Zoek.exe v5.0.0.0 Updated 24-12-2014 Tool run by Hugo on za 27/12/2014 at 19:49:19,91. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hugo\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 27/12/2014 19:56:36 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Dell Support Center deleted successfully C:\PROGRA~2\KinggCoupOn deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~3\Nokia deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\{784E3329-1B2A-421E-9427-596088B766F6} deleted successfully C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\PROGRA~3\{D19C2D22-6043-47E7-B400-83A351841204} deleted successfully C:\PROGRA~3\{D79D348D-B804-455D-BF34-7E3989C8E84D} deleted successfully C:\Users\Hugo\AppData\Roaming\HpUpdate deleted successfully C:\Users\Hugo\AppData\Roaming\MusicNet deleted successfully C:\Users\Hugo\AppData\Roaming\Nokia Suite deleted successfully C:\Users\Administrator\AppData\Local\Stardock_Corporation deleted successfully C:\Users\Hugo\AppData\Local\cache deleted successfully C:\Users\Hugo\AppData\Local\Downloaded Installations deleted successfully C:\Users\Hugo\AppData\Local\PackageAware deleted successfully C:\Users\Hugo\AppData\Local\Research In Motion deleted successfully C:\Users\Hugo\AppData\Local\WinAVI deleted successfully C:\Users\Hugo\AppData\Local\Wisdom-soft deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C35B7206-62EB-F808-5475-18A6FDE7DD94} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38E51477-DDB4-4aed-9D61-D0C193E10749} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{38E51477-DDB4-4aed-9D61-D0C193E10749} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{148150F6-3B78-47FB-A222-BDABDFD60906} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2DE88C15-5C57-4017-904D-573A9AA44C8B} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8897F35C-CDBF-4600-8BAB-D6268FFBC96F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C35B7206-62EB-F808-5475-18A6FDE7DD94} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C35B7206-62EB-F808-5475-18A6FDE7DD94} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{dbac6769-e31d-4b11-a6bf-248306f6ecd8} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{dbac6769-e31d-4b11-a6bf-248306f6ecd8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{dbac6769-e31d-4b11-a6bf-248306f6ecd8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{dbac6769-e31d-4b11-a6bf-248306f6ecd8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbac6769-e31d-4b11-a6bf-248306f6ecd8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbac6769-e31d-4b11-a6bf-248306f6ecd8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{38E51477-DDB4-4aed-9D61-D0C193E10749} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87C981B6-8189-1778-626E-8262D75EF377} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87C981B6-8189-1778-626E-8262D75EF377} deleted successfully HKEY_CLASSES_ROOT\CLSID\{87C981B6-8189-1778-626E-8262D75EF377} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87C981B6-8189-1778-626E-8262D75EF377} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8B5C2C77-4E7F-C385-06E7-AF83102F1460} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8B5C2C77-4E7F-C385-06E7-AF83102F1460} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8B5C2C77-4E7F-C385-06E7-AF83102F1460} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B5C2C77-4E7F-C385-06E7-AF83102F1460} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8f2767f8-338a-4258-bd1c-4de5a3d8cdb2} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8f2767f8-338a-4258-bd1c-4de5a3d8cdb2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader 9.1.2 - Nederlands Adobe Shockwave Player 11.5 Advanced Audio FX Engine ANT Drivers Installer x64 Any Video Converter 3.1.0 Apple Application Support Apple Mobile Device Support Apple Software Update ARO 2013 ATI Catalyst Control Center AVS Update Manager 1.0 AVS Video Converter 8 AVS4YOU Software Navigator 1.4 Basissoftware voor HP Photosmart Plus B210 series Belgium e-ID middleware 3.5.4 (build 6535) Blaze Media Pro Bonjour Cardo Updater Cardo Upgrades Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Contour Storyteller CycloAgent D3DX10 Defaulttab Dell DataSafe Local Backup Dell Dock Dell Edoc Viewer Dell Getting Started Guide Dell Webcam Central Dell Wireless WLAN Card Utility DesignPro 5 Dropbox EaseUS Data Recovery Wizard 8.0 Elevated Installer Express Zip File Compression Software FileZilla Client 3.4.0 Free WMA to MP3 Converter 1.16 Garmin BaseCamp Garmin City Navigator Europe NT 2011.10 Garmin City Navigator Europe NT 2011.20 Update Garmin City Navigator Europe NT 2012.10 Update Garmin City Navigator Europe NT 2012.20 Update Garmin City Navigator Europe NT 2012.30 Update Garmin City Navigator Europe NT 2013.30 Update Garmin City Navigator Europe NT 2013.41 Update Garmin City Navigator Europe NT 2014.10 Update Garmin City Navigator Europe NT 2014.40 Update Garmin City Navigator Europe NT 2015.20 Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin Express Garmin Express Tray Garmin MapInstall Garmin MapSource Garmin POI Loader Garmin USB Drivers Garmin VoiceStudio v2.40 Garmin WebUpdater Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper HP Photo Creations HP Photosmart Plus B210 series Haelp HP Update iCloud Intel(R) Management Engine Components Intel(R) Turbo Boost Technology Driver Intel© Turbo Boost Technologie monitor iolo technologies' System Mechanic iTunes Java 7 Update 21 Java Auto Updater Java(TM) 6 Update 20 Java(TM) 6 Update 20 (64-bit) JaVaWa Device Manager 3.5 JaVaWa GMTK 3.7 Junk Mail filter update Kaspersky Security Scan KinggCoupOn Kruidvat fotoservice Live Cam Avatar Creator LoJack Factory Installer Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 Mio Share MixPad Movie Maker Movie Rotator 1.2 Movie Rotator version 2.0.1 MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Dell MyFreeCodec Nitro Reader 3 Nokia Connectivity Cable Driver OSM generic routable(BEL) PC Connectivity Solution Photo Common Photo Gallery PhotoPad Image Editor Pixillion Image Converter Price Met‚r (remove only) Prism Video File Converter Productverbeteringonderzoek HP Photosmart Plus B210 series Quickset64 QuickTime 7 RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Cloud RealUpgrade 1.1 RegCure Pro Roxio Burn Samsung Kies Samsung Kies3 SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition Serif PhotoPlus Starter Edition Skins Skype Toolbars SkypeT 6.11 Snagit Packages SPEEDO Aquabeat Playlist Editor SPEEDO Aquabeat Playlist Editor V1.50 SpeedyBackup Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Fedict SmartCard (12/08/2009 4.0.0.2) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Switch Sound File Converter Synaptics Pointing Device Driver Telenet Mobile Internet Toggle Downloader Winzip Topomap Benelux TuneUp Utilities 2013 TuneUp Utilities Language Pack (nl-NL) Tyre Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) UpdateService Video Download Converter version 1.0.0.0 Virtual COM Port Driver WavePad Sound Editor Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.01 (32-bit) WinZip 15.5 ==== Running Processes ====================== C:\Program Files\Dell\DellDock\DockLogin.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Prey\platform\windows\cronsvc.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe C:\Windows\system32\DRIVERS\o2flash.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Hugo\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.9 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\70e6ca8c deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\70e6ca8c deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87C981B6-8189-1778-626E-8262D75EF377}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B5C2C77-4E7F-C385-06E7-AF83102F1460}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbac6769-e31d-4b11-a6bf-248306f6ecd8}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C35B7206-62EB-F808-5475-18A6FDE7DD94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbac6769-e31d-4b11-a6bf-248306f6ecd8}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\KinggCoupOn not found C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab not found C:\Program Files\Reimage\Reimage Protector not found C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab not found C:\Program Files (x86)\BabylonToolbar not found C:\ProgramData\ChampionDeals not found C:\Program Files (x86)\KinggCoupOn not found C:\PROGRA~3\{784E3329-1B2A-421E-9427-596088B766F6} not found C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\PROGRA~3\{D19C2D22-6043-47E7-B400-83A351841204} not found C:\PROGRA~3\{D79D348D-B804-455D-BF34-7E3989C8E84D} not found C:\Users\Hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér not found C:\Users\Hugo\AppData\Roaming\DVDVideoSoft deleted C:\ProgramData\KinggCoupOn deleted c:\Users\All Users\dl159 deleted C:\Program Files (x86)\AVG SafeGuard toolbar deleted C:\Program Files (x86)\Common Files\AVG Secure Search deleted C:\Program Files (x86)\Common Files\ParetoLogic deleted C:\Program Files (x86)\ParetoLogic deleted C:\ProgramData\EuXtraShhopppier deleted C:\Users\Hugo\AppData\LocalLow\{87C981B6-8189-1778-626E-8262D75EF377} deleted C:\Users\Hugo\AppData\LocalLow\{8B5C2C77-4E7F-C385-06E7-AF83102F1460} deleted C:\Users\Jessie\AppData\LocalLow\{87C981B6-8189-1778-626E-8262D75EF377} deleted C:\Users\Jessie\AppData\LocalLow\{A65D7D0B-2D33-A3E5-05AE-72F3DE879374} deleted C:\Users\Jessie\AppData\LocalLow\{C94106FF-08FC-ACD5-005F-0C9729675664} deleted C:\Users\Hugo\AppData\Local\Packages\windows_ie_ac_001\AC\{87C981B6-8189-1778-626E-8262D75EF377} deleted C:\Users\Hugo\AppData\Local\Packages\windows_ie_ac_001\AC\{8B5C2C77-4E7F-C385-06E7-AF83102F1460} deleted C:\Users\Jessie\AppData\Local\Packages\windows_ie_ac_001\AC\{A65D7D0B-2D33-A3E5-05AE-72F3DE879374} deleted C:\Users\Jessie\AppData\Local\Packages\windows_ie_ac_001\AC\{C94106FF-08FC-ACD5-005F-0C9729675664} deleted C:\PROGRA~3\9cbd01837b05313a deleted C:\Users\Hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PRICEM~1 deleted C:\Users\Hugo\AppData\LocalLow\WiseConvert deleted C:\Users\Jessie\AppData\LocalLow\Serif_PhotoPlus deleted C:\Users\Jessie\AppData\LocalLow\WiseConvert deleted C:\Users\Hugo\daemonprocess.txt deleted C:\PROGRA~3\weoBsaveru deleted C:\PROGRA~3\PrinCoeCCouppon deleted C:\PROGRA~3\LiuuckyCoupon deleted C:\PROGRA~3\QuueiEnCooupon deleted C:\PROGRA~2\ARO 2013 deleted C:\PROGRA~2\NCH Software\Components\NCHToolbars deleted C:\PROGRA~2\Video Download Converter deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\BearShare Applications deleted C:\PROGRA~2\ConduitEngine deleted C:\PROGRA~2\COMMON~1\SpeedyPC Software deleted C:\Users\Hugo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted C:\Users\Hugo\AppData\Roaming\0F1F1C2Y1H1P1C0I0T deleted C:\Users\Hugo\AppData\Roaming\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini deleted C:\Users\Hugo\AppData\Roaming\Sammsoft deleted C:\Users\Hugo\AppData\Roaming\ParetoLogic deleted C:\Users\Hugo\AppData\Roaming\DriverCure deleted C:\PROGRA~3\Avg_Update_0814tb deleted C:\PROGRA~3\FreeRIP deleted C:\PROGRA~3\SpeedyPC Software deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\ParetoLogic deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\PROGRA~3\Package Cache deleted C:\Users\Hugo\AppData\Local\BearShare deleted C:\Users\Hugo\AppData\Local\AVG SafeGuard toolbar deleted C:\Users\Hugo\AppData\Local\CrashRpt deleted C:\Users\Jessie\AppData\Local\AVG SafeGuard toolbar deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARO 2013 deleted C:\Users\Hugo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted C:\windows\SysNative\Tasks\LaunchApp deleted C:\Users\Hugo\Downloads\ReimageRepair (1).exe deleted C:\Users\Hugo\Downloads\ReimageRepair (2).exe deleted C:\Users\Hugo\Downloads\ReimageRepair (3).exe deleted C:\Users\Hugo\Downloads\ReimageRepair (4).exe deleted C:\Users\Hugo\Downloads\ReimageRepair (5).exe deleted C:\Users\Hugo\Downloads\ReimageRepair.exe deleted C:\Users\Hugo\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\Hugo\AppData\LocalLow\searchqutb deleted C:\Users\Hugo\AppData\LocalLow\mediabarbs deleted C:\Users\Hugo\AppData\LocalLow\conduitEngine deleted C:\Users\Jessie\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\Jessie\AppData\LocalLow\searchqutb deleted C:\Users\Jessie\AppData\LocalLow\mediabarbs deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\tasks\ParetoLogic Registration3.job deleted C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job deleted C:\Windows\tasks\ParetoLogic Update Version3.job deleted C:\Windows\Tasks\RegCure Pro_sch_E6FB3FAB-FBD2-11E3-AC5F-5C260A012EA7.job deleted C:\windows\SysNative\Tasks\RegCure Pro_sch_E6FB3FAB-FBD2-11E3-AC5F-5C260A012EA7 deleted C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job deleted C:\Windows\tasks\SpeedyPC Update Version3.job deleted C:\END deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Hugo\Documents\Mobogenie deleted C:\Users\Hugo\Desktop\RegCure Pro.lnk deleted "C:\Windows\Installer\5c413.msi" deleted "C:\PROGRA~2\SpeedyPC Software\SpeedyBackup\BackupOverlay_32.dll" deleted "C:\PROGRA~2\SpeedyPC Software\SpeedyBackup\BackupOverlay_64.dll" deleted "C:\Users\Hugo\AppData\LocalLow\Serif_PhotoPlus" deleted "C:\PROGRA~2\SpeedyPC Software" not deleted "C:\PROGRA~2\SpeedyPC Software\SpeedyBackup" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3957 MB CPU Info: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz CPU Speed: 2391,5 MHz Sound Card: Luidsprekers / Koptelefoon (IDT | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Luidsprekers (MusCAudio) | Display Adapters: ATI Mobility Radeon HD 5650 | ATI Mobility Radeon HD 5650 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; Algemeen PnP-beeldscherm | Dell 1708FP-BLK(Analog) | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Dell draadloze 1397 WLAN Mini-kaart | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpDVD+-RW TS-T633C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 451,1GB | D: 465,8GB | G: 232,8GB Hard Disks - Free: C: 317,9GB | D: 20,1GB | G: 87,4GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 03/24/11 | DELL - 6040000 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0KVMW2 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 38.0.2125.104 Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 38.0.2125.104 Adobe Reader version: 9.1.0.2009022700 Sun Java version: 1.6.0_20 (32-bit) Sun Java version: 1.6.0_20 (64-bit) Flash Player version: 15.0.0.246 Shockwave Player version: 11.5.8r612 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-25 14:49:12 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\Hugo\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-18 11:52:42 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-25 22:39:07 1E583D74D35A8C6A7FAF537C94C844D2 5005688 ----a-w- C:\Windows\Sysnative\.crusader 2014-12-18 11:52:42 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe ====== C:\Windows\Sysnative\drivers ===== 2014-12-25 23:10:11 545EE654B04D52AF2E7F5F393D1F7D75 43664 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2014-12-25 15:05:24 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-12-25 15:03:19 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-12-25 15:03:19 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-12-25 15:03:19 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-12-10 15:47:04 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-25 22:06:51 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Hugo\AppData\Roaming ====== 2014-12-22 09:30:33 -------- d-sh--w- C:\Users\Hugo\AppData\Locallow\EmieBrowserModeList 2014-12-22 08:31:36 -------- d-sh--w- C:\Users\Jessie\AppData\Local\EmieBrowserModeList 2014-12-22 08:13:39 -------- d-sh--w- C:\Users\Jessie\AppData\Locallow\EmieBrowserModeList ====== C:\Users\Hugo ====== 2014-12-25 22:06:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hugo\Downloads\RSITx64.exe 2014-12-25 21:49:44 -------- d-----w- C:\ProgramData\HitmanPro 2014-12-25 21:48:12 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Users\Hugo\Downloads\hitmanpro_x64.exe 2014-12-25 14:58:47 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Hugo\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-25 14:43:03 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\Hugo\Downloads\mseinstall (1).exe 2014-12-25 14:42:45 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\Hugo\Downloads\mseinstall.exe 2014-12-16 19:46:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud ====== C: exe-files == 2014-12-26 13:29:53 7E57F119FA1C81FEFCEEB00073F25D5A 652648 ----a-w- C:\Program Files\My Dell\Setup_nltd.exe 2014-12-26 13:26:37 D22E4A5C59C778CD037313EB5BDD8CCD 16976 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\aeebe2fc-1b02-4ac0-a2fc-fa6f5c808e7a\appupdaterrules_dell\AddCertificate.exe 2014-12-26 13:23:31 D22E4A5C59C778CD037313EB5BDD8CCD 16976 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\a9968682-0cd7-4973-b78f-50e4496eb40a\appupdaterrules_dell\AddCertificate.exe 2014-12-25 22:06:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Hugo.exe 2014-12-25 22:06:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hugo\Downloads\RSITx64.exe 2014-12-25 21:48:12 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Users\Hugo\Downloads\hitmanpro_x64.exe 2014-12-25 21:45:54 FC6A75407A8FE0DD0A38205FE5EE39A4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$IC5SSF4.exe 2014-12-25 21:45:54 82C2594932D933367477EF870B8CC029 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$ICXA5NF.exe 2014-12-25 21:45:54 4A7533BCCB906E92DEC0CB003D313C38 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$IXI3J12.exe 2014-12-25 21:45:54 2B301EAAF660FB76DF06047D32C35D3D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$I33LM8A.exe 2014-12-25 14:58:47 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Hugo\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-25 14:49:14 7C4AEE71C0F2985BA7A66A1730BE00B8 114547960 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$RCXA5NF.exe 2014-12-25 14:43:03 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\Hugo\Downloads\mseinstall (1).exe 2014-12-25 14:42:45 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\Hugo\Downloads\mseinstall.exe 2014-12-24 16:08:58 71FF02E70598D2318BDBD11AC5D35A57 55083472 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$RXQLY2S\BaseCamp.exe 2014-12-24 14:32:40 D22E4A5C59C778CD037313EB5BDD8CCD 16976 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\fa0e0c98-ed78-4f6b-8f19-a16e06d20fdc\appupdaterrules_dell\AddCertificate.exe 2014-12-24 14:30:33 D22E4A5C59C778CD037313EB5BDD8CCD 16976 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\56d4a46e-1473-48ea-bbb6-b9c9670e5fa7\appupdaterrules_dell\AddCertificate.exe 2014-12-24 14:20:41 10E511D216CF2CFF1969EFFF9AD08F65 13264048 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$R33LM8A.exe 2014-12-22 14:14:21 D22E4A5C59C778CD037313EB5BDD8CCD 16976 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\dabf4c2d-1a2b-47a9-a795-bac859901fb6\appupdaterrules_dell\AddCertificate.exe 2014-12-22 14:12:10 D22E4A5C59C778CD037313EB5BDD8CCD 16976 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\13a2492d-049a-4b98-859e-6f1266012473\appupdaterrules_dell\AddCertificate.exe 2014-12-22 13:52:59 23DB498303BBD829D166A893934A3C6E 36631128 ----a-w- C:\ProgramData\GARMIN\Core Update Service\APP-express-windows-3.2.26.0\GarminExpressInstaller.exe 2014-12-22 13:39:24 71FF02E70598D2318BDBD11AC5D35A57 55083472 ----a-w- C:\Users\Hugo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJON8X0H\BaseCamp_446[1].exe 2014-12-22 09:31:24 FFD72CD45A4C17DA065AB5E30FE5DDC3 69732795 ----a-w- C:\$Recycle.Bin\S-1-5-21-380040671-3701161090-3446401283-1001\$R945UJ4.1\mio_setup_1.0.56.1.exe === C: other files == 2014-12-27 18:38:45 C9E9D59C0099A9FF51697E9306A44240 54784 ----a-w- C:\Windows\LastGood\System32\Drivers\usbaapl64.sys 2014-12-26 13:27:06 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\87d77258-7c64-4d8b-987a-ec39ddb67ec4\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:27:03 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\6ad659eb-8831-4627-b4f5-2a3a06bc6f99\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:27:00 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\2b67a08d-23bb-4e5c-a0ca-b54428fdb9e2\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:26:56 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\00ab4527-8c27-4d00-92e8-3b0f58c15d40\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:26:53 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\af25b32c-9629-4e5d-afc9-65acf64e5494\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:26:37 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\aeebe2fc-1b02-4ac0-a2fc-fa6f5c808e7a\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-26 13:23:46 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\a1c59817-3fbd-4e4d-be50-df25565d423e\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:23:43 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\74e848c6-012b-4e6b-a182-e1453dae0b29\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:23:40 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\1ab891e3-0fc2-4513-b399-4c7700a0acb8\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:23:37 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\bc7532c4-eb8b-4821-9ecb-648498da6dc9\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:23:34 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\312fb42a-c352-4a50-b48b-f3a716e385a7\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-26 13:23:31 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\a9968682-0cd7-4973-b78f-50e4496eb40a\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-25 23:10:11 545EE654B04D52AF2E7F5F393D1F7D75 43664 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys 2014-12-25 15:05:24 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-12-25 15:03:19 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-12-25 15:03:19 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-12-25 15:03:19 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-12-24 14:32:40 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\dcb72c64-5bcb-4725-a2e3-dbe0026ee1af\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:32:40 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\ad44af92-a6de-4bc2-9fda-50c5ea5927cd\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:32:40 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\a57e90c5-e46c-4744-81b9-143c0970dc39\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:32:40 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\74b2d7b2-cf72-4ff4-ac32-cb9a98bfbbe0\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:32:40 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\10a55a0a-17e5-4440-a7ae-80dd0492ff96\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:32:39 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\fa0e0c98-ed78-4f6b-8f19-a16e06d20fdc\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-24 14:30:34 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\fd9778eb-3d18-4748-baa5-b416a5d3384f\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:30:34 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\69fe5100-cdd7-4589-833c-f1839e2fb954\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:30:34 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\2ba7068d-63cf-446d-b3ad-fde6efdac576\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:30:34 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\0fcbd66b-4f5d-444a-97d9-2894fda09377\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:30:33 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\7b452415-cb6c-4b17-a0e7-bbd8776dec69\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 14:30:33 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\56d4a46e-1473-48ea-bbb6-b9c9670e5fa7\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-24 13:13:00 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\3d82dbac-609c-4736-847c-03febdd06968\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:12:57 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\373321b9-5b44-4e3f-8f25-d49cf3746924\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:12:54 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\af44f553-3368-4171-b9f9-c41f6d37697e\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:12:51 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\bb87ddac-9b0b-4661-b36c-7b136f943e37\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:12:48 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\c9ddcaa6-23c7-4ebb-9c5a-d12465df9ac5\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:12:43 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\35a05d1c-52b9-4860-8c5b-64b4673d8aca\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-24 13:09:30 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\95e4c2c5-de55-4122-a2a0-102c15ae1090\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:09:27 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\362f3aa3-5d12-4672-aa0a-88b9a2b9a81a\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:09:24 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\26f99249-7ca5-41f7-b606-6e8c9905ae48\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:09:19 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\ae68b017-b7e5-4edf-a8da-9c36e941f969\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:09:16 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\be9ddc6a-360c-4b40-b0a3-67015a26f5fb\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-24 13:08:59 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\efdfaa04-b25a-4d89-abd1-234f6edf1327\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-23 14:12:17 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\c55a47ea-8644-403b-a6ec-9ad7c53675c8\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:12:16 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\b486275b-5edb-46c2-bb52-78ccaf54f6d5\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:12:16 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\7d90893a-e634-4d92-a26f-5ebcf430e1f8\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:12:16 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\6d03f8d9-fe6d-4859-99c3-9ce653b4f060\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:12:16 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\2127250c-5008-4cf9-a9ef-c99ea8f66bc0\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:12:15 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\1562908a-3eaa-4c46-9fb0-1b980abe37fb\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-23 14:10:04 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\f7afd338-be77-477b-a886-131dbdd7d37b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:10:03 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\552874cd-4cb4-4399-b5b4-ab215b8a7e64\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:10:01 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\f5fe4138-9d0f-4556-a277-fc4ecd8ad776\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:10:01 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\1e0bf575-a574-4511-b49e-e561d12bdc3f\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:10:00 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\63e45f19-eea7-4b85-b2f2-cd8158eb24bd\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-23 14:10:00 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\510b1431-6f6b-4d80-8f79-a4c0767bf9c7\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-22 14:14:23 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\a6118a33-6bbb-418c-9987-f193edd442d9\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:14:23 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\475f76b3-f233-4f0f-b452-305cd7b658ee\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:14:22 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\c5322c49-8267-4361-80ae-3671c7b25e8b\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:14:21 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\d1e47f9a-b34a-4677-8d4c-363c680b82e6\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:14:21 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\b47afe55-9fb3-43f9-b1d2-6664625ca108\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:14:20 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\dabf4c2d-1a2b-47a9-a795-bac859901fb6\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-22 14:12:12 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\e6e06a1f-0dfd-412b-95c4-c05cec8abdca\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:12:12 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\6389c20c-86d1-4090-a37e-839ae7332380\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:12:12 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\365c13f2-4f3c-4366-90ef-f18279540484\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:12:11 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\e5093079-5c91-4853-8986-bbb7bfde7148\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:12:11 A1FE3E89F1A3B31EF0820EF374592252 62445 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\7397db75-10d3-4561-a81d-baa98b38af23\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell\withSigneddll-PCDoctor_6422.40_windows_appupdaterrules_dell.zip 2014-12-22 14:12:09 1D9B575A4DE26B262EA8C76109CCFB1D 59018 ----a-w- C:\Users\Hugo\AppData\Roaming\PCDr\Update\Rules\13a2492d-049a-4b98-859e-6f1266012473\appupdaterrules_dell\appupdaterrules_dell.zip 2014-12-22 09:30:44 B490EFF3153FAA906B94E8D809756572 53607100 ----a-w- C:\Users\Hugo\Downloads\mio_setup_1.0.56.1.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\iolo\System Mechanic\Startup Manager\Configuration\Disabled\Registry\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" [HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\iolo\System Mechanic\Startup Manager\Configuration\Disabled\Registry\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "DATAMNGR"="C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE" "Browser companion helper"="C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" "QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" "TkBellExe"="\"c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe\" -osboot" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "item"="APSDaemon" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid] "command"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup" "hkey"="HKLM" "item"="beid" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool] "command"="\"c:\\Program Files (x86)\\Roxio\\Roxio Burn\\RoxioBurnLauncher.exe\"" "hkey"="HKLM" "item"="Desktop Disc Tool" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "hkey"="HKLM" "item"="GrooveMonitor" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kaspersky Security Scan.lnk] "backup"="C:\\Windows\\pss\\Kaspersky Security Scan.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Program Files (x86)\\Kaspersky Security Scan\\KSS.exe" "item"="Kaspersky Security Scan" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Kaspersky Security Scan.lnk" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk] "backup"="C:\\Windows\\pss\\RealPlayer Cloud Service UI.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Program Files (x86)\\Real\\RealPlayer\\RPDS\\Bin64\\rpsystray.exe" "item"="RealPlayer Cloud Service UI" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\RealPlayer Cloud Service UI.lnk" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/12/2014 18:05] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/10/2014 20:53] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/10/2014 20:53] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [23/08/2011 10:11] C:\Windows\tasks\ReclaimerUpdateFiles_Hugo.job --a------ C:\Users\Hugo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [17/11/2014 10:00] C:\Windows\tasks\ReclaimerUpdateXML_Hugo.job --a------ C:\Users\Hugo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [17/11/2014 10:00] C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Hugo.job --a------ [Undetermined Task] C:\Windows\tasks\SpeedyBackup reigistration schedule startup.job --a------ C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\SpeedyBackup.exe [] C:\Windows\tasks\SpeedyBackup reigistration schedule.job --a------ C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\SpeedyBackup.exe [] C:\Windows\tasks\SpeedyBackup Startup.job --a------ C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\SpeedyBackup.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Default2Check" [c:\Users\All Users\dtdata\R003.exe] "C:\Windows\SysNative\tasks\DefaultCheck" [c:\Users\All Users\dtdata\R002.exe] "C:\Windows\SysNative\tasks\DefaultReg" [c:\Users\All Users\dtdata\R001.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart Plus B210 series" ["C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\LoJack for Laptops Install" ["%PROGRAMFILES(x86)%\Absolute Software\LoJack Install\FactoryInstaller.exe"] "C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"] "C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"] "C:\Windows\SysNative\tasks\Real Player-online actualiseringsprogramma" [c:\program files (x86)\real\realplayer\Update\realsched.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-380040671-3701161090-3446401283-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-380040671-3701161090-3446401283-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-380040671-3701161090-3446401283-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-380040671-3701161090-3446401283-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-380040671-3701161090-3446401283-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-380040671-3701161090-3446401283-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\ReclaimerUpdateFiles_Hugo" [C:\Users\Hugo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe] "C:\Windows\SysNative\tasks\ReclaimerUpdateXML_Hugo" [C:\Users\Hugo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe] "C:\Windows\SysNative\tasks\RNUpgradeHelperLogonPrompt_Hugo" [C:\Users\Hugo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe] "C:\Windows\SysNative\tasks\RNUpgradeHelperResumePrompt_Hugo" [C:\Users\Hugo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SpeedyBackup reigistration schedule" [C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\SpeedyBackup.exe] "C:\Windows\SysNative\tasks\SpeedyBackup reigistration schedule startup" [C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\SpeedyBackup.exe] "C:\Windows\SysNative\tasks\SpeedyBackup Startup" [C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\SpeedyBackup.exe] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\SysNative\tasks\{E104EE34-DD4C-4B46-8DDF-B22F5F44DCA5}" [C:\Program Files (x86)\HP\HP Photosmart Plus B210 series\bin\HPScan.exe] "C:\Windows\SysNative\tasks\{E9B04D6F-219A-4665-AA2C-9A00DE57E891}" [C:\Program Files (x86)\HP\HP Photosmart Plus B210 series\bin\HPScan.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\D7R9S1M1\Administrator - Start WLAN Tray Applet" [C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE] "C:\Windows\SysNative\tasks\NCH Software\expresszipShakeIcon" [C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe] "C:\Windows\SysNative\tasks\NCH Software\PhotoPadReminder" [C:\Program Files (x86)\NCH Software\PhotoPad\PhotoPad.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{1DD9AC48-0855-4AE7-9934-159B4377FFA2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [14/07/2014 20:36] ==== Chromium Look ====================== Google Chrome Version: 38.0.2125.104 (Possible outdated, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eijoglodfkeicibboibphapnoahoaapi - C:\Users\Hugo\AppData\Local\Temp\eijoglodfkeicibboibphapnoahoaapi.crx[] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[10/06/2014 16:54] Contrast Theme for Gmail - Hugo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbibcldlgllnamlpilmfleeobcgalfgi Webpage Screenshot Bar - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgpcdalpfphjmfifkmfbpdmgdmeeaeo Contrast Theme for Gmail - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbibcldlgllnamlpilmfleeobcgalfgi Savings com DealFinder - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncemjbbfkgdhfiigkdebleebbhlelap deal4mE - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoffchhpiebkfhmgaleanmcnghdppobc RealDownloader - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji WhoWorks At - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeldhknnfopoiloahhpmbblbhemankjj Play Games - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncenaofgljgcmfgihjdbniieocahleba ShopperMastuer - Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlekolpklhjbcaiekhkiehacfplhikke ==== Chromium Startpages ====================== C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "https://www.facebook.com/?sk=h_chr", "https://mail.google.com/mail/u/0/?tab=wm#inbox", "http://www.hondennonkel.be/", "chrome://downloads/", "https://www.google.be/?gfe_rd=cr&ei=zX5NU5CVLIawOqbCgYgP" ], C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", ==== Chromium Fix ====================== C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlekolpklhjbcaiekhkiehacfplhikke deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncemjbbfkgdhfiigkdebleebbhlelap deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoffchhpiebkfhmgaleanmcnghdppobc deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbibcldlgllnamlpilmfleeobcgalfgi deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbibcldlgllnamlpilmfleeobcgalfgi deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbibcldlgllnamlpilmfleeobcgalfgi_0.localstorage deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbibcldlgllnamlpilmfleeobcgalfgi_0.localstorage-journal deleted successfully C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbibcldlgllnamlpilmfleeobcgalfgi deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgpcdalpfphjmfifkmfbpdmgdmeeaeo deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeldhknnfopoiloahhpmbblbhemankjj deleted successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncenaofgljgcmfgihjdbniieocahleba deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://search.toggle.com/?lang=nl&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://search.toggle.com/?lang=nl&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://search.toggle.com/?lang=nl&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=6cae675b000000000000c4461904d990&tlver=1.4.19.19&affID=19405" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=6cae675b000000000000c4461904d990&tlver=1.4.19.19&affID=19405" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {081230F8-EA50-42A9-983C-D22ABC2EED3B} FreeRIP Url="http://www.qemit.com/toolbar/hub.php?a=sb&did=8&pid=0&lan=nl&day=0&ver=1.01&q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_nlBE425" {9A435D61-E7C2-4D91-B41A-FA549A6D4468} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}&rlz=1I7SKPT_nlBE425" {9DB0267E-A846-4BF2-B62E-938039D44933} Unknown Url="Not_Found" {A2C5D2EF-091F-42C9-900C-DE11762ABE15} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}&rlz=1I7SKPT_nlBE425" {BAF4BB8B-2CDE-4C72-9261-48BB7F91AF1E} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9DB0267E-A846-4BF2-B62E-938039D44933} deleted successfully HKEY_USERS\S-1-5-21-380040671-3701161090-3446401283-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BAF4BB8B-2CDE-4C72-9261-48BB7F91AF1E} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC11171D299C9A24D9651C395901A2AA deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dslauncher.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iololmanager.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mypc backup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdlauncher.exe deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eijoglodfkeicibboibphapnoahoaapi deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C28578D-D0F1-699F-01B0-CC0653A28C11} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cardo Updater_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D17111CB-C992-42A9-9D56-C19395102AAA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Met‚r deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\BC11171D299C9A24D9651C395901A2AA deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} - http://iloapp.mobiele-signaalgevers.be/gallery/executable/IlosoftMultipleImageUpload.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} - http://webc.mobiele-signaalgevers.be/auth/controls/IlosoftImageUpload.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BackupService - Unknown owner - C:\Program Files (x86)\SpeedyPC Software\SpeedyBackup\BackupService.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: SMServer - SMServer - C:\Windows\SysWOW64\snmvtsvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hugo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jessie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jessie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jessie\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jessie\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Hugo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Hugo\AppData\Local\Temp will be emptied at reboot C:\Users\Jessie\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Hugo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\SpeedyPC Software" not found ==== EOF on zo 28/12/2014 at 21:54:06,24 ======================