Zoek.exe v5.0.0.1 Updated 13-December-2015 Tool run by GEAtje on ma 14-12-2015 at 13:54:26,70. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\GEAtje\Downloads\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-12-13-190508.log 1422 bytes ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\WinZip Registry Optimizer deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\PCSettings deleted successfully C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully C:\Users\GEAtje\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\GEAtje\AppData\Roaming\Opera Software deleted successfully C:\Users\GEAtje\AppData\Local\eSupport.com deleted successfully C:\Users\GEAtje\AppData\Local\Opera Software deleted successfully C:\Users\GEAtje\AppData\Local\PDFC deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} deleted successfully HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\WinZip Registry Optimizer not found C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found C:\zoek_backup deleted C:\Users\GEAtje\AppData\Roaming\IObit deleted C:\ProgramData\{B5B25D71-E530-8CF7-54B6-FC7584342FFB} deleted C:\Users\GEAtje\AppData\Roaming\WB.CFG deleted C:\Users\GEAtje\AppData\Roaming\Mipony deleted C:\Users\GEAtje\AppData\Roaming\ProductData deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\Users\GEAtje\AppData\Local\{5C676A3B-78CF-0683-1557-236B313FDFF3} deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\tasks\ASC9_PerformanceMonitor deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted "C:\DelFix.txt" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\Dashlane.exe" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\DashlanePlugin.exe" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.3.6.0.97092.dll" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.3.6.0.97092.dll" deleted "C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection\ASCService.log" not deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\CPUIDInterface.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\datastate.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\HomepageSvc.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\sqlite3.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\taskmgr.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\vcl120.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\vcl120.bpl" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane" deleted "C:\ProgramData\IObit" not deleted "C:\Program Files (x86)\IObit" not deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" deleted "C:\Users\GEAtje\AppData\Roaming\Dashlane\3.6.0.97092\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components" deleted "C:\ProgramData\IObit\Advanced SystemCare" not deleted "C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection" not deleted "C:\Program Files (x86)\IObit\Advanced SystemCare" not deleted "C:\Program Files (x86)\IObit\IObit Uninstaller" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEAtje\AppData\Local\Temp ==== 2015-12-12 10:28:24 26BEE20E384D6D2A2C03B4594B9CE723 144912 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\UninstallHPSA.exe 2015-12-12 10:19:34 A9209BBA39ADE2FE71F82319C619DB3E 595656 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\HPSFUpdater.exe 2015-12-12 10:07:27 ECA3AE15FC14FF9736F637143F4C5A96 71168 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplirjyb.dll 2015-12-08 18:24:33 61285170DA46E35AF6DBAAE8945646D9 2193728 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\db3\IobitDownloader.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-12-14 08:58:47 895ABED2A7C126EFA4D61AF24B0D5AE4 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-12-14 08:50:58 F557E36B291BE2B28FCA4D4A68AE2219 114176 ----a-w- C:\Windows\SysWOW64\PCWizard.cpl 2015-12-10 19:40:20 B0AFC72F5BAE0C06DB30B409B9D05D8A 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2015-12-10 19:39:54 3553707B119AD5AAF1F31BFF5517A093 627712 ----a-w- C:\Windows\SysWOW64\usp10.dll 2015-12-10 19:39:44 9AA46606BCC013F5FB7E5B70FAB1ABE0 573440 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-12-10 19:39:42 C66D020B1C268FF9AB1672C99E76CA66 174080 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-12-10 19:39:42 B1384CCEFB8F64EC85AECB70AFB91D8D 93696 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-12-10 19:39:42 A0BF4CD0C8F805A816B67C004B12E24D 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-12-10 19:39:42 58B9CFDD032CB92CEC0D3E8454E4C766 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-12-10 19:39:18 F1FCE953EF04251F17BE828185B9DFA0 419928 ----a-w- C:\Windows\SysWOW64\locale.nls 2015-12-10 19:39:14 ACB16C9BE1A175A2E7BFF076DF99B3CF 69120 ----a-w- C:\Windows\SysWOW64\nlsbres.dll 2015-12-10 19:39:14 8E9152F4779CCA402F235EB9AB823854 6656 ----a-w- C:\Windows\SysWOW64\KBDAZEL.DLL 2015-12-10 19:39:14 3A593B01E4F92F04211ECFB53816240C 6656 ----a-w- C:\Windows\SysWOW64\kbdgeoqw.dll 2015-12-10 19:39:14 35D490A393A0B231F237954E6E65B224 7168 ----a-w- C:\Windows\SysWOW64\KBDAZE.DLL 2015-12-10 19:38:58 FDB73E2FFDEE1F28D1AF3B80E3F0FE99 1251328 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-12-10 19:38:57 0A78439765E31510D75C9E2284F3A722 833024 ----a-w- C:\Windows\SysWOW64\user32.dll 2015-12-10 19:38:54 EB11947B250AD259755939A2DE349FBB 14848 ----a-w- C:\Windows\SysWOW64\wshrm.dll 2015-12-10 19:38:51 F60154A0DD1DCCF2EE75BE45A676BA51 1242624 ----a-w- C:\Windows\SysWOW64\comsvcs.dll 2015-12-10 19:38:51 169BDD4EF6E99E43720534E07798400C 487936 ----a-w- C:\Windows\SysWOW64\catsrvut.dll 2015-12-10 19:33:35 8102E4A17D58BA6B18A31095C4418082 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-12-10 19:33:35 5F4DBBB0551DAE2A6EEC5EA915695250 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-10 19:33:34 804FEA5A5A4B491B83AFF8EE7EFE887F 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-12-10 19:33:34 081BE765C4025EC2AB8011A6BFE222B5 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-10 19:33:33 5FA89E1534B675CCA8CEE6B50D0B7B49 2280448 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-12-10 19:33:32 D1F6886A7E08134135E9C197FA387702 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-10 19:33:32 67D44EDA849BA632EC4DCEF839950F56 341192 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-12-10 19:33:32 29DDD6FB1147192B13D2C3647F581219 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2015-12-10 19:33:32 219494B7F95F86071EC9D4FC0DC4962F 1311744 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-12-10 19:33:32 13DED010D9DFA204DB2C2F650B3901B8 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-12-10 19:33:32 0955BBBB50FCC3C2B2EB485FBBFBF4D3 496640 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-12-10 19:33:31 B206E8BD4938B6C6B1C84DD13C12C4DF 20366848 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-12-10 19:33:31 6ED639FAAE29626ED1A98139A3C9C289 687104 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-12-10 19:33:30 DD99C9D2CA3F9B3D63B965B4EDDAE612 2050560 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-12-10 19:33:30 8BB61456A1EA19011E85C9340BC4157B 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-12-10 19:33:30 3477EAB965E9DEDCD46F95C55F78489F 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-12-10 19:33:29 F1ED865CA8D6223739233576D7C76C1A 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-12-10 19:33:29 713919E7E3BD6196D2498C2B8166AEAD 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-12-10 19:33:29 6A37F0BDA83C7755C71A2DE5BF00381B 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-12-10 19:33:29 1256113318DD02C9C60FF0969025CA15 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-12-10 19:33:29 0A6D92C3BB313883F286C65820E2DD30 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-12-10 19:33:28 517847AC160C91F04951340F9A051084 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-12-10 19:33:28 284442A1BAFD17731398AD22AB6C9099 12856832 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-12-10 19:33:26 AC62F3866FDA5BFC4966055B1316DE94 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-10 19:33:26 6082F9978A1456863397F99E5C8E7901 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-12-10 19:33:25 B60461B5CED2BFAE1A870C61C66966C4 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-12-10 19:33:25 668D2CA489F605E4C7A743A62632C383 4514816 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-12-10 19:33:25 4ED815FE30E048A52A5FC420DD6E49D0 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-12-10 19:33:24 B832BA2AA73CC4FC58446F4237070D96 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-12-10 19:33:24 050F5A8F90CF18AA6F9FA75AF1851569 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-12-10 19:31:47 E7CA874DA58A607E11ACAB33718AE9FA 179712 ----a-w- C:\Windows\SysWOW64\els.dll ====== C:\Windows\SysWOW64\drivers ===== 2015-12-14 08:56:04 8407DDFAB85AE664E507C30314090385 22200 ----a-w- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS 2015-11-27 20:08:11 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS ====== C:\Windows\Sysnative ===== 2015-12-10 19:40:20 6EDEA5EDF5AA979CB2A99617A8478AD3 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2015-12-10 19:39:54 077CC8BF1076D49E85687AACB30956A1 802304 ----a-w- C:\Windows\Sysnative\usp10.dll 2015-12-10 19:39:44 EB6D501FCFAFF726EA1B50B8276F5F34 709632 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-12-10 19:39:44 6075791ED85E47A2A2916B1F34582944 2609152 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-12-10 19:39:43 A6C4964F3C382592785EACFBA2DA8F6C 3170304 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-12-10 19:39:42 A1D9A6B41647E8F008A25DA7B80708CB 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-12-10 19:39:42 6BB823DF7F117BF4958303B443E8100D 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-12-10 19:39:42 59C2B329F87F46C384F3F139376CD315 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2015-12-10 19:39:42 4CD20F77149C689703A71561747E7B8D 37888 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-12-10 19:39:42 2E53E71ED8277444E37BAA3932089C45 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-12-10 19:39:42 2B8660213ED7873FCF5C5540023C48F5 98816 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-12-10 19:39:42 233AB915DBB476BFD7218DB553D91DCC 140288 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-12-10 19:39:42 0CF6EFBC9BCC6EDE114F71BCAEE9CCF4 192512 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-12-10 19:39:18 F1FCE953EF04251F17BE828185B9DFA0 419928 ----a-w- C:\Windows\Sysnative\locale.nls 2015-12-10 19:39:14 E78C5E7087763DD4F1C5DAD78D2BA141 7168 ----a-w- C:\Windows\Sysnative\KBDAZEL.DLL 2015-12-10 19:39:14 E3ECD802006128C036FAAD09B6F97F6E 7168 ----a-w- C:\Windows\Sysnative\kbdgeoqw.dll 2015-12-10 19:39:14 AE0F1E593C4AE0A1CE3868C2AA54D8E5 7168 ----a-w- C:\Windows\Sysnative\KBDAZE.DLL 2015-12-10 19:39:14 52B3CAAD627902B8D6E035A25DA4BD09 69120 ----a-w- C:\Windows\Sysnative\nlsbres.dll 2015-12-10 19:39:00 1AE1D0D71C3C61A0ECA941140E1E2FF8 1648128 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-12-10 19:38:59 BCB16AE33AA58E0042F3EF34CFB6396A 1180160 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-12-10 19:38:59 4287A4345CFFDD4D7710B2FCFF6C21BC 3211264 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-12-10 19:38:58 06BF84D26A05D400F6B3FB3D3DE0B03A 1008640 ----a-w- C:\Windows\Sysnative\user32.dll 2015-12-10 19:38:54 2DA9EB73046595D79ADE306BC22B02C4 17408 ----a-w- C:\Windows\Sysnative\wshrm.dll 2015-12-10 19:38:52 E385472FF300F2BFD323B667EBAE93C7 1735680 ----a-w- C:\Windows\Sysnative\comsvcs.dll 2015-12-10 19:38:52 75DFE3CE6A8BFC995CC1D615B74DF8B0 525312 ----a-w- C:\Windows\Sysnative\catsrvut.dll 2015-12-10 19:33:35 5040CEF0DC919A81AF2C10CC67F3F36C 2887168 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-12-10 19:33:35 1E32A0EF31E39783589F3FF33C71EB26 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-12-10 19:33:34 581486C09915529B172B844F620800EB 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-12-10 19:33:32 ECF5CF7E1712A137FD95DCC89ECE2FE5 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-12-10 19:33:32 D63583C3645A5D29D643298273EC2125 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-12-10 19:33:32 33E703517D83F367B0B0B3EF2C807C77 718336 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-12-10 19:33:30 DDA2687E5FC070E066623330BF5A9375 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2015-12-10 19:33:30 CFB4DC8B180EE1FA0F38ED98A82BFFDC 387792 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-12-10 19:33:30 8403AAA093BD7B790111326197D5C30B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-12-10 19:33:29 DA9927502C6CC6C6D4A5E57E00CAB796 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-12-10 19:33:29 D0EB186DFF60A296B144A0FC2490AC31 1546752 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-12-10 19:33:29 503155AF5513116632202504D71FA29D 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-12-10 19:33:29 1537D3FFDC70A1EF8792235A99DC4C4B 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-12-10 19:33:28 23D900117F368A884C4C36A57E201F97 798208 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-12-10 19:33:27 FBBC836885522FD1E00A23DC65F78A28 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-12-10 19:33:27 64F4B886C95379DEA6EF3DDF3CE2D853 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-12-10 19:33:26 6D86F7F6C9FE6059B610DB1D6EF77659 2123264 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-12-10 19:33:25 B49AF2AB8CDF52290A7529BE3D8B1429 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-12-10 19:33:25 32C4438BACFF7AAC86AE54FAE74AA483 571392 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-12-10 19:33:23 A2F0AB5736B60AC22D63113489D37FF1 14456832 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-12-10 19:33:23 9D8862210504591545E33FE562BE7078 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-12-10 19:33:23 963F01E33EFADF54DDCCDDF31DFC2D37 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-12-10 19:33:22 FE196D24FDCE4402EB1762264FA3DE0B 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-12-10 19:33:22 2A0AB8E59C47DC589C2DF3CEB1AA22EF 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-12-10 19:33:21 D3CC1DBE8FE63F3A2FAD5658146DF39B 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-12-10 19:33:21 4264B4BD10C5A21CF4A15998CB71551F 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-12-10 19:33:21 3F0827114CE89176253684B588D4B02E 5923840 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-12-10 19:33:21 377C0436711DE3AFB9527FB88F831F44 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-12-10 19:33:21 02A92A8C880FDC242441FBE0620CF14B 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-12-10 19:33:20 E2C385B0D816AD37616BD4C4204D0633 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-12-10 19:33:19 B7F26EC33F55842C66A1C3FA34EB8D27 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-12-10 19:33:19 AF71D38B9F23907AB54BC8D9F573CEB3 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-12-10 19:33:19 0A477F2CCC151E3AED4143B4FDDF74A5 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-12-10 19:33:18 A8B4563632BAF46BB005A0127727E82D 25837568 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-12-10 19:31:47 218D2848CDDE80DD9AF72D5DD78F225C 241664 ----a-w- C:\Windows\Sysnative\els.dll ====== C:\Windows\Sysnative\drivers ===== 2015-12-10 19:38:54 5BD6B1EC997FF3DD779D62E05D2079A8 146944 ----a-w- C:\Windows\Sysnative\drivers\rmcast.sys 2015-12-03 09:55:28 23FC7F198F658C90D86BB14DCF77AF3E 141304 ----a-w- C:\Windows\Sysnative\drivers\RapportHades64.sys 2015-12-03 09:55:27 19D9CC54A81A0BF0BB2D28BC2CB9CA31 396152 ----a-w- C:\Windows\Sysnative\drivers\RapportKE64.sys 2015-11-27 20:32:59 49DAC02261A2B3373818444F6E4E3139 129224 ----a-w- C:\Windows\Sysnative\drivers\L1C62x64.sys 2015-11-27 20:27:01 3D2A18B6CC394B1C936DBBFBE6CD2BB1 4613888 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2015-11-27 20:26:53 363D9529E5232F8B574436AF2BF0F361 3951402 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT ====== C:\Windows\Tasks ====== 2015-12-12 10:15:30 A06FEED4EA2D74270E01B21F26D5C181 3192 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForGEAtje 2015-12-12 10:15:26 5C385CA4E168BAA461A149A1F3FDE2E6 336 ----a-w- C:\Windows\Tasks\HPCeeScheduleForGEAtje.job 2015-11-27 20:10:02 6448B52EAF5C6F7F4E96E58C1927FB7B 2908 ----a-w- C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_GEAtje 2015-11-27 20:09:40 4F00D1E2411666B008E197804267B859 2872 ----a-w- C:\Windows\Sysnative\Tasks\ASC9_SkipUac_GEAtje 2015-11-27 20:08:15 E7686B75D7C3047DEFC6A8B2A1E7CEBD 2878 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster SkipUAC (GEAtje) 2015-11-27 20:08:14 C6D0BEB534DBD5AB4874ACFA78D20DA7 3236 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster Scan 2015-11-27 20:08:13 340C8D9A8C0A43100CAED6A608336F27 3180 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster Update 2015-11-21 09:10:14 E2908DCD2A06119D420B69B2099F9E58 3348 ----a-w- C:\Windows\Sysnative\Tasks\ESET Windows 10 upgrade – Refresh settings 2015-11-20 19:49:59 D19ECDCCFB9397AE1A62F0C7AC0B2010 512 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1e5100d0-ed26-4c17-8091-0d92299e4237.job 2015-11-20 19:49:59 6DEEBBD05F0B917D20CE75B6DE9AAC10 3590 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task 39aa2e6a-d3f3-4865-a6f4-60c5e1a3bef4 2015-11-20 19:49:59 68E59D23F18D8B2C25B4BEE5DB3C1D36 3516 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task 1e5100d0-ed26-4c17-8091-0d92299e4237 2015-11-20 19:49:59 3CA60CAD7DE51E3FD0128F71890839FE 512 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 39aa2e6a-d3f3-4865-a6f4-60c5e1a3bef4.job 2015-11-17 19:39:51 0F3EEE30379AE4E21ADAE7630666CCDF 4158 ----a-w- C:\Windows\Sysnative\Tasks\Palikan roni ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-12-13 21:44:28 -------- d-----w- C:\Program Files\Microsoft.NET 2015-11-21 08:07:33 -------- d-----w- C:\Program Files\ESET 2015-11-20 19:49:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware ======= C:\PROGRA~2 ===== 2015-12-14 08:59:37 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-12-14 08:57:32 -------- d-----w- C:\PROGRA~2\Java 2015-12-14 08:56:01 -------- d-----w- C:\PROGRA~2\eSupport.com 2015-12-14 08:50:52 -------- d-----w- C:\PROGRA~2\CPUID 2015-12-03 09:54:31 -------- d-----w- C:\PROGRA~2\Trusteer 2015-11-27 20:09:35 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit 2015-11-27 20:08:02 -------- d-----w- C:\PROGRA~2\IObit 2015-11-21 08:46:56 -------- d-----w- C:\PROGRA~2\Dashlane 2015-11-17 19:43:00 -------- d-----w- C:\PROGRA~2\Lenovo ======= C: ===== ====== C:\Users\GEAtje\AppData\Roaming ====== 2015-12-14 13:44:56 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\IObit 2015-12-14 13:19:22 -------- d-----w- C:\Users\GEAtje\AppData\Local\PDFC 2015-12-14 08:59:16 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Sun 2015-12-14 08:59:16 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Sun 2015-12-14 08:56:50 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Oracle 2015-12-12 10:28:55 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\hpqLog 2015-12-06 19:36:55 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\BlamGames 2015-12-04 07:49:38 -------- d-----w- C:\Users\Default\AppData\Local\Trusteer 2015-12-04 07:49:38 -------- d-----w- C:\Users\Default User\AppData\Local\Trusteer 2015-12-03 09:55:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Trusteer 2015-12-03 09:54:49 -------- d-----w- C:\Users\GEAtje\AppData\Local\Trusteer 2015-11-29 11:58:15 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Eipix 2015-11-27 20:36:55 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\IObit 2015-11-27 20:09:54 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Apple Computer 2015-11-27 20:08:12 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\IObit 2015-11-21 08:49:02 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Dashlane 2015-11-21 08:46:56 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2015-11-21 08:46:56 -------- d-----w- C:\Users\GEAtje\AppData\Local\Packages 2015-11-21 08:08:56 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\ESET 2015-11-21 08:08:56 -------- d-----w- C:\Users\GEAtje\AppData\Local\ESET 2015-11-21 08:08:53 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\ESET 2015-11-20 19:49:57 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\SUPERAntiSpyware.com 2015-11-17 19:43:53 -------- d-----w- C:\Users\GEAtje\AppData\Local\Lenovo ====== C:\Users\GEAtje ====== 2015-12-14 09:12:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\GEAtje\Downloads\RSITx64.exe 2015-12-14 08:59:15 -------- d-----w- C:\Users\GEAtje\.oracle_jre_usage 2015-12-14 08:58:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-14 08:57:38 -------- d-----w- C:\ProgramData\Oracle 2015-12-14 08:56:21 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\Users\GEAtje\Downloads\chromeinstall-8u66.exe 2015-12-14 08:56:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com 2015-12-14 08:55:31 D89779FB610E21DC87B26F2ECAB56A99 1225680 ----a-w- C:\Users\GEAtje\Downloads\driveragent-setup-1223.exe 2015-12-14 08:50:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2015-12-14 08:49:46 A1630F4BDF5C1E008D35C9C0885DA167 5400507 ----a-w- C:\Users\GEAtje\Downloads\pc-wizard_2014.2.13.exe 2015-12-12 15:55:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-03 09:54:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging 2015-12-03 09:53:14 -------- d-----w- C:\ProgramData\Trusteer 2015-12-03 09:53:02 9D49AE05897942B7FF72095C4FB4B542 436504 ----a-w- C:\Users\GEAtje\Downloads\RpprtSetup.exe 2015-11-27 20:09:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2015-11-27 20:09:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2015-11-27 20:08:12 -------- d-----w- C:\ProgramData\IObit 2015-11-27 20:08:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2 2015-11-26 08:00:31 -------- d-----w- C:\ProgramData\Easybits Magic Desktop for HP 2015-11-21 08:07:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-11-21 08:07:33 -------- d-----w- C:\ProgramData\ESET 2015-11-20 19:49:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-11-20 19:49:12 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2015-11-17 19:43:53 -------- d-----w- C:\Users\GEAtje\REACHit 2015-11-17 19:39:34 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2015-12-14 09:12:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\GEAtje\Downloads\RSITx64.exe 2015-12-14 08:58:48 F003BBCB09CACF8A9F4CE0C67A2D6E63 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-12-14 08:58:48 7BDD7F1BC2A20971DEE17B6920D61BBC 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-12-14 08:58:47 A9E84AD3536425BC68263B723C2442E4 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-12-14 08:58:02 092F4D3C25F3086D4C7FDEC79DD71302 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe 2015-12-14 08:58:01 D8EEED21B06866E85DA30485F5059FF6 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe 2015-12-14 08:58:01 ADAF1151B29D2D1691FA027B6C55B3D7 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe 2015-12-14 08:58:01 73368169BFD965EC6257E77C23CED879 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe 2015-12-14 08:58:01 46AB480B01CD30801B3AE89B5AAE75A8 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe 2015-12-14 08:58:01 3B306D41F07396975ECE34A860BD9036 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe 2015-12-14 08:58:01 17A8DD2484DC26E38DFE3209C8B36980 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe 2015-12-14 08:58:01 0B82777B13B81417E5520DF7B1E8C319 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe 2015-12-14 08:58:01 0A3936FE18FC04350159A1E647201501 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe 2015-12-14 08:58:00 28FB06FC63D5817153B5502A49DF3F00 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe 2015-12-14 08:57:58 CA51FB3FE5012E21D9A14AC071527866 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe 2015-12-14 08:57:58 8977B87AB10AB1DA8769CA0053B401B0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe 2015-12-14 08:57:58 7BE9BE6E15653824A28F5CED6B273588 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe 2015-12-14 08:57:58 525027DF51378DDA25F0F52C20BCB132 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe 2015-12-14 08:57:58 36A44033C6B970F95E2A1448F4481CEA 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe 2015-12-14 08:57:56 F003BBCB09CACF8A9F4CE0C67A2D6E63 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe 2015-12-14 08:57:56 7BDD7F1BC2A20971DEE17B6920D61BBC 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe 2015-12-14 08:57:54 FDF059C05249FAEA0221ED65CD59A9C8 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe 2015-12-14 08:57:54 EFC80BC662BCC20B0B09700636FDC732 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe 2015-12-14 08:57:54 A9E84AD3536425BC68263B723C2442E4 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe 2015-12-14 08:57:54 04D67FF5044A605F1E7D923A1D6F1751 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe 2015-12-14 08:56:21 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\Users\GEAtje\Downloads\chromeinstall-8u66.exe 2015-12-14 08:56:01 A73293E07E4AC9E1AA76027146B819BB 1193161 ----a-w- C:\Program Files (x86)\eSupport.com\driveragent\unins000.exe 2015-12-14 08:56:01 9197DFBF0B747CFD40E4395755018AB7 669960 ----a-w- C:\Program Files (x86)\eSupport.com\driveragent\DriverAgent.exe 2015-12-14 08:55:31 D89779FB610E21DC87B26F2ECAB56A99 1225680 ----a-w- C:\Users\GEAtje\Downloads\driveragent-setup-1223.exe 2015-12-14 08:50:57 D64D1E9E5AAE16E1A648A981192999CC 29696 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\Mark\markx86_324.exe 2015-12-14 08:50:56 2E6B32958BA4AE8EBAEA020129C34D2B 218112 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\Web\webupdt.exe 2015-12-14 08:50:55 BACB957837A2EA83FD39D229726C05E6 20480 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\Data\settings.exe 2015-12-14 08:50:54 52A6DA5EDAD61ABBB0535F8EE3E44C65 21797 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\Data\pcwiz16.exe 2015-12-14 08:50:52 D331BDA7C6D9668DD26F7A07B2FB8D13 73728 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\PC Wizard.exe 2015-12-14 08:50:52 B80D455C1B4897AC67A790D7B49BD186 741377 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\unins000.exe 2015-12-14 08:50:52 216D3D767466CF1F9A41A662A6171DA5 608856 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe 2015-12-14 08:49:46 A1630F4BDF5C1E008D35C9C0885DA167 5400507 ----a-w- C:\Users\GEAtje\Downloads\pc-wizard_2014.2.13.exe 2015-12-14 08:27:01 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\Temp\B2D98A25-7861-4AED-AEA6-402FA43409BB\DismHost.exe 2015-12-12 15:54:17 1BEBC31761CB126357D3BA4FEEC054D6 52733696 ----a-w- C:\Program Files (x86)\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.12.5\DropboxClient_3.12.5.exe 2015-12-12 10:46:09 5D8AE0CA92FCFD6A684E2F086EEB06CC 14904 ----a-w- C:\Windows\Help\OEM\Scripts\LaunchHPForums.exe 2015-12-12 10:28:24 26BEE20E384D6D2A2C03B4594B9CE723 144912 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\UninstallHPSA.exe 2015-12-12 10:27:21 3F2B49BA01309111E054D6E3BB007259 142864 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\HPDObject.exe 2015-12-12 10:27:21 0AD4E3B6CF954387A622AA0921A5E527 566288 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\HPAsset.exe 2015-12-12 10:19:34 A9209BBA39ADE2FE71F82319C619DB3E 595656 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\HPSFUpdater.exe 2015-12-12 10:09:59 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\Temp\B3846671-EEB4-4D58-86B8-47B360A9C66E\DismHost.exe 2015-12-10 19:40:21 DA53494C9F58B0CC7FCB780CE9B0DBB6 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2015-12-10 19:39:42 58B9CFDD032CB92CEC0D3E8454E4C766 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-12-10 19:39:42 4CD20F77149C689703A71561747E7B8D 37888 ----a-w- C:\Windows\System32\wuapp.exe 2015-12-10 19:39:42 233AB915DBB476BFD7218DB553D91DCC 140288 ----a-w- C:\Windows\System32\wuauclt.exe 2015-12-10 19:33:35 1E32A0EF31E39783589F3FF33C71EB26 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-12-10 19:33:32 86B198DEEEE852E5EEAB84A60A2FE7CB 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2015-12-10 19:33:32 33E703517D83F367B0B0B3EF2C807C77 718336 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-12-10 19:33:30 E4D66ACC2628505EA1EBB7ACEF51EFE6 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2015-12-10 19:33:30 4D4835564157BF4EFF683360115E3979 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2015-12-10 19:33:29 A6FD59F4B16195367C4089F890F5E8FE 815304 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-12-10 19:33:29 1537D3FFDC70A1EF8792235A99DC4C4B 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-12-10 19:33:27 C1E9DBB3A8C7066D767BD78485491270 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2015-12-10 19:33:26 C571C60A30A7CC38DF08DEF9AD3A2352 814280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-12-10 19:33:26 6082F9978A1456863397F99E5C8E7901 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-12-10 19:33:21 02A92A8C880FDC242441FBE0620CF14B 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-12-10 19:00:21 5236ECC094EBEEEB8CB3A4B0BB456057 2996304 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.80\47.0.2526.80_47.0.2526.73_chrome_updater_3stage.exe 2015-12-10 18:27:44 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Windows\Temp\42FDEC39-7D18-40AB-BB9A-96E62BC452C7\DismHost.exe 2015-12-08 18:34:36 B4656E85333FED69FD85761FDCE8B5D8 1484104 ----a-w- C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\SwReporter\5.39.1\software_reporter_tool.exe 2015-12-08 18:24:33 61285170DA46E35AF6DBAAE8945646D9 2193728 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\db3\IobitDownloader.exe === C: other files == 2015-12-14 08:58:03 4DB4B1F67E583B41F841F48254BE38E3 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip 2015-12-14 08:56:04 8407DDFAB85AE664E507C30314090385 22200 ----a-w- C:\Windows\Temp\DriverAgent\DrvAgent64.sys 2015-12-14 08:56:04 8407DDFAB85AE664E507C30314090385 22200 ----a-w- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS 2015-12-14 08:50:54 F60A9B88C6FF07D4990D8653D0025683 29928 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_ia64.sys 2015-12-14 08:50:54 E425C66663C96D5A9F030B0AD4D219A8 26856 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x32.sys 2015-12-14 08:50:54 5212E0957468D3F94D90FA7A0F06B58F 26856 ----a-w- C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys 2015-12-13 19:05:38 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\scoped_dir_5316_1212\youtube.crx 2015-12-13 19:05:38 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\scoped_dir_5316_23430\search.crx 2015-12-13 19:05:38 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\scoped_dir_5316_176\drive.crx 2015-12-13 19:05:38 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\scoped_dir_5316_27179\gmail.crx 2015-12-12 10:46:15 8982A18BF989AECCBFFF14B246F5571F 141 ----a-w- C:\Windows\Help\OEM\Scripts\winNetworkDianosticTool.bat 2015-12-12 10:46:14 8198CB1BBFE605E2D9029F5CC39A80F9 104 ----a-w- C:\Windows\Help\OEM\Scripts\sysproperty.bat 2015-12-12 10:46:13 3A7A37197511A6AF3FB1E5FD0C846816 28 ----a-w- C:\Windows\Help\OEM\Scripts\ProgramCompatibilityWizard.bat 2015-12-12 10:46:11 875A1490532B2E58A32B30F1F613121E 92 ----a-w- C:\Windows\Help\OEM\Scripts\openPerformanceRatingTools.bat 2015-12-10 19:38:59 4287A4345CFFDD4D7710B2FCFF6C21BC 3211264 ----a-w- C:\Windows\System32\win32k.sys 2015-12-10 19:38:54 5BD6B1EC997FF3DD779D62E05D2079A8 146944 ----a-w- C:\Windows\System32\drivers\rmcast.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe " "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun " "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Dashlane"="C:\Users\GEAtje\AppData\Roaming\Dashlane\Dashlane.exe autoLaunchAtStartup" "DashlanePlugin"="C:\Users\GEAtje\AppData\Roaming\Dashlane\DashlanePlugin.exe ws" "Advanced SystemCare 9"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "BrHelp"="C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "DLSService"="C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" "WAHELPER.EXE"="C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE" "Magic Desktop for HP notification"="C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe " "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun " "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Dashlane"="C:\Users\GEAtje\AppData\Roaming\Dashlane\Dashlane.exe autoLaunchAtStartup" "DashlanePlugin"="C:\Users\GEAtje\AppData\Roaming\Dashlane\DashlanePlugin.exe ws" "Advanced SystemCare 9"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\{B5B25~1\\201~1.9\\roni.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Tiny download manager"="\"C:\\Users\\GEAtje\\AppData\\Local\\DM\\TinyDM.exe\" /M" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_264169BEFBA7ADAEBF39CA0C9092D22E] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleChromeAutoLaunch_264169BEFBA7ADAEBF39CA0C9092D22E" "hkey"="HKCU" "command"="\"C:\\Users\\GEAtje\\AppData\\Local\\Chromium\\Application\\chrome.exe\" --auto-launch-at-startup --profile-directory=\"Default\" --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" ==== Startup Folders ====================== 2015-10-30 20:16:35 991 ----a-w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [14-10-2015 13:48] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [14-10-2015 13:48] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-10-2015 11:48] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-10-2015 11:48] C:\Windows\tasks\HPCeeScheduleForGEATJE-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 09:51] C:\Windows\tasks\HPCeeScheduleForGEAtje.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 09:51] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 1e5100d0-ed26-4c17-8091-0d92299e4237.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [20-11-2015 20:58] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 39aa2e6a-d3f3-4865-a6f4-60c5e1a3bef4.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [20-11-2015 20:58] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ASC9_SkipUac_GEAtje" ["C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (GEAtje)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForGEAtje" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForGEATJE-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Palikan roni" ["wscript.exe" "C:\ProgramData\{B5B25D71-E530-8CF7-54B6-FC7584342FFB}\2.0.1.9\cile.txt" "433a2f50726f6772616d446174612f7b42354232354437312d453533302d384346372d353442362d4643373538343334324646427d2f322e302e312e392f726f6e692e646c6c" "687474703a2f2f73616f2e6b616e72712e636f6d2f" "--IsErIk" "//E:jscript"] "C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task 1e5100d0-ed26-4c17-8091-0d92299e4237" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task 39aa2e6a-d3f3-4865-a6f4-60c5e1a3bef4" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_GEAtje" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{9FCDEE2B-079D-4B58-A8D3-BEFBACE2206F}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{D51B9355-8F46-4D63-8F6A-736B4EB2A0A3}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe"] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe"] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2015-10-14 11:13:04 -------- d-----w- C:\PROGRA~3\Brother 2015-10-14 11:22:16 -------- d-----w- C:\PROGRA~3\boost_interprocess 2015-10-14 11:26:55 -------- d-----w- C:\PROGRA~3\ControlCenter4 2015-10-14 11:29:57 -------- d-----w- C:\PROGRA~3\Microsoft OneDrive 2015-10-14 12:48:33 -------- d-----w- C:\PROGRA~3\Dropbox 2015-10-14 12:51:01 -------- d-----w- C:\PROGRA~3\Samsung 2015-10-14 14:22:28 -------- d-----w- C:\PROGRA~3\DYMO 2015-10-14 14:31:30 -------- d-----w- C:\PROGRA~3\Apple 2015-10-14 14:46:14 -------- d-----w- C:\PROGRA~3\Odian Games 2015-10-14 20:15:00 -------- d-----w- C:\PROGRA~3\Recovery 2015-10-25 10:49:55 -------- d-----w- C:\PROGRA~3\TomTom 2015-10-26 20:59:24 -------- d-----w- C:\PROGRA~3\Microsoft Help 2015-10-27 18:45:59 -------- d-----w- C:\PROGRA~3\Elephant Games 2015-10-28 19:49:43 -------- d-----w- C:\PROGRA~3\DAEMON Tools Lite 2015-10-28 19:52:01 -------- d--h--w- C:\PROGRA~3\Common Files 2015-11-20 19:49:12 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com 2015-11-21 08:07:33 -------- d-----w- C:\PROGRA~3\ESET 2015-11-26 08:00:31 -------- d-----w- C:\PROGRA~3\Easybits Magic Desktop for HP 2015-11-27 20:08:12 -------- d-----w- C:\PROGRA~3\IObit 2015-12-03 09:53:14 -------- d-----w- C:\PROGRA~3\Trusteer 2015-12-14 08:57:38 -------- d-----w- C:\PROGRA~3\Oracle ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEAtje\AppData\Roaming\TomTom\HOME\Profiles\hgx0e9gi.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ljibkigjccbegnbeojkoafejpoiachej - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] ljibkigjccbegnbeojkoafejpoiachej - No path found[] Palikan New Tab - GEAtje\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej Chrome Web Store Payments - GEAtje\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Rapport - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof Dropbox for Gmail - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec Dashlane - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg Widthie - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh Pin It Button - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic Palikan New Tab - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej AVG Secure Search - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Chrome Web Store Payments - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Search People - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp ==== Chromium Fix ====================== C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.palikan.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.palikan.com/?f=1&a=plk_ir_15_47&cd=2xzuyetn2y1l1qzu0ezzyetd0ftbtd0ezz0ezz0d0bye0dzztn0d0tzu0stcyetcyctn1l2xzutatftcyetftdtftdtn1l1czu1btbtn1l1g1b1v1n2y1l1qzu2sycyc0btdta0f0byctgyc0atc0etgzyyd0b0ctgydye0dyctgtdtazztbta0atczy0d0fzytc2qtn1m1f1b2z1v1n2y1l1qzu2stc0c0a0a0b0dta0etgtaybzztdtgye0eyetatgzyybzyzztgtaye0btd0c0azytb0bta0a0c2qtn0a0lzuye&cr=1692946143&ir=" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox HKLM\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45} - No_Url_Value HKLM\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms} HKLM\Wow6432Node\SearchScopes "DefaultScope"="" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox HKLM\Wow6432Node\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms} HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_ir_15_47&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBtD0Ezz0Ezz0D0ByE0DzztN0D0Tzu0StCyEtCyCtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCyC0BtDtA0F0ByCtGyC0AtC0EtGzyyD0B0CtGyDyE0DyCtGtDtAzztBtA0AtCzy0D0FzytC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0C0A0A0B0DtA0EtGtAyBzztDtGyE0EyEtAtGzyyBzyzztGtAyE0BtD0C0AzytB0BtA0A0C2QtN0A0LzuyE&cr=1692946143&ir= HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox HKCU\SearchScopes\{6586d803-df30-46d3-a89a-4136c8571d45} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms} ==== Reset Google Chrome ====================== C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B236E3E-80B2-4322-B6A2-529D751B7FB1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ljibkigjccbegnbeojkoafejpoiachej deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ljibkigjccbegnbeojkoafejpoiachej deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ljibkigjccbegnbeojkoafejpoiachej deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\GEAtje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\GEAtje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Cache emptied successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=26 folders=11 193286 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\GEAtje\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEAtje\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection\ASCService.log" not found "C:\ProgramData\IObit" not found "C:\Program Files (x86)\IObit" not found ==== EOF on ma 14-12-2015 at 19:05:59,97 ======================