MB CPU Info: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz CPU Speed: 3156.6 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek HDMI Output (Realtek Hi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 230 | NVIDIA GeForce GT 230 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; HP S2331 Series Wide LCD Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: 802.11n Wireless LAN Card | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: hp DVD-RAM GH60L Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 918.6GB | D: 12.8GB | G: 931.5GB Hard Disks - Free: C: 810.7GB | D: 1.6GB | G: 299.0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/12/10 | HPQOEM - 20100712 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI 2A9C Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Google Chrome 36.0.1985.125 Internet Explorer Version: 11.0.9600.17207 Mozilla Firefox version: 19.0.2 (x86 en-US) Google Chrome version: 36.0.1985.125 Adobe Reader version: 10.1.10.18 Sun Java version: 1.7.0_55 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\FAM~1.VAN\AppData\Local\Temp ==== 2014-07-28 19:54:20 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\OSProvider.dll 2014-07-28 19:54:20 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\OSProvider.dll 2014-07-28 19:54:20 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismCorePS.dll 2014-07-28 19:54:20 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismCorePS.dll 2014-07-28 19:54:20 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\IntlProvider.dll 2014-07-28 19:54:20 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\IntlProvider.dll 2014-07-28 19:54:20 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismProv.dll 2014-07-28 19:54:20 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismProv.dll 2014-07-28 19:54:20 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DmiProvider.dll 2014-07-28 19:54:20 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DmiProvider.dll 2014-07-28 19:54:20 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\UnattendProvider.dll 2014-07-28 19:54:20 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\UnattendProvider.dll 2014-07-28 19:54:20 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\wdscore.dll 2014-07-28 19:54:20 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\wdscore.dll 2014-07-28 19:54:20 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\TransmogProvider.dll 2014-07-28 19:54:20 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\TransmogProvider.dll 2014-07-28 19:54:20 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\WimProvider.dll 2014-07-28 19:54:20 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\WimProvider.dll 2014-07-28 19:54:20 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\CbsProvider.dll 2014-07-28 19:54:20 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\CbsProvider.dll 2014-07-28 19:54:20 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismCore.dll 2014-07-28 19:54:20 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismCore.dll 2014-07-28 19:54:20 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\FolderProvider.dll 2014-07-28 19:54:20 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\FolderProvider.dll 2014-07-28 19:54:20 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\CompatProvider.dll 2014-07-28 19:54:20 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\CompatProvider.dll 2014-07-28 19:54:20 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismHost.exe 2014-07-28 19:54:20 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismHost.exe 2014-07-28 19:54:20 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\MsiProvider.dll 2014-07-28 19:54:20 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\MsiProvider.dll 2014-07-28 19:54:20 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\SmiProvider.dll 2014-07-28 19:54:20 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\SmiProvider.dll 2014-07-28 18:42:25 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\OSProvider.dll 2014-07-28 18:42:25 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\OSProvider.dll 2014-07-28 18:42:25 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismCorePS.dll 2014-07-28 18:42:25 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismCorePS.dll 2014-07-28 18:42:25 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\IntlProvider.dll 2014-07-28 18:42:25 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\IntlProvider.dll 2014-07-28 18:42:25 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismProv.dll 2014-07-28 18:42:25 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismProv.dll 2014-07-28 18:42:25 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DmiProvider.dll 2014-07-28 18:42:25 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DmiProvider.dll 2014-07-28 18:42:25 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\UnattendProvider.dll 2014-07-28 18:42:25 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\UnattendProvider.dll 2014-07-28 18:42:25 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\wdscore.dll 2014-07-28 18:42:25 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\wdscore.dll 2014-07-28 18:42:25 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\TransmogProvider.dll 2014-07-28 18:42:25 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\TransmogProvider.dll 2014-07-28 18:42:25 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\WimProvider.dll 2014-07-28 18:42:25 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\WimProvider.dll 2014-07-28 18:42:25 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\CbsProvider.dll 2014-07-28 18:42:25 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\CbsProvider.dll 2014-07-28 18:42:25 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismCore.dll 2014-07-28 18:42:25 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismCore.dll 2014-07-28 18:42:25 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\FolderProvider.dll 2014-07-28 18:42:25 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\FolderProvider.dll 2014-07-28 18:42:25 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\CompatProvider.dll 2014-07-28 18:42:25 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\CompatProvider.dll 2014-07-28 18:42:25 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismHost.exe 2014-07-28 18:42:25 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismHost.exe 2014-07-28 18:42:25 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\MsiProvider.dll 2014-07-28 18:42:25 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\MsiProvider.dll 2014-07-28 18:42:25 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\SmiProvider.dll 2014-07-28 18:42:25 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\SmiProvider.dll 2014-07-27 14:31:47 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\optprosetup.exe 2014-07-27 14:31:47 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\optprosetup.exe 2014-07-27 14:31:32 C26D728869FC7B9E1E35B6CF3CC8FF00 586832 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\webssearches_1607-b6ce596d.exe 2014-07-27 14:31:32 C26D728869FC7B9E1E35B6CF3CC8FF00 586832 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\webssearches_1607-b6ce596d.exe 2014-07-27 14:31:28 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\OptimizerPro.exe 2014-07-27 14:31:28 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\OptimizerPro.exe 2014-07-27 14:31:22 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\RegClean_0307-7366cb4a.exe 2014-07-27 14:31:22 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\RegClean_0307-7366cb4a.exe 2014-07-27 14:31:15 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\eDeals_2207-a0ba44b9.exe 2014-07-27 14:31:15 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\eDeals_2207-a0ba44b9.exe 2014-07-27 14:31:14 F2FCFB2EDEC6A6CF96C494FC8F310D9A 1294392 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\speedupmypc_0406-cd60ba28.exe 2014-07-27 14:31:14 F2FCFB2EDEC6A6CF96C494FC8F310D9A 1294392 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\speedupmypc_0406-cd60ba28.exe 2014-07-27 14:31:08 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\wajam_2207-6c14163c.exe 2014-07-27 14:31:08 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\wajam_2207-6c14163c.exe 2014-07-27 14:30:35 856E746E7F7145E1E6A5399104849CE4 326200 ----atw- C:\Users\FAM~1.VAN\AppData\Local\Temp\n7215\s7215.exe 2014-07-27 14:30:35 856E746E7F7145E1E6A5399104849CE4 326200 ----atw- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\s7215.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-07-09 13:43:08 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-29 17:23:44 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-07-25 15:17:08 -------- d-----w- C:\PROGRA~2\Popcorn Time ======= C: ===== ====== C:\Users\Fam. Van Hal\AppData\Roaming ====== 2014-07-27 14:42:09 -------- d-----w- C:\Users\FAM~1.VAN\AppData\Local\IsolatedStorage 2014-07-27 14:42:09 -------- d-----w- C:\Users\Fam. Van Hal\AppData\Local\IsolatedStorage 2014-07-27 14:31:43 -------- d-----w- C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware 2014-07-27 14:31:43 -------- d-----w- C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware 2014-07-25 15:20:18 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs ====== C:\Users\Fam. Van Hal ====== 2014-07-29 17:22:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\FAM~1.VAN\Downloads\RSITx64 (1).exe 2014-07-29 17:22:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam. Van Hal\Downloads\RSITx64 (1).exe 2014-07-29 17:02:17 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\FAM~1.VAN\Downloads\RSITx64.exe 2014-07-29 17:02:17 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam. Van Hal\Downloads\RSITx64.exe 2014-07-25 15:18:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2014-07-25 15:16:51 4934DFF9C7621DA10F7E65E14240AD94 1151413 ----a-w- C:\Users\FAM~1.VAN\Downloads\Popcorn-Time (1).exe 2014-07-25 15:16:51 4934DFF9C7621DA10F7E65E14240AD94 1151413 ----a-w- C:\Users\Fam. Van Hal\Downloads\Popcorn-Time (1).exe 2014-07-25 15:08:02 4934DFF9C7621DA10F7E65E14240AD94 1151413 ----a-w- C:\Users\FAM~1.VAN\Downloads\Popcorn-Time.exe 2014-07-25 15:08:02 4934DFF9C7621DA10F7E65E14240AD94 1151413 ----a-w- C:\Users\Fam. Van Hal\Downloads\Popcorn-Time.exe ====== C: exe-files == 2014-07-29 17:23:44 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Fam. Van Hal.exe 2014-07-29 17:22:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam. Van Hal\Downloads\RSITx64 (1).exe 2014-07-29 17:02:17 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam. Van Hal\Downloads\RSITx64.exe 2014-07-29 16:50:12 0D64339F42A3501948299BFA0070BE30 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-862581886-158686179-1669305160-1001\$I75K8L0.exe 2014-07-29 16:49:18 7873B8294E75160D32CB07A83AD73857 728960 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-862581886-158686179-1669305160-1001\$R75K8L0.exe 2014-07-29 16:38:04 437A121F5D08CE3EF7470AEB01F25ABF 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-862581886-158686179-1669305160-1001\$IE1CQ89.exe 2014-07-29 16:37:38 B52C9369CFD0B07290AA3DEBA1599AB6 821760 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-862581886-158686179-1669305160-1001\$RE1CQ89.exe 2014-07-28 19:54:20 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\E22AB612-9173-4DD9-8E11-E00835355728\DismHost.exe 2014-07-28 18:42:25 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\8E64A917-755A-4FB8-8201-CC8266081AD5\DismHost.exe 2014-07-27 14:32:14 7336678A8DF1B7864AB9A3C85164E629 515783 ----a-w- C:\Windows\Temp\UptUpdater.exe 2014-07-27 14:31:47 32D3CBFF8F36368ABF784CD550EAA091 7025480 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\optprosetup.exe 2014-07-27 14:31:32 C26D728869FC7B9E1E35B6CF3CC8FF00 586832 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\webssearches_1607-b6ce596d.exe 2014-07-27 14:31:28 3BB5FEE6B8D0F72FCF0E05167DFBA497 7205416 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\OptimizerPro.exe 2014-07-27 14:31:22 62BAFE9A908B1717484D32DE5A54244B 4380069 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\RegClean_0307-7366cb4a.exe 2014-07-27 14:31:15 B16C300A13291FE826BBB59F2E7BFE18 4440864 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\eDeals_2207-a0ba44b9.exe 2014-07-27 14:31:14 F2FCFB2EDEC6A6CF96C494FC8F310D9A 1294392 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\speedupmypc_0406-cd60ba28.exe 2014-07-27 14:31:08 F0F3706910D84499E7845934117022BA 55363 ----a-w- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\wajam_2207-6c14163c.exe 2014-07-27 14:30:35 856E746E7F7145E1E6A5399104849CE4 326200 ----atw- C:\Users\Fam. Van Hal\AppData\Local\Temp\n7215\s7215.exe 2014-07-25 15:18:47 9BB15002080EBBB55E4C316E67851C2C 5747200 ----a-w- C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe 2014-07-25 15:18:43 9BFC9809962357512B023CD51C6DE63B 878147 ----a-w- C:\Program Files (x86)\Popcorn Time\unins000.exe 2014-07-25 15:17:08 17BA037B7292E53B060BA4BBBB6EEC65 210944 ----a-w- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe 2014-07-25 15:16:51 4934DFF9C7621DA10F7E65E14240AD94 1151413 ----a-w- C:\Users\Fam. Van Hal\Downloads\Popcorn-Time (1).exe 2014-07-25 15:08:02 4934DFF9C7621DA10F7E65E14240AD94 1151413 ----a-w- C:\Users\Fam. Van Hal\Downloads\Popcorn-Time.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /nosplash /minimized" "Epson Stylus SX235(Netwerk)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\FAM~1.VAN\AppData\Local\Temp\E_S4910.tmp /EF HKCU" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX235" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /nosplash /minimized" "Epson Stylus SX235(Netwerk)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\FAM~1.VAN\AppData\Local\Temp\E_S4910.tmp /EF HKCU" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX235" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Folders ====================== 2012-07-13 16:51:34 2372 ----a-w- C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk 2012-07-13 16:51:34 2372 ----a-w- C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk 2010-11-07 16:09:56 1997 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sitecom Wireless Utility.lnk 2010-09-25 12:11:07 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-07-2014 15:50] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-08-2011 14:28] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-08-2011 14:28] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{21D79D9C-0520-4DC1-98C3-DD3D968075E4}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/4.1.0.179.161/nl/go/help.faq.installer?LastError=1603] "C:\Windows\SysNative\tasks\{4861EA0E-1CCA-4623-876A-9D131A89071D}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{5A28CBE1-0DB3-402F-8A42-2ABB1F6A084E}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{9C69BD88-288D-4820-8E2D-31EEBE03EA43}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{B49088D3-10E5-4FD4-B493-8EDE748F7575}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{E049EE6B-6BA8-4289-9979-DD6E33FB696B}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension" [26-01-2011 14:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FAM~1.VAN\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default - Undetermined - C:\Users\Fam. Van Hal\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} - Undetermined - C:\Users\Fam. Van Hal\AppData\Roaming\Mozilla\Firefox\Profiles\iw2yh397.default\extensions\faststartff@gmail.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaojmikegpiepcfdkkjaplodkpfmlo - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-03-2012 11:53] Skype Click to Call - Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Skype Click to Call - FAM~1.VAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - FAM~1.VAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage deleted successfully C:\Users\Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" "Default_Search_URL"="http://www.google.com/ie" "Search Bar"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1406471568&from=slbnew&uid=ST31000528AS_9VP7V2L8&q={searchTerms}" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1406471568&from=slbnew&uid=ST31000528AS_9VP7V2L8&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1406471568&from=slbnew&uid=ST31000528AS_9VP7V2L8&q={searchTerms}" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1406471568&from=slbnew&uid=ST31000528AS_9VP7V2L8&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" "Default"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" "CustomizeSearch"="http://www.bing.com/search?q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" "CustomizeSearch"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" "Default_Search_URL"="http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=NL&userid=3919c2ee-03ae-4f73-96ab-ab9dbd5c7ba2&searchtype=ds&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5A6F4537-AA16-46C4-AC6B-2193FEF5FAE4} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear" {77AA745B-F4F8-45DA-9B14-61D2D95054C8} Unknown Url="Not_Found" {86D4984E-6A58-4B30-A4C6-7F75F9EB4E6B} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {B0CA7E33-28FF-4AA7-A080-9F36311E132D} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-862581886-158686179-1669305160-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\Fam. Van Hal\Desktop\CopyTrans Control Center.lnk - C:\Users\Fam. Van Hal\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe C:\Users\FAM~1.VAN\Desktop\CopyTrans Control Center.lnk - C:\Users\Fam. Van Hal\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Gebruikershandleiding EPSON SX235 Series.lnk - C:\Program Files (x86)\Epson Software\Epson Manual\EPSON SX235 Series\nl\Useg\index.htm C:\Users\Public\Desktop\HDR-UX3E Eerste kennismaking (PDF).lnk - C:\Program Files (x86)\Sony\Sony Digital Imaging Handbook\HDR-UX3E\FirstStepGuide.pdf C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\Netwerkhandleiding EPSON SX235 Series.lnk - C:\Program Files (x86)\Epson Software\Epson Manual\EPSON SX235 Series\nl\Netg\index.htm C:\Users\Public\Desktop\Popcorn Time.lnk - C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server ==== shortcuts in Users Start Menu ====================== C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Disk Cleanup.lnk - C:\Windows\system32\cleanmgr.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eBay.nl.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=nl_nl&bd=all&c=104 C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Magic Desktop.lnk - C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mediabestanden importeren (Handycam).lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\Importer\Disc\SPUDiscImporter.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picture Motion Browser.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\Browser\SPUBrowser.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Play HP Games.lnk - C:\Program Files (x86)\HP Games\onplay\onplay.exe "C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src desktopoem C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Player for AVCHD.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\AVCHDPlayer\SPUAVCHDPlayer.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Video Disc Copier.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\VideoDiscCopier\SPUVideoDiscCopier.exe C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Disk Cleanup.lnk - C:\Windows\system32\cleanmgr.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eBay.nl.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=nl_nl&bd=all&c=104 C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Magic Desktop.lnk - C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mediabestanden importeren (Handycam).lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\Importer\Disc\SPUDiscImporter.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picture Motion Browser.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\Browser\SPUBrowser.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Play HP Games.lnk - C:\Program Files (x86)\HP Games\onplay\onplay.exe "C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src desktopoem C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Player for AVCHD.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\AVCHDPlayer\SPUAVCHDPlayer.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Video Disc Copier.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\VideoDiscCopier\SPUVideoDiscCopier.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== shortcuts After Repair ====================== C:\Users\Fam. Van Hal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eBay.nl.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe C:\Users\FAM~1.VAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eBay.nl.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:21011" "ProxyOverride"=";*origin.com;*ea.com;*akamaihd.net" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Epson Stylus SX235(Netwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\FAM~1.VAN\AppData\Local\Temp\E_S4910.tmp" /EF "HKCU" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\RaUI.exe O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BackupPythonTooltip - Unknown owner - C:\Windows\SysWOW64\BackupPythonTooltip\BackupPythonTooltip.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CodecCompileSoftware.exe - Unknown owner - C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\CodecCompileSoftware.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (file missing) O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Popcorn Time Updater - Popcorn Time - C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fam. Van Hal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Fam. Van Hal\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fam. Van Hal\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\FAM~1.VAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\FAM~1.VAN\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\FAM~1.VAN\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fam. Van Hal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64M8Z6LY will be deleted at reboot C:\Users\FAM~1.VAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64M8Z6LY will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Fam. Van Hal\AppData\Local\Mozilla\Firefox\Profiles\iw2yh397.default\Cache will be emptied at reboot C:\Users\FAM~1.VAN\AppData\Local\Mozilla\Firefox\Profiles\iw2yh397.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fam. Van Hal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\FAM~1.VAN\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=736 folders=206 137282792 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fam. Van Hal\AppData\Local\Temp will be emptied at reboot C:\Users\FAM~1~VAN\AppData\Local\Temp emptied successfully C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\FAM~1.VAN\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\FAM~1.VAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware\msvcr100.dll" not found "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware\msvcr100.dll" not found "C:\Windows\Syswow64\BackupPythonTooltip\msvcr100.dll" not found "C:\Windows\SYSWOW64\BackupPythonTooltip\msvcr100.dll" not found "C:\Users\Fam. Van Hal\AppData\Local\CodecCompileSoftware" not found "C:\Users\FAM~1.VAN\AppData\Local\CodecCompileSoftware" not found "C:\Windows\Syswow64\BackupPythonTooltip" not found "C:\Windows\SYSWOW64\BackupPythonTooltip" not found "C:\Users\Fam. Van Hal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64M8Z6LY" not found "C:\Users\FAM~1.VAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64M8Z6LY" not found ==== EOF on di 29-07-2014 at 20:04:05,00 ======================