Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by JEAN on ma 14/03/2016 at 10:34:49,90. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JEAN\DOWNLOADS\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-02-15-145521.log 73894 bytes ==== Windows Installer Info ====================== ABBYY FineReader 6.0 Sprint [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006FCA9B229EC4896DC2FC53B9CA70]C:\Windows\Installer\1acbce.msi Adobe Acrobat XI Pro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA3301FFFF7706000000000060]C:\Windows\Installer\4ee6aa.msi Adobe AIR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\88CDFD8704AFF8043879D197806AAD12]c:\Windows\Installer\608546.msi Adobe Download Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6ADAE86E4A363D6FEF2169B878F9A76D]C:\Windows\Installer\6232b2.msi Adobe Reader 8.1.1 - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B7448A0100000030]C:\Windows\Installer\4fab12.msi Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008142613101]C:\Windows\Installer\1f5e03.msi Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A440F64B8EC691489E4B56D25E563D1]C:\Windows\Installer\853da.msi Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\Windows\Installer\b6270b.msi AVG [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25336E28E5760F2448B093098C0483E2]C:\Windows\Installer\4462ce.msi AVG Zen [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\15C0B426B6AE23D498095E1E9020FB62]C:\Windows\Installer\44626e.msi Belgium e-ID middleware 4.1.10 (build 1698) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EA61FDD4D5D872042A1DC8BB94E86189]C:\Windows\Installer\163ad4.msi Compatibiliteitspakket voor het 2007 Microsoft Office system [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109020031400000000000F01FEC]C:\Windows\Installer\503ac9.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\15c52a.msi FMW 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2FD168E1F5ABB724DBFB5BE279C06AD7]C:\Windows\Installer\a5f1fa.msi Google Drive [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1930D598F95454D48BDD310FED076CE6]C:\Windows\Installer\160ba6.msi Google Earth [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0336A2D4B8F23E11C9048BCAF6798BE8]C:\Windows\Installer\7a8e2.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\d12ec.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\Windows\Installer\efd9b8.msi Intel(R) PRO Network Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFC4FBBB62D939D48A962B0B123BAC58]C:\Windows\Installer\46702.msi Intel© ViivT software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EEC2747A58E634D4C917DBCFD074F107]C:\Windows\Installer\4670b.msi Java 8 Update 65 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208560F]C:\Windows\Installer\433339.msi Java 8 Update 66 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208660F]C:\Windows\Installer\433326.msi Java 8 Update 72 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208270F]C:\Windows\Installer\1ce1f8.msi Java 8 Update 74 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208470F]C:\Windows\Installer\d73d3.msi Logitech Webcam Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A2CB72CDD0341042BE236BED05B279F]C:\Windows\Installer\280756.msi Mesh Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6116D6C8427B0184F8D20D746E7B6DE8]C:\Windows\Installer\15c62b.msi Messenger Companion [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E52D2418A820365468DE755587C30892]C:\Windows\Installer\15c719.msi Microsoft .NET Framework 3.5 Language Pack SP1 - nld [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7D837101508D9A73BB19F1C2537128FB]C:\Windows\Installer\95b784.msi Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26DDC2EC4210AC63483DF9D4FCC5B59D]C:\Windows\Installer\26a1180.msi Microsoft .NET Framework 4.5.2 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6962609F78B5CC9309ECAD52669862D2]C:\Windows\Installer\19142bf.msi Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65FC11932FE9AB9348A62CB73DDC6058]C:\Windows\Installer\4b24a0.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400000000000F01FEC]C:\Windows\Installer\15c532.msi Microsoft Fix it Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\54D8857BCDFA39C4E9E21A003F55B446]C:\Windows\Installer\4c89fe.msi Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\Windows\Installer\1084f6.msi Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC]C:\Windows\Installer\108503.msi Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\Windows\Installer\1084a6.msi Microsoft Office File Validation Add-In [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109500200000000000000F01FEC]C:\Windows\Installer\10cf16.msi Microsoft Office Groove MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109AB0031400000000000F01FEC]C:\Windows\Installer\1084ba.msi Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\Windows\Installer\1084c0.msi Microsoft Office OneNote MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021091A0031400000000000F01FEC]C:\Windows\Installer\1084fc.msi Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\Windows\Installer\1084ad.msi Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\Windows\Installer\1084b4.msi Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\Windows\Installer\1084c7.msi Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\Windows\Installer\1084db.msi Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\Windows\Installer\1084d4.msi Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\Windows\Installer\1084cd.msi Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\Windows\Installer\1084e1.msi Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\Windows\Installer\1084e8.msi Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\Windows\Installer\10849f.msi Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\Windows\Installer\1084ef.msi Microsoft Office Word Viewer 2003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3140580900063D11C8EF10054038389C]C:\Windows\Installer\a317ec.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\8db60.msi Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\Windows\Installer\15c5db.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\203b87.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]C:\Windows\Installer\cda157.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\8a0353.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]c:\Windows\Installer\d2a9d.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\Windows\Installer\c1761.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\b5fa6f.msi Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FB95CD427D08EC3FBFEE1F8FA86E90B]C:\Windows\Installer\b5faab.msi Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A26EE4DCB4BC6C3C99F80A3CF542F10]C:\Windows\Installer\b5fab2.msi Microsoft Visual Studio Tools for Applications 2.0 - ENU [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C2B4A4AA56408FC3AB67720A728DCABA]c:\Windows\Installer\1506187.msi Microsoft Visual Studio Tools for Applications 2.0 Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C992E4F4F1439A61E470EA3BE597]c:\Windows\Installer\150617f.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\15c526.msi MSXML 4.0 SP2 (KB927978) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\568774731F3A2774DA34AACFB6FC9FF9]C:\Windows\Installer\1f7af53.msi MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]C:\Windows\Installer\20321da.msi MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]C:\Windows\Installer\20321d3.msi Nero 8 Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A779BB5348E13E4899547F544B20134]C:\Windows\Installer\4fab47.msi neroxml [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB940C659E972054EB7A79453A6EF0B9]C:\Windows\Installer\4fab4d.msi Nitro Reader 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00D1545F844BA9E428CD91924F1F19D0]C:\Windows\Installer\123f625.msi OpenOffice 4.0.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A1EAB9AE86D20614186E417B2134D566]C:\Windows\Installer\66d572.msi Photo Notifier and Animation Creator [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\899358D8550154E49BE95F30C9058213]C:\Windows\Installer\1c7035.msi QuickTime 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4]C:\Windows\Installer\102fcd4.msi RealDownloader [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4ACBE7FAFAF98CD4D8907658B48BD443]C:\Windows\Installer\1f4cd3.msi RealNetworks - Microsoft Visual C++ 2008 Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B17E077734D20084C93BB5C6AABEBEAE]C:\Windows\Installer\1f4cb8.msi RealNetworks - Microsoft Visual C++ 2010 Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB7FCEAAB38E01A478AEEDB033F37843]C:\Windows\Installer\1f4cb1.msi Security Update for CAPICOM (KB931906) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9F2FDFE0D6387BE43AD230B83D1FBFA2]C:\Windows\Installer\c174c.msi Segoe UI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DBCF4DD51C3A5514E97114167CA0AAAB]C:\Windows\Installer\15c52e.msi Skype Click to Call [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7692FC6BE18C0C0489510C7547EF1F02]C:\Windows\Installer\14dfc1.msi SkypeT 7.18 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\74A569CF9384AC046B81814F680F246C]C:\Windows\Installer\608555.msi Spelling Dictionaries Support For Adobe Reader 8 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA746454382080000000040]C:\Windows\Installer\4fab16.msi TuneUp Utilities 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8CBDBA4C18C19C24FBCFA48615E1E9F4]C:\Windows\Installer\55b14.msi TuneUp Utilities Language Pack (nl-NL) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D1B679F1DFC76F440B61D1B3F0AF39A7]C:\Windows\Installer\55b10.msi VCRedistSetup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A76A12931BA584E449447C8141FC0372]C:\Windows\Installer\4fab42.msi Visual Studio 2012 x86 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A91FFE89BA03B4E49B340FB6C136BE8F]C:\Windows\Installer\eecf86.msi Windows 7 Upgrade Advisor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52F66CD0F85C3d0468CBAC926C9DB98F]C:\Windows\Installer\eb0786.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\15c543.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B53C70A248384AD4A95944B2C6980A37]C:\Windows\Installer\15c69a.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\79D3E6D2FDF13994CA57275FE94C545C]C:\Windows\Installer\15c67f.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FADF33FDED22E3E4FA7F8A46B8745369]C:\Windows\Installer\15c715.msi Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A8D0516CDE683D1478BB3FBB150B7BF7]C:\Windows\Installer\15c4ee.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\15c50e.msi Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C55EC23CAB21159478799076DFFE55F6]C:\Windows\Installer\15c700.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A3414F312C911046897B31C10C48668]C:\Windows\Installer\15c70c.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7BCDCEDCC85568419FA26F77989EF84]C:\Windows\Installer\15c670.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11F12B5E3396B0E42AC597363E0CD711]C:\Windows\Installer\15c581.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\59D49284A9EE7734283144CF2456BF72]C:\Windows\Installer\15c6ba.msi Windows Live Messenger Companion Core [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C4B69A87346AF0D4892C8A1EA666969F]C:\Windows\Installer\15c683.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4314AE291D01A814191EA5403531A183]C:\Windows\Installer\15c60f.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9D4227BCACD61F34F838B6E1930AF029]C:\Windows\Installer\15c6ed.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D262DB9887B64540A5A4F5FE63C38B4]C:\Windows\Installer\15c6a7.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\15c55f.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0FB3B06AB459FA248B8DC2D1436B31AA]C:\Windows\Installer\15c6dd.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\766F6333940964D4896BC447E3BE5C1B]C:\Windows\Installer\15c5df.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\15c553.msi Windows Live Remote Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\099A4A9134357FF43B5BF640C690E1FD]C:\Windows\Installer\15c66c.msi Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\45EBCC0F23199E4428FDDC63A45D2CD2]C:\Windows\Installer\15c704.msi Windows Live Remote Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2878E7224F2B79E40BEE94EDC91C0C0C]C:\Windows\Installer\15c4f2.msi Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BCB0E548D8C8BAF45888DAF5DF51C659]C:\Windows\Installer\15c708.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\15c53a.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\15c536.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\15c4f8.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9FC52F6D78E4BE343B421CB29EDC6D86]C:\Windows\Installer\15c690.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\076CFAAAB965F2A4284B2449E5D03EFE]C:\Windows\Installer\15c5bd.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\329710E78F6123E449FEA051B01D69EF]C:\Windows\Installer\15c6f7.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\60EA627A3AAA1D34783E075F0113F440]C:\Windows\Installer\15c61d.msi Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B144B41D477071489AE1A6376EA2681]C:\Windows\Installer\15c6c9.msi ==== Empty Folders Check ====================== C:\Program Files\ESET deleted successfully C:\PROGRA~2\BlueSprig deleted successfully C:\PROGRA~2\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully C:\Users\JEAN\AppData\Roaming\MusicNet deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\lxeecoms.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\ehome\ehsched.exe C:\Windows\ehome\ehRecvr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\JEAN\DOWNLOADS\zoek.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k SDRSVC ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\3ov9jk1c.default-1449582130791 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20161403_1056_.backup ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 user.js not found ---- Lines searches removed from prefs.js ---- user_pref("browser.urlbar.suggest.searches", true); ---- FireFox user.js and prefs.js backups ---- prefs_20161403_1056_.backup ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20161403_1056_.backup ProfilePath: C:\Users\JEAN\AppData\Roaming\Thunderbird\Profiles\1zqg8zaw.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20161403_1056_.backup ProfilePath: C:\Users\JEAN\AppData\Roaming\Thunderbird\Profiles\03w6l4p4.default prefs.js not found user.js not found ---- FireFox user.js and prefs.js backups ---- ==== Deleting Files \ Folders ====================== C:\Program Files\ESET not found C:\PROGRA~2\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found C:\Windows\system32\Tasks\0116avUpdateInfo deleted C:\Windows\tasks\0116avUpdateInfo.job deleted C:\Users\JEAN\Documents\OneSafe PC Cleaner deleted C:\Program Files\Common Files\Wondershare deleted C:\Users\JEAN\AppData\Roaming\Wondershare deleted C:\Users\JEAN\AppData\Roaming\ProductData deleted C:\Users\JEAN\AppData\Roaming\Registry Mechanic deleted C:\PROGRA~2\UpdaterLog.txt deleted C:\PROGRA~2\SPL36AD.tmp deleted C:\PROGRA~2\SPL9BC7.tmp deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F} deleted C:\PROGRA~2\{746B37DB-B7A6-43BE-85D2-74478CF434B4} deleted C:\PROGRA~2\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA} deleted C:\PROGRA~2\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted C:\PROGRA~2\{D76294E6-03B8-4971-AF2E-3F846161A690} deleted C:\PROGRA~2\Package Cache deleted C:\Users\JEAN\AppData\Local\AVAST Software deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\system32\drivers\DrvAgent32.sys deleted C:\Windows\System32\AniGIF.ocx deleted C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328\jetpack deleted ==== Folders Found ====================== 2012-01-27 17:54:42 2012-01-27 17:54:42 -------- d-----w- C:\IncrediMail 2012-01-27 18:49:28 2012-01-27 18:49:28 -------- d---a-w- C:\Local\Temp\IncrediMail 2012-01-27 08:50:54 2012-01-27 08:50:54 -------- d-----w- C:\ProgramData\IncrediMail 2012-01-27 19:50:03 2012-01-27 19:50:03 -------- d---a-w- C:\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.incredimail.com 2012-01-27 08:50:54 2012-01-27 08:50:54 -------- d-----w- C:\Users\All Users\IncrediMail 2012-01-27 13:44:03 2016-02-15 20:22:00 -------- d-----w- C:\Users\JEAN\Documents\IncrediMail 2012-01-27 14:10:43 2012-01-27 14:10:43 -------- d---a-w- C:\Users\JEAN\Documents\Local\Temp\IncrediMail 2012-01-27 14:25:48 2012-01-27 14:25:48 -------- d---a-w- C:\Users\JEAN\Documents\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.incredimail.com 2012-01-27 13:20:58 2012-01-27 13:20:58 -------- d---a-w- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Temp\IncrediMail 2012-01-27 13:27:56 2012-01-27 13:27:57 -------- d---a-w- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QYWSF62R\www.incredimail.com 2012-01-27 13:27:57 2012-01-27 13:27:57 -------- d---a-w- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.incredimail.com 2012-01-27 13:28:56 2013-01-04 20:18:40 -------- d-----w- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\Documents(269)\IncrediMail Transferred Data ==== Files Found ====================== --- C:\Desktop\IncrediMail.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1896 Created time: 2012-01-27 17:25:14 Modified time: 2010-12-09 14:45:46 MD5: 30EA435311FE6E733CD2BBD7136991B1 SHA1: 0ABB6249845311F00C9360BAFB4BF5E7C9040AD4 --- C:\IncrediMail\Bin\IncrediMail Gallery.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 17:54:58 Modified time: 2010-12-08 19:23:12 MD5: 15AFF4D3F11F5A184B957D134BA8E6B2 SHA1: E28F24D94E3779094A6856825E2B9B204999AACF --- C:\IncrediMail\Bin\IncrediMail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 17:54:58 Modified time: 2010-12-08 19:23:12 MD5: 81AD2C3F9A8E9448313279F2901203BF SHA1: ADB6E9DFC9B9916448FD3745AAFF37043AEE050A --- C:\Local\IM\Runtime\Skin\E2FEE54A-6EB1-47C5-9027-44ABECEAF3E3\open_incredimail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1150 Created time: 2012-01-27 18:47:57 Modified time: 2009-10-28 16:19:02 MD5: 7BC5EF6A24D656A004D8FA1F23307960 SHA1: 3099FF1FEA16AA726CC975255C8250CF7D94D8D2 --- C:\MOOIE PPTS\MOOIE PPTS\IncrediMail Exported Contacts (csv format).csv --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 16766 Created time: 2010-01-27 16:20:38 Modified time: 2009-12-24 11:29:48 MD5: 3035454FBE8D82C2742D4DDD88BAD31A SHA1: F4AF0176345BAC9139D01EFF666D4D5969E64071 --- C:\PhotoMail Maker\flash interface\InstallIncrediMailDialog.swf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 6788 Created time: 2012-01-27 19:21:57 Modified time: 2010-05-20 14:43:30 MD5: C46834B3741EB0AEE839A7E64D149746 SHA1: F0DFDECBF39F22442B7582C268DC979D56BCFF81 --- C:\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1888 Created time: 2012-01-27 19:50:05 Modified time: 2010-12-08 19:24:16 MD5: CD4F204F1F7BE81997E40EFE28E1611A SHA1: D148FFAFE4933B4478776D6D10556E26F3A2D201 --- C:\Roaming\Microsoft\Windows\Cookies\jean_geleleens@mystart.incredimail[1].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 394 Created time: 2012-01-27 19:50:09 Modified time: 2011-01-17 16:25:30 MD5: AEB299E9DE0F2CE1155600A3239F0C84 SHA1: EB9B2CED9E94CDDCA290BCA4670B62C65A26578D --- C:\Roaming\Microsoft\Windows\Cookies\jean_geleleens@mystart.incredimail[2].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 399 Created time: 2012-01-27 19:50:09 Modified time: 2011-01-17 19:25:50 MD5: 6281764217A2DAEA5701E4D84F100B99 SHA1: 7CBFE55B205808626F5DAF873A0FFDA3F68AE598 --- C:\Roaming\Microsoft\Windows\Cookies\jean_geleleens@www.incredimail[1].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 713 Created time: 2012-01-27 19:50:09 Modified time: 2011-01-17 16:25:30 MD5: 890DA2B35A00B5CD5FCB2E401AA3826B SHA1: 01B3C03BD5F61F75B3FD7564ADD1E53C345CF195 --- C:\Roaming\Microsoft\Windows\Cookies\jean_geleleens@www.incredimail[2].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 713 Created time: 2012-01-27 19:50:09 Modified time: 2011-01-18 14:22:25 MD5: 5002413922A7A98E0502DB20EBBA152F SHA1: B5DCAEEECEA116A9751FF2D1A54B50A013B9C970 --- C:\Roaming\Microsoft\Windows\Cookies\Low\jean_geleleens@incredimail[1].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1389 Created time: 2012-01-27 19:50:09 Modified time: 2011-01-18 13:08:25 MD5: A3009CB1B92771889A0C922917CED825 SHA1: 32A49F00409B6CCBF7D8DF16C058004E07F096EB --- C:\Roaming\Microsoft\Windows\Cookies\Low\jean_geleleens@mystart.incredimail[1].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 399 Created time: 2012-01-27 19:50:09 Modified time: 2011-01-19 13:20:52 MD5: FFB1777E0694896216ED8C3DC8357CF5 SHA1: 2036CD8AFEC36BDE6490F77D16B7E7B039EEAD26 --- C:\Roaming\Microsoft\Windows\Cookies\Low\jean_geleleens@www.incredimail[1].txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 886 Created time: 2012-01-27 19:50:10 Modified time: 2011-01-19 13:20:52 MD5: 432A17EAF808AC56B534CEBBD3F98781 SHA1: DFC68B122E46589A92890A6436ACAE60CFEFF29B --- C:\Roaming\Software Informer\cache\icons\IncrediMail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 19:50:38 Modified time: 2010-01-30 14:50:45 MD5: 8182C0D8C4CCD1847332394B4547723F SHA1: EAFF246364F922CB097337E2A62CB692E44CEFD9 --- C:\Users\JEAN\IncrediMail_TSA1XDVDJ.exe.cj2u1yr.partial --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 0 Created time: 2015-02-18 10:01:18 Modified time: 2015-02-18 10:01:18 MD5: D41D8CD98F00B204E9800998ECF8427E SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 --- C:\Users\JEAN\AppData\Local\Temp\Low\IM\IncrediMailUnInstall.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 4507746 Created time: 2016-03-13 18:22:04 Modified time: 2016-03-13 18:23:23 MD5: FB4539E87F9C710972B5E685836B53D4 SHA1: 00C43441C7648AB917FD8E07C5A5247EC18FBBD8 --- C:\Users\JEAN\AppData\Roaming\IObit\IObit Uninstaller\Log\IncrediMail 2.5.history --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1160230 Created time: 2016-02-13 15:18:05 Modified time: 2016-02-22 10:04:58 MD5: 065E5D7849389BF7053DA2FDFEA2C15A SHA1: ABB40B7CE9BE0F3172246B1F9088EE1F028CBCC3 --- C:\Users\JEAN\AppData\Roaming\IObit\IObit Uninstaller\Log\IncrediMail.history --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3520006 Created time: 2016-01-20 11:49:54 Modified time: 2016-01-20 11:49:54 MD5: 4B92C70CE37792BA1D97AD2EDDE92E51 SHA1: E56C04104318F104C1CA6306B884E066502988E4 --- C:\Users\JEAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1896 Created time: 2016-03-03 14:28:11 Modified time: 2016-03-03 14:28:11 MD5: EBBA964B3A6F5C64B9AE8F42D896639E SHA1: 99DDA3D8AB7936382F73CF5AE118B1118555EAE3 --- C:\Users\JEAN\AppData\Roaming\Software Informer\cache\icons\IncrediMail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-05-05 18:55:49 Modified time: 2012-05-05 18:55:49 MD5: 8182C0D8C4CCD1847332394B4547723F SHA1: EAFF246364F922CB097337E2A62CB692E44CEFD9 --- C:\Users\JEAN\AppData\Roaming\Software Informer\cache\icons\IncrediMail_MediaBar_Nederlands_2 Toolbar.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 766 Created time: 2012-05-05 18:55:49 Modified time: 2012-05-05 18:55:49 MD5: 01F8B50C9D7DFBD607F01DD16D6CE4C7 SHA1: 3D8377F7EC62DEED8F85FB73A107B85011A2D3E7 --- C:\Users\JEAN\Documents\IncrediMail\Bin\IncrediMail Gallery.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 13:44:09 Modified time: 2010-12-08 19:23:12 MD5: 15AFF4D3F11F5A184B957D134BA8E6B2 SHA1: E28F24D94E3779094A6856825E2B9B204999AACF --- C:\Users\JEAN\Documents\IncrediMail\Bin\IncrediMail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 13:44:09 Modified time: 2010-12-08 19:23:12 MD5: 81AD2C3F9A8E9448313279F2901203BF SHA1: ADB6E9DFC9B9916448FD3745AAFF37043AEE050A --- C:\Users\JEAN\Documents\Local\IM\Identities\{DE64A3E6-4465-4539-9FC1-CB31485DAF8B}\Message Store\Attachments\IncrediMail Data.cab --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 347333580 Created time: 2012-01-27 14:07:58 Modified time: 2010-05-27 08:43:47 MD5: 780EF9A58D55AF87C871DD3B8343BCD1 SHA1: A898DD4FC3A9231C0E332C0C9D0F85ED624FD167 --- C:\Users\JEAN\Documents\Local\IM\Identities\{DE64A3E6-4465-4539-9FC1-CB31485DAF8B}\Message Store\Attachments\{06E07232-F560-4A31-AFB0-E3DE009DF801}\IncrediMail Data.cab --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 96185397 Created time: 2012-01-27 14:09:00 Modified time: 2009-12-24 11:18:26 MD5: 006750ECE8677BE4D250F00C95E1F05A SHA1: E91479004B01735785D7E8057A0B1C8B0DA50890 --- C:\Users\JEAN\Documents\PhotoMail Maker\flash interface\InstallIncrediMailDialog.swf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 6788 Created time: 2012-01-27 14:17:04 Modified time: 2010-05-20 14:43:30 MD5: C46834B3741EB0AEE839A7E64D149746 SHA1: F0DFDECBF39F22442B7582C268DC979D56BCFF81 --- C:\Users\JEAN\Documents\Roaming\Software Informer\cache\icons\IncrediMail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 14:25:55 Modified time: 2010-01-30 14:50:45 MD5: 8182C0D8C4CCD1847332394B4547723F SHA1: EAFF246364F922CB097337E2A62CB692E44CEFD9 --- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\IM\Identities\{DE64A3E6-4465-4539-9FC1-CB31485DAF8B}\Message Store\Attachments\IncrediMail Data.cab --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 347333580 Created time: 2012-01-27 13:17:20 Modified time: 2010-05-27 08:43:47 MD5: 780EF9A58D55AF87C871DD3B8343BCD1 SHA1: A898DD4FC3A9231C0E332C0C9D0F85ED624FD167 --- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\IM\Identities\{DE64A3E6-4465-4539-9FC1-CB31485DAF8B}\Message Store\Attachments\{06E07232-F560-4A31-AFB0-E3DE009DF801}\IncrediMail Data.cab --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 96185397 Created time: 2012-01-27 13:18:23 Modified time: 2009-12-24 11:18:26 MD5: 006750ECE8677BE4D250F00C95E1F05A SHA1: E91479004B01735785D7E8057A0B1C8B0DA50890 --- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\IM\Runtime\Skin\E2FEE54A-6EB1-47C5-9027-44ABECEAF3E3\open_incredimail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1150 Created time: 2012-01-27 13:19:58 Modified time: 2009-10-28 16:19:02 MD5: 7BC5EF6A24D656A004D8FA1F23307960 SHA1: 3099FF1FEA16AA726CC975255C8250CF7D94D8D2 --- C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Roaming\Software Informer\cache\icons\IncrediMail.ico --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 25214 Created time: 2012-01-27 13:28:11 Modified time: 2010-01-30 14:50:45 MD5: 8182C0D8C4CCD1847332394B4547723F SHA1: EAFF246364F922CB097337E2A62CB692E44CEFD9 --- C:\Users\JEAN\DOWNLOADS\IncrediMailSetup_nl.exe --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13506520 Created time: 2016-02-24 20:46:27 Modified time: 2016-02-24 20:46:32 MD5: 760FE17BA150512DBDA5C5E62B2789E1 SHA1: 444884C704F2993E427E62618E449F47B7E6B140 --- C:\Users\JEAN\Pictures\MOOIE PPTS\MOOIE PPTS\MOOIE PPTS\IncrediMail Exported Contacts (csv format).csv --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 16766 Created time: 2012-01-27 14:15:06 Modified time: 2009-12-24 11:29:48 MD5: 3035454FBE8D82C2742D4DDD88BAD31A SHA1: F4AF0176345BAC9139D01EFF666D4D5969E64071 --- C:\Windows\Installer\{C8842F80-0E07-4424-916D-9F6B6A9968E4}\IncrediMailDesktop_D17BEBF4240D4B7BB561D5EC353EF0F3.exe --- Company: Macrovision Corporation File Description: InstallShield File Version: 14.0.162 Product Name: InstallShield Copyright: Copyright (C) 2007 Macrovision Corporation Original Filename: _IsIcoRes.exe File type: ----a-r- File size: 65536 Created time: 2015-02-14 15:59:32 Modified time: 2015-02-14 15:59:32 MD5: 4026FCAD22F82184E8317F9D8DE0848E SHA1: 1DC93A064C13ABC8F08DFCE09BC3DAF08A68CA0E --- C:\Windows\Installer\{C8842F80-0E07-4424-916D-9F6B6A9968E4}\IncrediMailMenuFol_A2DA5AEC1C204AFCA02B199D5A54DAC2.exe --- Company: Macrovision Corporation File Description: InstallShield File Version: 14.0.162 Product Name: InstallShield Copyright: Copyright (C) 2007 Macrovision Corporation Original Filename: _IsIcoRes.exe File type: ----a-r- File size: 65536 Created time: 2015-02-14 15:59:32 Modified time: 2015-02-14 15:59:32 MD5: 4026FCAD22F82184E8317F9D8DE0848E SHA1: 1DC93A064C13ABC8F08DFCE09BC3DAF08A68CA0E --- C:\Windows\Installer\{C8842F80-0E07-4424-916D-9F6B6A9968E4}\IncrediMailProgram_A88684EF7449474DB02892A444C5EBAC.exe --- Company: Macrovision Corporation File Description: InstallShield File Version: 14.0.162 Product Name: InstallShield Copyright: Copyright (C) 2007 Macrovision Corporation Original Filename: _IsIcoRes.exe File type: ----a-r- File size: 65536 Created time: 2015-02-14 15:59:32 Modified time: 2015-02-14 15:59:32 MD5: 4026FCAD22F82184E8317F9D8DE0848E SHA1: 1DC93A064C13ABC8F08DFCE09BC3DAF08A68CA0E --- C:\Windows\Installer\{C8842F80-0E07-4424-916D-9F6B6A9968E4}\IncrediMailQuickLa_B9881DCFEEE44103B0B70238F263AEBC.exe --- Company: Macrovision Corporation File Description: InstallShield File Version: 14.0.162 Product Name: InstallShield Copyright: Copyright (C) 2007 Macrovision Corporation Original Filename: _IsIcoRes.exe File type: ----a-r- File size: 65536 Created time: 2015-02-14 15:59:32 Modified time: 2015-02-14 15:59:32 MD5: 4026FCAD22F82184E8317F9D8DE0848E SHA1: 1DC93A064C13ABC8F08DFCE09BC3DAF08A68CA0E ==== Registry Search Results for "incredimail" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D48C815-6FDD-496B-BC60-05546BE5AB61}] "AppName"="IncrediMail_MediaBar_2ToolbarHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC73968A-7EEA-4D47-8314-063D41D784A4}] "AppName"="IncrediMail_MediaBar_2AutoUpdateHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\IncrediMail_TSA28XQR3.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\ProgramData\\IncrediMail\\Data\\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\ProgramData\\IncrediMail\\"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\ProgramData\\IncrediMail\\Data\\Licenses\\"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\065EFC441E38F9C47AE53FD0108F15DE] "00000000000000000000000000000000"="C:\\ProgramData\\IncrediMail\\Data\\Licenses\\IM_LTWIZ.imk" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\286FB5A04FCEF1D4DB63DA74A77F000A] "00000000000000000000000000000000"="C:\\ProgramData\\IncrediMail\\Data\\Licenses\\IM_SYSTEM.imk" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C9DF4B668FE918488AC070320498756] "00000000000000000000000000000000"="C:\\ProgramData\\IncrediMail\\Data\\Licenses\\IM_PREM.imk" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\617379C0DBC9761499BF26900208E6F7] "00000000000000000000000000000000"="C:\\ProgramData\\IncrediMail\\Data\\Licenses\\IM_PRIME.imk" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\899358D8550154E49BE95F30C9058213\InstallProperties] "URLInfoAbout"="http://www.IncrediMail.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Photo Notifier and Animation Creator] "Publisher"="IncrediMail Ltd." [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Photo Notifier and Animation Creator] "URLInfoAbout"="www.incredimail.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D853998-1055-4E45-B99E-F5039C502831}] "URLInfoAbout"="http://www.IncrediMail.com" [HKEY_USERS\.DEFAULT\Software\IncrediMail] [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\304946d4_0] @="{0.0.0.00000000}.{83660181-86ca-4c45-8de9-d9b1ed65741f}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\ImNotfy.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\319615a9_0] @="{0.0.0.00000000}.{d62e0d23-b3c8-492b-a4ae-b176c424283a}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\IncMail.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\396592e_0] @="{0.0.0.00000000}.{cce5f62d-c48b-4726-9525-a47c1588c901}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\ImNotfy.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\47ab7e5a_0] @="{0.0.0.00000000}.{27fca438-61a0-4629-8929-44dd1cec3c6f}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\ImNotfy.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5d562397_0] @="{0.0.0.00000000}.{cce5f62d-c48b-4726-9525-a47c1588c901}|\\Device\\HarddiskVolume1\\Users\\JEAN\\DOWNLOADS\\incredimail_install (1).exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\825bc952_0] @="{0.0.0.00000000}.{d62e0d23-b3c8-492b-a4ae-b176c424283a}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\ImNotfy.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b2d0a585_0] @="{0.0.0.00000000}.{cce5f62d-c48b-4726-9525-a47c1588c901}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\IncMail.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\df83932b_0] @="{0.0.0.00000000}.{83660181-86ca-4c45-8de9-d9b1ed65741f}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\IncMail.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e2039603_0] @="{0.0.0.00000000}.{d62e0d23-b3c8-492b-a4ae-b176c424283a}|\\Device\\HarddiskVolume1\\Program Files\\IncrediMail\\Bin\\ImApp.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f166d079_0] @="{0.0.0.00000000}.{d62e0d23-b3c8-492b-a4ae-b176c424283a}|\\Device\\HarddiskVolume1\\Users\\JEAN\\DOWNLOADS\\incredimail_install.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\IncrediMail] [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Users\\JEAN\\DOWNLOADS\\su_8263.exe"="IncrediMail Removal Tool (Complete)" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Users\\JEAN\\DOWNLOADS\\su_8263.exe"="IncrediMail Removal Tool (Complete)" [HKEY_USERS\S-1-5-18\Software\IncrediMail] ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3070 MB CPU Info: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz CPU Speed: 2389,1 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Realtek HDMI Output (Realtek Hi | Display Adapters: NVIDIA GeForce 8600 GT | NVIDIA GeForce 8600 GT | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: 802.11 n/g/b Wireless LAN USB Adapter | Intel(R) 82562V-2 10/100 Network Connection CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH20NS10 Ports: COM1 | COM2 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 435,8GB | D: 30,0GB | I: 465,8GB Hard Disks - Free: C: 268,5GB | D: 10,5GB | I: 396,6GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 12/26/07 | MEDION - 42302e31 Time Zone: Romance (standaardtijd) Motherboard *: MICRO-STAR INTERNATIONAL CO., LTD MS-7502 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 44.0.2 (x86 nl) Adobe Reader version: 8.1.0.2007051100 Sun Java version: 1.8.0_74 (32-bit) Flash Player version: 21.0.0.182 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-02-18 10:10:42 649FAB7A4EA865886980D4B2FDFA04C1 5067472 ----a-w- C:\Windows\uninst.exe ====== C:\Users\JEAN\AppData\Local\Temp ==== ====== Java Cache ===== 2016-02-25 16:04:46 D0959BEB8B1D352709C3B863ABB6A589 81213 ----a-w- C:\Users\JEAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\19557724-75d0caac 2016-02-25 16:04:43 EB48F493D404264CAAE69ADD94A168D3 93 ----a-w- C:\Users\JEAN\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\719a277e-35775af2188c73030d04094fa8a5033a8ed8363d88ffcbe2fe117e03484cd751-6.0.lap ====== C:\Windows\system32 ===== 2016-03-13 18:44:07 B5BBD89417F145107CEAFF60601D0BCC 21122 ----a-w- C:\Windows\System32\cc_20160313_194405.reg 2016-03-12 09:58:14 8EDC2B44DFB0211D9F3E4A1BB7BA93E5 2654 ----a-w- C:\Windows\System32\cc_20160312_105801.reg 2016-03-10 19:03:38 F7DDB6A679C606CD287C3CA01F83B71D 5222 ----a-w- C:\Windows\System32\cc_20160310_200336.reg 2016-03-09 21:27:16 CCE98D5402CA71D4828A32E04F0AF084 802304 ----a-w- C:\Windows\System32\advapi32.dll 2016-03-09 21:27:15 B7A4A5B08CF0791AB6D2A49675794C78 1208776 ----a-w- C:\Windows\System32\ntdll.dll 2016-03-09 21:27:15 9CF68DBA1040236186FFCC824D73027D 49664 ----a-w- C:\Windows\System32\csrsrv.dll 2016-03-09 21:27:15 375B8919DD91DCD041C39857D96E911E 783872 ----a-w- C:\Windows\System32\rpcrt4.dll 2016-03-09 21:27:15 1854BA86D692903CF548D79D2D6B4D1D 64000 ----a-w- C:\Windows\System32\smss.exe 2016-03-09 21:27:15 0782AAFEDAE47EAB1564B74361FF7EA3 3609024 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2016-03-09 21:27:14 02CF2F981A4478D4ECFEA31D41B03D75 3556800 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-03-09 21:25:46 7D7A5D3CB5AB4B394E03BDE27E6114E8 19968 ----a-w- C:\Windows\System32\seclogon.dll 2016-03-09 21:25:31 2C5B452C905D75D88AB0A7421E7CE77D 34304 ----a-w- C:\Windows\System32\atmlib.dll 2016-03-09 21:25:31 293CC0B2FF89E5B535CB7F36D9FDAB72 297472 ----a-w- C:\Windows\System32\atmfd.dll 2016-03-09 21:23:10 B68926B03D0A980EC8365D6220AED640 67072 ----a-w- C:\Windows\System32\asycfilt.dll 2016-03-09 21:23:10 4E5AC2E22DDE7DC39743EB0700F72C1E 89600 ----a-w- C:\Windows\System32\olepro32.dll 2016-03-09 21:23:10 349084B33AE5F6929A2B58CE105390BE 564736 ----a-w- C:\Windows\System32\oleaut32.dll 2016-03-09 21:12:55 6599C3D5E3A5BC9C598D5D71661A93A9 2068992 ----a-w- C:\Windows\System32\win32k.sys 2016-03-09 17:01:23 F29353DDB4F229987310E49FC9879DA4 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2016-03-09 17:01:23 F17D18A3BF191C5CC876EAB0F2D6E442 1140224 ----a-w- C:\Windows\System32\urlmon.dll 2016-03-09 17:01:23 E473E57E42859458256F96728698339E 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2016-03-09 17:01:23 CE3AB861F86C509E3DC4F62C495B02C1 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2016-03-09 17:01:23 CE1EC7EE93F443563095892BACA643FF 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2016-03-09 17:01:23 C64ECB006A43A4F74A2F7F36B02E359B 718848 ----a-w- C:\Windows\System32\jscript.dll 2016-03-09 17:01:23 C01175A6360C3C23FC85DD96F461830D 1804800 ----a-w- C:\Windows\System32\iertutil.dll 2016-03-09 17:01:23 8F2B2F9474D361644F7202EE7385EE56 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2016-03-09 17:01:23 5225AF872B0CD08F27DF2C615ED7B5FC 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-03-09 17:01:23 4BB8BF553CACE8D40540E976FFAFABFD 11776 ----a-w- C:\Windows\System32\mshta.exe 2016-03-09 17:01:23 39A529A58D64E4DE43567043DB1D5EA2 424960 ----a-w- C:\Windows\System32\vbscript.dll 2016-03-09 17:01:22 F31AD5D5E1C10AA54A28CF467A59233C 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2016-03-09 17:01:22 DBB0BCF8C1ACFD3971E02CCF38BFDB14 1129472 ----a-w- C:\Windows\System32\wininet.dll 2016-03-09 17:01:22 5ED26AC79EC65E1502CF7D50B2D93763 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2016-03-09 17:01:22 5401EED8E9C38EEC46BA41B85E783B61 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2016-03-09 17:01:21 6B4B1F951D14994B7CCA9A167F7D5501 1815552 ----a-w- C:\Windows\System32\jscript9.dll 2016-03-09 17:01:21 0771C8E5761FAB5BEF8501C3DFCFEF0F 231936 ----a-w- C:\Windows\System32\url.dll 2016-03-09 17:01:20 E576B836BF28C5FB273BDDA28A364BE1 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2016-03-09 17:01:20 BB63EAD0BEAF3BC3A98D4B4C09E6D877 9753600 ----a-w- C:\Windows\System32\ieframe.dll 2016-03-09 17:01:20 312FF8D601D72384890BCE1E3C007AF1 176640 ----a-w- C:\Windows\System32\ieui.dll 2016-03-09 17:01:19 6605F8BBA3AF3089A18F9564C5ADC4C1 367616 ----a-w- C:\Windows\System32\html.iec 2016-03-09 17:01:18 025363B59A9C2ED09D9B52B2477520A5 12392960 ----a-w- C:\Windows\System32\mshtml.dll 2016-03-01 16:40:01 64FA925FAB680EB4B2D9A55BFFBB0350 2304 ----a-w- C:\Windows\System32\cc_20160301_173959.reg 2016-02-29 19:36:58 E165A18780E279B7CF6566E1D03424D4 68654 ----a-w- C:\Windows\System32\cc_20160229_203656.reg 2016-02-29 10:41:15 C0CC3CADF562952665625FC11FBCBF1E 40960 ----a-w- C:\Windows\System32\lxeevs.dll 2016-02-29 10:41:11 B17956B916EDCD1450CEA530F550DA6B 442368 ----a-w- C:\Windows\System32\lxeecoin.dll 2016-02-29 10:41:05 EA93FCE68264FF4613F888B626E3DAA0 983121 ----a-w- C:\Windows\System32\lxk_gf.dll 2016-02-29 10:41:05 C2CEAF415006C1E0E77933093D4959A5 66696 ----a-w- C:\Windows\System32\lxeeprpr.chm 2016-02-29 10:41:05 5852F1AE85F597E769DB75EF7CF4A912 86016 ----a-w- C:\Windows\System32\lxeegcfg.dll 2016-02-29 10:41:02 E3A78F8D7292209C08D358020E6C1222 8694 ----a-w- C:\Windows\System32\lxeecommuilogo_rtl.bmp 2016-02-29 10:41:02 CAC98A91AFEF8168178E96CE4C782C35 294912 ----a-w- C:\Windows\System32\lxeecui.dll 2016-02-29 10:41:02 B43A596DE4F8A04D7D03967843F8D4C6 110592 ----a-w- C:\Windows\System32\lxeecuir.dll 2016-02-29 10:41:02 971EAAF6EA633BDC99C4C7F58E4F2659 8694 ----a-w- C:\Windows\System32\lxeecommuilogo.bmp 2016-02-29 10:39:13 DC9AB9F08F1A424E6494F52BFEAEBEA5 372736 ----a-w- C:\Windows\System32\LXEEwupd.dll 2016-02-29 10:39:13 037B730EFC501C2EAAA5353CC635A28C 213672 ----a-w- C:\Windows\System32\LXEEwupd.exe 2016-02-29 10:37:38 B481F9B36F94A1D105498A38703C011C 7680 ----a-w- C:\Windows\System32\NativeCall.dll 2016-02-29 10:37:38 803464C7F064192797BE1531BB06BADA 44 ---ha-w- C:\Windows\System32\lxeerwrd.ini 2016-02-29 10:22:06 BF85231AA41887B46259AE9618419FC9 193417 ----a-w- C:\Windows\System32\LexFiles.ulf 2016-02-29 10:22:06 4754359579B3B98D108A1AD54CD0D0C9 331776 ----a-w- C:\Windows\System32\LXEEinst.dll 2016-02-29 10:22:05 7E9A589A73E89332B3F2D801A0B1B7F6 847872 ----a-w- C:\Windows\System32\lxeeusb1.dll 2016-02-29 10:22:05 5F380A33FE12E6ECF932C2B0366069FC 1048576 ----a-w- C:\Windows\System32\lxeeserv.dll 2016-02-29 10:22:05 478B2775651ECB9425E7501DFC109278 344064 ----a-w- C:\Windows\System32\lxeeiesc.dll 2016-02-29 10:22:05 1A43B16FE11B3B4C2A69777A25D7F876 356352 ----a-w- C:\Windows\System32\LXEEhcp.dll 2016-02-29 10:22:05 018FE7935604F87605026B2448E2722D 364544 ----a-w- C:\Windows\System32\lxeeinpa.dll 2016-02-29 10:22:04 EED961264B6E8C82FEE8FEBD2D2D8D91 57344 ----a-w- C:\Windows\System32\lxeejswr.dll 2016-02-29 10:22:04 E904E163497F5110B83377B56B62CBB3 110592 ----a-w- C:\Windows\System32\lxeeinsr.dll 2016-02-29 10:22:04 D5F54F4B1CA51664E9B200463FF3CD5D 643072 ----a-w- C:\Windows\System32\lxeepmui.dll 2016-02-29 10:22:04 99DB8BA86FAFB4AE9E506E2B7EB7D65C 262144 ----a-w- C:\Windows\System32\lxeeinsb.dll 2016-02-29 10:22:04 6D615EF27B40EA511FEE7109C00828D1 577536 ----a-w- C:\Windows\System32\lxeelmpm.dll 2016-02-29 10:22:04 2934E1252F62AA6CAC935BCA2BF93B2D 323584 ----a-w- C:\Windows\System32\lxeeins.dll 2016-02-29 10:22:03 A051BF2B33474436A4EEAEC4D2CD90E6 324264 ----a-w- C:\Windows\System32\lxeeih.exe 2016-02-29 10:22:03 7EDA0933DCA7E5265F6D307D92D7C690 208896 ----a-w- C:\Windows\System32\lxeegrd.dll 2016-02-29 10:22:03 54CEDB3800BA79FC77B2D9CE3671CFB4 90112 ----a-w- C:\Windows\System32\lxeecub.dll 2016-02-29 10:22:03 4F1BA1F943D8F51D838396FD3126B70C 36864 ----a-w- C:\Windows\System32\lxeecur.dll 2016-02-29 10:22:03 2DBAD1C00A95674AA34BAE88C3B66DDD 688128 ----a-w- C:\Windows\System32\lxeehbn3.dll 2016-02-29 10:22:02 FBCB057E6EFAE9043027F184EFA1B0F9 86183 ----a-w- C:\Windows\System32\LXEEcfg.dll 2016-02-29 10:22:02 E64D28F4F9AF510BAA88F9AC9FB03D38 253952 ----a-w- C:\Windows\System32\lxeecu.dll 2016-02-29 10:22:02 C48FD9AD752B6089F4732AEB6A934E63 2052 ----a-w- C:\Windows\System32\lxee.loc 2016-02-29 10:22:02 B66B9471E1399F126A40081E9CF0654F 372736 ----a-w- C:\Windows\System32\lxeecomm.dll 2016-02-29 10:22:02 812E0B67B46D5FC9CCEACBD4B73F04A3 598696 ----a-w- C:\Windows\System32\lxeecoms.exe 2016-02-29 10:22:02 1596015BC2887EFF9E385B088D8C8F86 373416 ----a-w- C:\Windows\System32\lxeecfg.exe 2016-02-29 10:22:02 0F544B46F9966F29D05E0F998297C7E7 802816 ----a-w- C:\Windows\System32\lxeecomc.dll 2016-02-29 10:21:18 C39A98ED2AC51DEA729EC7256035FE9B 299008 ----a-w- C:\Windows\System32\LXEEsm.dll 2016-02-29 10:21:18 ADA51140F85E26991754E98D19EE7CA2 24064 ----a-w- C:\Windows\System32\LXEEsmr.dll ====== C:\Windows\system32\drivers ===== 2016-03-09 21:23:53 234F76D9337BBD25D849C3860418723A 71680 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2016-02-29 11:18:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_GeneStor_01009.Wdf 2016-02-13 14:29:39 DADF6D90942C198CD15D345A9F6CF4CD 115200 ----a-w- C:\Windows\System32\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== 2016-03-03 15:29:39 FEB2C7A365CBF650D5D7A2AC0569E4FF 3046 ----a-w- C:\Windows\system32\Tasks\{DF20A77D-BC09-4B88-B5F6-9EAEABC7E078} 2016-03-03 15:28:59 E3E94AF88288DB807D9B3251D2EA5C81 3046 ----a-w- C:\Windows\system32\Tasks\{1D00774E-429C-43CE-B09B-43279E25BB24} 2016-03-03 15:28:17 39D142C9D1B08A49B927C8CF184894C9 3046 ----a-w- C:\Windows\system32\Tasks\{C2B83B9D-F516-43AD-A77F-F5414CA194C1} 2016-02-18 10:10:41 78628CD0BF4F3B2F39E558BF5283D83C 404 ----a-w- C:\Windows\Tasks\pc-dis-upd.job 2016-02-18 10:10:41 28CEDEBF76671196F1206FF7A2C31DAF 3130 ----a-w- C:\Windows\system32\Tasks\pc-dis-upd ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-03-09 20:26:42 -------- d-----w- C:\Program Files\Mozilla Thunderbird 2016-02-29 10:40:06 -------- d-----w- C:\Program Files\Abbyy FineReader 6.0 Sprint 2016-02-29 10:39:18 -------- d-----w- C:\Program Files\Lexmark Tools for Office 2016-02-29 10:37:50 -------- d-----w- C:\Program Files\Lexmark Toolbar 2016-02-29 10:37:38 -------- d-----w- C:\Program Files\Lexmark 2016-02-29 10:21:18 -------- d-----w- C:\Program Files\Lexmark Pro700 Series 2016-02-28 19:36:12 -------- d-----w- C:\Program Files\Speccy 2016-02-23 12:04:14 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2016-02-19 10:33:37 -------- d-----w- C:\Program Files\DIFX 2016-02-19 10:33:08 -------- d-----w- C:\Program Files\BeID Minidriver 2016-02-19 10:32:20 -------- d-----w- C:\Program Files\Belgium Identity Card 2016-02-14 07:37:48 -------- d-----w- C:\Program Files\Common Files\Java ======= C: ===== 2016-02-15 14:48:57 616BFB46AAC4DF66FEFAC6483F25C10E 203 -c--a-w- C:\folders.txt 2016-02-13 21:21:02 8370514FF8D3E4496BDB15122A18C929 1730 -c--a-w- C:\DelFix.txt ====== C:\Users\JEAN\AppData\Roaming ====== 2016-03-12 09:06:52 473352A823BC3A1E1FE718D23AE23ACD 1356 ----a-w- C:\Users\JEAN\AppData\Local\d3d9caps.dat 2016-03-10 02:20:15 -------- d-----w- C:\Users\JEAN\AppData\Roaming\The Bat! 2016-03-02 17:31:28 -------- d-----w- C:\Users\JEAN\AppData\Roaming\Thunderbird 2016-03-02 17:31:28 -------- d-----w- C:\Users\JEAN\AppData\Local\Thunderbird 2016-02-29 19:39:00 -------- d-----w- C:\Users\JEAN\AppData\Local\Apple 2016-02-28 19:50:15 -------- d-----w- C:\Users\JEAN\AppData\Local\Adobe 2016-02-15 14:49:34 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-02-15 14:49:31 -------- d-----w- C:\Users\IUSR_NMPR\AppData\Local\Temp 2016-02-15 14:49:31 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-02-15 14:49:31 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-02-15 14:49:27 -------- dc----w- C:\Users\JEAN\AppData\Local\Temp(554) ====== C:\Users\JEAN ====== 2016-03-13 18:24:09 DB1AE175F3C151A644EBD8F28793648F 368392 ----a-w- C:\Users\JEAN\DOWNLOADS\su_8263.exe 2016-03-12 09:39:22 1CB698757D7C855B2868A6EAF2E55A66 5956080 ----a-w- C:\Users\JEAN\DOWNLOADS\avastclear.exe 2016-03-10 01:55:17 5F3EF8951FDB4C451A7BA0E0BDF4FCD2 34177387 ----a-w- C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.35.exe 2016-03-10 01:48:50 64A1F700EA98C213A85A997E4C8BB618 169984 ----a-w- C:\Users\JEAN\DOWNLOADS\seamonkey.exe 2016-03-10 01:34:02 74903248FCD1AA5CB9B394FB82BE8EEC 36502528 ----a-w- C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.39.exe 2016-03-05 16:51:11 7D715DD33C636B4FC22B37F0F7D9D623 34613448 ----a-w- C:\Users\JEAN\DOWNLOADS\Thunderbird Setup 38.5.0(2).exe 2016-03-04 12:03:01 7D715DD33C636B4FC22B37F0F7D9D623 34613448 ----a-w- C:\Users\JEAN\DOWNLOADS\Thunderbird Setup 38.5.0(1).exe 2016-03-03 15:29:16 2D890AD63AB1B8CB4AC9AC1C6E58512F 362088 ----a-w- C:\Users\JEAN\DOWNLOADS\im_dict_fr(1).exe 2016-03-03 15:28:35 0DFBC0A7311900375363ADE3C409B3B5 644712 ----a-w- C:\Users\JEAN\DOWNLOADS\im_dict_de(1).exe 2016-03-03 15:27:43 5AB228A30DDF3BE1451E21E90B5097EB 419944 ----a-w- C:\Users\JEAN\DOWNLOADS\im_dict_uk(1).exe 2016-03-03 15:03:17 6ED78A37F3F5C8A49FB2BC399C272729 41445968 ----a-w- C:\Users\JEAN\DOWNLOADS\IObit-Malware-Fighter-Setup.exe 2016-03-03 15:01:24 9324FD884A417B826FCE0CF3764961CD 41171496 ----a-w- C:\Users\JEAN\DOWNLOADS\advanced-systemcare-setup(1).exe 2016-03-03 15:00:12 564A664E4A997C5F2D69F21D61982831 12887328 ----a-w- C:\Users\JEAN\DOWNLOADS\iobituninstaller(1).exe 2016-03-02 17:30:01 7D715DD33C636B4FC22B37F0F7D9D623 34613448 ----a-w- C:\Users\JEAN\DOWNLOADS\Thunderbird Setup 38.5.0.exe 2016-02-29 18:59:50 BB3219EBC560B80551F94BFC70EA60C2 6837784 ----a-w- C:\Users\JEAN\DOWNLOADS\ccsetup515(1).exe 2016-02-29 14:12:24 -------- d-----w- C:\ProgramData\Lexmark Pro700 Series 2016-02-29 11:06:49 -------- d-----w- C:\ProgramData\Ezprint 2016-02-29 11:02:24 -------- d-----w- C:\ProgramData\Lx_cats 2016-02-29 10:40:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint 2016-02-29 10:37:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 2016-02-19 10:33:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2016-02-18 10:10:39 -------- d-----w- C:\ProgramData\PC1Data 2016-02-15 13:59:14 -------- d-----w- C:\ProgramData\ProductData(548) ====== C: exe-files == 2016-03-10 03:04:23 C5B752D53B71C6664A2C85104A5479BC 362672 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2016-03-10 03:04:23 B5F9D1EAF05842C3FAFE198747AE8868 62464 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2016-03-10 03:04:23 8EBBDC77A8DC96272500702FDF7F5350 389808 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2016-03-10 03:04:23 2F48CCBB877A3095925C2C2AFCAF6AA3 310960 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2016-03-10 03:04:23 2F48CCBB877A3095925C2C2AFCAF6AA3 310960 ----a-w- C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe 2016-03-09 21:23:26 DA1487720184CDA39971672C44163830 65536 ----a-w- C:\Program Files\Windows Mail\wabmig.exe 2016-03-09 21:23:26 C60284FCFC95C31015072A1B8670563D 515584 ----a-w- C:\Program Files\Windows Mail\wab.exe 2016-03-09 20:26:43 F4580966F2FDAFBEE11459939CEF56C3 304072 ----a-w- C:\Program Files\Mozilla Thunderbird\updater.exe 2016-03-09 20:26:43 AFAB627B5A5E980E66A7DE11E2752BCB 276936 ----a-w- C:\Program Files\Mozilla Thunderbird\plugin-container.exe 2016-03-09 20:26:43 5A3A47790671D586AB19D787274D64E6 170368 ----a-w- C:\Program Files\Mozilla Thunderbird\maintenanceservice_installer.exe 2016-03-09 20:26:43 53E6358FA2A12E47A2CE41242D2AA558 22984 ----a-w- C:\Program Files\Mozilla Thunderbird\WSEnable.exe 2016-03-09 20:26:43 3357B0E793C8C1C22B4FCD3AF7085B10 146888 ----a-w- C:\Program Files\Mozilla Thunderbird\maintenanceservice.exe 2016-03-09 20:26:43 253066427509C67B106F21FC7F4F38A4 490952 ----a-w- C:\Program Files\Mozilla Thunderbird\thunderbird.exe 2016-03-09 20:26:43 1B4E2C86BF8564A636AD2B21130B9461 955584 ----a-w- C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe 2016-03-09 20:26:42 5E13FEAB7F358A0F17BB49F81848F68A 288200 ----a-w- C:\Program Files\Mozilla Thunderbird\crashreporter.exe 2016-03-09 17:01:23 E23594C0E18B02E3700F3AAD92C61911 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-03-09 17:01:23 7108B4041276CF7F11701BD70970FCE3 758000 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-03-09 17:01:22 44493EA34152A63A22A6026403C5FACD 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2016-03-09 17:01:21 78226D4DB3D520A668A89960587AE26A 474624 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe === C: other files == 2016-03-14 09:13:52 8C69F521E5F5C03AEEDEE1EDE520D535 96 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys 2016-03-10 01:36:14 CD71794CA04ADF6E8D37D87B8AF2DCE4 351314 ----a-w- C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default\extensions\inspector@mozilla.org.xpi 2016-03-10 01:36:14 B283F6A5D075764EEC67B709259403B0 394064 ----a-w- C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi 2016-03-09 21:23:53 234F76D9337BBD25D849C3860418723A 71680 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_4cd9e2d9\USBSTOR.SYS 2016-03-09 21:23:53 234F76D9337BBD25D849C3860418723A 71680 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2016-03-09 21:12:55 6599C3D5E3A5BC9C598D5D71661A93A9 2068992 ----a-w- C:\Windows\System32\win32k.sys ==== Orphaned Tasks deleted from Registry ====================== 0116avUpdateInfo deleted avast Emergency Update deleted LaunchSignup deleted RegClean Pro deleted ROC_JAN2013_TB_rmv deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"="C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"="C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "lxeemon.exe"="C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" "EzPrint"="C:\Program Files\Lexmark Pro700 Series\ezprint.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 8] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Advanced SystemCare 8" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^JEAN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^StartUp^Dropbox.lnk] "item"="Dropbox" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\JEAN\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2016 10:07] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03/10/2015 14:54] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\pc-dis-upd.job --a------ C:\Program Files\PC Cleaners\PCCleaners.exe [] C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [21/08/2012 14:44] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\Driver Booster Scheduler" [C:\Program Files\IObit\Driver Booster\Scheduler.exe] "C:\Windows\system32\tasks\Driver Booster SkipUAC (JEAN)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\JetCleanLoginCheckUpdate" [C:\Program Files\BlueSprig\JetClean\AutoUpdate.exe] "C:\Windows\system32\tasks\pc-dis-upd" [C:\Program Files\PC Cleaners\PCCleaners.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3978713732-936569717-2525818349-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3978713732-936569717-2525818349-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RMAutoUpdate" [C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe] "C:\Windows\system32\tasks\SmartDefrag4_Startup" [C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe] "C:\Windows\system32\tasks\SmartDefrag4_Update" [C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{967768D1-D14E-4645-A8FF-A2DC5B79E8DA}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\NCH Software\DebutReminder" [C:\Program Files\NCH Software\Debut\Debut.exe] "C:\Windows\system32\tasks\NCH Software\ExpressBurnDowngrade" [C:\Program Files\NCH Software\ExpressBurn\ExpressBurn.exe] "C:\Windows\system32\tasks\NCH Software\ExpressBurnReminder" [C:\Program Files\NCH Software\ExpressBurn\ExpressBurn.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\3ov9jk1c.default-1449582130791 user_pref("browser.search.selectedEngine", ""); ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 user_pref("browser.startup.homepage", "https://www.google.be/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [19/02/2016 11:33] ==== Firefox Extensions ====================== ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - WiseStamp Web - %ProfilePath%\extensions\wisestamp@wisestamp.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default - DOM - %ProfilePath%\extensions\inspector@mozilla.org.xpi - ChatZilla - %ProfilePath%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi ProfilePath: C:\Users\JEAN\AppData\Roaming\Thunderbird\Profiles\1zqg8zaw.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\JEAN\AppData\Roaming\Thunderbird\Profiles\03w6l4p4.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\3ov9jk1c.default-1449582130791 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EBEEC9B1FB8BC809C719713A36640966 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin E18B5B26F41D8C37CCAA7256F29F6A15 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AF238FE4B2943431A6706AA6541A3243 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery C31B6A791FCE695AF17177DB8D82AD4C - C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U66 E968ABF8430AFEF01B69419279F19EFF - C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.660.17 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin CD714A672DD8DEA4332A4D98851B7B10 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 1D8E7E814CF7E0DCBD80005061BBE561 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect Profilepath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EBEEC9B1FB8BC809C719713A36640966 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin E18B5B26F41D8C37CCAA7256F29F6A15 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AF238FE4B2943431A6706AA6541A3243 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In D952747FC759C6078958A436192A63BE - C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U74 2D69A78A3BFE4F66E7C664AFC2F2902D - C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.740.2 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin F627791AB91E01A9829A8D9B6E024D52 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash 4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight CD714A672DD8DEA4332A4D98851B7B10 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 1D8E7E814CF7E0DCBD80005061BBE561 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect Profilepath: C:\Users\JEAN\AppData\Roaming\Mozilla\Firefox\Profiles\lrhxwxy8.default 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EBEEC9B1FB8BC809C719713A36640966 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin E18B5B26F41D8C37CCAA7256F29F6A15 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) AF238FE4B2943431A6706AA6541A3243 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In 1738F94BF1EA8A0F14C0B25C9B470EB8 - C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U72 AE77DD2DFE3D4FF156BC4E0EA9DE05F3 - C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.720.15 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect 1D8E7E814CF7E0DCBD80005061BBE561 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer CD714A672DD8DEA4332A4D98851B7B10 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08/05/2014 14:49] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29/11/2012 20:35] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/04/2012 10:23] Adobe Acrobat - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj RealDownloader - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Skype Click to Call - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} HKCU\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{86790FF3-0E90-4153-835D-69D6DC029309} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms} ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 9] "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 9] "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto (User 'Default user') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxeeCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe O23 - Service: lxee_device - - C:\Windows\system32\lxeecoms.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Syntek STK1150 Service (StkASSrv) - Syntek America Inc. - C:\Windows\System32\StkASv2K.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VideoAcceleratorService - SPEEDbit - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe O23 - Service: Windows Index Services - Unknown owner - c:\windows\system32\dcomx32.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\AppData\Local\VirtualStore\Windows\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Low(1406)\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(1406)\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\JEAN\AppData\Local\Mozilla\Firefox\Profiles\h95dk60a.default-1450264869328\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=259 folders=96 162929719 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\IUSR_NMPR\AppData\Local\Temp emptied successfully C:\Users\JEAN\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JEAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehmsdri.log" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehRecvr.log" not found ==== EOF on ma 14/03/2016 at 12:29:24,47 ======================