Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Ans on do 20/08/2015 at 16:35:41,66. Microsoft Windows 8.1 Enterprise 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ans\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 20/08/2015 16:39:34 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\Program Files\HitmanPro deleted successfully C:\Program Files\log deleted successfully C:\Users\Ans\AppData\Local\Adobe deleted successfully C:\Users\Ans\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Ans\AppData\Local\EmieSiteList deleted successfully C:\Users\Ans\AppData\Local\EmieUserList deleted successfully C:\Users\Ans\AppData\Local\VirtualStore deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\ProgramData\{31b8e475-acf6-8a7b-31b8-8e475acf91d6} deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\GroupPolicy\machine deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Users\Ans\AppData\Roaming\Mozilla\Firefox\Profiles\3ht37qql.default\searchplugins\yahoo-search.xml deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-08-12 19:27:17 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\Windows\notepad.exe ====== C:\Users\Ans\AppData\Local\Temp ==== 2015-08-19 09:35:00 451E7B15786E3BA96E88A3BB63EE27F3 3214137 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\1\xvidconverter_setup.exe 2015-08-19 09:34:11 51516D06883523649DA75A6BC7788D88 683768 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\440\Opera_NI_stable.exe 2015-08-19 09:34:03 1AC5058700AB96E39BD56F07D203B984 299000 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\420\setup.exe 2015-08-19 09:33:10 2AC7173CC62E119CF3A0EB4062DB3C9F 298992 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\297\setup.exe 2015-08-19 09:32:40 5F13DBC378792F23E598079FC1E4422B 40960 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\kLoPVvrSyZOofGUugHSsEez1.dll 2015-08-19 09:32:34 44DAC7F87BDF94D553F8D2CF073D605D 5632 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\yZvWSsXxcDUukLwXNnrSdEbC90vWFf90iJ.dll 2015-08-16 18:23:37 ED2CFB5D81114DD77461DADDE9494F95 525312 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\WimProvider.dll 2015-08-16 18:23:37 E916E9E73AB88FBDB633264433BF6796 47104 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\Wow64Provider.dll 2015-08-16 18:23:36 F60A5756F6FD898D6EB98478E510123A 92160 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\GenericProvider.dll 2015-08-16 18:23:36 C9306FC9299D07544E2517A0ACBCC56B 272384 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\UnattendProvider.dll 2015-08-16 18:23:36 C537249DA468CC2BF4E3703AE0429660 297984 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\IntlProvider.dll 2015-08-16 18:23:36 C1F079A02DB1FBFC9A50A355724EBD9A 49152 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\FolderProvider.dll 2015-08-16 18:23:36 AA5AA9C6029FB5ACAF3C13CD986AEC2A 179712 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\MsiProvider.dll 2015-08-16 18:23:36 989766D3164270DECC78A6A140E51907 595456 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\TransmogProvider.dll 2015-08-16 18:23:36 6C3E4C9BF684C1E7009FD95DE278514C 264704 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\SmiProvider.dll 2015-08-16 18:23:36 520920DB7C5BDD98B9587EB47B522AEA 132096 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\LogProvider.dll 2015-08-16 18:23:36 46E38CE7416450E7EBFAA05F611AEB08 346112 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\DmiProvider.dll 2015-08-16 18:23:36 3770ED04AC35E2FE37371750237324D2 179712 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\ImagingProvider.dll 2015-08-16 18:23:36 27D5A157F6DA34A5CC3F6EB290BF1BCC 625664 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\VhdProvider.dll 2015-08-16 18:23:36 1B90F8724440B6669E4545E81C461FBA 48128 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\IBSProvider.dll 2015-08-16 18:23:36 09C9EE628BB35FCAE67444BB40AD08D1 113152 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\OSProvider.dll 2015-08-16 18:23:35 E6B5EC6CDACC0ACB5B0BBC921C07733D 348160 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\DismCore.dll 2015-08-16 18:23:35 C6D9050B9D2A02661B6EEB73E4979BAF 152576 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\DismCorePS.dll 2015-08-16 18:23:35 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\DismHost.exe 2015-08-16 18:23:35 97A8CABA8EE387C51B3FF63CB5F0E6D2 788992 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\CbsProvider.dll 2015-08-16 18:23:35 82401E487D513178348D72E4E895D992 370176 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\AppxProvider.dll 2015-08-16 18:23:35 8074031A2163A5C5AFA33D44E09DF2BE 101376 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\AssocProvider.dll 2015-08-16 18:23:35 746E905CED59EDE465307CF27D6913A2 150528 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\CompatProvider.dll 2015-08-16 18:23:35 29AF991596FB7B4E23B71B65C2EE9D82 233472 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\DismProv.dll 2015-08-16 18:23:31 E916E9E73AB88FBDB633264433BF6796 47104 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\Wow64Provider.dll 2015-08-16 18:23:30 F60A5756F6FD898D6EB98478E510123A 92160 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\GenericProvider.dll 2015-08-16 18:23:30 ED2CFB5D81114DD77461DADDE9494F95 525312 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\WimProvider.dll 2015-08-16 18:23:30 C9306FC9299D07544E2517A0ACBCC56B 272384 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\UnattendProvider.dll 2015-08-16 18:23:30 C537249DA468CC2BF4E3703AE0429660 297984 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\IntlProvider.dll 2015-08-16 18:23:30 AA5AA9C6029FB5ACAF3C13CD986AEC2A 179712 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\MsiProvider.dll 2015-08-16 18:23:30 989766D3164270DECC78A6A140E51907 595456 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\TransmogProvider.dll 2015-08-16 18:23:30 6C3E4C9BF684C1E7009FD95DE278514C 264704 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\SmiProvider.dll 2015-08-16 18:23:30 520920DB7C5BDD98B9587EB47B522AEA 132096 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\LogProvider.dll 2015-08-16 18:23:30 3770ED04AC35E2FE37371750237324D2 179712 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\ImagingProvider.dll 2015-08-16 18:23:30 27D5A157F6DA34A5CC3F6EB290BF1BCC 625664 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\VhdProvider.dll 2015-08-16 18:23:30 1B90F8724440B6669E4545E81C461FBA 48128 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\IBSProvider.dll 2015-08-16 18:23:30 09C9EE628BB35FCAE67444BB40AD08D1 113152 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\OSProvider.dll 2015-08-16 18:23:29 C1F079A02DB1FBFC9A50A355724EBD9A 49152 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\FolderProvider.dll 2015-08-16 18:23:29 46E38CE7416450E7EBFAA05F611AEB08 346112 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\DmiProvider.dll 2015-08-16 18:23:29 29AF991596FB7B4E23B71B65C2EE9D82 233472 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\DismProv.dll 2015-08-16 18:23:28 E6B5EC6CDACC0ACB5B0BBC921C07733D 348160 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\DismCore.dll 2015-08-16 18:23:28 C6D9050B9D2A02661B6EEB73E4979BAF 152576 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\DismCorePS.dll 2015-08-16 18:23:28 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\DismHost.exe 2015-08-16 18:23:28 97A8CABA8EE387C51B3FF63CB5F0E6D2 788992 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\CbsProvider.dll 2015-08-16 18:23:28 82401E487D513178348D72E4E895D992 370176 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\AppxProvider.dll 2015-08-16 18:23:28 8074031A2163A5C5AFA33D44E09DF2BE 101376 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\AssocProvider.dll 2015-08-16 18:23:28 746E905CED59EDE465307CF27D6913A2 150528 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\CompatProvider.dll 2015-08-12 19:48:32 5CF687673BD7D76DE51D25DB84C7957D 42834472 ----a-w- C:\Users\Ans\AppData\Local\Temp\Garmin\Express\GarminExpressInstaller.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-08-20 09:04:24 A98799EBA5BAABF1AB2BAFCE488FC9F9 19871232 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-08-16 09:16:42 F51474B15B4210E93FD73CA9E52E7926 103120 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 19:28:24 703B543281B5537DEB5B8EF05D94D898 1499920 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-08-12 19:28:21 B4507FD993C3F7545A637863BE756559 124928 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 19:28:21 B06236A3C5568BA063711D6E239509B9 81920 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-08-12 19:28:21 6C02E120E119B06D31EBD96DE4740111 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-08-12 19:28:21 56EFA37771E7628216E9B35ED681384C 721920 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-08-12 19:28:07 3C74EA1EC43A694060F09B7D754446C6 12856832 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-08-12 19:28:06 AB6A3699E478DEF677D48B126B223C54 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-08-12 19:28:04 3E168B5E5FEE3D09C2D4E97861B5F4B3 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-08-12 19:28:04 0AC8CD2138FD10C4A0E2FF08F892359C 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-08-12 19:28:03 BD3E3A13423C40E8CF4BE531EE68BAF0 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-08-12 19:28:03 A37FEDFC0BC9E96AD3DFFF41D5805F04 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-08-12 19:28:02 FB1B7D2B2D500E067B96C56EE0B4DDAD 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-08-12 19:28:02 D4CE6BDB3225327B3FAF630287B6B446 1048576 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2015-08-12 19:28:02 C98AF04E9FC94DBF57B29A9891597664 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 19:28:02 728188684708FEF4F18E2CAB46C54DBB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 19:28:02 66EA3446CDAC2772CC17A23DFE0169B7 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2015-08-12 19:28:02 4D036506C8359185FC52EB49DB891743 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-08-12 19:28:02 358D91656E54B03B8FFE3CF4D535A6C8 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-08-12 19:27:54 A68963D6522B5281516B9841B6BC9919 198656 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 19:27:54 1467236922B38B4706BF2539D7BAC4B3 87040 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2015-08-12 19:27:50 ED239F7D7D98E8E21A9CFCB8DA22B91C 15159296 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-08-12 19:27:18 A153AE01A8B83739B121D8808EFF86E2 393560 ----a-w- C:\Windows\SysWOW64\netcfgx.dll 2015-08-12 19:27:17 9D12A01443D52BB25A8AD0F100F91B83 212992 ----a-w- C:\Windows\SysWOW64\notepad.exe 2015-08-12 19:27:16 7D2406D3E8DEAB81A539C8FF5FB8EAE2 1901776 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2015-08-12 19:27:15 AD560C728C33F20E9D0CF37C40DB7A23 1556992 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2015-08-12 19:27:12 8CF33E0D6E2592BBC3A471F40358E2DB 856064 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-12 19:27:12 2C961D5568DA48EA25FC663411120A04 6213120 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2015-08-12 19:27:03 6CF8627C9C84CA5E6CE8DC10CE757538 1559552 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-08-12 19:27:03 6738291C76FDD47037225BD70EE3503C 35840 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-08-12 19:27:03 1B3D01CF06111D199380C0A7FBF5B1DE 301568 ----a-w- C:\Windows\SysWOW64\atmfd.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-08-20 09:04:25 E5F2BB962F84A8F8D996FEA33F4C817B 25191936 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-08-19 13:44:03 7A9FFF88CB240E993377EB278771D48A 26330 ----a-w- C:\Windows\Sysnative\.crusader 2015-08-16 09:16:42 AFA127EEA1E9FAE862A55A1D0B7E822C 124624 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 19:28:25 C8219AC86CFE28102878B69F414F2079 7458648 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-08-12 19:28:24 7E85DB0463AD2403AE84AD162B162279 1217024 ----a-w- C:\Windows\Sysnative\sysmain.dll 2015-08-12 19:28:24 3CDAF271CFC64DB18F1B6D8BF495EB58 1735000 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-08-12 19:28:22 F3C92D851BB901EDB5C7A977EFD578A8 409088 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2015-08-12 19:28:22 BB6F53F80AA1789815963C16E303A973 3704320 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-08-12 19:28:22 7CFB5C243562FEDEE84B2BBF12BEE33E 2228736 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-08-12 19:28:22 6CDF693DB2B20604E7314F8323F52F00 136904 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-08-12 19:28:22 5B5196CFE7A703D9F9309859EA70462C 891904 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-08-12 19:28:21 DB3B4BE9021D0ADB3B34D00AB94D0895 140288 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-08-12 19:28:21 C82107E0CC8E12DE7CFBB4A9BFFD62BA 95744 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-08-12 19:28:21 6FD5F29679239BF336D9AC045EFDE74F 35840 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-08-12 19:28:20 3DCE7705F6770C90A616B149C261E8EE 411133 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2015-08-12 19:28:10 995797E4DE4215715CA2040BB81F4594 14451200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-08-12 19:28:08 C6960223A6BAB3CF83DB09565D191844 5923328 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-08-12 19:28:06 E892688BB1C8B0B485C27436F2B963CF 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-08-12 19:28:05 C555B5C8142844DED9E3BD94E6313000 2427904 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-08-12 19:28:03 4E37600CED71FFCE7EEBB129A90B3431 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-08-12 19:28:03 3E4568FFE110FE81CA1A75BF1149153B 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-08-12 19:28:03 158C1D034080B9DC0A9A2CD9E8DB0199 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-08-12 19:28:03 0A11C834B8CA37AE07DF5E8727846BEC 2880000 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2015-08-12 19:28:02 D25352D34FDE9AF82F6362CA86A317C3 145408 ----a-w- C:\Windows\Sysnative\iepeers.dll 2015-08-12 19:28:02 C580215DE134617942FF1740A1235CE4 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-08-12 19:28:02 9C7B3D3A9A945AED5CC97C6535C9D857 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-08-12 19:28:02 8EB07ED289C0F53E3838DC812E5A9CCC 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-08-12 19:28:02 77A4FEE4031F90DBB5C16F6A8FC855BC 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-08-12 19:28:02 591A23DF78E3DDE47FF769C82CAC5AC7 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-08-12 19:28:02 43AF91A40E44205272335E33B7BBA4C3 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-08-12 19:28:02 39E11AA344781CD5773BE9E2472C84E4 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-08-12 19:27:54 F077AA3AF6BF55445801661ADBC63D06 104448 ----a-w- C:\Windows\Sysnative\davclnt.dll 2015-08-12 19:27:54 89DF19162B8ADE69856978CE4A979173 1116160 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-08-12 19:27:54 40F83492DB9ABBA59773A45FB487C8B2 228864 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2015-08-12 19:27:53 F6506621BF6CEE122A7CE155296299A8 743424 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-08-12 19:27:53 EBB3AD82E6CE2B4B978E7CBF00E6089D 18823680 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2015-08-12 19:27:53 E57267B8ED09F569FA603E8868845B0E 1148416 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-08-12 19:27:53 BA8572BDA108A0C54187AE9C13306FB0 69120 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-08-12 19:27:53 9D74FEC6CE8EF72CF5FF83447F45B2ED 774144 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-08-12 19:27:53 90F1A2A33C7EC9885994746B83201D6F 25776 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-08-12 19:27:53 1E9B6977F7928FF9FB9DC64A21F000AD 437248 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-08-12 19:27:20 F776672C327EA4B8409B337422B87350 59392 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-08-12 19:27:19 05B08C20B8428ECE088CB5635696A48D 59392 ----a-w- C:\Windows\Sysnative\basesrv.dll 2015-08-12 19:27:18 52DA047D3968A40CD9E353B1D256FACD 487256 ----a-w- C:\Windows\Sysnative\netcfgx.dll 2015-08-12 19:27:17 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\Windows\Sysnative\notepad.exe 2015-08-12 19:27:17 362614DBA04ACBA2897E920706CE46B7 536920 ----a-w- C:\Windows\Sysnative\mcupdate_GenuineIntel.dll 2015-08-12 19:27:16 753F99CF6554FD9CBCDC79E7CB94E63A 2345472 ----a-w- C:\Windows\Sysnative\msxml3.dll 2015-08-12 19:27:16 3D6FE1BAB1FCBEECCA6F64E4C0F11640 2529880 ----a-w- C:\Windows\Sysnative\msxml6.dll 2015-08-12 19:27:12 570CCDEB1D230BEFDE7A0556FB02C674 7032320 ----a-w- C:\Windows\Sysnative\mstscax.dll 2015-08-12 19:27:11 1FD24A3B2B1BBEEC69EE009F3B110286 1101824 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2015-08-12 19:27:04 6789160F360BF5BAF50CFEBC4043FA8E 1994752 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-08-12 19:27:04 4F9BFE0A0E3D979DE1C2C717E7FF34E0 4177408 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-08-12 19:27:04 1E93CBB75D167CDF85501A8C790097A8 1381888 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-08-12 19:27:03 AE0E60AE84B2E5CD261E6BD96F074841 44032 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-08-12 19:27:03 A1DB29E2E47A99E1992B6049ED838C9F 358912 ----a-w- C:\Windows\Sysnative\atmfd.dll ====== C:\Windows\Sysnative\drivers ===== 2015-08-19 13:34:12 9918B9C21E2033DD1F1872D3D06B418D 43664 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2015-08-12 19:30:16 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-08-12 19:28:24 9A788037D768809DFD677F4BA08A224A 101720 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-08-12 19:27:44 26B8FED3F3B85F5F0C4BD03FD00B9941 270168 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2015-08-12 19:27:43 CE67080F00E0AF32755096CEA6430ABA 114520 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2015-08-12 19:27:43 81285DDC994F03379DB46419300B2DCB 44560 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2015-08-12 19:27:18 97DC5967F65503213FD1F1B3E4A6F983 1113944 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2015-08-12 19:27:14 746DDF7D59AB8D721C88D48434597E8D 2476376 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2015-08-12 19:27:14 25991A1635AF725E9DC840A6A36824EC 428888 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS ====== C:\Windows\Tasks ====== 2015-08-19 09:34:57 3E1DF0A22A8786F14909A880757323ED 3812 ----a-w- C:\Windows\Sysnative\Tasks\Opera scheduled Autoupdate 1439976885 2015-08-19 09:33:44 70F80783DC27146DFFF750CF50759E37 350 ----a-w- C:\Windows\Tasks\Optscan.job 2015-08-12 19:43:52 2C5E2E69202227F2128C465B78B38051 3554 ----a-w- C:\Windows\Sysnative\Tasks\GarminUpdaterTask ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-08-19 13:52:26 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-08-19 14:35:07 -------- d-----w- C:\PROGRA~2\FreeTime 2015-08-12 19:43:57 -------- d-----w- C:\PROGRA~2\Garmin ======= C: ===== ====== C:\Users\Ans\AppData\Roaming ====== 2015-08-19 14:35:51 -------- d-----w- C:\Users\Ans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2015-08-19 09:34:58 -------- d-----w- C:\Users\Ans\AppData\Roaming\Opera Software 2015-08-19 09:34:58 -------- d-----w- C:\Users\Ans\AppData\Local\Opera Software 2015-08-19 09:33:46 -------- d-----w- C:\Users\Ans\AppData\Local\Programs 2015-08-19 09:09:49 -------- d-----w- C:\Users\Ans\AppData\Roaming\Cocoon Software 2015-08-19 09:09:08 -------- d-----w- C:\Users\Ans\AppData\Local\WDSetup 2015-08-12 19:49:20 -------- d-----w- C:\Users\Ans\AppData\Local\Garmin_Ltd._or_its_subsid 2015-08-12 19:49:05 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid 2015-08-12 19:48:16 -------- d-----w- C:\Users\Ans\AppData\Local\Garmin 2015-08-12 19:45:42 -------- d-----w- C:\Users\Ans\AppData\Roaming\Garmin 2015-08-12 19:44:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Garmin ====== C:\Users\Ans ====== 2015-08-19 14:36:20 -------- d-----w- C:\Users\Public\Documents\Baidu 2015-08-19 14:36:20 -------- d-----w- C:\ProgramData\Baidu 2015-08-19 13:51:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Ans\Desktop\RSITx64.exe 2015-08-19 13:32:07 -------- d-----w- C:\ProgramData\HitmanPro 2015-08-19 13:31:08 B60968DA915DEE967F3B2BD2E8914041 11032736 ----a-w- C:\Users\Ans\Desktop\HitmanPro_x64.exe 2015-08-19 12:56:46 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2015-08-19 09:55:15 2569B48D29771419726958BE06911F8B 670 --sha-r- C:\ProgramData\ntuser.pol 2015-08-12 19:49:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2015-08-12 19:44:21 -------- d-----w- C:\ProgramData\Garmin ====== C: exe-files == 2015-08-19 14:35:51 09974E1F6B11F83EA3C2385435A1FEE2 151843 ----a-w- C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe 2015-08-19 13:52:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ans.exe 2015-08-19 13:51:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Ans\Desktop\RSITx64.exe 2015-08-19 13:31:08 B60968DA915DEE967F3B2BD2E8914041 11032736 ----a-w- C:\Users\Ans\Desktop\HitmanPro_x64.exe 2015-08-19 09:35:00 451E7B15786E3BA96E88A3BB63EE27F3 3214137 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\1\xvidconverter_setup.exe 2015-08-19 09:34:11 51516D06883523649DA75A6BC7788D88 683768 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\440\Opera_NI_stable.exe 2015-08-19 09:34:03 1AC5058700AB96E39BD56F07D203B984 299000 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\420\setup.exe 2015-08-19 09:33:10 2AC7173CC62E119CF3A0EB4062DB3C9F 298992 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\297\setup.exe 2015-08-18 19:33:05 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\8FDCAEB4-8CCE-48DD-B3C2-7812D9BC3E0D\DismHost.exe 2015-08-16 18:23:35 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Ans\AppData\Local\Temp\77748250-9FFF-43E1-80B4-66F3F1C38B71\DismHost.exe 2015-08-16 18:23:28 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Ans\AppData\Local\Temp\012A7588-4764-477F-B34E-E32E78B6BC25\DismHost.exe 2015-08-16 08:52:45 1D04AADC5043A051ABBAAF9D3DFB1142 25944 ----a-w- C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe === C: other files == 2015-08-19 13:34:12 9918B9C21E2033DD1F1872D3D06B418D 43664 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys 2015-08-19 12:44:46 8FA640D99340B331AC6AFBD463A1C5D5 55512 ----a-w- C:\Users\Ans\AppData\Local\Temp\{4303F67E-6CC4-47CC-B66C-29E634EF9250}.xpi 2015-08-19 12:44:46 88EF803B549A2CC2074F61212AF03E90 55560 ----a-w- C:\Users\Ans\AppData\Local\Temp\{F32B653F-2BD4-4481-921C-5E2A5AF08B1F}.xpi 2015-08-19 09:34:10 CE3DA8259038D651584AB817D77A19F0 6933 ----a-w- C:\Users\Ans\AppData\Roaming\Mozilla\Firefox\Profiles\3ht37qql.default\extensions\{26a46a2e-a565-42b9-a3f1-96dc63b2a3cc}.xpi 2015-08-19 09:33:35 AA4F6D47F595CF73A66A9A8CB9D6A815 10897 ----a-w- C:\Users\Ans\AppData\Roaming\Mozilla\Firefox\Profiles\3ht37qql.default\extensions\{fee8e708-3fc9-43c2-a1ec-53b3bcc3d5e3}.xpi 2015-08-19 09:32:39 F4B3D23BED922D5075523C5EE1A0FE25 40883 ----a-w- C:\Users\Ans\AppData\Local\Temp\pxY28X92WG29mI63t2Y\skin.zip 2015-08-19 07:04:15 D1751FAB430274A06C260A3DB8707E0C 114315616 ----a-w- C:\Users\Ans\Downloads\DeviceDoctor.7ZipOpener_mkdtfchztkfbm!App\07poh93.rar (3).zip 2015-08-16 18:40:37 8FE026AABB8AAA931DC84C447FA895AC 128895778 ----a-w- C:\Users\Ans\Downloads\DeviceDoctor.7ZipOpener_mkdtfchztkfbm!App\76geka24.rar (2).zip 2015-08-16 18:38:28 37042988A60B5D50F7FDA4126FCEB7D5 25316114 ----a-w- C:\Users\Ans\Downloads\DeviceDoctor.7ZipOpener_mkdtfchztkfbm!App\76geka24.rar.zip 2015-08-16 18:37:54 2FC35CE0581CC0080F8DE93C526B0B47 17249426 ----a-w- C:\Users\Ans\Downloads\DeviceDoctor.7ZipOpener_mkdtfchztkfbm!App\07poh93.rar (2).zip 2015-08-16 18:37:01 0AD22772868A3764374254E74D2EF814 6099724 ----a-w- C:\Users\Ans\Downloads\DeviceDoctor.7ZipOpener_mkdtfchztkfbm!App\07poh93.rar.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3702760744-3930997780-1803411306-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Startup Folders ====================== 2014-10-17 07:12:43 1330 ----a-w- C:\Users\Ans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:@C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\Windows\tasks\Optscan.job --a-------- C:\programdata\31b8e475-acf6-8a7b-31b8-8e475acf91d6\hqghumeaylnlf.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1439976885" [C:\Program Files (x86)\Opera\launcher.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Ans\AppData\Roaming\Mozilla\Firefox\Profiles\3ht37qql.default user_pref("browser.startup.homepage", "http://be.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-tr-rhb-34__alt__ddc_dsssyc_bd_com"); user_pref("browser.newtab.url", "http://be.search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-tr-rhb-34__alt__ddc_dsssyctab_bd_com"); user_pref("browser.search.defaultenginename", "Yahoo Search!"); user_pref("browser.search.selectedEngine", ""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Ans\AppData\Roaming\Mozilla\Firefox\Profiles\3ht37qql.default - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - iFamebook - %ProfilePath%\extensions\ifamebook@stormvision.it.xpi - Record Page - %ProfilePath%\extensions\{26a46a2e-a565-42b9-a3f1-96dc63b2a3cc}.xpi - Get The Results Hub - %ProfilePath%\extensions\{fee8e708-3fc9-43c2-a1ec-53b3bcc3d5e3}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Ans\AppData\Roaming\Mozilla\Firefox\Profiles\3ht37qql.default E7006BB5611298DBDD03FE3519C19AC2 - E:\Ans\Downloads\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25 238F239EAEFF7E3E782913D599084E18 - E:\Ans\Downloads\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18 EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash 4FD35D3CDAA50F361D930A1798EF2DB1 - C:\Users\Ans\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Chromium Look ====================== {scripts [background.js]}content_scripts:[{js:[content.js]matches:[]run_at:document_end}]content_security_policy:script-src 'self' 'unsafe-eval' https://getresultshub-a.akamaihd.net https://getresultshub-a.akamaihd.net https://cdn.getresultshub.com; object-src 'self'description:homepage_url:http://www.getresultshub.comicons:{48:icon.png}key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstUHixDxRKHdh5sh2muWGAnGAYWUm0BiwqKoJINhYvaGEt5xIe0Bh/Qh00cZAmYSjD1jmK973kz62Hz0nZ3RSRFPvXW8Tfh8L5dQlr1vJBh9bzfhg7sYBdVx9DXFZ4oq8LGwB9TeOQrYfnO5m1oeEBcVntwM5wEfU/8UfRYPyI76gep7oFL195lXQdjGB2uyZrkQbFCduRDj9sUzJDo0L3PvllLNJzSgFspyarNftYDfDA1LJI1/sjEHG6i08Wuc0NtlHDwhX7WXMU3ODECebl4LWz2VU3amU9zAtktK5x5+gIVDH4qqLT7d0xIbytc78sm/MXJUyOec/wCfMS2RtwIDAQABmanifest_version:2name:Get The Results Hubpermissions:[managementstoragetabswebRequestwebRequestBlocking]update_url:http://cdn.getresultshub.com/updateversion:1.0.5708.33666} - Ans\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiamjlopcnhlolhdbikmmhcjjlhleeia {scripts [background.js]}content_scripts:[{js:[content.js]matches:[]run_at:document_end}]content_security_policy:script-src 'self' 'unsafe-eval' https://recordpage-a.akamaihd.net https://recordpage-a.akamaihd.net https://cdn.getrecordpage.com; object-src 'self'description:homepage_url:http://www.getrecordpage.comicons:{48:icon.png}key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkmvX6JdwTCA/7ku/lwFXbbdAbevlqrFthefkkgDOs5AEJ66W0UX9u12g4gmMuq4vP0j/R5UuUSzq68f8IUdSUCLMnWPD8idtQCbPLWU7/YoE/cNAJeOXhUEYenaO/C+Ok0vxBdsPQrRNlSH89X2HrPHGWuHes9DnoR2VbwWHRK7qLLmdLq0tWqhhDPyyD9CcY0NY0DAVcqCQrZWaYwADuQtt17jIXboOSXJmI9u+iGUn69+ZR1Jl9yWy5Ku+ftX5zAe4vMqZCGkOJFa7QmtlfHGcTbzN3pPedQcMJtvaNmHXVDRq5iWSeM2JoN/vDx8wIH427d9om4N2agTeShU8wIDAQABmanifest_version:2name:Record Pagepermissions:[managementstoragetabswebRequestwebRequestBlocking]update_url:http://cdn.getrecordpage.com/updateversion:1.0.5708.35447} - Ans\AppData\Roaming\Opera Software\Opera Stable\Extensions\poihgldcgdeiiclapfocpigklbcgjlff ==== Chromium Fix ====================== C:\Users\Ans\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiamjlopcnhlolhdbikmmhcjjlhleeia deleted successfully C:\Users\Ans\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_oiamjlopcnhlolhdbikmmhcjjlhleeia_0.localstorage deleted successfully C:\Users\Ans\AppData\Roaming\Opera Software\Opera Stable\Extensions\poihgldcgdeiiclapfocpigklbcgjlff deleted successfully C:\Users\Ans\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_poihgldcgdeiiclapfocpigklbcgjlff_0.localstorage deleted successfully C:\Users\Ans\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\poihgldcgdeiiclapfocpigklbcgjlff deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ans\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Ans\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Ans\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Ans\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Ans\AppData\Local\Mozilla\Firefox\Profiles\3ht37qql.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Ans\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=32 folders=14 58062475 bytes) ==== Empty Temp Folders ====================== C:\Users\Ans\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ans\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 20/08/2015 at 17:00:55,37 ======================