Zoek.exe v5.0.0.0 Updated 18-01-2015 Tool run by Inge Helsen on di 20/01/2015 at 22:32:14.85. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Inge Helsen\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 20/01/2015 22:34:57 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\eMusic Download Manager deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Common Files\Symantec Shared deleted successfully C:\PROGRA~2\Babylon deleted successfully C:\PROGRA~2\eMule deleted successfully C:\Users\Inge Helsen\AppData\Roaming\eMusic deleted successfully C:\Users\Inge Helsen\AppData\Roaming\WinRAR deleted successfully C:\Users\Gast\AppData\Local\PDFC deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\Inge Helsen\AppData\Local\DriverTuner deleted successfully C:\Users\Inge Helsen\AppData\Local\Lollipop deleted successfully C:\Users\Inge Helsen\AppData\Local\PackageAware deleted successfully C:\Users\Inge Helsen\AppData\Local\PDFC deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1187CED5-B6D8-47DA-9416-6982E93C9626} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14BF78B7-4CDF-41D9-80CD-AA4E79C4E9E} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19F17201-A12C-4768-9361-BC3D672A7040} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A67D8CC-785F-4CC7-AEA8-44DB292B1949} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E301A2D-94E0-40FF-90FA-4F62C21F5969} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FA24363-3122-480E-8364-42FAF4E9163C} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{203C2BE4-F01D-4281-BE66-AEE1A96C5F3E} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A9B5A9A-1E03-4677-83FC-5B66C118B248} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DE61EDC-9C30-4B7C-A924-A7CC166DB2C1} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{303F2659-DF48-4923-B14B-4B621B163F7B} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35CF95C3-1F87-4B4E-B3FF-571B6D45E128} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39820B9A-7193-42A8-8514-9783D19B999} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A253B97-BF7A-421C-A68A-60A07A281A34} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D28B469-5756-4E56-97CC-5B3DFB72A4F1} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E51F62A-E62B-419B-8C7D-9920567942} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F98175C-1395-427F-B6A0-CE225D27E511} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{413DCD-B08C-4CFE-8AB-54D6854E697} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{422E40D9-90EF-4E38-A38B-16189B1DA6D8} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43ADA5AE-F4F4-4187-AB6-7966C18ADC6D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44060E72-771D-4959-8890-98915D481BD} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44E88B0-E81D-4723-B416-AA094CD96B0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47BA7F09-5F09-4960-AD75-C1E9BE3BE677} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B8D2700-C1C1-450F-B767-B453D39B21DA} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C41A963-ABFA-409C-8F9B-434662CB6B5} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EF0D2B3-70E-43DB-B1C9-96ED23214ED} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51B0BE6F-70B1-4018-BC16-F53130C4816F} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53781982-EE9F-4E4D-B7DE-A28EEE3A6D1} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{548107AE-8BF8-4168-AF8B-FF29C1C55179} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{550F07BA-48CC-47AC-BE9B-BC354FCDEA3C} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{566B5605-54E3-44B4-B0B2-C2682321340} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{585580DF-E472-469D-99AA-83FF7787D4A} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{592FAB79-DA94-486D-AD67-4B8C6589DC7E} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CBE1643-5F1C-4A3D-90FF-411122D332D3} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DF8B3C7-CFF5-44A1-8AFB-CF2F37227D1} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6014F922-C6FC-4032-B295-74ACD017222E} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60D324CE-196-4B6B-A8B8-2085B0DD75A} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{617CDC06-9E8C-45B3-A1BE-C8E8809718A2} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{670A6DA6-EA7B-4FF0-AB28-C2430FA1EC0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D863CBF-13BE-4E2D-8224-9FA9A8EDE212} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DBE5211-D36B-430B-832F-EA5E61CC836} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DD37DA4-493F-44EA-AA6-EF8FE9E23A} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E365B1E-46A2-40AC-83E-AA75242B2EB2} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F68DC6B-1F9C-4E7A-9D51-B4893F98C14} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71792F20-1B43-4194-A949-7FD1535448A2} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77D2DBC6-A680-430D-BBD9-F894571C90FA} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{787C792F-CD24-4B46-82BC-C57BF2F8453B} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79F2801-D8CC-4C55-89C8-404149911FBA} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82436FB1-55EA-4F4F-AE44-D1EDC5971760} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83D84837-A62C-4E6B-98F1-D9BD17CB3CA7} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{864FA829-517B-4203-A724-2DA3E67D741} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89DA4ED0-9DBC-4AA4-955A-A11A57B32434} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D59316-5C17-4046-905F-B8F95613049} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EE86A63-A32-457F-A7B7-BE4A7C23363F} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{904E7F5A-E75E-4EEF-8CA5-339023487C88} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{942A3736-485-4F10-870-89E2B9DAC0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94A00FB1-542-4451-A691-77874B3DFEB4} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{969F4BB0-BDC2-4A14-B9D1-E21077726F2} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E91BFC-6CC-4062-A1EA-767EF7A71FB1} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AF3CA68-2A83-46BC-87AD-E022C1909CCD} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EC5DB6D-A260-451E-804D-15107E447D89} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2329B16-6D90-41C7-A794-16C37742FBEC} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4A00AFF-8F67-4D99-907D-D2BAAF628615} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A520C2B4-5518-4956-8A89-3124451804} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5E77E2D-35F3-4832-915A-37CF78B85D9} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A612BF68-BD2C-4990-93F2-621B5B6C1C69} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6A821FF-FF66-414E-AF69-8E40F5CA6EDD} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7FE4197-78B1-4580-931F-4E81AF5A77AA} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8D47440-2B08-4B0C-BF7B-D3BE81F18090} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AACE1822-CB93-4917-A060-5A54C4AFAD70} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC6F23A4-FE05-48A3-8F75-D7F39BB7545F} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B507C9D1-F0EC-469D-BD95-A8F2EF9FC9B} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6B4FBEF-AAFC-4D90-8894-8AF26CC509} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7633687-FC9E-4361-A087-148A53F0F1AE} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7E226E0-98AE-45A0-916F-8652E8537DCC} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD3D98B0-E14D-4513-B274-585F34FA95F0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDFD0BF-9790-445F-B3F7-9A03C873E29} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE233F07-2DBF-4F80-89C5-FB6B663A72C} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF3DA8E3-70A7-491B-AB44-7AEF94EEFE5} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFC6025A-B300-4519-817D-5D74F3E32531} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFD113AB-7538-4EFD-97A2-41C21169C3FD} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C156AA89-6028-4E74-93D8-628A525A8C18} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C513A4CA-55AF-467B-8589-67B2E14BA615} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C580B6B3-EAB8-4C0F-8C57-F655D1D5BFB9} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C658BDEA-2951-4756-8CE8-5854F38A1A3} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C71B7436-3B6C-47D0-93A0-83F44CC2A244} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C93A58F3-3934-452B-A827-48E9CDAC3D0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9970F24-67AD-4989-BAB2-E779C41FDA18} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA12EAEA-BB0C-4314-8E5D-B3583AC2152} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC35A444-23CC-4C32-8EA7-2F5DA4F99D6C} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC7974CB-D4F1-4872-B6AE-69BC13F6EE1E} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D19D20D0-E27A-47FC-AAC8-D69D7BB7E6} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D39194A4-8AFD-4005-81C-E55C430BAFA} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D54FD62C-D6F2-41FF-A04F-B5D2E7A06ED4} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D59C191C-9D14-4D2B-96F-9E70883AFA} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC7B99C7-CF21-4496-B549-1B7B6A86B91} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD5B2E40-8ABE-4A50-B7A1-2CE8ABB84018} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD9C2E32-2C93-4E05-AFE-4B6CF72FCE} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE3BECBC-C250-46F0-87BF-5D27A9823835} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE443A14-493-4B86-A3A-2C7B66A0D573} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFC6FA08-3B5A-4209-9DDD-D8929DDCAD9A} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E06518E-9E85-41AC-A2D9-E16F31E42ED8} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8529147-75BC-4263-92D5-C925778F16D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EACA72AF-EF89-4D7B-8C8F-A201FCE24D5} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED6D8C1F-2558-4968-B071-8FC35E5E246} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF0C32ED-8EC9-4CA7-852B-D51BDFBF5E6F} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF1F1C15-9E1F-4E7D-8DCC-5ACF70C0B036} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F08BFAB6-D37A-4898-8AD7-354DDF594261} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2F47B24-2569-457F-9ED8-E47BF8DAD012} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F365606-41F8-40D9-9CAC-4130EE68C88D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F48DDBE1-F387-4424-9F7E-D7CBA499DA4} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5156B33-7171-4A03-8030-8A2C7DCB960} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC7DC795-192A-4356-B813-C2839FB76F8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_CLASSES_ROOT\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_CLASSES_ROOT\CLSID\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} deleted successfully HKEY_CLASSES_ROOT\CLSID\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} deleted successfully HKEY_CLASSES_ROOT\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{31c322dc-5878-452e-a2d8-c4aab9973c9a} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{e84cc2c1-b722-48fc-a39c-edb8b525c777} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully ==== Running Processes ====================== C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\wininit.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\lsm.exe C:\windows\system32\winlogon.exe C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe C:\windows\system32\atiesrxx.exe C:\Program Files\IDT\WDM\STacSV.exe C:\windows\system32\Hpservice.exe C:\windows\system32\atieclxx.exe C:\windows\system32\WLANExt.exe C:\windows\system32\conhost.exe C:\windows\System32\spoolsv.exe c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\aestsrv.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\windows\system32\FortiSSLVPNdaemon.exe c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe C:\Program Files\PDF Complete\pdfsvc.exe C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe C:\Program Files\SiteAdvisor\6173\SAService.exe C:\windows\system32\uArcCapture.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\taskhost.exe C:\PROGRA~1\McAfee\MANAGE~1\Agent\myAgtTry.exe c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\SiteAdvisor\6173\SiteAdv.exe C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\LaCie\Genie Backup Assistant\GBMAgent.exe C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\MWSnap\MWSnap.exe C:\Users\Inge Helsen\AppData\Local\Temp\panmap.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Users\Inge Helsen\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Templates\CertPolEng.exe C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe C:\Program Files\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE C:\windows\system32\Macromed\Flash\FlashUtil32_16_0_0_257_ActiveX.exe C:\Users\Inge Helsen\Desktop\zoek.exe C:\windows\system32\conhost.exe C:\windows\system32\conhost.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\svchost.exe -k hpdevmgmt C:\windows\System32\svchost.exe -k HPZ12 C:\windows\System32\svchost.exe -k HPZ12 C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k HPService C:\windows\system32\svchost.exe -k bthsvcs C:\windows\System32\svchost.exe -k secsvcs C:\windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Savesenselive deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Savesenselive deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Savesenselivem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Savesenselivem deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c322dc-5878-452e-a2d8-c4aab9973c9a}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e84cc2c1-b722-48fc-a39c-edb8b525c777}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- "facemoods"=- "ApnTBMon"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Ask.com deleted C:\Program Files\BitTorrentBar deleted C:\Program Files\interdescargas-FR deleted C:\Program Files\Productivity_2.2 deleted C:\Program Files\PopcornTV deleted C:\Program Files\ConduitEngine deleted C:\Program Files\facemoods.com deleted C:\Program Files\SaveSenseLive deleted C:\Users\Inge Helsen\AppData\Local\BitTorrentBar deleted C:\Users\Inge Helsen\appdata\locallow\BitTorrentBar deleted C:\Users\Inge Helsen\AppData\Local\ConduitEngine deleted C:\Users\Inge Helsen\appdata\locallow\ConduitEngine deleted C:\Users\Inge Helsen\AppData\Local\interdescargas-FR deleted C:\Users\Inge Helsen\appdata\locallow\interdescargas-FR deleted C:\Users\Inge Helsen\AppData\Local\Productivity_2.2 deleted C:\Users\Inge Helsen\appdata\locallow\Productivity_2.2 deleted C:\Users\Inge Helsen\appdata\locallow\facemoods.com deleted C:\PROGRA~2\DivX deleted C:\PROGRA~2\Premium deleted C:\Users\Gast\AppData\LocalLow\Conduit deleted C:\Users\Gast\AppData\LocalLow\ConduitEngine deleted C:\Users\Gast\AppData\LocalLow\Productivity_2.2 deleted C:\Users\Inge Helsen\AppData\LocalLow\Conduit deleted C:\Program Files\Torntv V6.0 deleted C:\Program Files\TornTV.com deleted C:\Program Files\Uniblue\DriverScanner deleted C:\Program Files\Conduit deleted C:\Program Files\ParetoLogic deleted C:\Program Files\Common Files\ParetoLogic deleted C:\Program Files\iMesh Applications deleted C:\Program Files\Wondershare deleted C:\Program Files\Driver-Soft deleted C:\Program Files\Common Files\Wondershare deleted C:\extensions deleted C:\user.js deleted C:\install.exe deleted C:\Users\Inge Helsen\AppData\Roaming\PriceGong deleted C:\Users\Inge Helsen\AppData\Roaming\SaveSense deleted C:\Users\Inge Helsen\AppData\Roaming\BitLord deleted C:\Users\Inge Helsen\AppData\Roaming\ParetoLogic deleted C:\Users\Inge Helsen\AppData\Roaming\DriverCure deleted C:\Users\Inge Helsen\AppData\Roaming\Babylon deleted C:\Users\Inge Helsen\AppData\Roaming\pdfforge deleted C:\PROGRA~2\AskPartnerNetwork deleted C:\PROGRA~2\APN deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\boost_interprocess deleted C:\PROGRA~2\ParetoLogic deleted C:\PROGRA~2\SaveSenseLive deleted C:\PROGRA~2\InstallMate deleted C:\PROGRA~2\Tarma Installer deleted C:\Users\Gast\AppData\Local\BIT8259.tmp deleted C:\Users\Gast\AppData\Local\BIT94D0.tmp deleted C:\Users\Inge Helsen\AppData\Local\Ilivid Player deleted C:\Users\Inge Helsen\AppData\Local\BIT672A.tmp deleted C:\Users\Inge Helsen\AppData\Local\BIT924F.tmp deleted C:\Users\Inge Helsen\AppData\Local\BITABD9.tmp deleted C:\Users\Inge Helsen\AppData\Local\BITB654.tmp deleted C:\Users\Inge Helsen\AppData\Local\BITEF9C.tmp deleted C:\Users\Inge Helsen\AppData\Local\SaveSenseLive deleted C:\Users\Inge Helsen\AppData\Local\Wondershare deleted C:\Users\Inge Helsen\AppData\Local\Software deleted C:\Users\Inge Helsen\AppData\Local\iMesh deleted C:\Users\Inge Helsen\AppData\Local\AskPartnerNetwork deleted C:\Users\Inge Helsen\AppData\Local\Conduit deleted C:\windows\system32\config\systemprofile\AppData\Local\Software deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Users\Gast\AppData\LocalLow\AskToolbar deleted C:\Users\Gast\AppData\LocalLow\BitTorrentBar deleted C:\Users\Gast\AppData\LocalLow\PriceGong deleted C:\Users\Inge Helsen\AppData\LocalLow\AskToolbar deleted C:\Users\Inge Helsen\AppData\LocalLow\BabylonToolbar deleted C:\Users\Inge Helsen\AppData\LocalLow\ShopperReports3 deleted C:\Users\Inge Helsen\AppData\LocalLow\Torntv V6.0 deleted C:\Users\Inge Helsen\AppData\LocalLow\IAC deleted C:\Users\Inge Helsen\AppData\LocalLow\Plus-HD-2.2 deleted C:\Users\Inge Helsen\AppData\LocalLow\searchquband deleted C:\Users\Inge Helsen\AppData\LocalLow\wincoreimband deleted C:\Users\Inge Helsen\AppData\LocalLow\Delta deleted C:\Users\Inge Helsen\AppData\LocalLow\Softonic deleted C:\Users\Inge Helsen\AppData\LocalLow\DataMngr deleted C:\windows\system32\tasks\SaveSense deleted C:\windows\system32\tasks\SaveSenseLiveUpdateTaskMachineCore deleted C:\windows\system32\tasks\SaveSenseLiveUpdateTaskMachineUA deleted C:\windows\tasks\SaveSense.job deleted C:\windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job deleted C:\windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job deleted C:\windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted C:\windows\system32\tasks\RunAsStdUser Task deleted C:\windows\system32\config\systemprofile\Searches deleted C:\windows\System32\InstallUtil.InstallLog deleted C:\windows\System32\searchplugins deleted C:\windows\System32\Extensions deleted C:\Users\Inge Helsen\Documents\Optimizer Pro deleted C:\Users\Inge Helsen\Documents\BitLord deleted C:\Users\Public\Desktop\Emoticons for your messenger!.url deleted C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Inge Helsen\Desktop\Youtube Music Downloader.lnk deleted C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml deleted C:\Users\Inge Helsen\AppData\Roaming\codec.exe deleted C:\Users\Inge Helsen\AppData\Roaming\Computer.exe deleted "C:\windows\Installer\1e4ce3.msi" deleted "C:\Users\Inge Helsen\AppData\Local\{1291F5D7-FAF7-438F-BB3F-76CA45E9E333}" deleted "C:\Users\Inge Helsen\AppData\Local\{19867949-85C8-45BC-8FEF-CBE2CE5106A0}" deleted "C:\Users\Inge Helsen\AppData\Local\{2F590F8C-68B6-4431-BE0A-E6AB6F31744F}" deleted "C:\Users\Inge Helsen\AppData\Local\{59C3AE97-5E64-4C93-AC03-4724E0677AEC}" deleted "C:\Users\Inge Helsen\AppData\Local\{8700B894-FD44-4B78-8600-CDBA0843646A}" deleted "C:\Users\Inge Helsen\AppData\Local\{B0104AAF-8593-4E64-AA9E-49F59740A92A}" deleted "C:\Users\Inge Helsen\AppData\Local\{F912ACD0-25D2-446C-B652-631A81DBA12D}" deleted "C:\Users\Inge Helsen\AppData\Local\{FBF78989-2F74-4AA9-9016-C04818CED176}" deleted "C:\Program Files\SiteAdvisor\6173\SAService.exe" deleted "C:\Program Files\SiteAdvisor\6173\SASubMgr.dll" deleted "C:\Program Files\SiteAdvisor\6173\SiteAdv.dll" deleted "C:\Program Files\SiteAdvisor\6173\SiteAdv.exe" deleted "C:\Program Files\SiteAdvisor\6173\Upsell.dll" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\SiteAdvisor\6173" not deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\BitLord 2" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Users\Gast\AppData\LocalLow\facemoods.com" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601) Memory (RAM): 3056 MB CPU Info: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz CPU Speed: 2320.0 MHz Sound Card: Luidsprekers / HP (IDT High Def | Koptelefoon (RTC) (IDT High Def | Display Adapters: ATI Mobility Radeon HD 530v | ATI Mobility Radeon HD 530v | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #3 | Atheros AR9285 802.11b/g/n WiFi Adapter | Bluetooth Device (Personal Area Network) CD / DVD Drives: 1x (G: | ) G: hp BDDVDRW CT21L Ports: COM5 | COM7 | COM4 | COM6 | COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 448.5GB | F: 2.0GB Hard Disks - Free: C: 269.6GB | F: 1.2GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 02/18/11 | HPQOEM - f Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 1411 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 39.0.2171.99 Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 39.0.2171.99 Adobe Reader version: 10.1.10.18 Sun Java version: 1.8.0_25 (32-bit) Shockwave Player version: 11.6.7r637 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\INGEHE~1\AppData\Local\Temp ==== 2015-01-19 07:58:54 7CBE02A02B5A7F377B2E19D42B57D6ED 43008 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzds7kz.dll 2015-01-14 21:10:11 2BFB1F39B1EF0784A7597A2250BF7914 229496 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\Setup000001b8\OSETUPUI.DLL 2015-01-14 21:10:10 5E9692FC8D8A1A027CDC1F2360C85DED 5799592 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\Setup000001b8\OSETUP.DLL ====== Java Cache ===== 2015-01-20 20:49:40 C1BBA7F1278F193AB584FFF460DB5E2A 17878 -c--a-w- C:\Users\Inge Helsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-5ca87560 2015-01-20 20:49:30 415FC9732A3F4D89A0E01251CD66E136 646 -c--a-w- C:\Users\Inge Helsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-5f367055 2015-01-20 20:49:30 EDCD8B8D670B791BA2804F6FD2920291 424 -c--a-w- C:\Users\Inge Helsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-01-20 20:49:23 415FC9732A3F4D89A0E01251CD66E136 646 -c--a-w- C:\Users\Inge Helsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-7c85513a 2015-01-20 20:49:31 34FA8033B50A3F99D3AB8209C72C0ABA 6860 -c--a-w- C:\Users\Inge Helsen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-30ac8ce5 ====== C:\windows\system32 ===== 2015-01-20 20:48:56 742BD1F196FEFC94A6379BA039D3CD00 96680 -c--a-w- C:\windows\System32\WindowsAccessBridge.dll 2015-01-16 08:08:58 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\windows\System32\ntkrnlpa.exe 2015-01-16 08:08:55 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\windows\System32\ntoskrnl.exe 2015-01-16 08:08:48 306EB846F88E58C7E763946DE95952E3 46592 ----a-w- C:\windows\System32\TSWbPrxy.exe 2015-01-16 08:08:45 FD9692A3D31E021207D3C2A9DDDC2BE3 164864 ----a-w- C:\windows\System32\profsvc.dll 2015-01-16 08:08:41 F115C5CD29E512F18BD7138A094B77E5 242688 ----a-w- C:\windows\System32\nlasvc.dll ====== C:\windows\system32\drivers ===== 2015-01-16 08:08:36 03F899F521D2AAED1C55008F734DF252 116224 ----a-w- C:\windows\System32\drivers\mrxdav.sys 2015-01-03 15:27:40 7FE680A3DFA421C4A8E4879AE4C5AAB0 74752 ----a-w- C:\windows\System32\drivers\tdx.sys 2015-01-03 15:26:30 3583A5A8CC2E682BFFBD4630D0FEC08B 730048 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys 2015-01-03 15:26:30 0EC652D17AB4607745FB4E6958E8FAB6 219072 ----a-w- C:\windows\System32\drivers\dxgmms1.sys 2015-01-03 15:11:53 DEE7EDA5AAA96C4C68A1F098F5145799 187840 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS 2015-01-03 15:11:53 5579DD18546999F5D0EC39D018726C6B 1294272 ----a-w- C:\windows\System32\drivers\tcpip.sys 2015-01-03 15:11:49 D0B388DA1D111A34366E04EB4A5DD156 338944 ----a-w- C:\windows\System32\drivers\afd.sys 2015-01-03 15:10:40 CD9214A6AE17D188D17C3CF8CB9CC693 184320 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2015-01-03 15:10:38 6C5139E4283249518F7743D7043775B3 31232 ----a-w- C:\windows\System32\drivers\tssecsrv.sys 2015-01-03 15:08:59 1E1845606C5A4579F7F3D95796CC1ED1 136632 ----a-w- C:\windows\System32\drivers\ksecpkg.sys 2014-12-24 17:05:12 03AADC899B3A56FF42B3169818F5D50C 2184704 -c--a-w- C:\windows\System32\drivers\athr.sys ====== C:\windows\Tasks ====== 2014-12-25 20:46:02 8F4A01D836239351E3546167B89E83E2 4072 -c--a-w- C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002UA 2014-12-25 20:46:02 8307266F7E4246052C2F1804DBB4E5C2 1090 -c--a-w- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002UA.job 2014-12-25 20:46:00 3A68AF47BE5BED1FDB1D8DD2BCF774CB 3676 -c--a-w- C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002Core 2014-12-25 20:45:59 1B3D40759163D263345699852CF341A6 1038 -c--a-w- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002Core.job 2014-12-22 15:07:14 97FDA0BB333637CCA5DACE478505496A 3058 -c--a-w- C:\windows\system32\Tasks\{F4F7C1F8-7EB0-4C73-8915-50B7D6C3F8E7} ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2015-01-20 20:49:03 -------- dc----w- C:\Program Files\Common Files\Java 2015-01-17 13:41:59 -------- dc----w- C:\Program Files\HD Tune 2014-12-24 17:05:03 -------- dc----w- C:\Program Files\Cisco 2014-12-24 17:05:03 -------- dc----w- C:\Program Files\Atheros 2014-12-22 22:45:55 -------- dc----w- C:\Program Files\trend micro 2014-12-22 20:08:26 -------- dc----w- C:\Program Files\DriverTuner ======= C: ===== ====== C:\Users\Inge Helsen\AppData\Roaming ====== 2015-01-14 22:11:50 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Users\Gast\AppData\Local\{B5096A3B-0A67-4076-83D3-E16674FF88B0} 2015-01-14 22:11:49 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Users\Gast\AppData\Local\{D80675CD-2571-43B3-9693-0033B5D70294} 2015-01-14 17:10:58 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Users\Gast\AppData\Local\{C7FB33B4-9387-446B-A99E-A8DF6822BE57} 2015-01-14 17:10:58 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Users\Gast\AppData\Local\{04E4519F-5622-4658-AE7D-F3271E7EEC45} 2015-01-03 21:03:50 497DE59B1A75D2E8EFDB298828FEC46C 5632 -c--a-w- C:\Users\Inge Helsen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-03 20:51:40 -------- dcsh--w- C:\Users\Inge Helsen\AppData\Local\EmieBrowserModeList 2015-01-03 20:50:59 -------- dcsh--w- C:\Users\Inge Helsen\AppData\Locallow\EmieBrowserModeList 2014-12-25 20:45:42 -------- dc----w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-12-24 20:57:27 -------- dc----w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-12-24 20:43:28 -------- dc----w- C:\Users\Inge Helsen\AppData\Roaming\Dropbox 2014-12-24 17:46:17 -------- dc----w- C:\Users\Gast\AppData\Roaming\Genie-soft 2014-12-24 17:46:00 -------- dc----w- C:\Users\Gast\AppData\Local\Google ====== C:\Users\Inge Helsen ====== 2015-01-20 20:48:19 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-20 20:34:00 92F975B07E65EF3AE67D89A016FDAACC 638888 -c--a-w- C:\Users\Inge Helsen\Downloads\JavaSetup8u25.com 2015-01-20 08:11:00 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 -c--a-w- C:\Users\Inge Helsen\Desktop\RSIT.exe 2015-01-17 13:41:59 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2015-01-17 13:40:52 088812A121E0A9CEB40CE9C808C8A90C 642632 -c--a-w- C:\Users\Inge Helsen\Downloads\hdtune_255.exe 2015-01-14 21:13:25 2D57A236F64156EF89F2C5E0EC68775B 61024 -c--a-w- C:\Users\Inge Helsen\Desktop\BlueScreenView.exe 2015-01-14 17:23:32 4CB6460D8471E3BDFFC2BB1DBA790B04 206432 -c--a-w- C:\Users\Inge Helsen\Desktop\WinCrashReport.exe 2015-01-03 01:29:01 -------- dc----r- C:\Users\Inge Helsen\Google Drive 2015-01-03 01:25:04 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-12-25 20:44:43 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-12-24 21:00:15 -------- dc----r- C:\Users\Inge Helsen\Dropbox 2014-12-24 15:28:05 -------- dc----r- C:\Users\Inge Helsen\Pictures 2014-12-22 20:08:27 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner 2014-12-22 18:30:43 -------- dc----w- C:\ProgramData\Dell 2014-12-22 18:01:39 -------- dc----w- C:\ProgramData\DriverSleuth 2014-12-22 18:00:31 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Sleuth ====== C: exe-files == 2015-01-20 20:48:20 75D477E868CA51EC1B09D730570F322B 0 -c--a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-01-20 20:48:20 691D49FB44EDE9788288CABE4F7E0DAF 0 -c--a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-01-20 20:48:19 AA3520FB0133A56BEE1DB34D74DBEF64 0 -c--a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-01-20 20:48:12 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\pack200.exe 2015-01-20 20:48:12 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmid.exe 2015-01-20 20:48:12 BB8C890E3E6372F2720709262BD42BF4 30632 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\jabswitch.exe 2015-01-20 20:48:12 B719E0F43166037DF46B5CFBE60A5118 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\jjs.exe 2015-01-20 20:48:12 AA3520FB0133A56BEE1DB34D74DBEF64 176552 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\java.exe 2015-01-20 20:48:12 A458E2535E46151690E53E2A03FAA711 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\keytool.exe 2015-01-20 20:48:12 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\kinit.exe 2015-01-20 20:48:12 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\orbd.exe 2015-01-20 20:48:12 75EE99C7F0038C746D82C76221ECA4EF 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\policytool.exe 2015-01-20 20:48:12 75D477E868CA51EC1B09D730570F322B 176552 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe 2015-01-20 20:48:12 74713E9C1B01B152DDD3A1A3519A3647 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\java-rmi.exe 2015-01-20 20:48:12 70E67429D2C011FD0419AF899A8D0D70 68520 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe 2015-01-20 20:48:12 691D49FB44EDE9788288CABE4F7E0DAF 272296 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe 2015-01-20 20:48:12 67F763B09F4BC8689E6FA9761E068D74 159656 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\unpack200.exe 2015-01-20 20:48:12 57E1F756FAA787623DFCD2C1B2AACC68 51112 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\ssvagent.exe 2015-01-20 20:48:12 4367C05B0CF5553E71B34F51003D0615 76200 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\jp2launcher.exe 2015-01-20 20:48:12 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\klist.exe 2015-01-20 20:48:12 33D2AF53E209DA3E2BA939EB89801DC0 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\rmiregistry.exe 2015-01-20 20:48:12 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\servertool.exe 2015-01-20 20:48:12 28FC00F89631B0F6E1E9CA386FADD566 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\tnameserv.exe 2015-01-20 20:48:12 26C7F32186B1F0364CD06EA69227A79D 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_25\bin\ktab.exe 2015-01-20 08:12:10 9A2347903D6EDB84C10F288BC0578C1C 388608 -c--a-w- C:\Program Files\trend micro\Inge Helsen.exe 2015-01-20 08:11:00 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 -c--a-w- C:\Users\Inge Helsen\Desktop\RSIT.exe 2015-01-18 23:18:54 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Windows\Temp\GUR78E.exe 2015-01-18 21:18:29 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Windows\Temp\GUR1C17.exe 2015-01-18 21:14:06 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Windows\Temp\GUR405.exe 2015-01-17 13:41:59 F8FC2D14DF813CC920A39B3CB7E59CBC 401408 -c--a-w- C:\Program Files\HD Tune\HDTune.exe 2015-01-17 13:41:59 CEFC20D14D9940D53505E9B9769139E7 682266 -c--a-w- C:\Program Files\HD Tune\unins000.exe 2015-01-17 13:40:52 088812A121E0A9CEB40CE9C808C8A90C 642632 -c--a-w- C:\Users\Inge Helsen\Downloads\hdtune_255.exe 2015-01-17 12:51:49 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Windows\Temp\GUR6306.exe 2015-01-16 08:09:22 BA7DC0C9141BE7292CA7E744B6F19F26 897104 -c--a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.99\39.0.2171.99_39.0.2171.95_chrome_updater.exe 2015-01-16 08:08:58 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-01-16 08:08:55 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-01-16 08:08:48 306EB846F88E58C7E763946DE95952E3 46592 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2015-01-15 19:48:16 6CE8C433F3E62D455BECF4D8EDC493E4 47781 -c--a-w- C:\Users\Inge Helsen\Desktop\BlueScreenView\uninst.exe 2015-01-15 19:48:16 2D57A236F64156EF89F2C5E0EC68775B 61024 -c--a-w- C:\Users\Inge Helsen\Desktop\BlueScreenView\BlueScreenView.exe 2015-01-14 21:13:25 2D57A236F64156EF89F2C5E0EC68775B 61024 -c--a-w- C:\Users\Inge Helsen\Desktop\BlueScreenView.exe 2015-01-14 19:35:50 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Windows\Temp\GURA15D.exe 2015-01-14 19:16:06 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Windows\Temp\GURA37F.exe 2015-01-14 17:23:32 4CB6460D8471E3BDFFC2BB1DBA790B04 206432 -c--a-w- C:\Users\Inge Helsen\Desktop\WinCrashReport.exe === C: other files == 2015-01-20 20:48:12 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 -c--a-w- C:\Program Files\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2015-01-20 20:34:00 92F975B07E65EF3AE67D89A016FDAACC 638888 -c--a-w- C:\Users\Inge Helsen\Downloads\JavaSetup8u25.com 2015-01-19 22:07:25 1269BC6E05BAE9B04C5FD56950C488E5 332243 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WULCLRYB\game2[1].zip 2015-01-19 22:07:18 C1D132475BF43CBD3C527E56AA3BB77E 1397465 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RKO26B81\bootstrap[1].zip 2015-01-19 22:07:18 BA1C9736AF583F41044208B58266B41B 53102 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K8L7C6YC\preloader[1].zip 2015-01-19 22:07:18 6B258845C9A170EC729F228EFAD5F9A9 1062566 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RKO26B81\diorama2[1].zip 2015-01-19 22:07:18 3C4048DF8229C54895F8F79864E9DC38 152981 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K8L7C6YC\localization[1].zip 2015-01-19 22:07:16 2135D23001C24E49AF77648BE7C72226 142471 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3IJ8F3S1\init[1].zip 2015-01-18 23:18:54 665AA8773D894DC25E3AD27DD6E401A5 25575 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI41482\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-18 23:18:54 05775A54EE3A30373D7141EAECD4071D 1945 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI41482\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-18 21:18:31 665AA8773D894DC25E3AD27DD6E401A5 25575 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI46322\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-18 21:18:31 05775A54EE3A30373D7141EAECD4071D 1945 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI46322\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-18 21:14:07 665AA8773D894DC25E3AD27DD6E401A5 25575 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI60202\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-01-18 21:14:07 05775A54EE3A30373D7141EAECD4071D 1945 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI60202\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-16 08:08:36 03F899F521D2AAED1C55008F734DF252 116224 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2015-01-14 21:20:02 DE0983FE4B830699312D35A990B3AE1B 1945 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI31522\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-01-14 21:20:02 82F5C942549405F61A8808D0EA0FA9E2 25575 -c--a-w- C:\Users\Inge Helsen\AppData\Local\Temp\_MEI31522\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Certificate Policy Engine"="C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Templates\CertPolEng.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "MWSnap"="C:\Program Files\MWSnap\MWSnap.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "LaCie Ethernet Agent Startup"="C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe" "INGEHELSEN-HP"="C:\Users\Inge Helsen\AppData\Roaming\codec.exe" "HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "Google Update"="C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\Inge Helsen\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "SiteAdvisor"="C:\Program Files\SiteAdvisor\6173\SiteAdv.exe" "QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start" "PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" "NortonOnlineBackupReminder"="C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED" "MVS Splash"="C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe" "MFARestart"="C:\ProgramData\MFAData\pack\avgrunasx.exe /usereg" "McAfee Managed Services Tray"="C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe" "InstaLAN"="C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe startup" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "HPPowerAssistant"="C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "GBMLite8AgentLaCie"="C:\Program Files\LaCie\Genie Backup Assistant\GBMAgent.exe" "File Sanitizer"="C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" "DTRun"="c:\Program Files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" "beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Certificate Policy Engine"="C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Templates\CertPolEng.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "MWSnap"="C:\Program Files\MWSnap\MWSnap.exe" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "LaCie Ethernet Agent Startup"="C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe" "INGEHELSEN-HP"="C:\Users\Inge Helsen\AppData\Roaming\codec.exe" "HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN" "Google Update"="C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\Inge Helsen\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart" ==== Startup Folders ====================== 2014-12-24 20:57:57 1158 -c--a-w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-12-22 17:37:31 4860287 -c--a-w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inge Helsen.exe 2014-12-22 17:37:31 1266 -c--a-w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2014-12-22 17:37:31 1105 -c--a-w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk 2014-12-22 17:37:31 1125 -c--a-w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk 2014-12-22 17:37:31 1110 -c--a-w- C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk 2014-12-22 17:37:31 836 -c--a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2014-12-22 17:37:31 2069 -c--a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2014-12-22 17:37:31 1877 -c--a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a--c--- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16/01/2015 09:54] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a--c--- C:\Program Files\Google\Update\GoogleUpdate.exe [23/11/2014 08:02] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a--c--- C:\Program Files\Google\Update\GoogleUpdate.exe [23/11/2014 08:02] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002Core.job --a--c--- C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe [25/12/2014 21:45] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002UA.job --a--c--- C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe [25/12/2014 21:45] C:\windows\tasks\Norton Security Scan for Inge Helsen.job --ah-c--- C:\PROGRA1\NORTON3\Engine\3721.5\Nss.exe [] ==== Other Scheduled Tasks ====================== "C:\windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\windows\system32\tasks\4788" [wscript.exe C:\Users\INGEHE~1\AppData\Local\Temp\launchie.vbs //B] "C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002Core" [C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-617964873-667681891-3311945931-1002UA" [C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\Norton Security Scan for Inge Helsen" [C:\PROGRA~1\NORTON~3\Engine\372~1.5\Nss.exe] "C:\windows\system32\tasks\{8406B641-4AE9-411F-9B87-D5FF33386388}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.5.0.124.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\windows\system32\tasks\NCH Software\expresszipShakeIcon" [C:\Program Files\NCH Software\ExpressZip\ExpressZip.exe] "C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [19/02/2011 21:57] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [19/02/2011 21:57] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be.xpi ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.99 (Up to date, latest Stable version: 39.0.2171.99) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaaiabcopkplhgaedhbloeejhhankf - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[] ihflimipbcaljfnojhhknppphnnciiif - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\INGEHE~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[03/01/2015 02:25] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Search App By Ask v2 - Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf Google Drive - Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Facemoods - Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif Google Drive App Launcher - Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully C:\Users\Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully C:\Users\Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif deleted successfully C:\Users\Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage deleted successfully C:\Users\Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihflimipbcaljfnojhhknppphnnciiif_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {3122535E-E748-4168-8EB4-87DB7EA63DF2} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\SearchScopes\{3122535E-E748-4168-8EB4-87DB7EA63DF2} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24848C64-63A-4B65-981E-9DF4AFE125CD} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42096FD5-3FE3-4583-B8AD-3F4CBFA0676D} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83187E98-EF8-49C6-BC3D-C227E71ABD75} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84818F05-4891-4A00-AC9C-24A75DE3F60} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C53DFBF9-F3CE-46E5-AA66-4E93F0EAB731} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD5F70C9-B55E-4265-A74C-EB65DF20A16F} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E86E5954-F4EA-4F7B-99D5-ED57BE2E584E} deleted successfully HKEY_USERS\S-1-5-21-617964873-667681891-3311945931-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7E06D5D-BF98-4C02-B2B1-17705646D53} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC05100 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{11C1024F-51B9-212D-0E1D-29947B4FE819} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1500} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.2 Toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\interdescargas-FR Toolbar deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC05100 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\587E5A317915DAE4E83E6D0672E194CB deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6173\SiteAdv.exe O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe O4 - HKLM\..\Run: [MFARestart] "C:\ProgramData\MFAData\pack\avgrunasx.exe" /usereg O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GBMLite8AgentLaCie] C:\Program Files\LaCie\Genie Backup Assistant\GBMAgent.exe O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [DTRun] c:\Program Files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update O4 - HKCU\..\Run: [Certificate Policy Engine] C:\Users\Inge Helsen\AppData\Roaming\Microsoft\Windows\Templates\CertPolEng.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MWSnap] "C:\Program Files\MWSnap\MWSnap.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [LaCie Ethernet Agent Startup] "C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe" O4 - HKCU\..\Run: [INGEHELSEN-HP] C:\Users\Inge Helsen\AppData\Roaming\codec.exe O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN O4 - HKCU\..\Run: [Google Update] "C:\Users\Inge Helsen\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Inge Helsen\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Inge Helsen\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Inge Helsen.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Samsung Auto Backup Guage.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe O4 - Startup: Samsung Auto Backup Scheduler.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.37\AMVConverter\grab.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe O23 - Service: FortiClient SSL VPN (FortiSslvpnDaemon) - Fortinet Inc. - C:\windows\system32\FortiSSLVPNdaemon.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6173\SAService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system32\uArcCapture.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Inge Helsen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Inge Helsen\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Inge Helsen\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\6hbsqa21.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Inge Helsen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4153 folders=941 314768745 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp will be emptied at reboot C:\Users\Inge Helsen\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\INGEHE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Program Files\SiteAdvisor\6173" not found "C:\Users\Gast\AppData\Local\Temp\MFAData" not found ==== EOF on do 22/01/2015 at 18:06:04.64 ======================