Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Fam van Dalen on wo 03-06-2015 at 10:55:50,37. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Fam van Dalen\Downloads\zoek (1) (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 3-6-2015 10:59:42 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\BearShare Applications deleted successfully C:\PROGRA~2\Fotoservice deleted successfully C:\PROGRA~2\oTweak deleted successfully C:\PROGRA~2\Philips deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\Users\Fam van Dalen\AppData\Roaming\PerformerSoft deleted successfully C:\Users\Fam van Dalen\AppData\Roaming\Systweak deleted successfully C:\Users\Fam van Dalen\AppData\Roaming\TP deleted successfully C:\Users\Fam van Dalen\AppData\Local\PackageAware deleted successfully C:\Users\Fam van Dalen\AppData\Local\Unity deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33FEDAC6-3D1F-466E-A0AA-A838C4296EAC} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3A3537DB-1E86-4FB5-83F8-304F5FFDF180} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8040829d-1177-46e2-9157-8282438b79c7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3A3537DB-1E86-4FB5-83F8-304F5FFDF180} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A3537DB-1E86-4FB5-83F8-304F5FFDF180} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{8040829d-1177-46e2-9157-8282438b79c7} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Installed Programs ====================== Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Acrobat.com Adobe AIR Adobe Flash Player 17 ActiveX Adobe Reader X (10.1.12) - Nederlands Adobe Shockwave Player 11.5 Agatha Christie - Death on the Nile ATI Catalyst Install Manager AVG 2015 Bejeweled 2 Deluxe Blackhawk Striker 2 Broadcom 802.11 Wireless LAN Adapter BrowserCompanion Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chuzzle Deluxe Claro Chrome Toolbar Claro LTD toolbar CyberLink DVD Suite CyberLink YouCam D3DX10 Dora's Carnival Adventure Dropbox Energy Star Digital Logo Escape Rosecliff Island ESU for Microsoft Windows 7 FATE Final Drive Nitro GinyasBrowserCompanion Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HP Advisor HP Customer Experience Enhancements HP Documentation HP Game Console HP Games HP Power Manager HP Quick Launch HP Setup HP Software Framework HP Support Assistant HP Wireless Assistant Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Java 8 Update 45 Java 8 Update 45 (64-bit) Java Auto Updater Java(TM) 6 Update 39 Jewel Quest - Heritage Junk Mail filter update KPN Assistent KPN Installatie Assistent LabelPrint LightScribe System Software Magic Desktop Mesh Runtime Messenger Companion Messenger Plus 6 Messenger Plus Community Smartbar Messenger Plus for Skype Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Default Manager Microsoft Office 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Starter 2010 - Nederlands Microsoft Security Client NL-NL Language Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MixiDJ Toolbar More Games from HP Games MSVCRT MSVCRT_amd64 MyWebFace Toolbar Norton Online Backup Penguins PhotoNow Plants vs. Zombies Poker Superstars III PokerStars.eu Polar Bowler Polar Golfer Power2Go PowerDirector PricePeep for Internet Explorer PX Profile Update Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Recovery Manager RtVOsd Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3023224) Security Update for Microsoft .NET Framework 4.5.1 (KB3035490) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Synaptics Pointing Device Driver Verzoek of wijziging voorlopige aanslag 2013 Verzoek of wijziging voorlopige aanslag 2014 Virtual Villagers - The Secret City Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma Deluxe ==== Running Processes ====================== C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Yuna Software\Messenger Plus for Skype\MsgPlusForSkypeService.exe C:\PROGRA~2\MYWEBF~2\bar\1.bin\5abarsvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Tor\tor.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Users\Fam van Dalen\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Fam van Dalen\AppData\Roaming\BrowserCompanion\tbhcn.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Fam van Dalen\Downloads\zoek (1) (1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebFace_5aService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MyWebFace_5aService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MsgPlusService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MsgPlusService deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default ---- Lines mixidj removed from prefs.js ---- user_pref("extensions.mixidj.admin", false); user_pref("extensions.mixidj.aflt", "babsst"); user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}"); user_pref("extensions.mixidj.autoRvrt", "false"); user_pref("extensions.mixidj.dfltLng", "en"); user_pref("extensions.mixidj.excTlbr", false); user_pref("extensions.mixidj.ffxUnstlRst", false); user_pref("extensions.mixidj.id", "1e469387000000000000c0cb3867592d"); user_pref("extensions.mixidj.instlDay", "15849"); user_pref("extensions.mixidj.instlRef", "sst"); user_pref("extensions.mixidj.newTab", false); user_pref("extensions.mixidj.prdct", "mixidj"); user_pref("extensions.mixidj.prtnrId", "mixidj"); user_pref("extensions.mixidj.rvrt", "false"); user_pref("extensions.mixidj.smplGrp", "none"); user_pref("extensions.mixidj.tlbrId", "base"); user_pref("extensions.mixidj.tlbrSrchUrl", ""); user_pref("extensions.mixidj.vrsn", "1.8.18.8"); user_pref("extensions.mixidj.vrsnTs", "1.8.18.812:35:41"); user_pref("extensions.mixidj.vrsni", "1.8.18.8"); user_pref("extensions.xpiState", "{\"app-profile\":{\"5affxtbr@MyWebFace_5a.com\":{\"d\":\"C:\\\\Users\\\\Fam van Dalen\\\\AppData\\\\Roaming\\\\Mozil ---- Lines mixidj removed from user.js ---- user_pref("extensions.mixidj.tlbrSrchUrl", ""); user_pref("extensions.mixidj.id", "1e469387000000000000c0cb3867592d"); user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}"); user_pref("extensions.mixidj.instlDay", "15849"); user_pref("extensions.mixidj.vrsn", "1.8.18.8"); user_pref("extensions.mixidj.vrsni", "1.8.18.8"); user_pref("extensions.mixidj.vrsnTs", "1.8.18.812:35:41"); user_pref("extensions.mixidj.prtnrId", "mixidj"); user_pref("extensions.mixidj.prdct", "mixidj"); user_pref("extensions.mixidj.aflt", "babsst"); user_pref("extensions.mixidj.smplGrp", "none"); user_pref("extensions.mixidj.tlbrId", "base"); user_pref("extensions.mixidj.instlRef", "sst"); user_pref("extensions.mixidj.dfltLng", "en"); user_pref("extensions.mixidj.excTlbr", false); user_pref("extensions.mixidj.ffxUnstlRst", false); user_pref("extensions.mixidj.admin", false); user_pref("extensions.mixidj.autoRvrt", "false"); user_pref("extensions.mixidj.rvrt", "false"); user_pref("extensions.mixidj.newTab", false); ---- Lines claro removed from prefs.js ---- user_pref("extensions.claro.admin", false); user_pref("extensions.claro.aflt", "babsst"); user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}"); user_pref("extensions.claro.dfltLng", "en"); user_pref("extensions.claro.excTlbr", false); user_pref("extensions.claro.id", "1e469387000000000000c0cb3867592d"); user_pref("extensions.claro.instlDay", "15687"); user_pref("extensions.claro.instlRef", "sst"); user_pref("extensions.claro.prdct", "claro"); user_pref("extensions.claro.prtnrId", "claro"); user_pref("extensions.claro.tlbrId", "claro"); user_pref("extensions.claro.tlbrSrchUrl", ""); user_pref("extensions.claro.vrsn", "1.8.3.10"); user_pref("extensions.claro.vrsni", "1.8.3.10"); user_pref("extensions.claro_i.smplGrp", "none"); user_pref("extensions.claro_i.vrsnTs", "1.8.3.1023:36:04"); ---- Lines claro removed from user.js ---- user_pref("extensions.claro.tlbrSrchUrl", ""); user_pref("extensions.claro.id", "1e469387000000000000c0cb3867592d"); user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}"); user_pref("extensions.claro.instlDay", "15687"); user_pref("extensions.claro.vrsn", "1.8.3.10"); user_pref("extensions.claro.vrsni", "1.8.3.10"); user_pref("extensions.claro_i.vrsnTs", "1.8.3.1023:36:04"); user_pref("extensions.claro.prtnrId", "claro"); user_pref("extensions.claro.prdct", "claro"); user_pref("extensions.claro.aflt", "babsst"); user_pref("extensions.claro_i.smplGrp", "none"); user_pref("extensions.claro.tlbrId", "claro"); user_pref("extensions.claro.instlRef", "sst"); user_pref("extensions.claro.dfltLng", "en"); user_pref("extensions.claro.excTlbr", false); user_pref("extensions.claro.admin", false); ---- Lines ask.com removed from prefs.js ---- user_pref("browser.startup.homepage", "http://www.search.ask.com/?l=dis&o=APN10756&gct=hp&apn_ptnrs=^AUM&apn_dtid=^zzz030^YY^NL&p2=^AUM^zzz030^YY^NL&t ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", "http://www.plusnetwork.com/?sp=addr&q="); ---- Lines helperbar removed from prefs.js ---- user_pref("extensions.helperbar.DockingPositionDown", false); user_pref("extensions.helperbar.SmartbarDisabled", false); user_pref("extensions.helperbar.SmartbarStateMinimaized", false); ---- Lines blabbers modified from prefs.js ---- user_pref("extensions.enabledAddons", "bbrs_002%40blabbers.com:1.0.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1"); ---- Lines smartbar removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private ---- FireFox user.js and prefs.js backups ---- user_03-06-2015_1119_.backup prefs_03-06-2015_1119_.backup ProfilePath: C:\Users\FAMVAN~1\AppData\Roaming\Philips-Songbird\Profiles\qk605rks.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_03-06-2015_1119_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlusForSkypeService] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebFace Search Scope Monitor] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebFace_5a Browser Plugin Loader] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "bProtectTabs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14d02517-c8be-4735-a344-3c8366c77aa0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1df253a-9e7a-480d-b6a5-7a435b520dbb}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlusForSkypeService] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebFace Search Scope Monitor] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebFace_5a Browser Plugin Loader] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\BearShare Applications not found C:\PROGRA~2\Fotoservice not found C:\PROGRA~2\oTweak not found C:\PROGRA~2\Philips not found C:\Users\Fam van Dalen\AppData\Roaming\mixidj deleted C:\Program Files (x86)\MyWebFace_5a deleted C:\Program Files (x86)\Claro LTD deleted C:\Program Files (x86)\BrowserCompanion deleted C:\Program Files (x86)\PricePeep deleted C:\Program Files (x86)\mixidj deleted C:\ProgramData\GinyasBrowserCompanion deleted C:\Program Files (x86)\Yuna Software deleted C:\ProgramData\Avg_Update_0215pit deleted C:\windows\SysNative\Tasks\GinyasBrowserCompanion FireFox Watcher deleted C:\windows\SysNative\Tasks\GinyasBrowserCompanion Chrome Watcher deleted C:\windows\SysNative\Tasks\GinyasBrowserCompanion Stats Report deleted C:\windows\SysNative\Tasks\GinyasBrowserCompanion Update Checker deleted C:\PROGRA~3\{F0489EF2-D393-4114-85BA-A94D71D89543} deleted C:\Users\Fam van Dalen\AppData\Roaming\GinyasBrowserCompanion deleted C:\Users\Fam van Dalen\AppData\Roaming\Babylon deleted C:\Users\Fam van Dalen\AppData\Roaming\Claro deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\BitGuard deleted C:\PROGRA~3\IBUpdaterService deleted C:\Users\Fam van Dalen\AppData\Local\onlysearch deleted C:\Users\Fam van Dalen\AppData\Local\avgchrome deleted C:\Users\Fam van Dalen\AppData\Local\Smartbar deleted C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\bprotector web data deleted C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted C:\Users\Fam van Dalen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\Installer\{069B290F-5398-4629-A009-85B4BCB4B1B9} deleted C:\Users\Fam van Dalen\AppData\LocalLow\Smartbar deleted C:\Users\Fam van Dalen\AppData\LocalLow\mixidj deleted C:\Users\Fam van Dalen\AppData\LocalLow\Claro LTD deleted C:\Users\Fam van Dalen\AppData\LocalLow\bbrs_002.tb deleted C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job deleted C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job deleted C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job deleted C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job deleted C:\windows\SysNative\tasks\RunAsStdUser Task deleted C:\windows\SysNative\tasks\BitGuard deleted C:\END deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\sho100D.tmp deleted C:\Windows\Syswow64\sho2D7D.tmp deleted C:\Windows\Syswow64\sho37C1.tmp deleted C:\Windows\Syswow64\sho3A33.tmp deleted C:\Windows\Syswow64\sho3E29.tmp deleted C:\Windows\Syswow64\sho4141.tmp deleted C:\Windows\Syswow64\sho42D6.tmp deleted C:\Windows\Syswow64\sho4865.tmp deleted C:\Windows\Syswow64\sho4F87.tmp deleted C:\Windows\Syswow64\sho5360.tmp deleted C:\Windows\Syswow64\shoA1C7.tmp deleted C:\Windows\Syswow64\shoB4B2.tmp deleted C:\Windows\Syswow64\shoB886.tmp deleted C:\Windows\Syswow64\shoC818.tmp deleted C:\Windows\Syswow64\shoE1A7.tmp deleted C:\Windows\Syswow64\shoE5DE.tmp deleted C:\Windows\Syswow64\shoEDCD.tmp deleted C:\Windows\Syswow64\shoF38F.tmp deleted C:\Windows\Syswow64\shoF6BF.tmp deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\BrowserProtect.xml deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\babylon.xml deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\ask-search.xml deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\askcom.xml deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\bProtector_extensions.sqlite deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\bProtector_prefs.js deleted C:\Users\Fam van Dalen\Desktop\Search The Web.lnk deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\extensions\5affxtbr@MyWebFace_5a.com deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\extensions\ffxtlbr@mixidj.com deleted C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\extensions\bbrs_002@blabbers.com deleted "C:\Users\Fam van Dalen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk" deleted "C:\Windows\Installer\29bf3e3.msi" deleted "C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\mixidj.xml" deleted "C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\mixidj.xml" deleted "C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\searchplugins\mixidj.xml" deleted "C:\Users\Fam van Dalen\AppData\Roaming\StPrsSW\stprss.exe" deleted "C:\Users\Fam van Dalen\AppData\Roaming\Wdtimes\wdtimes.exe" deleted "C:\Users\Fam van Dalen\AppData\Roaming\BrowserCompanion\tbhcn.exe" deleted "C:\Users\Fam van Dalen\AppData\Roaming\BrowserCompanion\tbhcn.exe" deleted "C:\Users\Fam van Dalen\AppData\Roaming\StPrsSW" deleted "C:\Users\Fam van Dalen\AppData\Roaming\Wdtimes" deleted "C:\Users\Fam van Dalen\AppData\Roaming\BrowserCompanion" deleted "C:\Users\Fam van Dalen\AppData\Roaming\BrowserCompanion" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 2934 MB CPU Info: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz CPU Speed: 2261,2 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | ATI Mobility Radeon HD 5470 | ATI Mobility Radeon HD 5470 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 4313 (802.11b/g/n) CD / DVD Drives: 1x (E: | ) E: hp CDDVDW TS-L633R Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 448,3GB | D: 17,1GB | Q: 0,0MB Hard Disks - Free: C: 382,8GB | D: 2,5GB | Q: 0,0MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 11/09/11 | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 143A Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus 2015 disabled (Outdated) Default Browser: Google Chrome 43.0.2357.81 Internet Explorer Version: 11.0.9600.17801 Google Chrome version: 43.0.2357.81 Adobe Reader version: 10.1.12.15 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) Shockwave Player version: 11.5.7r609 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\FAMVAN~1\AppData\Local\Temp ==== 2015-06-03 08:47:57 A5F112E7F21C41138EDF313F31527E55 1104832 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\{84AEEC6A-A3FA-4163-971A-B097134E0980}\Setup.exe 2015-06-03 08:47:57 93812FDC01AA864195816CD814445F95 241984 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\{84AEEC6A-A3FA-4163-971A-B097134E0980}\sqmapi.dll 2015-06-03 08:47:57 8C0873EE3BFF42DEA72CA59D2C1AC265 186688 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\{84AEEC6A-A3FA-4163-971A-B097134E0980}\EppManifest.dll 2015-06-03 08:47:57 04A0E77CA5DB30EACCFC81551CFD50C7 8864 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\{84AEEC6A-A3FA-4163-971A-B097134E0980}\SetupRes.dll 2015-06-03 08:23:32 0CFC0308F76EC217C457F54DDFCB3077 43008 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmparmygo.dll 2015-06-02 08:21:49 B0F6507F8666E89DD9F192313D88EB98 389632 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\uninst1.exe 2015-06-01 10:18:01 91031D8AA16C998F06C9970F6A0B1624 201216 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\scoped_dir_4584_18212\CRX_INSTALL\CrmAdpt.dll 2015-06-01 10:18:01 5BF5A297233798EBFF057F286CC2BB49 237056 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\scoped_dir_4584_18212\CRX_INSTALL\CTB.dll 2015-05-29 20:06:29 A4D4D41FB72604E729E78F595262771D 280984 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\JavaIC.dll 2015-05-29 20:06:29 69809CDCF1F94CE88ECFF73E59CC540B 331488 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\msscct32.dll 2015-05-29 20:06:29 2FFAF93BAAD954E0896ECB44AE36B8E4 96288 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\cct.dll 2015-05-21 19:20:48 24E97FFC4DEEF0B3034C54B8B12D1591 69632 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\hbkv3tpd.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-05-29 20:13:25 E99049F129B1DE728BE33BA4AF1F353B 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-05-29 20:13:24 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Windows\SysWOW64\javaw.exe 2015-05-29 20:13:24 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Windows\SysWOW64\java.exe 2015-05-21 10:44:05 858EB73F68B20A2A5C66B6C000D1C0DD 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-21 07:26:22 D8D4D751AC82BF3DDB28452878267DA5 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-05-21 07:26:22 D0CA74BE380498A0111A73EB9C76CF8F 342016 ----a-w- C:\Windows\SysWOW64\certcli.dll 2015-05-21 07:26:22 2665A3D34D1C62DF303723422215B001 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-05-21 07:26:21 2F47A9303208E8812660A3396EE31477 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-05-21 07:26:20 86E23CD282F2AE7A95CB8F48A70C3188 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-05-21 07:26:20 6954B10C2CF2D99E3F138FB9BDF32547 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-05-21 07:26:20 4279AF72FD8493586422C60BFCA08E07 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-05-21 07:26:19 D7DDFF16973763EDAA28C824E0EFDDF7 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-05-21 07:26:19 280B8EA3F529A8A41AE3BF98B5272E1B 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-05-21 07:26:18 FA518D40DEE715D3399B561AE94A1E4F 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-05-21 07:26:18 F91A59FB95541E209971CCBB7F3D6AE5 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-05-21 07:26:18 A8822401C68B6080FB0C82FD667CF956 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-05-21 07:26:18 986E8181921B351C7D395DCFA1767DDC 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-05-21 07:26:18 590AF89D7836C7C019A4410BC778063C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-05-21 07:25:45 C3120D99E6DA7878A1DD2D88138AC60A 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-05-21 07:25:45 9025CA7BCD6B7956366FC90B3D6E3933 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-21 07:25:44 CFCB89C0FE8EF502A7934C0D20E5DBD6 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-05-21 07:25:43 AA2F2D55DEF98007839D0189D721D70B 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-05-21 07:25:43 6388FC82897DDDA607BBE3580D75AE15 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-05-21 07:25:42 C1A32612710492D0C3339E46EC15E333 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-05-21 07:25:42 7B4FA4B41FBDBB12C5038FCB6E6652AA 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-05-21 07:25:41 D74445161E58644309F858342F5E265C 19691008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-05-21 07:25:41 C2EB0AA5570CF8BC881B36EE55A59337 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-05-21 07:25:40 E993B5E929F46A52E9F4EB68A7855CDF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-05-21 07:25:40 28313FF0DE83EAD8F5EF1B963D9078C3 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-05-21 07:25:39 63A2E3E9C771B1D4D7D84942D6FCB661 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-05-21 07:25:39 136687227F11CE928CB05F4FD90319AC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-05-21 07:25:38 F2DB87F164BC13AB8EF90FBF5D866B65 664576 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-05-21 07:25:38 CC4974FCF9387F32A0FF87BCE093A5AD 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-05-21 07:25:38 C525258A00ECFB4CE089F54C163268C3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-05-21 07:25:38 3CE5DE0730C22A54FE783DB8A989E8BD 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-05-21 07:25:37 1BBC9CFD29A62D80FB77BB69BFF7513C 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-05-21 07:25:36 BCFA71A878903B5F92A7AFEFCCC5CA97 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-05-21 07:25:36 5AAC24BF6C4A54DA526CC6244DEBE227 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-05-21 07:25:34 0E22CD36FC3292CB812CC46CBCFD8444 12828672 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-05-21 07:25:28 1C5C5B5EF9CFDFC897D4549A2385DB3A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-21 07:25:26 6E2B4875B968324E5844F35A37A79260 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-05-21 07:25:25 CB5F450D21B9D76B7F01D006E4AEDB40 1882112 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-05-21 07:25:22 07E82A31808C8BC053D1DE547082C58F 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-05-21 07:25:21 37625FC1DAF886F1980E2D8F315B93AC 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-05-21 07:24:00 418AEC0CE89A13200F2820079B9CDFD9 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll 2015-05-21 07:23:52 C22AB1781BC6F0BB1C9B352CF66DBFFC 1250816 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-05-21 07:23:42 744AB3C1A73A57DEED49D631F1BDEA1D 2311168 ----a-w- C:\Windows\SysWOW64\wpdshext.dll 2015-05-21 07:17:11 C489D8B4D8C64F20CC75A93F541F7D91 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2015-05-21 07:17:05 D3E8C7FADB758E5D222C639CC65790AD 295936 ----a-w- C:\Windows\SysWOW64\apphelp.dll 2015-05-21 07:17:04 DCA2C6E7990771209CDD8E9DA90ED0E2 5120 ----a-w- C:\Windows\SysWOW64\shimeng.dll 2015-05-21 07:17:04 715C060150D969B0DE5DD5B365A712AF 20992 ----a-w- C:\Windows\SysWOW64\sdbinst.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-05-29 20:10:17 CD89ED65EE21D7C3A979C6F2198357A2 110688 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll 2015-05-21 10:44:06 189FB45D7442083AE8A2E4E612233EF7 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2015-05-21 07:26:23 8AD8D17425C75D2621B2CDFE0DEABD21 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-05-21 07:26:22 ED4B980701D081AC42F7B121C1E42149 460800 ----a-w- C:\Windows\Sysnative\certcli.dll 2015-05-21 07:26:22 B6478E65EB03E84A1F01EB045A87AC19 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-05-21 07:26:22 2A165B5B5F198D845CF8CFCBB564FAE5 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-05-21 07:26:21 C6430870504E2D73EAD55A863D6FB310 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-05-21 07:26:21 966A19E354FF0568847CDCEF992BFBEB 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-05-21 07:26:20 6938D6D4991BC86978034795BCE55AC8 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-05-21 07:26:20 4C3FAC816925F73A34AD52F1F7C0A7EA 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-05-21 07:26:20 43A8CFA9E1D829B4D42A063A85179A05 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-05-21 07:26:20 2B95EFD44D9AB6626DE0E28041D02EAA 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-05-21 07:26:20 119055C5ABE3DC76F8A3377FACA8EC71 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-05-21 07:26:19 95DC9317379EAD6C53D41FCE887CA621 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-05-21 07:26:19 0A69BDE8FC718F208BC4FA5BF4ADF251 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-05-21 07:26:19 0182C300EAAC66C60CA8B915F5C3439D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-05-21 07:26:18 D8B75DB69F6C0C4A48003FB19057B2CB 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-05-21 07:26:18 C39A5B69763458468AC3266B8AD752AB 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-05-21 07:26:18 3434F7DB9B6607284BAA14E7608D2D1A 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-05-21 07:25:45 9DCD15027A13195ABA68B40A5EB26691 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-05-21 07:25:44 E802824B9B4A16355A5233A7B8215ECE 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-05-21 07:25:44 70EDB996FE1BCB699232A15CB0D0FA32 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-05-21 07:25:43 5EDC6AF7589B65C89CB1154B3377D0C4 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-05-21 07:25:43 1122DD841CCB7E07EF41039CBD66A29E 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-05-21 07:25:42 6D2787CD32595A91969502A399E7BA48 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-05-21 07:25:39 ED4EB5A0CDD251A17B946C515CB94D70 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-05-21 07:25:39 D7B9EEF960F68DC18724BB5F89A464DD 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-05-21 07:25:38 010F562B961AB8CAEC7A0C72F8FDD690 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-05-21 07:25:37 2A2CDE78F9E9019AD0E4D804A02688A3 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-05-21 07:25:36 EB9FCD39D65E23380CB2C2F0E6F2ED53 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-05-21 07:25:36 E20B5098C8707B2CF0858024568234FF 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-05-21 07:25:33 F28577138120BA7E5423820D4B4C4727 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-05-21 07:25:33 49B1935F131A44CD29857D6900CB643F 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-05-21 07:25:31 F918BE3C5ACA0B6485D725CC1A5348DC 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-05-21 07:25:30 843D063E75B19188759CBEC82828BCB1 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-05-21 07:25:27 B85ECB91C88F6E74045061B7F7DDEFA2 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-05-21 07:25:25 0B4E78E6E65D1FD2CE55C93CF1EFD623 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-05-21 07:25:24 29BBA65402DD568F49C837533F269482 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-05-21 07:25:15 CA0369799519F33DDE8FD26F5D87D014 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-05-21 07:25:15 1D610F215769E4FF56C7B1847DE4B86D 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-05-21 07:25:10 E061B5A1D0F9BBACA41149201ADF4A3B 14401536 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-05-21 07:25:08 FFC30231459FC44FD73E07532C707791 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-05-21 07:25:08 1921A72BF1273BED72E569EF1F1A0611 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-05-21 07:25:06 63061A0826839DE8F5B4713976C99F1B 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-05-21 07:25:04 DC1200D3C3AC1E69A4DAD053BC26BF0D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-05-21 07:25:01 79A4C71CD8B610DE9F66B72B5654C450 6025728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-05-21 07:24:58 F0289B3A341429117696F0279DA977B6 2352128 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-05-21 07:24:58 C1D6BD834E69E8F77C8B4DDFCEE073F6 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-05-21 07:24:56 5A18ACE782C215300BE1C82D9EDC565B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-05-21 07:24:55 F2A1718334172C0F4E231E998F6CB8AB 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-05-21 07:24:48 C31D57F7A58FACDA2671075CEBA75199 24971776 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-05-21 07:24:05 71C85477DF9347FE8E7BC55768473FCA 328704 ----a-w- C:\Windows\Sysnative\services.exe 2015-05-21 07:24:00 2B36E0C5C262437E1B098344DEFA55F8 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2015-05-21 07:23:53 E612E86FA15EA1EF9A52433A2743C447 1179136 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-05-21 07:23:52 D858C33B133740D5F1F1CF71C33F6355 3204608 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-05-21 07:23:52 490505F6E53EF046EC70A353BC9CD615 1647104 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-05-21 07:23:43 E5404072A5A9E0B452ADDF1D1339176C 2543104 ----a-w- C:\Windows\Sysnative\wpdshext.dll 2015-05-21 07:17:11 C7E50B04623FC6FF54EAF88938A8936E 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe 2015-05-21 07:17:05 83BFCCAC53795E8A5055A93672D0C46C 72192 ----a-w- C:\Windows\Sysnative\aelupsvc.dll 2015-05-21 07:17:05 31D260ADAF1CCFEFC49DB9FBCE9986DA 342016 ----a-w- C:\Windows\Sysnative\apphelp.dll 2015-05-21 07:17:04 F55F287810AAF708618793764AF7D1BB 23552 ----a-w- C:\Windows\Sysnative\sdbinst.exe 2015-05-21 07:17:04 7E21D3072EB20D5400919D435D549A9B 6656 ----a-w- C:\Windows\Sysnative\shimeng.dll ====== C:\Windows\Sysnative\drivers ===== 2015-05-21 07:26:21 C93EB3A92540830168F2057ECA7DE49A 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-05-21 07:26:20 43F45C59A472993E5063F2DB2D22C509 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-05-07 11:50:22 7EC2B7BBA7A30691D2E0D8478F219B90 378336 ----a-w- C:\Windows\Sysnative\drivers\avgloga.sys 2015-05-07 11:49:24 398FEC9A9146E31E84AFB29731F4CA17 253920 ----a-w- C:\Windows\Sysnative\drivers\avgidsha.sys 2015-05-07 11:49:22 BA60ECC498585DA1A918D424D7D07A18 220128 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys 2015-05-04 12:14:30 5643C475C78072C36AE7D785E4CA7735 291296 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys ====== C:\Windows\Tasks ====== 2015-06-03 08:45:09 C7DD91D7C300F5DF57071421A4D9D9DE 3234 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForFam van Dalen 2015-06-03 08:45:06 9A51B5C48DF5240A6CDDD071FFC50BEC 364 ----a-w- C:\Windows\Tasks\HPCeeScheduleForFam van Dalen.job 2015-06-03 08:26:53 F6E59C35EF7489B2264D44DA211BEB96 3800 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-06-03 08:26:53 F0EE6C443E51F120B809638680E42AC0 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-03 08:26:53 38E73E422B52E8036A01DBDEF08546FD 4052 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-06-03 08:26:52 FE6AD9DBEFACFED57954D2B1429B3A30 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-06-02 06:43:18 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-06-01 07:09:26 -------- d-----w- C:\PROGRA~2\AVG 2015-05-29 20:10:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Fam van Dalen\AppData\Roaming ====== 2015-06-01 07:12:36 -------- d-----w- C:\Users\Fam van Dalen\AppData\Roaming\AVG2015 2015-06-01 07:12:01 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-06-01 07:11:32 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2015-06-01 07:11:30 -------- d-----w- C:\Users\Fam van Dalen\AppData\Roaming\TuneUp Software 2015-06-01 07:09:27 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2015-06-01 07:06:02 -------- d-----w- C:\Users\Fam van Dalen\AppData\Local\Avg2015 2015-05-29 20:23:42 -------- d-----w- C:\Users\Fam van Dalen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\oTweak Software 2015-05-25 06:37:59 -------- d-----w- C:\Users\Fam van Dalen\AppData\Local\Apps 2015-05-25 06:37:58 -------- d-----w- C:\Users\Fam van Dalen\AppData\Local\Deployment ====== C:\Users\Fam van Dalen ====== 2015-06-03 08:28:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-02 07:57:54 E201E1AB57839E738097A89AA828C0EC 243480 ----a-w- C:\Users\Fam van Dalen\Downloads\Firefox Setup Stub 38.0.1.exe 2015-06-02 06:42:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam van Dalen\Downloads\RSITx64 (1).exe 2015-06-02 06:42:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam van Dalen\Downloads\RSITx64.exe 2015-06-01 07:11:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-06-01 07:10:30 -------- d-----w- C:\ProgramData\AVG2015 2015-06-01 07:06:02 -------- d--h--w- C:\ProgramData\Common Files 2015-05-29 20:33:35 86675EB78CE27CC4CF83524FE039E70A 3068896 ----a-w- C:\Users\Fam van Dalen\Downloads\Setup_DriverDoc_2015.exe 2015-05-29 20:22:31 61E3CAB3FCE4B2696A9AD052FC8BF5A8 3700825 ----a-w- C:\Users\Fam van Dalen\Downloads\DriverUpdaterPro.exe ====== C: exe-files == 2015-06-03 08:47:57 A5F112E7F21C41138EDF313F31527E55 1104832 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\{84AEEC6A-A3FA-4163-971A-B097134E0980}\Setup.exe 2015-06-03 08:39:32 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe 2015-06-03 08:39:32 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe 2015-06-03 08:39:31 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe 2015-06-03 08:39:29 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe 2015-06-03 08:33:58 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe 2015-06-03 08:33:56 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe 2015-06-03 08:33:53 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe 2015-06-03 08:33:37 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe 2015-06-03 08:33:26 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{7434DF82-ED2C-4530-9350-D4647B11AF85}\GoogleUpdateSetup.exe 2015-06-03 08:33:25 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe 2015-06-03 08:27:49 B2BC5122F56A99FC7E9B170C4E61C0F3 42077776 ----a-w- C:\Program Files (x86)\Google\Update\Install\{4EFF654D-BD03-441A-88E1-90A1F3283653}\43.0.2357.81_chrome_installer.exe 2015-06-03 08:27:48 B2BC5122F56A99FC7E9B170C4E61C0F3 42077776 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.81\43.0.2357.81_chrome_installer.exe 2015-06-03 08:26:49 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2015-06-02 08:21:49 B0F6507F8666E89DD9F192313D88EB98 389632 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Temp\uninst1.exe 2015-06-02 07:57:54 E201E1AB57839E738097A89AA828C0EC 243480 ----a-w- C:\Users\Fam van Dalen\Downloads\Firefox Setup Stub 38.0.1.exe 2015-06-02 06:43:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Fam van Dalen.exe 2015-06-02 06:42:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam van Dalen\Downloads\RSITx64 (1).exe 2015-06-02 06:42:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Fam van Dalen\Downloads\RSITx64.exe 2015-06-01 10:52:19 73D8EB3819B29AB3123856BD72A2CD7D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3773947598-2971562229-1871698840-1001\$IOQ1MMK.exe 2015-06-01 07:16:05 114DEA326D9A95F27C53BFCE3040F3C2 7151856 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe 2015-06-01 07:05:38 319825634FDFF2C9CB98A180C4CF6B29 4578024 ----a-w- C:\$Recycle.Bin\S-1-5-21-3773947598-2971562229-1871698840-1001\$ROQ1MMK.exe 2015-05-30 10:11:10 3261D99D7668F036FAC182F6308C39AF 166720792 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2585JBL\msert.exe 2015-05-29 20:33:35 86675EB78CE27CC4CF83524FE039E70A 3068896 ----a-w- C:\Users\Fam van Dalen\Downloads\Setup_DriverDoc_2015.exe 2015-05-29 20:22:31 61E3CAB3FCE4B2696A9AD052FC8BF5A8 3700825 ----a-w- C:\Users\Fam van Dalen\Downloads\DriverUpdaterPro.exe 2015-05-29 20:09:24 4364856BA7C082D76DC7CFB96CED9008 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-05-29 20:09:24 233CEBD099978B64D80BABA6EBB52551 197216 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-05-29 20:09:24 15B3B33E79B40BFB1267D4BBFCB13283 66144 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-05-29 20:09:23 F1BF6E161A30EDE0B253EB006227B79C 16480 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-05-29 20:09:23 C618FCC084D3C155EE576C58EB7DDA52 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-05-29 20:09:23 3CD36026202D1FA45302EF1410AE8F5A 16480 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-05-29 20:09:22 ED62A73C5496F0F7668DE28E69AD0ADA 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-05-29 20:09:22 EB61553EF3A3AED725AB2B04EFF08A84 16480 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-05-29 20:09:22 6A791B16B176EF2111EC4582C6E053A1 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-05-29 20:09:20 BCDC6884093C91473A1CCACC048BEA39 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-05-29 20:09:20 9915DFD017E28FF3911265980D0CBA40 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-05-29 20:09:20 9859B85AA2F703FA45734BD1177E5EC3 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-05-29 20:09:20 50998563B100A85BE8E98114F4223268 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-05-29 20:09:19 4216D2D4147A8C0FB3619290C2DA5087 99424 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-05-29 20:09:18 954B636D357A239881C83294CD49BE47 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-05-29 20:09:14 F714E53B7B5BB819AE1EDDFFC7052388 76896 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-05-29 20:09:14 2E3233AC6BB04F6353B01A39B12A9BC6 319584 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-05-29 20:09:14 0D57B9F7BC18930BB316FCAE2312BC30 206944 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-05-29 20:09:13 DFA6B53E2D1462F0D3513BC931F8B2C7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-05-29 20:09:13 51303A2B65EC41C05CF9348DDB0F7D97 206432 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-05-29 20:09:13 28DA57A6644A3EC0162B3B47DD79E7ED 33888 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-05-29 20:08:13 2E3233AC6BB04F6353B01A39B12A9BC6 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-05-29 20:08:12 51303A2B65EC41C05CF9348DDB0F7D97 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-05-29 20:08:12 0D57B9F7BC18930BB316FCAE2312BC30 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-05-29 20:07:55 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe 2015-05-29 20:07:55 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe 2015-05-29 20:07:55 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe 2015-05-29 20:07:54 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe 2015-05-29 20:07:54 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe 2015-05-29 20:07:54 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-05-29 20:07:54 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe 2015-05-29 20:07:53 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe 2015-05-29 20:07:53 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe 2015-05-29 20:07:53 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe 2015-05-29 20:07:53 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe 2015-05-29 20:07:53 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe 2015-05-29 20:07:53 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe 2015-05-29 20:07:52 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-05-29 20:07:51 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe 2015-05-29 20:07:51 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe 2015-05-29 20:07:51 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe 2015-05-29 20:07:51 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe 2015-05-29 20:07:50 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe 2015-05-29 20:07:50 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe 2015-05-29 20:07:50 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe 2015-05-29 14:29:56 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe 2015-05-29 13:56:06 F6414DD3B23979312F8EBB91DE794178 11080 ------w- C:\Users\Fam van Dalen\AppData\Local\Apps\2.0\N611DDM1.74K\MC7C0RB1.KO9\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\clickonce_bootstrap.exe 2015-05-29 13:56:06 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Apps\2.0\N611DDM1.74K\MC7C0RB1.KO9\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\GoogleUpdateSetup.exe 2015-05-29 13:56:06 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\Fam van Dalen\AppData\Local\Apps\2.0\N611DDM1.74K\MC7C0RB1.KO9\clic...exe_86fd5b6b43e66935_0001.0003_none_f263691f58f224f9\GoogleUpdateSetup.exe === C: other files == 2015-06-02 08:12:46 87E1D2016400180209A218F333A0E0E8 946636 ----a-w- C:\Users\Fam van Dalen\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2015-05-29 20:09:25 EE3BDACD44A7788B264292295BE50272 14130 ----a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-05-29 20:07:57 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverUpdaterPro] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DriverUpdaterPro" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\oTweak\\DriverUpdaterPro\\DriverUpdaterPro.exe /ot /as /ss" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Easybits Recovery] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Easybits Recovery" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\EasyBits For Kids\\ezRecover.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Quick Launch] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Quick Launch" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch\\HPMSGSVC.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisorDock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPAdvisorDock" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\Dock\\HPAdvisorDock.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KPN Assistent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KPN Assistent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\KPN\\KPN Assistent\\KPN_Assistent.exe /auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightScribe Control Panel" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Microsoft Default Manager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Microsoft Default Manager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Default Manager\\DefMgr.exe\" -resume" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Online Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AERTFilters] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AxInstSV] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehRecvr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehSched] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax] ==== Startup Folders ====================== 2013-09-01 11:17:52 1165 ----a-w- C:\Users\Fam van Dalen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-04-2015 12:22] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-06-2015 10:26] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-06-2015 10:26] C:\Windows\tasks\HPCeeScheduleForFam van Dalen.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05-01-2010 03:53] C:\Windows\tasks\HPCeeScheduleForFAMVANDALEN-HP$.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForFam van Dalen" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForFAMVANDALEN-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\ShdUpdate" ["C:\Users\Fam van Dalen\AppData\Local\ShdUpdate\shupd.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{85C154F5-7E7B-49E1-9492-347FDF30A664}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Wdtimes" ["C:\Users\Fam van Dalen\AppData\Roaming\Wdtimes\wdtimes.exe"] "C:\Windows\SysNative\tasks\{71350773-A150-420A-9255-96FDBDBF65B8}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/4.2.0.166.321/nl/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default user_pref("browser.search.defaultengine", "Ask Search"); user_pref("browser.search.defaultenginename", "Ask Search"); user_pref("browser.search.selectedEngine", "Ask Search"); user_pref("extensions.APN_TB.first-previous-keyword-url", "http://www.plusnetwork.com/?sp=addr&q="); user_pref("extensions.FWV6.my-keyword-url", "\"\""); user_pref("extensions.FWV6.previous-keyword-url", "\"http://www.plusnetwork.com/?sp=addr&q=\""); user_pref("keyword.URL", "http://www.plusnetwork.com/?sp=addr&q="); ProfilePath: C:\Users\FAMVAN~1\AppData\Roaming\Philips-Songbird\Profiles\qk605rks.default user_pref("browser.search.selectedEngine", "7digital"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "5affxtbr@MyWebFace_5a.com"="C:\Program Files (x86)\MyWebFace_5a\bar\1.bin" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "ClickPotatoLite@ClickPotatoLite.com"="C:\Users\Fam van Dalen\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\firefox\extensions" [26-10-2012 22:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FAMVAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default - Undetermined - C:\Users\Fam van Dalen\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default\extensions\bbrs_002@blabbers.com - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\FAMVAN~1\AppData\Roaming\Philips-Songbird\Profiles\qk605rks.default - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\7digital@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-nl@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com - Undetermined - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com ==== Firefox Plugins ====================== Profilepath: C:\Users\Fam van Dalen\AppData\Roaming\Mozilla\Firefox\Profiles\4jy1trob.default 31DA97B4682187C6639BBE2215814FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.81 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bodddioamolcibagionmmobehnbhiakf - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[] dcillohgikpecbmgioknapdpcjofaafl - C:\Users\Fam van Dalen\AppData\Roaming\Claro\claro.crx[] kpepfkjapeclaafmhoelccknpfedainn - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions amfclgbdpgndipgoegfpkkgobahigbcl - C:\Users\Fam van Dalen\AppData\Local\Smartbar/Application\1Extension.crx[] Google Slides - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Bookmark Manager - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Google Wallet - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Preferences :52048}},"www.google.nl:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":42706}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}]}},"supports_quic":{"address":"192.168.2.4","used_quic":true},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{"https://secure.webcamsex.nl:443,*":{"last_used":1433320291.053302,"setting":1}},"media_stream_mic":{"https://secure.webcamsex.nl:443,*":{"last_used":1433320291.053275,"setting":1}},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Persoon 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13077793696096400"},"translate_blocked_languages":["nl"],"translate_whitelists":{}} :{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":137,"events":[],"exclude_from_sideload_wipeout":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13071995705611185","lastpingday":"13077788393483423","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"homepage":"http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=NL&userid=b645a8bf-24a5-41da-a5c2-5e0a33799872&sp=hp&searchtype=hp&t=a0821","pinned_tabs":[],"profile":{},"protection":{"macs":{"browser":{"show_home_button":"A294B656E221DB3EB581AFAE36BD5DC27585B65F1CAF539AA050FD0791366E61"},"default_search_provider":{"keyword":"B018A77420560F4B2F853B3A13DB81B406D5DA1FDCD3EE15DDB660AF5668C516","name":"01C194F73B792A6F85965E2CE0E1B72BAB641049E7A11E0BB998C89DCE369CA3","search_url":"D5B498A75E7C212D485540BF58900957108F3D8F0958398E00BE6C1AE163CC95"},"default_search_provider_data":{"template_url_data":"EBEF53D2BB30537252785E2336BE127086B931B2FCC566C2CA35F81B44704216"},"extensions":{"settings":{"":"EE5A62EC6E2ADD7CCB20C6FE91F52688D432F51D2E401BD2902C76ACF32695CF","aaaaojmikegpiepcfdkkjaplodkpfmlo":"3618F82814D82E995211DC4ABC4D1CEB13C92039B53986CC1BFDA003C0BF5666","aapocclcgogkmnckokdopfmhonfmgoek":"B016D91D0D21A661924F4EBF8849F6A601982D398646ECE307C27627F53FAE9C","ahfgeienlihckogmohjhadlkjgocpleb":"6EC8679342079565BCBAA001EFDC05F884503966BDA188FE53C4F2FB067F1F56","aidbbndgjnlaclnmhkdimcdjiebjpdel":"B2AE4E19D607D51051304CE3A45694A1612C8262F583520D8AA9AE8D41607879","amfclgbdpgndipgoegfpkkgobahigbcl":"3D6EDEFB5C3CA81DF4C41616B5E850F75C8D1DC3619AB29386D23E4495CE73D0","aohghmighlieiainnegkcijnfilokake":"62B292538F8F2C04732A1F0C61AFB7C5E004AE00C4B80FFBA6EEA34A03EEAFBE","apdfllckaahabafndbhieahigkjlhalf":"3C211CB738C0E515A2BE7B6101920BED1AFE070F7D47E6F436D0EEED594AB59A","bepbmhgboaologfdajaanbcjmnhjmhfn":"FAA3E51DB29338E789B5CA33EC6F35F4649A947A9046C3C3982A3272871AA71A","bfcpnihmbfoaeoakalclfalkdepgiaje":"431D41073D5C1881CA47763359E5BEE41CFE143CEC1E62BCA5FB0C3CA56E3788","blpcfgokakmgnkcojhhkbfbldkacnbeo":"F6D87FA757AA1A5ABAD2D89C11A2A51B3A096833A6D70E279BA56B659576821F","bodddioamolcibagionmmobehnbhiakf":"E7C41A0F851A71BC046EC06F8976F9F65335E851A1948FC4DF020B64865598B2","boipimhfjpakfgckhbljjengakjhkcbp":"F04A3E12DABBAD6BB9C61E8ED754BD6282EB211D4E93CEB3F34F7F504CA337B8","cfcbmgbfdbijmjgjihagbomfbjfjmgon":"5E577365849E19B330438865A4B78B12656788C1378B773C7E9ABCC116E5F8EF","coobgpohoikkiipiblmjeljniedjpjpf":"12A8E32B1679DF4E1616B1E6EC4598FE4B08584ABC38D0F5C5CD9510E4EEF405","dcillohgikpecbmgioknapdpcjofaafl":"09BF3C22E5A5AE491B7D29861CBC3C05DC7F200D1E0DC52F66455E51762C8E19","eemcgdkfndhakfknompkggombfjjjeno":"0608218121B337B69CFF370EF6BD34F49B537F5A7171E3969F54CFB72632D272","ennkphjdgehloodpbhlhldgbnhmacadg":"BFA627CDB3DC1AD71D7558700014EBA2E4D0C36C80CE60FC4A901F0C3988F52C","felcaaldnbdncclmgdcncolpebgiejap":"B374701F24A6FE673D1A4F700806692770F5F00F3A0FCEF540274443A6C7010C","gfdkimpbcpahaombhbimeihdjnejgicl":"22AE4C0354ED3F698B9F9218A0565B4F48E27D4B8705FDDE0996973D0A5B47C9","gmlllbghnfkpflemihljekbapjopfjik":"0E5FF4D3B72E53A83A0D0B71874E15BE171D04D0C1BBE9A1107DA1AF86AF9082","hgojaaaiddhmiiakpejiklijbalpckih":"774877DDC6B6D636B16BC0BD0993C36AC8C5D2BB5151E041D29816AA51B6F8C4","kmendfapggjehodndflmmgagdbamhnfd":"33D97DB57409660D5B68A125B58CFCB30D8178448CA32BBA2F78BFA9F5E3A86E","mfehgcgbbipciphmccgaenjidiccnmng":"32C0C88002C5C3574DF1ED84AE1A0A2DE4FAA92AC659652D2BD3CA7DE5F5B94A","mfffpogegjflfpflabcdkioaeobkgjik":"72E586426AAC87FF5AC7DB491BF37440695FC0D32747A638514F2EB53A325554","mgndgikekgjfcpckkfioiadnlibdjbkf":"B52C692AC6136E759D1FCF55B5CB54A22FF5C02DE83AB34411FC9BD7FE332465","mhjfbmdgcfjbbpaeojofohoefgiehjai":"BB3FA60449B3D20DFF16B38DFE8649B389DD4AB3CC06BC6403474CA530081E36","mocblcnaofikinigmceddfghppkkjbog":"978B30A1F68CB8F39001E550C2F915EEFDB5D95FD6BE5544C049CCD6CE37D377","neajdppkdcdipfabeoofebfddakdcjhd":"557C24D171352DD72B5B9ABE303A8968D4BDC7DE80B89EB602BFCB501223C833","nkeimhogjdpnpccoofpliimaahmaaome":"0DD0DAD5432DC30F0338F52D3D8397EB8B1B1B7963185CC53AC20DBA9AF383CB","nmmhkkegccagdldgiimedpiccmgmieda":"10044EAB21FEF71AE5ACEB3B6D6155985125862644F52325FD400D2950726105","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"60B09A1270B402855542974D2E887F18E93B540EB5CF4F40C903E374CF4DC8E8","pjkljhegncpnkpknbcohdijeoejaedia":"4EC48384F38BE47C2CA4552230BC8B8F45AE57943C67574B4AFAB9EFA45355BE"}},"google":{"services":{"last_username":"D5BDF056E8554008E3AD096A8AD0A9191C67D179BFB854D9935F8016E1175448","username":"360B0DADCDB33A6EE71EBBDC49FE22F3EDD6927888EE153DF20F455710AF91AD"}},"homepage":"3D891D28AE12B28115977D5714EB657AB3DF475A773B11DD8D0492F0BAF304F2","homepage_is_newtabpage":"FB79CA5B75C2A606233F8BC31FB7FA9CEF547462F8A9D97009DC57E8E0196A52","pinned_tabs":"14EC4B1106DC8396A6184E4017AF47D431BEAD17C79C73005CB0ECEF067D3DEA","prefs":{"preference_reset_time":"EF32AC7D7A839F378170793B641182BB48B3E8F32B55FB872F86B45183474D44"},"profile":{"reset_prompt_memento":"5515321C3619509709AB027635D5EF8D37BEB4273993803487E058072CBCD139"},"safebrowsing":{"incidents_sent":"DA8E0472FAC1E948C8E80622DB93BC1050D164C9430E6E8300B748BB25D3C6D7"},"search_provider_overrides":"634E15AFDBC241617A990B8AF6BA563D87A7E6D104042647C444E9AA49A4C4C7","session":{"restore_on_startup":"A5F63910EEFE911F0B163AB57BE6C56E2914CB3430751F3470B4CBF450682D2E","startup_urls":"3CB06EB970115941EF4E1B6F0775CE85E501D8751062764B5415A7BB24774D61"},"software_reporter":{"prompt_reason":"19BC905989B70F92D494F1CE6695FA7FCD8E75B891D8857F16D64D13CDC40F8B","prompt_seed":"32477A64B4809544C0CD9C463BA8F945255A3C79CF9734749F0823991222FD3D","prompt_version":"A4E39D35FBFB93E9144B493FCCA783110D63883CB8B24BF64974849AD2B3DBC6"},"sync":{"remaining_rollback_tries":"9BC23B78623D3951D01CCF529291A8B07419DD74C42B401FAA6164F011EA0D7E"}},"super_mac":"A9E18AA0E54755EE5F3F8C48BBAAB03327FDA6B7207622B6F65E8E2D6EEF893D"},"session":{"startup_urls":["https://www.google.nl/"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" "Search Page"="http://www.bing.com/search?q={searchTerms}" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=NL&userid=5cb4addd-244e-40fb-a647-4c340d37fec2&sp=addr&q={searchTerms}&t=a0806" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=NL&userid=5cb4addd-244e-40fb-a647-4c340d37fec2&sp=addr&q={searchTerms}&t=a0806" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{4327FABE-3C22-4689-8DBF-D226CF777FE9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.nl/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing Url="http://www.bing.com/search?q={searchTerms}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="https://www.google.com/search?q={searchTerms}" {9AD5C8EE-544D-4ADA-AF4D-8F04BDB588C9} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {A586237E-C1B2-476B-A3EC-9FA2B2521B1D} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" ==== Reset Google Chrome ====================== C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\ChromePreferences was reset successfully C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\web data was reset successfully C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully HKEY_USERS\S-1-5-21-3773947598-2971562229-1871698840-1001\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\5affxtbr@MyWebFace_5a.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F092B960893592640A90584BCB4B1B9B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\claro deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C267246-FA45-41D4-B1EA-9EB238C6D0FB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\642762C854AF4D141BAEE92B836C0DBF deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverUpdaterPro deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Dropbox.lnk = Fam van Dalen\AppData\Roaming\Dropbox\bin\Dropbox.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file) O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file) O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9XUIJEGU will be deleted at reboot C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5K4GQVS will be deleted at reboot C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2585JBL will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Fam van Dalen\AppData\Local\Mozilla\Firefox\Profiles\4jy1trob.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fam van Dalen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1844 folders=151 154593919 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Fam van Dalen\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\FAMVAN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9XUIJEGU" not found "C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5K4GQVS" not found "C:\Users\Fam van Dalen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2585JBL" not found ==== EOF on wo 03-06-2015 at 11:36:10,73 ======================