Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Patrick on do 06/08/2015 at 22:47:58,62. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Patrick\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 6/08/2015 22:49:42 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Amazon deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Hitman Pro deleted successfully C:\PROGRA~3\Logitech deleted successfully C:\PROGRA~3\Mozilla deleted successfully C:\PROGRA~3\Skype deleted successfully C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted successfully C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted successfully C:\PROGRA~3\{B49A644A-1076-4A3D-B124-DAA7862F2318} deleted successfully C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Patrick\AppData\Roaming\BrowserCompanion deleted successfully C:\Users\Patrick\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Patrick\AppData\Roaming\Systweak deleted successfully C:\Users\Patrick\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Viviane\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Viviane\AppData\Roaming\Systweak deleted successfully C:\Users\Patrick\AppData\Local\Downloaded Installations deleted successfully C:\Users\Patrick\AppData\Local\Lollipop deleted successfully C:\Users\Patrick\AppData\Local\PackageAware deleted successfully C:\Users\Patrick\AppData\Local\Sparta deleted successfully C:\Users\Patrick\AppData\Local\StormFall deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default user.js not found ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.bbDpng", "5"); user_pref("extensions.delta.cntry", "BE"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.hdrMd5", "D6D1178E4064C25F47C542B1A74A60AC"); user_pref("extensions.delta.id", "1438f91f0000000000002225d3eda643"); user_pref("extensions.delta.instlDay", "15953"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.lastVrsnTs", "1.8.24.612:49:13"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.sg", "azb"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.24.6"); user_pref("extensions.delta.vrsnTs", "1.8.24.612:49:13"); user_pref("extensions.delta.vrsni", "1.8.24.6"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4996"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines {60984d64-3925-4636-a8c2-1b22a35f133f} removed from prefs.js ---- user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.installtime", "1413465745.462"); user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.isFirstRun", "false"); user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.lastC", "{\"sm\":392629}"); user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.server", "https://s99992.webovernet.com"); user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.src", "99992"); user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.toolbarButtonInstalled", true); user_pref("{60984d64-3925-4636-a8c2-1b22a35f133f}.user_id", "12403998345031"); user_pref("extensions.{60984d64-3925-4636-a8c2-1b22a35f133f}.install-event-fired", true); ---- Lines {e0352044-1439-48ba-99b6-b05ed1a4d2de} removed from prefs.js ---- user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.installtime", "1411557232.512"); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.is_bundle", "true"); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.isFirstRun", "false"); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.last_version", ""); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.lastC", "{\"sm\":392099}"); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.server", "https://s7921.webovernet.com"); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.src", "7921"); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.toolbarButtonInstalled", true); user_pref("{e0352044-1439-48ba-99b6-b05ed1a4d2de}.user_id", "A809DC1A-2348-4282-A173-8FA1D5DFADE9"); user_pref("extensions.{e0352044-1439-48ba-99b6-b05ed1a4d2de}.install-event-fired", true); ---- Lines nspdl removed from prefs.js ---- user_pref("extensions.nspdl.data.aliveDate", "20150204"); user_pref("extensions.nspdl.data.instlDate", "20150204"); user_pref("extensions.nspdl.general.firstRun", false); user_pref("extensions.nspdl.general.guid", "e224de47-1891-48e6-9190-a97acceb2058"); user_pref("extensions.nspdl.general.version", "9.5.1"); ---- Lines omiga removed from prefs.js ---- user_pref("browser.search.searchengine.alias", "omiga-plus"); user_pref("browser.search.searchengine.iconURL", "http://isearch.omiga-plus.com/web/favicon.ico"); user_pref("browser.search.searchengine.name", "omiga-plus"); user_pref("browser.search.searchengine.url", "http://isearch.omiga-plus.com/web/?type=dspp&ts=1423054713&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWC user_pref("browser.search.selectedEngine", "omiga-plus"); ---- Lines 5ebdca98-43b3-45bb-87e0-716029fb42ab removed from prefs.js ---- user_pref("extensions.{5ebdca98-43b3-45bb-87e0-716029fb42ab}.install-event-fired", true); ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.toolbar_ORJ-V7@apn.ask.com.install-event-fired", true); ---- Lines quick_start removed from prefs.js ---- user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- Lines defaulttab removed from prefs.js ---- user_pref("extensions.defaulttab.lastUsed", 1364226465); ---- FireFox user.js and prefs.js backups ---- prefs_20150608_2315_.backup ProfilePath: C:\Users\Patrick\AppData\Roaming\TomTom\HOME\Profiles\ke3ycmbg.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150608_2315_.backup ProfilePath: C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default ---- Lines nspdl removed from prefs.js ---- user_pref("extensions.nspdl.aflt", "fxtb103"); user_pref("extensions.nspdl.cd", "2XzuyEtN2Y1L1QzuzytD0EyC0B0AyCtAyD0F0CyB0FzytC0FtN0D0Tzu0StCtCtAtDtN1L2XzutAtFyCtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu user_pref("extensions.nspdl.cr", "854070525"); user_pref("extensions.nspdl.data.aliveDate", "20150525"); user_pref("extensions.nspdl.data.instlDate", "20150525"); user_pref("extensions.nspdl.general.firstRun", false); user_pref("extensions.nspdl.general.guid", "f1cf8767-c5f2-49ed-a349-bd7ea5c7f504"); user_pref("extensions.nspdl.general.version", "9.5.1"); ---- Lines irspeeddial removed from prefs.js ---- user_pref("extensions.irspeeddial.aflt", "fxtb103"); user_pref("extensions.irspeeddial.cd", "2XzuyEtN2Y1L1QzuzytD0EyC0B0AyCtAyD0F0CyB0FzytC0FtN0D0Tzu0StCtCtAtDtN1L2XzutAtFyCtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y user_pref("extensions.irspeeddial.cr", "854070525"); user_pref("extensions.irspeeddial.instlRef", ""); ---- Lines irspeeddial removed from user.js ---- user_pref("extensions.irspeeddial.aflt", "fxtb103"); user_pref("extensions.irspeeddial.instlRef", ""); user_pref("extensions.irspeeddial.cr", "854070525"); user_pref("extensions.irspeeddial.cd", "2XzuyEtN2Y1L1QzuzytD0EyC0B0AyCtAyD0F0CyB0FzytC0FtN0D0Tzu0StCtCtAtDtN1L2XzutAtFyCtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEyBtD0A0Fzz0BtGyDtBtByCtG0E0C0FzztGzz0BtA0EtGtC0EtAyBzyyB0EtCtCzz0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0E0E0BtBtB0CtCtGzy0B0AtBtGyEtD0E0DtG0BtBzyyCtGzytAyD0Ezy0D0B0Ezz0CtByB2Q"); ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", "http://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q="); ---- FireFox user.js and prefs.js backups ---- user_20150608_2315_.backup prefs_20150608_2315_.backup ProfilePath: C:\Users\Viviane\AppData\Roaming\TomTom\HOME\Profiles\mkv3mxav.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150608_2315_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Helper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection] C:\Users\Patrick\AppData\Roaming\Search Protection ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Amazon not found C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default\extensions\ {ab91efd4-6975-4081-8552-1b3922ed79e2} not found C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default\extensions\ {195A3098-0BD5-4e90-AE22-BA1C540AFD1E} not found C:\Program Files (x86)\Ask.com not found C:\Program Files (x86)\Registry Helper not found C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} not found C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} not found C:\PROGRA~3\{B49A644A-1076-4A3D-B124-DAA7862F2318} not found C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted C:\Users\Patrick\daemonprocess.txt deleted C:\PROGRA~2\Mobogenie deleted C:\PROGRA~2\Shareaza deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\Fighters\FighterLauncher.exe deleted C:\PROGRA~2\iLivid deleted C:\PROGRA~2\BrowserCompanion deleted C:\Users\Patrick\AppData\Roaming\WB.CFG deleted C:\Users\Patrick\AppData\Roaming\Gameo deleted C:\Users\Patrick\AppData\Roaming\GoldenGate deleted C:\Users\Patrick\AppData\Roaming\Uniblue deleted C:\Users\Patrick\AppData\Roaming\SpeedyPC Software deleted C:\Users\Patrick\AppData\Roaming\DriverCure deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\Registry Helper deleted C:\PROGRA~3\SpeedyPC Software deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\Package Cache deleted C:\Users\Patrick\AppData\Local\Ilivid Player deleted C:\Users\Patrick\AppData\Local\avgchrome deleted C:\Users\Patrick\AppData\Local\Mobogenie deleted C:\Users\Patrick\AppData\Local\cache deleted C:\Users\wangzhisong\AppData\Local\Mobogenie deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid deleted C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Public\AlexaNSISPlugin.4292.dll deleted C:\Users\Patrick\AppData\LocalLow\store-pp.jbs deleted C:\Users\Patrick\AppData\LocalLow\Delta deleted C:\Users\Patrick\AppData\LocalLow\Softonic deleted C:\Users\Viviane\AppData\LocalLow\AskToolbar deleted C:\Windows\system.tmp deleted C:\Windows\win.tmp deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\wangzhisong deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\RENB8DF.tmp deleted C:\Windows\Syswow64\RegistryHelperLM.ocx deleted C:\Windows\Syswow64\SearchProtect deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default\Invalidprefs.js deleted C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default\searchqutoolbar deleted C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default\searchqutoolbar deleted C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default\extensions\staged deleted C:\Users\Public\Desktop\iLivid Download Manager.lnk deleted C:\Users\Public\Desktop\Free YouTube Downloader.lnk deleted C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default\nspdl deleted C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default\nspdl deleted "C:\Windows\Installer\28be55.msi" deleted "C:\PROGRA~2\COMMON~1\Common Toolkit Suite\FightersOutlook.dll" deleted "C:\PROGRA~2\COMMON~1\Common Toolkit Suite\sfoltool.dll" deleted "C:\PROGRA~2\COMMON~1\Common Toolkit Suite" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-08-04 10:43:24 EEDB4F0F0B49CF6683B1B1C0A7C9EB24 4979 ----a-w- C:\Windows\diagerr.xml 2015-08-04 10:43:24 676771D49DDEFE1B3AC52E3B6F9B6872 13954 ----a-w- C:\Windows\diagwrn.xml ====== C:\Users\Patrick\AppData\Local\Temp ==== 2015-08-06 20:38:33 BCA0388139FF5F60970FB96E56BC00EB 71168 ----a-w- C:\Users\Patrick\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzsrtko.dll 2015-08-01 15:07:32 BCA0388139FF5F60970FB96E56BC00EB 71168 ----a-w- C:\Users\Viviane\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixyzya.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-08-06 20:34:46 37027850A9008DE507605036661F8D9F 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-31 22:30:04 E42BB0E02C8F6C8D1CCBFE6AB8EB199F 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-07-31 22:30:04 E3883C13DB4D19E29095C9F4BC27B755 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-07-31 22:30:04 D503616B296B869486AA84D6DB8FB6A5 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-31 22:30:04 1A04239A054D810CF32C46F2B70C47B7 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-07-31 22:30:03 E8F3572F002B556D19AC3AE4A11CAC2E 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-07-31 22:30:03 87E5B70C9F0DE7E3D620E1E3A60AA274 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-07-31 22:30:03 18465944F711AD3FDE58675C3C42FA99 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-07-31 22:30:03 019019007E6980EACAC80DE04B5D330A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-07-31 22:30:02 95C40DFE3B3CFCEBA2DF9E493945A7B5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-07-31 22:30:01 CC044CFF6018AD0368AF3A8149721407 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-07-31 22:30:01 442DB5B16073DE2E79E1912D0B77F343 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-07-31 22:30:01 2CC6836C44C84583386702468125654F 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-07-31 22:30:00 E475D4B65088F4F7FABF7D427CD3D30E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-07-31 22:30:00 81ED1F775E5DDBE990D9C3AFF507DAC2 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-07-31 22:30:00 43CF584D989A4A0EA6B5D3EBFAD260B7 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-07-31 22:30:00 0CB44ADB09C5BE7CE9D1D1F04E909067 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-07-31 22:29:57 72D524ED31A2FBA7432801361CE41FC3 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-07-31 22:29:57 63B01F72FD727D5736DBEF54174D8F93 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-07-31 22:29:57 17DFCBA042195666632C889E04913E19 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-07-31 22:29:57 0DE5FE06603CF80238EFD9D67AB45A56 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-31 22:23:37 EA6F7E1F14B89F6EE1F486DCE82D1CB1 18524336 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-31 22:20:14 BBA0C61CB01BA4351C41DC36BBEB55B4 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2015-07-31 22:20:13 D80ECB18D64AE3C2A9D8220ABEBCE40A 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2015-07-31 22:20:13 900DB967084C22C6D83D637529B77E8F 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-07-31 22:20:13 2DD3D6B44442EF17675554D0482E7BC2 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2015-07-31 22:20:13 0A6495A400140B89242268A13C807841 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2015-07-31 22:20:11 6E91F67335D57DDFFE798C815444B0E3 210432 ----a-w- C:\Windows\SysWOW64\cewmdm.dll 2015-07-31 22:20:08 E2A2B221A47271DD4176FB9B93F670E6 93184 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-07-31 22:20:08 CBC91E2E6158358E82D153D811B73C38 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-07-31 22:20:08 7F13188A9656355F664313334971DA22 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-07-31 22:20:08 1728A7831E95BCEEEA3F0D07AE6F74EE 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-07-31 22:20:08 13810657EE732C2F5453C0C877FD5DB2 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-07-31 22:18:50 143046AC227C193B5B2E0E20BC0CF1DD 312320 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2015-07-31 22:18:42 31165F9D71D3C249AB97FBAE55DE4B49 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-07-31 22:18:41 3D73FC0D0997DA1EF6F705EF9936AB20 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-07-31 22:18:39 116F506573B59B85CD0DC18527E9951A 19877376 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-07-31 22:18:38 37BC6BC6CFC38A6202B28459F7CCE4CD 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-07-31 22:18:38 05CA106A1B68770BDABB9AA7AEAE516A 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-07-31 22:18:35 AFAEB9E4269846C64DC9721B1BFA5CEC 12855296 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-07-31 22:18:34 4E4B3CAC5C62415AF5C6B0167A376EB8 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-07-31 22:18:31 8EDF7B6D3A563DAA06DD87053C734168 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-07-31 22:18:22 4548507ED3C17DB4739DBBEAF6378004 1414656 ----a-w- C:\Windows\SysWOW64\ole32.dll 2015-07-31 22:18:08 F4AFDB5ABEA0C9079E8193E24D1DB21D 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-07-31 22:18:08 33F67BBCC3C0499D3F3382473114CFA8 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-07-31 22:18:07 D864C283FFD7C080FDC25FD4C798FF8D 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2015-07-31 22:18:07 588D52C2D0E60EE71FD5A64407865B10 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-07-31 22:17:08 E344031017D52F5F1A4C759A815625CC 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-07-31 22:17:08 4466D67AC240FE1CCCB32BE743BCB488 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-07-31 22:17:07 02CD86D59807467D065F521BE81BB858 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2015-07-31 22:17:06 E97B4515FC3846CB5C6853C40E71EF28 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2015-07-31 22:17:06 CA017983095846BFCFBE9C02B40958B3 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-07-31 22:17:06 98226182583DF1715F1BE6CCEA6E8D95 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-07-31 22:17:06 393FDE87F56A8E98AC1B37ADB2181332 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-07-31 22:17:05 96741CBB4CC3638A2BCB11F93B92B738 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-07-31 22:17:05 81E207D09B2A7723A549EFB34B47C7EA 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-07-31 22:17:05 6AE6E08938D5BA9D8BA305506620B48D 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-07-31 22:17:05 2E8C9C3223E05F4B42FB89C03DD09C1D 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-07-31 22:17:05 2B4A31319D74B3D3407AB64942B7FF32 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-07-31 22:17:03 E6F375BAA4F839592627DA3E95BF3977 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-07-31 22:17:03 A41BF25E4F145E1BC00445B6421B9E11 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-07-31 22:16:59 A719B9156A6DCDBACC201D9163AFF8D1 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-07-31 22:16:03 D7C4ABB0F1FFA371928EED0C7A6E24DC 2364416 ----a-w- C:\Windows\SysWOW64\msi.dll 2015-07-31 22:16:03 7B4277F9E9F48D5D8E6AEA341F8048E8 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll 2015-07-31 22:16:01 F61A069A5517F85662ED9A6C5AD5445A 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2015-07-31 22:16:01 C08582E7F8EA706A2D4A3C7BD5AC35C1 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll 2015-07-31 22:16:00 A344B1EFA7DB86AE1407039CD596FB1E 25088 ----a-w- C:\Windows\SysWOW64\msimsg.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-08-04 11:39:43 CC13BFC44505BB2F25591DFB8A23AEEC 410160 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2015-07-31 22:30:04 A51BF63E9EA6DDED50A69797EAD23576 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-07-31 22:30:04 50AAC6B4AFD93060456134A29C35FB1E 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-07-31 22:30:03 4887D79B5CE61A00FCC5C53AA2216007 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-07-31 22:30:03 44D98BF1ED7B520602A55446E28D8840 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-07-31 22:30:03 3A46FC42EDE2021399FCD9E4A7A406F8 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-07-31 22:30:01 7EEC52D1B800230A4E8EC81B92D61118 389832 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-07-31 22:30:00 DAECFA33350D863D49157506587D5EF8 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-07-31 22:30:00 BCE51D1B0F7BC8977CDAECD24A0D4C88 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-07-31 22:30:00 80E899C111219316B94BBA72FAFF7D11 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-07-31 22:30:00 434CBA59035C4F3A02E5AB92FD6C816B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-07-31 22:29:59 BB33A140CA61A22B5882486881E2191A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-07-31 22:29:59 AF3D4DA49A9C9C9778953CE9D7470C11 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-07-31 22:29:58 58243D92748201D38AACDAEA22527412 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-07-31 22:29:57 B5164F4515C4BC4F45FBF5B3A99685C0 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-07-31 22:29:57 9B9D2B99A865CB3B9BAA9BE77A300680 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-07-31 22:29:57 142D20CA55870589B009D53C37C0B75C 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-07-31 22:29:56 4024752E6B341B07F3823B7DA72C45D2 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-07-31 22:29:55 F30702F2607AEE462A6AB8715E72FC03 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-07-31 22:29:55 796A89701B2560FF453FF08FF941A169 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-07-31 22:29:55 74F367C596EEF3106EBC65625F04C807 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-07-31 22:29:54 E066FDC3A2074D926903B8C31EF3B347 2427392 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-07-31 22:29:53 C95EE658B7816B3588418E948EF55F83 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-07-31 22:29:53 8DA3623D372E5147914973383D998980 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-07-31 22:29:53 88E26FC9F8BDE0635F379BB8FE6BFFF1 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-07-31 22:20:14 D57C03D365BC71C7A30504644515F3F8 41984 ----a-w- C:\Windows\Sysnative\lpk.dll 2015-07-31 22:20:14 08D58C21888BC2DC754F591C23709C33 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-07-31 22:20:13 37C6F4906A4B3F837780AF078A1718BA 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2015-07-31 22:20:13 2D0E2C197BA9CD67105DE5BBFBEF72A7 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-07-31 22:20:13 1C4FF36152EBDF5C10A612FC9B2E1F8A 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2015-07-31 22:20:11 60696836CAD56F1B47059E1BA739787D 254976 ----a-w- C:\Windows\Sysnative\cewmdm.dll 2015-07-31 22:20:08 3EDB01024BA86C5B4D2CB307DC5D3AC0 37376 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-07-31 22:20:07 F56E83C1EFEDEF919033CBFF071602B6 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2015-07-31 22:20:07 D79E3C2D45315ADCAA267A05355DFBF5 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-07-31 22:20:07 84CEF9B2D8ED8006B3975DC1D8109B3D 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-07-31 22:20:07 80381DD7C4797A601E59F8E001B46793 3154944 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-07-31 22:20:07 3F9239D5F65F1318A53EBAEC01C092F1 139776 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-07-31 22:20:07 2896A06239E19379CE44FAFCDB1675B1 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-07-31 22:20:07 00DCC688DF459A9FEE42C7397668C62B 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-07-31 22:20:07 00383E521D3D039968B92A0998BA76FD 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-07-31 22:20:06 BC80574FF264848F8613A3F6F7AF7642 192000 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-07-31 22:20:06 AA3E844A2595B1AA5825C70CA50D963E 2603008 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-07-31 22:18:55 C4EA3D63E8BF077ECD1E93BF6556AE99 3207168 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-07-31 22:18:50 EFFFE1C77ACCE66C82CCFD18A9687F48 404992 ----a-w- C:\Windows\Sysnative\gdi32.dll 2015-07-31 22:18:42 837BD6BB879405B416A4326C8B723D83 5923840 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-07-31 22:18:42 2A795629E0746D82A229A01EEE75FCE5 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-07-31 22:18:38 FC165889E97E37BCB55C5B79BEB3D331 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-07-31 22:18:34 78E4D3781E5632BA88E5153510BEB625 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-07-31 22:18:33 6A70888EEC05B45C8990E8977C480019 14453248 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-07-31 22:18:33 120E3CE08505A9637CAB72D35A2D2E8C 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-07-31 22:18:32 D74E2BE157B8A2A9CF29BEBB052B8A42 25193984 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-07-31 22:18:31 41D59904967A4033FB4497DCED7320AD 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-07-31 22:18:28 E3EB94B45A2735D4559558B5899732E8 2087424 ----a-w- C:\Windows\Sysnative\ole32.dll 2015-07-31 22:18:08 C5752F5CE47B6B00F914AE91087C0CB4 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-07-31 22:18:08 7BC3E861F7E8EB543A630090FAE779E0 188416 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-07-31 22:18:08 71187FA11F58012C188453877E16EB8B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-07-31 22:18:07 7EE0A3B9E904AF4744E4D8F00CB5CA32 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2015-07-31 22:17:09 F66102F990EE913261ED7907403718ED 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-07-31 22:17:09 A66FF313F2F8A6CBF9BB2B0CC92D5ACD 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2015-07-31 22:17:09 750C44D6F7A708F0C6618F075A0A68A7 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-07-31 22:17:07 D5844B744F7BAF826965DD634FF8DB00 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-07-31 22:17:06 E8560BC8E1B85A5A081AEF43626187B1 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2015-07-31 22:17:06 9EA6DA45B95599C27B1661C1D99307D7 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-07-31 22:17:06 09730D830B2B69B626817F4A95945308 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-07-31 22:17:05 F01A58E45BB8E28CCE6BCF272FF0F9A8 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-07-31 22:17:05 C3F6A9A41CC8591EF0370708E54DE474 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-07-31 22:17:05 C3F0594AF92FE71B13A44177FDB80784 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-07-31 22:17:05 B1D191D0EDEB86197A5FD5030B65420F 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-07-31 22:17:05 9F2CCDE3F30C224C082984B6F95D3D95 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-07-31 22:17:05 97D879A884E7CDFED51AD63348A35254 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-07-31 22:17:05 48A88348F1539CC7C8CB4E032DD79DAA 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-07-31 22:17:05 3B96392CBE54FF44BEAEB0B4BCC65487 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-07-31 22:17:03 7C26CACB82ECA09874B984B155B06AD4 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-07-31 22:17:02 55750A7588D91B102EB17E69BFF2AAF1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-07-31 22:16:59 EEB192537935BB12A998CAB8F5A07E78 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-07-31 22:16:04 D9A91A779B5059E72D7FAD2B38275EA4 3242496 ----a-w- C:\Windows\Sysnative\msi.dll 2015-07-31 22:16:04 5489E74E56C0255159C8AE2C70744458 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2015-07-31 22:16:02 81CB8D34112178CE1826C86BA5F268C3 128000 ----a-w- C:\Windows\Sysnative\msiexec.exe 2015-07-31 22:16:01 0D9514850CC3A99A6600643F2888858B 112064 ----a-w- C:\Windows\Sysnative\consent.exe 2015-07-31 22:16:00 CDAD406033C31DB34185DDAECDD35FE2 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll 2015-07-31 22:16:00 978DC0A1FBE9CC91B21B40AF66CB396A 70656 ----a-w- C:\Windows\Sysnative\appinfo.dll 2015-07-31 22:16:00 91593D4FB7D89249014564A5F3EC389B 25088 ----a-w- C:\Windows\Sysnative\msimsg.dll 2015-07-31 22:07:52 EB59F8712DC56764D88EB495AD5938B3 1085440 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-07-31 22:07:52 DA2054C50EB38C91322D4EEBCE408C5C 765440 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-07-31 22:07:52 9AFFAF544BA8FBA1ABFCCC07F6AB85B8 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-07-31 22:07:52 3CDA55D83D5C9EA09DE82C6E5233C65B 433664 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-07-31 22:07:52 3A87269A74F067EB566813619B4F0CC3 67584 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-07-31 22:07:52 0AC0A45552B403020780DC74FB3BAC95 1145856 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-07-31 22:07:51 81E937F890B2F1A410547D6EB6A79572 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-07-31 22:07:50 BE03A1A1B4DEEFDE3E58834F7584C31F 17856 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe ====== C:\Windows\Sysnative\drivers ===== 2015-08-05 06:28:01 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-08-05 06:27:25 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-08-05 06:27:25 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-08-05 06:27:25 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-07-31 22:17:08 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-07-31 22:17:07 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-07-31 22:17:07 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-07-31 22:17:06 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-07-31 22:17:06 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2015-08-06 20:39:40 5629A24D5765E1491DC7DF61A30A090F 3182 ----a-w- C:\Windows\Sysnative\Tasks\P4GIntlCtrl ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-08-04 15:08:18 -------- d-----w- C:\Program Files\trend micro 2015-08-01 18:27:22 -------- d-----w- C:\Program Files\iPod 2015-08-01 18:27:21 -------- d-----w- C:\Program Files\iTunes ======= C:\PROGRA~2 ===== 2015-08-06 20:30:34 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-08-01 18:27:22 -------- d-----w- C:\PROGRA~2\iTunes 2015-08-01 18:21:16 -------- d-----w- C:\PROGRA~2\QuickTime ======= C: ===== 2015-08-05 07:10:06 CE09FB8FFEECE5C0ADE09CA8BF0AD110 12987 ----a-w- C:\MBAM ScanLog1.txt ====== C:\Users\Patrick\AppData\Roaming ====== 2015-08-04 13:07:42 -------- d-----w- C:\Users\Patrick\AppData\Local\Garmin_Ltd._or_its_subsid 2015-08-04 11:53:56 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid 2015-08-04 08:23:52 6BD8F9DED2F6C41FB38B960FA4526EB9 109296 ----a-w- C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-01 17:04:56 -------- d-----w- C:\Users\Viviane\AppData\Local\GWX 2015-08-01 15:07:15 -------- d-----w- C:\Users\Viviane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-01 14:50:33 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Patrick ====== 2015-08-06 20:29:19 FD5E74BFA85F82E4D6533624E43F9175 562784 ----a-w- C:\Users\Patrick\Downloads\jxpiinstall.exe 2015-08-05 06:25:36 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Patrick\Desktop\mbam-setup-2.1.8.1057.exe 2015-08-04 15:07:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Patrick\Desktop\RSITx64.exe 2015-08-04 10:16:41 61C130F9682548EABB4EF1AAA04B62F3 19648448 ----a-w- C:\Users\Patrick\Downloads\MediaCreationToolx64.exe 2015-08-01 18:28:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-08-01 18:21:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-07-31 21:44:05 FEC2F27B4177267AE6CD92D71A42FCC1 45874680 ----a-w- C:\Users\Patrick\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe ====== C: exe-files == 2015-08-06 20:42:59 C7489D70D684A305F49B8A59C2A38369 441896 ----a-w- C:\Users\Patrick\AppData\Roaming\Fighters\Tray\AutoInstall\DM.exe 2015-08-06 20:34:29 A4D1AC4078F1A819ECECC546F64907A1 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-08-06 20:34:29 9A474C07C5242EF2AE12FF6BF387F334 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-08-06 20:34:29 4E022C0940633A9538892CB26B65BD0D 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-08-06 20:34:24 F52607E7F53DA8FE1C4A3C1F11CE2AE7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\java-rmi.exe 2015-08-06 20:34:24 F3D19B026E09B8150D9FF40D537C8F2A 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\rmid.exe 2015-08-06 20:34:24 EF442149A0502661D49628A66A69F33C 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\policytool.exe 2015-08-06 20:34:24 E7ABC6445E6A2F1EDE5F8BB082ECEEA1 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jabswitch.exe 2015-08-06 20:34:24 D50189686D9D144CB4EC807652640FC0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\ktab.exe 2015-08-06 20:34:24 C4B3393396204E759E6EDFF92A9CAA50 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\tnameserv.exe 2015-08-06 20:34:24 BC66611222047778694C7650B7814978 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe 2015-08-06 20:34:24 B5AA17A9ACE57080909B9CB47CD74C39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\kinit.exe 2015-08-06 20:34:24 A4D1AC4078F1A819ECECC546F64907A1 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\java.exe 2015-08-06 20:34:24 9A474C07C5242EF2AE12FF6BF387F334 273504 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javaws.exe 2015-08-06 20:34:24 8B09EF707CE0895D5478300CC2CE90DB 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\rmiregistry.exe 2015-08-06 20:34:24 8516D08420A7AB22A9B722FAF631E320 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssvagent.exe 2015-08-06 20:34:24 76BD4372DD5C5A316F64D562C2404BF8 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\orbd.exe 2015-08-06 20:34:24 6790CB3F51E280A2A3EEAA3C5BD58EFF 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\keytool.exe 2015-08-06 20:34:24 5E1561548895218973EB5C833D96BD60 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\unpack200.exe 2015-08-06 20:34:24 56C175D9B0D7EE7D1DA92B8D8A12772A 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\servertool.exe 2015-08-06 20:34:24 547F9D4CB6FAAC8E941F1689D5555CDB 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jjs.exe 2015-08-06 20:34:24 4E022C0940633A9538892CB26B65BD0D 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javaw.exe 2015-08-06 20:34:24 46AD9258E9B6EA56AFC8723CEFDF8425 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\pack200.exe 2015-08-06 20:34:24 235015745A6A6FE26BCDA8F227C9132B 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\klist.exe 2015-08-06 20:34:24 0CFCEE90C8711D4DEAD9EC7046918A45 77920 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2launcher.exe 2015-08-06 20:29:19 FD5E74BFA85F82E4D6533624E43F9175 562784 ----a-w- C:\Users\Patrick\Downloads\jxpiinstall.exe 2015-08-06 19:17:10 1DEEF4A41F33D307E6EE2FBE8B179BE2 959568 ----a-w- C:\Program Files (x86)\Google\Update\Install\{7AE5A925-89B4-4238-9CE7-4760DE126C85}\44.0.2403.130_44.0.2403.125_chrome_updater.exe 2015-08-06 19:17:10 1DEEF4A41F33D307E6EE2FBE8B179BE2 959568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.130\44.0.2403.130_44.0.2403.125_chrome_updater.exe 2015-08-05 06:26:13 1D04AADC5043A051ABBAAF9D3DFB1142 25944 ----a-w- C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe 2015-08-05 06:25:36 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Patrick\Desktop\mbam-setup-2.1.8.1057.exe 2015-08-04 15:08:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Patrick.exe 2015-08-04 15:07:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Patrick\Desktop\RSITx64.exe 2015-08-04 11:50:59 5CF687673BD7D76DE51D25DB84C7957D 42834472 ----a-w- C:\Windows\Temp\tmpABA9.tmp.exe 2015-08-04 10:16:41 61C130F9682548EABB4EF1AAA04B62F3 19648448 ----a-w- C:\Users\Patrick\Downloads\MediaCreationToolx64.exe 2015-08-01 15:06:23 A01180B391FA520936CD8347A005AF63 48888168 ----a-w- C:\Users\Viviane\AppData\Local\Dropbox\Update\Install\{49381F07-83BD-4F4F-BE0D-5CA548421EB5}\DropboxClient_3.8.5.exe 2015-08-01 15:06:22 A01180B391FA520936CD8347A005AF63 48888168 ----a-w- C:\Users\Viviane\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.8.5\DropboxClient_3.8.5.exe 2015-08-01 15:05:46 C7489D70D684A305F49B8A59C2A38369 441896 ----a-w- C:\Users\Viviane\AppData\Roaming\Fighters\Tray\AutoInstall\DM.exe 2015-08-01 15:01:37 E5D73FB1714472B8ECD0B26C37156A1E 134512 ----atw- C:\Users\Viviane\AppData\Local\Dropbox\Update\1.3.27.33\DropboxCrashHandler.exe 2015-08-01 15:01:37 7C6D524C78A1722AD987B9E47AC1FEE2 134512 ----atw- C:\Users\Viviane\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdate.exe 2015-08-01 15:01:37 3B62C2E4CDD7C32D97D629EA73682602 80240 ----atw- C:\Users\Viviane\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateBroker.exe 2015-08-01 15:01:37 35D2CC93B8E0EF14ACB24F147D84CC9F 80752 ----atw- C:\Users\Viviane\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe 2015-08-01 15:00:57 2B89A29376E89407454389C4CE063FD6 659312 ----a-w- C:\Users\Viviane\AppData\Local\Dropbox\Update\Download\{D8968FF2-E0B1-4A13-A3E2-C9F2995F3BC6}\1.3.27.33\DropboxUpdateSetup_1.3.27.33.exe 2015-08-01 14:48:19 A01180B391FA520936CD8347A005AF63 48888168 ----a-w- C:\Users\Patrick\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.8.5\DropboxClient_3.8.5.exe 2015-08-01 14:47:36 AB9990DB80EA3DAC0EAE50C906EF7ECA 1693024 ----a-w- C:\Users\Patrick\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe 2015-08-01 01:58:33 93863BFC8FBDFE732A4AC18D19FF906E 42944592 ----a-w- C:\Program Files (x86)\Google\Update\Install\{69478689-8A8E-4613-A2F9-50305ACC123A}\44.0.2403.125_chrome_installer.exe 2015-07-31 22:30:04 50AAC6B4AFD93060456134A29C35FB1E 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-07-31 22:30:03 8EA2ED812E996D95DE37CD2CE3158C2C 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2015-07-31 22:30:03 44D98BF1ED7B520602A55446E28D8840 720384 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-07-31 22:30:01 C899B9E60D663BE24B35EFBC29192A7C 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2015-07-31 22:30:00 E475D4B65088F4F7FABF7D427CD3D30E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-07-31 22:30:00 A7B6589F92C9CB498CDBA42EBEB23EE4 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-07-31 22:30:00 80E899C111219316B94BBA72FAFF7D11 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-07-31 22:29:57 D295049B06D31020A88B170445123D33 814280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-07-31 22:29:57 142D20CA55870589B009D53C37C0B75C 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-07-31 22:23:37 EA6F7E1F14B89F6EE1F486DCE82D1CB1 18524336 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-31 22:20:08 3EDB01024BA86C5B4D2CB307DC5D3AC0 37376 ----a-w- C:\Windows\System32\wuapp.exe 2015-07-31 22:20:08 13810657EE732C2F5453C0C877FD5DB2 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-07-31 22:20:07 3F9239D5F65F1318A53EBAEC01C092F1 139776 ----a-w- C:\Windows\System32\wuauclt.exe 2015-07-31 22:18:38 26492D0AE6279B60A3801EDBE3CB794C 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2015-07-31 22:18:34 3698C298719803F6502612D651A852B2 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2015-07-31 22:17:05 F01A58E45BB8E28CCE6BCF272FF0F9A8 64000 ----a-w- C:\Windows\System32\auditpol.exe 2015-07-31 22:17:05 97D879A884E7CDFED51AD63348A35254 31232 ----a-w- C:\Windows\System32\lsass.exe 2015-07-31 22:17:05 2B4A31319D74B3D3407AB64942B7FF32 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-07-31 22:16:02 81CB8D34112178CE1826C86BA5F268C3 128000 ----a-w- C:\Windows\System32\msiexec.exe 2015-07-31 22:16:01 F61A069A5517F85662ED9A6C5AD5445A 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2015-07-31 22:16:01 0D9514850CC3A99A6600643F2888858B 112064 ----a-w- C:\Windows\System32\consent.exe 2015-07-31 22:07:50 BE03A1A1B4DEEFDE3E58834F7584C31F 17856 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2015-07-31 21:44:05 FEC2F27B4177267AE6CD92D71A42FCC1 45874680 ----a-w- C:\Users\Patrick\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe 2015-07-31 21:04:23 B3DBD6A2286BA43018F58349E51EC8B1 691712 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe 2015-07-31 21:04:23 7B375C10CACC2FEBEC978D023ADBAB9C 513024 ----a-w- C:\Windows\System32\GWX\GWX.exe 2015-07-31 21:04:23 621FC2FCBB852684C1F1106E28CCC84F 438784 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe 2015-07-31 21:04:23 6008147E0BDAC5C23A0A314E96783F72 413696 ----a-w- C:\Windows\System32\GWX\GWXUX.exe 2015-07-31 21:04:23 1608E63BD26C74BEBB31BCAFDFC96BD6 343040 ----a-w- C:\Windows\System32\GWX\GWXDetector.exe 2015-07-31 21:04:23 0A31B851379818A8ECF1F7643FFA3F5A 382768 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe 2015-07-31 21:03:00 77A9E4EDF1164A1B8BF0BCC5A594AA98 9309264 ----a-w- C:\Program Files (x86)\Google\Update\Install\{9ADB0D5B-A558-4E73-9649-03DBE0AFC147}\44.0.2403.125_43.0.2357.130_chrome_updater.exe 2015-07-31 20:53:10 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe 2015-07-31 20:53:10 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe 2015-07-31 20:53:10 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe 2015-07-31 20:53:09 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe 2015-07-31 20:52:46 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe 2015-07-31 20:52:46 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe 2015-07-31 20:52:45 E5D73FB1714472B8ECD0B26C37156A1E 134512 ----atw- C:\Users\Patrick\AppData\Local\Dropbox\Update\1.3.27.33\DropboxCrashHandler.exe 2015-07-31 20:52:45 7C6D524C78A1722AD987B9E47AC1FEE2 134512 ----atw- C:\Users\Patrick\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdate.exe 2015-07-31 20:52:45 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe 2015-07-31 20:52:45 3B62C2E4CDD7C32D97D629EA73682602 80240 ----atw- C:\Users\Patrick\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateBroker.exe 2015-07-31 20:52:45 35D2CC93B8E0EF14ACB24F147D84CC9F 80752 ----atw- C:\Users\Patrick\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe 2015-07-31 20:52:41 2B89A29376E89407454389C4CE063FD6 659312 ----a-w- C:\Users\Patrick\AppData\Local\Dropbox\Update\Download\{D8968FF2-E0B1-4A13-A3E2-C9F2995F3BC6}\1.3.27.33\DropboxUpdateSetup_1.3.27.33.exe 2015-07-31 20:51:52 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe 2015-07-31 20:51:44 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{140BAF95-7782-43EB-B4C1-4EB1AE415295}\GoogleUpdateSetup.exe === C: other files == 2015-08-06 20:34:24 5F7B14A65C88D4AEB0E3DF49C6A0941F 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\lib\deploy\ffjcext.zip 2015-08-05 06:28:01 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-08-05 06:27:25 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-08-05 06:27:25 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-08-05 06:27:25 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-08-04 13:55:02 F47892C3F5FAE4A36A09D3ED676A2A38 28361927 ----a-w- C:\Users\Patrick\AppData\Local\ElevatedDiagnostics\2560293460\2015080413.000\DataStoreAndWULogFiles.zip 2015-07-31 22:18:55 C4EA3D63E8BF077ECD1E93BF6556AE99 3207168 ----a-w- C:\Windows\System32\win32k.sys 2015-07-31 22:17:08 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2015-07-31 22:17:07 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2015-07-31 22:17:07 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2015-07-31 22:17:06 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-07-31 22:17:06 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3691458910-388010877-1701134427-1001\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "Uniblue RegistryBooster 2"="d:\d\data\registrybooster 2\StartRegistryBooster.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "Dropbox Update"="C:\Users\Patrick\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "uTorrent"="C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3691458910-388010877-1701134427-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "cmsc"="c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun" "CommonToolkitTray"="C:\Program Files (x86)\Fighters\Tray\FightersTray.exe" "sfagent"="C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "Uniblue RegistryBooster 2"="d:\d\data\registrybooster 2\StartRegistryBooster.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "Dropbox Update"="C:\Users\Patrick\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "uTorrent"="C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyPoi Monitor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MyPoi Monitor" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\MyPoiWorld Shared\\MyPoiMonitor\\MyPoiMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Shareaza] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Shareaza" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Shareaza\\Shareaza.exe\" -tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spyware Doctor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spyware Doctor" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Patrick\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Patrick^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Patrick\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Patrick\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TuneUp.UtilitiesSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UxTuneUp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Startup Folders ====================== 2013-12-10 09:34:41 1149 ----a-w- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-07-23 18:32:06 1149 ----a-w- C:\Users\Viviane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-03-09 19:50:58 2617 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk 2013-05-28 15:24:10 1157 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk 2012-03-09 19:49:34 2855 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [01/08/2015 00:24] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1001Core.job --a------ C:\Users\Patrick\AppData\Local\Dropbox\Update\DropboxUpdate.exe [22/06/2015 15:35] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1001UA.job --a------ C:\Users\Patrick\AppData\Local\Dropbox\Update\DropboxUpdate.exe [22/06/2015 15:35] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1003Core.job --a------ C:\Users\Viviane\AppData\Local\Dropbox\Update\DropboxUpdate.exe [22/06/2015 21:22] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1003UA.job --a------ C:\Users\Viviane\AppData\Local\Dropbox\Update\DropboxUpdate.exe [22/06/2015 21:22] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:i6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/10/2014 17:18] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1001Core" [C:\Users\Patrick\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1001UA" [C:\Users\Patrick\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1003Core" [C:\Users\Viviane\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3691458910-388010877-1701134427-1003UA" [C:\Users\Viviane\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\P4G\IntlCtrl.exe] "C:\Windows\SysNative\tasks\Run RoboForm TaskBar Icon" [C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe] "C:\Windows\SysNative\tasks\Trojan Remover" ["C:\Program Files\Loaris\Trojan Remover\ltr.exe"] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default user_pref("browser.startup.homepage", "http://www.google.be/"); user_pref("browser.search.defaulturl", "https://www.google.com/search"); user_pref("browser.search.defaultengine", "Google"); user_pref("keyword.URL", "https://www.google.com/search"); ProfilePath: C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default user_pref("browser.startup.homepage", "www.google.be"); user_pref("browser.search.defaultengine", "Ask Search"); user_pref("browser.search.selectedEngine", "Ask Search"); user_pref("extensions.APN_TB.first-previous-keyword-url", ""); user_pref("extensions.ORJ-V7.my-keyword-url", "\"\""); user_pref("extensions.ORJ-V7.previous-keyword-url", "\"\""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07/05/2015 20:01] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default - Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - HP Detect - %ProfilePath%\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Patrick\AppData\Roaming\TomTom\HOME\Profiles\ke3ycmbg.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ProfilePath: C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi ProfilePath: C:\Users\Viviane\AppData\Roaming\TomTom\HOME\Profiles\mkv3mxav.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\b1emgt5m.default FD82108FD60B63010325D9AF6F00AF99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Patrick\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Patrick\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.125 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/04/2015 10:16] Avast Online Security - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs - Viviane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Select City - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Google Wallet - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Viviane\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "urls_to_restore_on_startup": [ "http://www.google.com" ] C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "urls_to_restore_on_startup": [ "http://www.google.com" ] ==== Chromium Fix ====================== C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Use Search Asst"="yes" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Use Search Asst"="no" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== shortcuts on Users Desktops ====================== C:\Users\Patrick\Desktop\Dropbox.lnk - C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Patrick\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\Patrick\Desktop\Glary Registry Repair.lnk - C:\Program Files (x86)\Glary Registry Repair\regrepair.exe C:\Users\Patrick\Desktop\Kopie van Verhouding verbruik_opbrengst.lnk - D:\F\Lokale schijf\Zonnepanelen\Kopie van Verhouding verbruik_opbrengst.xlsx C:\Users\Patrick\Desktop\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Patrick\Desktop\µTorrent.lnk - C:\Users\Viviane\Desktop\Dropbox.lnk - C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Viviane\Desktop\FLV Player.lnk - C:\Users\Viviane\FLVPlayer\FLVPlayer.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AI Recovery Burner.lnk - C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_7817BF1044A6ADA617FF1F.exe C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\My_Vault.exe C:\Users\Public\Desktop\ASUS MultiFrame.lnk - C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Public\Desktop\Clean Master.lnk - C:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe -src:2 C:\Users\Public\Desktop\ControlDeck.lnk - C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_55577E72C3A83ECC7DA96E.exe C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe C:\Users\Public\Desktop\Free Audio Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe C:\Users\Public\Desktop\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\express.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\ImageBrowser EX.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\Users\Public\Desktop\MyPoi Manager.lnk - C:\Program Files (x86)\MyPoi Manager\MyPoiManager.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\SmartLogon Manager.lnk - C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe C:\Users\Public\Desktop\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe C:\Users\Public\Desktop\Sunny Explorer.lnk - C:\Program Files (x86)\SMA\Sunny Explorer\SunnyExplorer.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup C:\Users\Viviane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Viviane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\System32\fsquirt.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Office 2010 XAdES XL signature configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoffice2010_XAdES_XL.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Outlook registry configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoutlooksnc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Aanpassen.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\uninstall.exe Change C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Deïnstalleren.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Instellingen.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\spamcfg.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Koop SPAMfighter Pro.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\spamcfg.exe /F:GotoURL=BuyNow C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Repareren.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\uninstall.exe Reinstall C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\SPAMfighter.lnk - C:\Program Files (x86)\Fighters\FighterLauncher.exe SFPRO C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Crash Dumps.lnk - C:\Users\Patrick\AppData\Roaming\Fighters\SPAMfighter\Dumps C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Logbestanden.lnk - C:\Users\Patrick\AppData\Roaming\Fighters\SPAMfighter\Logs C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Verzamel logbestanden.lnk - C:\Program Files (x86)\Fighters\LogFilesCollector.exe /product:SFPRO C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Vraag Ondersteuning aan.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\spamcfg.exe /F:Support C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Veelgestelde vragen en Licentieovereenkomst\Licentieovereenkomst.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\Documents\EULA.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Veelgestelde vragen en Licentieovereenkomst\Veelgestelde Vragen.lnk - C:\Program Files (x86)\Fighters\SPAMfighter\spamcfg.exe /F:GotoURL:FAQ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\express.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Agenda.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe calendar C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactgegevens.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe contacts C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-mail.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe mail C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Herinneringen.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe reminders C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-foto's.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe keynote C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notities.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe notes C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe numbers C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe pages C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zoek mijn iPhone.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe find C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{627FFC10-CE0A-497F-BA2B-208CAC638010}\RichText.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deïnstalleren.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{627FFC10-CE0A-497F-BA2B-208CAC638010}\QTPlayer.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Registry Repair.lnk - C:\Program Files (x86)\Glary Registry Repair\regrepair.exe C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Clean Master.lnk - C:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe -src:3 C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc&ts=1423054656&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Viviane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Patrick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Viviane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Viviane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Viviane\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Viviane\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Patrick\AppData\Local\Mozilla\Firefox\Profiles\b1emgt5m.default\cache2 emptied successfully C:\Users\Viviane\AppData\Local\Mozilla\Firefox\Profiles\r1w6rh3w.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Viviane\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=694 folders=218 298927082 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Patrick\AppData\Local\Temp will be emptied at reboot C:\Users\Viviane\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Patrick\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\COMMON~1\Common Toolkit Suite" not found ==== EOF on vr 07/08/2015 at 9:22:28,60 ======================