
Zoek.exe v5.0.0.0 Updated 13-February-2015
Tool run by Glowing Starter on vr 13-02-2015 at 12:40:54,83.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Glowing Starter\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

13-2-2015 12:44:56 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\Glowing Starter\AppData\Roaming\Opera deleted successfully
C:\Users\Glowing Starter\AppData\Local\FSP deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eacd04ce-1b9a-4832-abf6-890d7309e9e0} deleted successfully
HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eacd04ce-1b9a-4832-abf6-890d7309e9e0} deleted successfully
HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1e2cc078-06db-43ee-98f3-c986053a7c0d} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{1e2cc078-06db-43ee-98f3-c986053a7c0d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e2cc078-06db-43ee-98f3-c986053a7c0d} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{31fcb79f-82c9-429c-902d-82b53f84b3a7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31fcb79f-82c9-429c-902d-82b53f84b3a7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31fcb79f-82c9-429c-902d-82b53f84b3a7} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9c5a0643-5fa2-464d-84df-622f1b94022e} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9c5a0643-5fa2-464d-84df-622f1b94022e} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c5a0643-5fa2-464d-84df-622f1b94022e} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{cf3ae231-d0ec-4f3a-87c8-969420774720} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{cf3ae231-d0ec-4f3a-87c8-969420774720} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf3ae231-d0ec-4f3a-87c8-969420774720} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ea910f09-1b55-4a9c-8044-e3e2917b88da} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ea910f09-1b55-4a9c-8044-e3e2917b88da} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ea910f09-1b55-4a9c-8044-e3e2917b88da} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{eacd04ce-1b9a-4832-abf6-890d7309e9e0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{eacd04ce-1b9a-4832-abf6-890d7309e9e0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eacd04ce-1b9a-4832-abf6-890d7309e9e0} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files\XTab\ProtectService.exe
C:\Program Files\Hotkey\PowerBiosServer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\FSP\FspUip.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\BisonCam\DeLay.exe
C:\Program Files\BisonCam\BisonHK.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Hotkey\Hotkey.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\XTab\cmdshell.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\XTab\HPNotify.exe
C:\Windows\system32\DllHost.exe
C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Glowing Starter\Downloads\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IHProtect Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IHProtect Service deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\0

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_13-02-2015_1301_.backup

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\b106xsnh.default

user.js not found
---- Lines extensions.ZX9WyW1kmZBo9q53 removed from prefs.js ----
user_pref("extensions.ZX9WyW1kmZBo9q53.epoch", "1422555316");
user_pref("extensions.ZX9WyW1kmZBo9q53.url", "http://winnerspy.eu/sync2/?q=hfZ9oehMhy8IrihEAen0rTg7qGhTB6lKDzt4ok4rtNtVh7n0rjkErjs5rdYGqTa4tMFHhd9Fqja
---- Lines extensions.wWZqVjE04JKMnla8 removed from prefs.js ----
user_pref("extensions.wWZqVjE04JKMnla8.epoch", "1422361149");
user_pref("extensions.wWZqVjE04JKMnla8.url", "http://toolkitcard.in/sync2/?q=hfZ9oeJQAchEAen0rTg7qGhTB6lKDzt4ok4rtNtVh7n0rjkErjs7rjsErdwFtMFHhd9FqjaFr
---- FireFox user.js and prefs.js backups ---- 

prefs_13-02-2015_1301_.backup

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_13-02-2015_1301_.backup

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Thunderbird\Profiles\8o93blng.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_13-02-2015_1301_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31fcb79f-82c9-429c-902d-82b53f84b3a7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c5a0643-5fa2-464d-84df-622f1b94022e}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a14f6d4f-68bb-47ae-934c-38ca0952db8d}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf3ae231-d0ec-4f3a-87c8-969420774720}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ea910f09-1b55-4a9c-8044-e3e2917b88da}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eacd04ce-1b9a-4832-abf6-890d7309e9e0}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.3DSDQ2XVF5SN2SLOIOS33XEU44\shell\open\command]
@="C:\\Users\\Glowing Starter\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\youtubeadblocker deleted
C:\Program Files\unisalEs deleted
C:\Program Files\Live Earnings Checker for Google AdSense deleted
C:\Program Files\FindBuessttDeAl deleted
C:\Program Files\JoniiCOUPon deleted
C:\Program Files\SaverExteNsiion deleted
C:\Program Files\DIggiSaver deleted
C:\Program Files\FUnnDeals deleted
C:\Program Files\XTab deleted
C:\Program Files\FInudBestDeaali deleted
C:\ProgramData\BlockIt Ad remover deleted
C:\ProgramData\DeleteAd deleted
C:\Program Files\CoUpExteNsIIon deleted
C:\Program Files\Twitch Stream deleted
C:\Program Files\NeetoCouppOn deleted
C:\Program Files\UGamesFree deleted
C:\Program Files\BeestSavEFoorYou deleted
C:\Program Files\TTAAkaeTheCoupeon deleted
C:\ProgramData\IHProtectUpDate deleted
C:\Program Files\TampaGeneration deleted
C:\ProgramData\8835740306156355594 deleted
C:\Program Files\UniSalaes deleted
C:\ProgramData\ebcbmpmcknpedfdhmkjdghnbfkpebbmm deleted
C:\Users\Glowing Starter\AppData\Roaming\appdataFr3.bin deleted
C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\b106xsnh.default\extensions\staged deleted
C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\b106xsnh.default\extensions\ygf@XgW.edu deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3005 MB
CPU Info: Celeron(R) Dual-Core CPU       T3000  @ 1.80GHz
CPU Speed: 1824,8 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output (Realtek | 
Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | JMicron PCI Express Fast Ethernet Adapter
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A  DS8A3S
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Wheel Mouse Present
Hard Disks: C:  185,5GB | D:  112,4GB
Hard Disks - Free: C:  133,4GB | D:  106,4GB
Manufacturer *: Phoenix Technologies LTD
BIOS Info: AT/AT COMPATIBLE | 10/30/09 | PTLTD  - 6040000
Time Zone: West-Europa (standaardtijd)
Motherboard *: CLEVO Co.                        W760T/M740T/M760T
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Virus: Norman Security Suite On-access scanning disabled (Outdated)
Anti-Spyware: Norman Security Suite disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome	40.0.2214.93
Internet Explorer Version: 11.0.9600.17633 
Google Chrome version: 40.0.2214.93
Adobe Reader version: 11.0.10.32
Sun Java version: 1.8.0_31 (32-bit) 
Flash Player version: 16.0.0.305
Shockwave Player version: 12.0.7r148

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\GLOWIN~1\AppData\Local\Temp ====
2015-02-13 11:36:01	057631047016A448B842B96E872B132B	43008	----a-w-	C:\Users\Glowing Starter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiwktof.dll
2015-02-11 07:37:49	FD8A58F4A5C4B2EEF93415D9C9581415	641448	----a-w-	C:\Users\Glowing Starter\AppData\Local\Temp\jre-8u31-windows-au.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2015-02-12 11:44:51	B3BC38B886CA53C92D52EF724A9F0D45	308224	----a-w-	C:\Windows\System32\scesrv.dll
2015-02-12 11:44:50	15E13FB1C22A47A128965287194D1906	2380288	----a-w-	C:\Windows\System32\win32k.sys
2015-02-12 11:44:44	F2A743912D404A8866362836CFE7A648	686080	----a-w-	C:\Windows\System32\adtschema.dll
2015-02-12 11:44:44	BF08DE8E4FA1F143D41B3241F7FCE5F6	22528	----a-w-	C:\Windows\System32\lsass.exe
2015-02-12 11:44:44	4E6934926B4C923CC0FF61C6D77814EF	50176	----a-w-	C:\Windows\System32\auditpol.exe
2015-02-12 11:44:44	4775E1A0E15BF148098C35A19135F881	1061376	----a-w-	C:\Windows\System32\lsasrv.dll
2015-02-12 11:44:43	F29BC66CE4A5507A49FB20744A056E61	22016	----a-w-	C:\Windows\System32\secur32.dll
2015-02-12 11:44:43	CEFE50761B7681715C66AE3488363985	100352	----a-w-	C:\Windows\System32\sspicli.dll
2015-02-12 11:44:43	ACF312F6CCFC9249F739BF439DD4B80C	15872	----a-w-	C:\Windows\System32\sspisrv.dll
2015-02-12 11:44:43	43791D2F736C4E9BE9FE0B33A1E92A5D	60416	----a-w-	C:\Windows\System32\msobjs.dll
2015-02-12 11:44:43	36F152AE2F64B12771A44EA77124332B	146432	----a-w-	C:\Windows\System32\msaudite.dll
2015-02-12 11:42:25	62C93E47A424A8EC79F3CF1719A2DCC6	3972544	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-02-12 11:42:24	6D227897A458DA8A9518DACDC88F1947	3917760	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-02-12 11:41:53	A208DAC2932649CFF82A6A684D8BB1F6	571904	----a-w-	C:\Windows\System32\oleaut32.dll
2015-02-12 11:41:46	B63A6FF4339C9B701A93D3973C7FB6D2	550912	----a-w-	C:\Windows\System32\kerberos.dll
2015-02-12 11:41:46	7D94A9161E8432B8521E60E064B1D737	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2015-02-12 11:41:46	7C893DBA0A58855A99DA68B751FD223B	248832	----a-w-	C:\Windows\System32\schannel.dll
2015-02-12 11:41:45	F3F6BE20A03215209B61CA85B4A83E1F	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2015-02-12 11:41:45	C256EFD3655EC782F8094E96094E8F9E	17408	----a-w-	C:\Windows\System32\credssp.dll
2015-02-12 11:41:45	A12D64A94EC57079C2D96A741CB4FF53	172032	----a-w-	C:\Windows\System32\wdigest.dll
2015-02-12 11:41:45	3BB446DE24501FEA5FDB9A9DB23A22AE	221184	----a-w-	C:\Windows\System32\ncrypt.dll
2015-02-12 11:41:21	EEA1C649DBE9628150207BC563DA77F2	482304	----a-w-	C:\Windows\System32\generaltel.dll
2015-02-12 11:41:21	48D5B4FC2235E069A444C105B65D40BD	767488	----a-w-	C:\Windows\System32\appraiser.dll
2015-02-12 11:41:20	76293EF1A6BFCCBD901107E514E48624	886784	----a-w-	C:\Windows\System32\aeinv.dll
2015-02-12 11:41:20	1C562DF669A412EF40A9871C8856AEE4	621056	----a-w-	C:\Windows\System32\invagent.dll
2015-02-12 11:41:20	048FD5432E4C2B42EE39FD9F54ED162F	325632	----a-w-	C:\Windows\System32\devinv.dll
2015-02-12 11:41:19	F57E1D225AE5C2C8F475A99BFDF018F4	1167520	----a-w-	C:\Windows\System32\aitstatic.exe
2015-02-12 11:41:16	EE0759179FC7EB0012AF1A69C8AAE185	202752	----a-w-	C:\Windows\System32\aepdu.dll
2015-02-12 11:41:16	0389CAF21A50D13A90D2699750D499B5	159744	----a-w-	C:\Windows\System32\aepic.dll
2015-02-12 11:40:59	94B1F7CE1AAA5542923E0AD63C4D0050	60416	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-12 11:40:58	B0F7BD3492C2D60A70F15AEADCE1E2A6	47616	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2015-02-12 11:40:58	71189E2787179666BDCD1374AE92BF62	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-02-12 11:40:57	E1A4D24281526DDFEA418F729CDA9DC6	30720	----a-w-	C:\Windows\System32\iernonce.dll
2015-02-12 11:40:57	C4F2424A0671907FD3AC44EBE43C3C66	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-12 11:40:57	73AFBF165241EB4502CD15107AA12CBA	684544	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-02-12 11:40:56	8E8137569741D3693F88DDF94CC38C20	1307136	----a-w-	C:\Windows\System32\urlmon.dll
2015-02-12 11:40:56	74EA6C792F57E453261DA210C1BCEB53	342712	----a-w-	C:\Windows\System32\iedkcs32.dll
2015-02-12 11:40:56	55A84600EAAF8F1D3F0E6206E2EF6D48	47104	----a-w-	C:\Windows\System32\jsproxy.dll
2015-02-12 11:40:55	28B2D3CB1B4306D476200D80AF7D87AD	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-02-12 11:40:54	FD6AF61AF029B9BC2CF4EFF57CDD5821	710144	----a-w-	C:\Windows\System32\ieapfltr.dll
2015-02-12 11:40:54	EF05E63ACC834470A07A2E73D519B5FA	418304	----a-w-	C:\Windows\System32\dxtmsft.dll
2015-02-12 11:40:54	2575170E9ACE5924716D34E7761B1F11	620032	----a-w-	C:\Windows\System32\jscript9diag.dll
2015-02-12 11:40:53	8FBC9680719ACDA9351B67D906C682F4	688640	----a-w-	C:\Windows\System32\msfeeds.dll
2015-02-12 11:40:53	47B26D89EF9973E2DD586D0C827F61A9	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2015-02-12 11:40:51	AD3F5926EC2C1F21FB45D1CDED6E2A47	2052608	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-02-12 11:40:50	6F10743069DFFC56DEE079204960844E	168960	----a-w-	C:\Windows\System32\msrating.dll
2015-02-12 11:40:50	5FB7E9786F70F4072663746072C9E6CE	62464	----a-w-	C:\Windows\System32\iesetup.dll
2015-02-12 11:40:49	44791AA90DF93DD79E63ED3A38657964	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2015-02-12 11:40:48	F285D499EC42969D963CA49EADA63218	1888256	----a-w-	C:\Windows\System32\wininet.dll
2015-02-12 11:40:46	6FA05244FD2E40A3DC08337146B3C425	285696	----a-w-	C:\Windows\System32\dxtrans.dll
2015-02-12 11:40:45	994E7459260D315573DD72783D1B78A7	478208	----a-w-	C:\Windows\System32\ieui.dll
2015-02-12 11:40:44	78A1A938D51D4F83A772123B93EE1612	12829184	----a-w-	C:\Windows\System32\ieframe.dll
2015-02-12 11:40:41	D87759889FE7BCAE4461439139E62BAA	76288	----a-w-	C:\Windows\System32\mshtmled.dll
2015-02-12 11:40:40	3B9EF1B8E154D202D32A7765E2F33554	64000	----a-w-	C:\Windows\System32\MshtmlDac.dll
2015-02-12 11:40:40	180168942E4A133C55E7BBF17DA3C142	1155072	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2015-02-12 11:40:39	9A91F9B5035F54C2D0BA92CF9B16EE34	2277888	----a-w-	C:\Windows\System32\iertutil.dll
2015-02-12 11:40:31	61C74D794C14E9FC94D93F5F0F72A3F9	19740160	----a-w-	C:\Windows\System32\mshtml.dll
2015-02-12 11:40:29	9DEE691C8FDBC2DE6957F1AE873C78FC	503296	----a-w-	C:\Windows\System32\vbscript.dll
2015-02-12 11:40:26	180C599C9D5E15475EFEF3994067D739	4300800	----a-w-	C:\Windows\System32\jscript9.dll
2015-02-12 11:39:47	0C96A745A76C7DD75C5503E86D968E49	1174528	----a-w-	C:\Windows\System32\crypt32.dll
2015-02-12 11:39:46	E365C7B3EBB96451D3C9DF6B6B6900C2	179200	----a-w-	C:\Windows\System32\wintrust.dll
2015-02-12 11:39:46	623E143F2DF17C0106A9988F5D7DC878	143872	----a-w-	C:\Windows\System32\cryptsvc.dll
2015-02-12 11:33:26	793F6658ED65839FDB2957A4884CB63C	1230336	----a-w-	C:\Windows\System32\WindowsCodecs.dll
====== C:\Windows\system32\drivers =====
2015-02-12 11:44:44	F516F1167EFBBC5ABC90687C94497869	369968	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-02-12 11:44:44	EF88BAC2B489D9C46F4E41ACF0219CD0	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-02-12 11:44:44	49D70660EE8266988C1F99A0297A1430	136640	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
2015-01-28 19:29:45	4E1DB078BD2D46BD3770662079A60479	3234	----a-w-	C:\Windows\system32\Tasks\{DCC8B0A9-616E-4E9C-B474-5AC2D28F6CB9}
2015-01-28 19:29:34	22B219E1260CE4DCBB6B35B6498FCA5F	3244	----a-w-	C:\Windows\system32\Tasks\{5B30D282-9532-47D4-9C85-0263E03FA77A}
2015-01-28 19:28:55	8E3DAC48EEFB8F7503ADF263A1751E7C	3240	----a-w-	C:\Windows\system32\Tasks\{37E3F796-3AA8-49C7-A3D4-42468BA665CC}
2015-01-26 15:21:05	205E0B5C9A18B9C83DC3C89AC46EA9F1	3220	----a-w-	C:\Windows\system32\Tasks\{310DD241-2D5A-4FB9-B4FF-169FCD5351AB}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-11 07:44:14	--------	d-----w-	C:\Program Files\Common Files\Java
2015-02-09 16:49:46	--------	d-----w-	C:\Program Files\Image Hover
2015-01-28 18:14:44	--------	d-----w-	C:\Program Files\Redirector
2015-01-27 19:14:31	79	----a-w-	C:\Program Files\prefs.js
======= C: =====
====== C:\Users\Glowing Starter\AppData\Roaming ======
2015-01-21 09:42:02	--------	d-----w-	C:\Users\Glowing Starter\AppData\Local\Mozilla
====== C:\Users\Glowing Starter ======
2015-02-12 15:37:56	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Glowing Starter\Downloads\RSIT.exe
2015-02-12 15:37:45	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Glowing Starter\Downloads\RSITx64.exe
2015-02-05 09:55:00	2802D19AB27475CA7A9A5B1BC4AE3AD8	114174	----a-w-	C:\Users\Glowing Starter\Convocaat 295e Huishoudelijke Vergadering.pdf
2015-01-28 19:27:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 15:37:27	--------	d-----w-	C:\Users\Public\Documents\Adobe PDF
2015-01-21 09:43:33	B6EE41BBC69310C9146FCF995BDCE86B	244	----a-w-	C:\Users\Glowing Starter\BullseyeCoverageError.txt

====== C: exe-files ==
2015-02-12 15:37:56	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Glowing Starter\Downloads\RSIT.exe
2015-02-12 15:37:45	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Glowing Starter\Downloads\RSITx64.exe
2015-02-12 11:44:44	BF08DE8E4FA1F143D41B3241F7FCE5F6	22528	----a-w-	C:\Windows\System32\lsass.exe
2015-02-12 11:44:44	4E6934926B4C923CC0FF61C6D77814EF	50176	----a-w-	C:\Windows\System32\auditpol.exe
2015-02-12 11:42:25	62C93E47A424A8EC79F3CF1719A2DCC6	3972544	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-02-12 11:42:24	6D227897A458DA8A9518DACDC88F1947	3917760	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-02-12 11:41:19	F57E1D225AE5C2C8F475A99BFDF018F4	1167520	----a-w-	C:\Windows\System32\aitstatic.exe
2015-02-12 11:41:18	5D239986173BC624A50270BD9892A300	63656	----a-w-	C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-02-12 11:41:17	C126ADC95027DB78B2AA17A04513D475	138912	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2015-02-12 11:41:17	4A1647BB581BABFACD0F7946BB284810	42656	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2015-02-12 11:40:58	71189E2787179666BDCD1374AE92BF62	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-02-12 11:40:57	C4F2424A0671907FD3AC44EBE43C3C66	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-12 11:40:57	73AFBF165241EB4502CD15107AA12CBA	684544	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-02-12 11:40:56	D674809F9EC7D6A409F553C0DF91E825	221184	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-02-12 11:40:55	28B2D3CB1B4306D476200D80AF7D87AD	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-02-12 11:40:51	8111C559DAD3A40200AE916874E7E62A	468992	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-02-12 11:40:49	363BC25BACB34E9D40441968B1B3D5BE	815288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-02-11 07:42:58	F9D744CD9BC58F287F8FA59D32508EDD	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\orbd.exe
2015-02-11 07:42:58	DBB5C8AE19ACFA2857CFB90C7305AC56	51112	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\ssvagent.exe
2015-02-11 07:42:58	CDB1FE0DCF2ADB755EBF65C8AEBBC871	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\servertool.exe
2015-02-11 07:42:58	8B6DF9CD28359C5E819446FD79CE3948	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-02-11 07:42:58	7479DA0BED071427A3F0017AC51CC27B	159656	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\unpack200.exe
2015-02-11 07:42:58	5F7C51E0DCA813D647F14FC12AE675F2	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\policytool.exe
2015-02-11 07:42:58	577F5DCBA4DE4C345631873670F84E79	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\tnameserv.exe
2015-02-11 07:42:58	39685FC75B6FB2144E793595F1AB111D	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\pack200.exe
2015-02-11 07:42:58	0FB2ACAC796B166F6486B593B604A3FF	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\rmid.exe
2015-02-11 07:42:57	DA34E76DE9CD93471F24E7BD43139958	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\kinit.exe
2015-02-11 07:42:57	AF82EA1498FEC5C49B8A1AE5AA0A5F6C	77224	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-02-11 07:42:57	A8884FB8246655C84F110E77DF5E1B4A	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\ktab.exe
2015-02-11 07:42:57	69BD74EE834B5629226BF89468B8020B	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\keytool.exe
2015-02-11 07:42:57	2F77C9862B1A2401278C4A5B932DA69D	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\klist.exe
2015-02-11 07:42:56	F5EA785B2BCC08DC28CBC2D96E05F2C1	68520	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe
2015-02-11 07:42:56	90C02BD6D01BBC1C620323F9E330E89C	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jjs.exe
2015-02-11 07:42:56	52C8B9FD016E6317FDB151296FF90877	272296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javaws.exe
2015-02-11 07:42:56	3E72E1AB196855916E2065C604674631	176552	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe
2015-02-11 07:42:55	DF1C8EDDAF14D2960A06A9DF7B2D0A89	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\java-rmi.exe
2015-02-11 07:42:55	B0D46640968F989830413EB88F43E0D0	176552	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\java.exe
2015-02-11 07:42:55	063A1044A451660B159426B9C5E75957	30632	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jabswitch.exe
2015-02-11 07:37:49	FD8A58F4A5C4B2EEF93415D9C9581415	641448	----a-w-	C:\Users\Glowing Starter\AppData\Local\Temp\jre-8u31-windows-au.exe
2015-02-11 01:15:08	EDFA0A841F0C5472A00488FFB7A25881	262760	----a-w-	C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
2015-02-11 01:12:28	D5D19E8325CFEA00DF53FEC724D9DA51	257696	----a-w-	C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
2015-02-11 01:12:26	B5E6433A4CBC10C019BD24452E79D054	42555824	----a-w-	C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe
=== C: other files ==
2015-02-12 11:44:50	15E13FB1C22A47A128965287194D1906	2380288	----a-w-	C:\Windows\System32\win32k.sys
2015-02-12 11:44:44	F516F1167EFBBC5ABC90687C94497869	369968	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-02-12 11:44:44	EF88BAC2B489D9C46F4E41ACF0219CD0	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-02-12 11:44:44	49D70660EE8266988C1F99A0297A1430	136640	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-02-11 07:42:59	3315140254247E248C3531F159C79109	14130	----a-w-	C:\Program Files\Java\jre1.8.0_31\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-70928346-524487458-456366203-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fspuip"="C:\Program Files\FSP\fspuip.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"DeLay"="C:\Program Files\BisonCam\DeLay.exe"
"BisonHK"="C:\Program Files\BisonCam\BisonHK.exe"
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norman ZANDA]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Norman ZANDA"
"hkey"="HKLM"
"command"="C:\\Norman\\Nvc\\BIN\\ZLH.EXE /LOAD /SPLASH"


==== Startup Folders ======================

2012-05-09 18:28:40	1171	----a-w-	C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2010-06-13 12:57:52	1276	----a-w-	C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
2010-06-01 12:53:53	835	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06-02-2015 18:17]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-12-2012 00:06]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\b106xsnh.default
user_pref("browser.startup.homepage", "http://search.gboxapp.com/");

==== Firefox Extensions ======================

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\b106xsnh.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\GLOWIN~1\AppData\Roaming\Thunderbird\Profiles\8o93blng.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Glowing Starter\AppData\Roaming\Mozilla\Firefox\Profiles\b106xsnh.default
343BA8F3ABC8CE69700F37DB4A82300F	- c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll -	Silverlight Plug-In
0806948270D853B709CCBBF38AF167E4	- C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE	- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
D2377C9458EFEB094E38B8C874AA214C	- C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll -	Google Update
6C6A2C5957AD53255B2F2EDCCD42FC76	- C:\Users\Glowing Starter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player
F0E80E561C3F715DB01ACCC97B72463A	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Photo Gallery
F3B0E300AFC94E1A775A2D935A7D384F	- C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll -	Shockwave for Director / Shockwave for Director
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
AB3546B509E4B89096078EB2081C39C7	- c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrlui.dll -	Microsoft� Silverlight


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.93 (Possible outdated, latest Stable version: 40.0.2214.111)


Google Drive - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage deleted successfully
C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.mystartsearch.com/?type=hppp&ts=1421697584&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX"
"Search Page"="http://www.mystartsearch.com/web/?type=dspp&ts=1421697584&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hppp&ts=1421697584&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX"
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=dspp&ts=1421697584&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hppp&ts=1421697584&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX"
"Start Page"="http://www.mystartsearch.com/?type=hppp&ts=1421697584&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX"
"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== shortcuts in Users Start Menu ======================

C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers\SOLDIERS.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Dll-Files Fixer.lnk - C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer\Verwijder Dll-Files Fixer.lnk - C:\Program Files\Dll-Files.com Fixer\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus Center.lnk - C:\Windows\system32\rundll32.exe "C:\ProgramData\68225e52-c3bd-4db8-ba27-7fec34636b04.dat", ugcokbfhub
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1421697539&from=wpc&uid=FUJITSUXMHZ2320BJXG2_K82BTA22643CTA22643CX
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files\Windows Live\Mail\wlmail.exe 

==== shortcuts After Repair ======================

C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers\SOLDIERS.lnk - C:\Users\Glowing Starter\AppData\Local\Google\Chrome\Application\chrome.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [DeLay] C:\Program Files\BisonCam\DeLay.exe
O4 - HKLM\..\Run: [BisonHK] C:\Program Files\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Hotkey\Hotkey.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Glowing Starter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files\Hotkey\PowerBiosServer.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Glowing Starter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Glowing Starter\AppData\Local\Mozilla\Firefox\Profiles\b106xsnh.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Glowing Starter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=124 folders=37 13801307 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Glowing Starter\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GLOWIN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 13-02-2015 at 13:09:04,92 ======================