Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Harrie on vr 25-03-2016 at 18:23:21,62. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Harrie\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-03-24-225406.log 20124 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent 1Password 4.6.0.604 3D Shadow by Lokas Software Aangifte inkomstenbelasting 2014 Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Refresh Manager Adobe Shockwave Player 11.6 Adressen Programma Pro 5.0.3.10 AMD APP SDK Runtime AMD Catalyst Install Manager Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Audacity 2.0.5 Bejeweled 3 Bing Bar Blackhawk Striker 2 Bonjour Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chuzzle Deluxe Corel PaintShop Pro X5 Cradle of Rome 2 CutePDF Writer 3.0 CyberLink YouCam D3DX10 Definition Update for Microsoft Office 2010 (KB3114887) 32-Bit Edition Dora's World Adventure Dropbox eM Client ESU for Microsoft Windows 7 SP1 Evernote v. 4.5.2 Eye Candy 3 Farm Frenzy Farmscapes FATE File Association Helper Filters Unlimited 2.0 Final Drive Fury FM Patcher 1.01 Free PDF to Word Doc Converter v1.1 Garmin BaseCamp Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin USB Drivers Google Chrome Google Cloud Print Service Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HiJackThis Hoyle Card Games HP 3D DriveGuard HP Application Assistant HP Auto HP Client Services HP Connection Manager HP CoolSense HP Customer Experience Enhancements HP Documentation HP ENVY 4500 series Basissoftware van het apparaat HP ENVY 4500 series Help HP FWUpdateEDO2 HP Games HP Launch Box HP On Screen Display HP Photo Creations HP Power Manager HP Quick Launch HP Recovery Manager HP Security Assistant HP Setup HP Setup Manager HP Software Framework HP Support Assistant HP Support Solutions Framework HP Update HPDiagnosticAlert HTML-Kit ICA iCloud IDT Audio Intel(R) Control Center Intel(R) Display Audio Driver Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client IPM_PSP_COM IPTInstaller iTunes Jasc Animation Shop 3 Java 8 Update 77 Java 8 Update 77 (64-bit) Java Auto Updater Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update LAME v3.99.3 (for Windows) Letters from Nowhere 2 Luxor HD Mah Jong Medley Malwarebytes Anti-Malware versie 2.0.2.1012 Microsoft .NET Framework 4.6 (Nederlands) Microsoft .NET Framework 4.6 (NLD) Microsoft .NET Framework 4.6.1 Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD More Games from HP Games Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MyDriveConnect 4.0.3.2180 namesuppressed Softener Ninotech Path Copy 4.0 Norton Identity Safe Norton Security with Backup Ogg Codecs 0.81.15562 OpenFietsMap (BNLv25-09-2015) OpenFietsMap(Germany)v29-08-2015 opensource PeaZip 5.4.1 PeaZip Packages Penguins Photo Common Photo Gallery Photobucket Backup Plants vs. Zombies - Game of the Year Plugin Commander Light 1.61 Poker Superstars III Polar Bowler Polar Golfer Productverbeteringsonderzoek voor HP ENVY 4500 series PSPPContent PSPPHelp PSPPro64 PX Profile Update QuickTime 7 Ralink RT5390R 802.11b/g/n Wi-Fi Adapter RawTherapee versie 4.2 Realtek Ethernet Controller Driver Realtek PCIE Card Reader RollerCoaster Tycoon 3: Platinum Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3114759) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3114396) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3114878) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Skype Click to Call SkypeT 7.6 SoftPaq Softwarenetz Adressen3 SpawnApps Installer 2.0.0.0 SpawnApps NPAPI Plugin version 1.0.0.6u11 Speccy Spotnet Stuurprogramma voor Intel(R) Wireless Music swMSM Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TEASI tool versie 3.5.7.2 Telegram Desktop versie 0.9.6 The Treasures of Mystery Island: The Ghost Ship Todoist TomTom HOME TomTom HOME Visual Studio Merge Modules Torchlight Ulead Particle.Plugin 1.0 Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update Installer for WildTangent Games App Video Download Converter version 1.0.0.0 Virtual Villagers 4 - The Tree of Life Visual Studio C++ 10.0 Runtime VLC media player WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player 64-bit Plug-in Fix WMP Tag Plus version 2.1 XnView 2.22 XnView Shell Extension 3.5.0 (64bits) Zuma's Revenge ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Windows\Installer\302547.msi" not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Harrie\AppData\Local\Temp ==== ====== Java Cache ===== 2016-03-24 21:18:20 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-2b71763d 2016-03-24 21:18:20 8786111FD655EEDCA8295087ED8795E9 428 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2016-03-24 18:22:01 70D16805E26AA93B4E8FF768F6B7F7B3 433 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2ae4f0aa-452afb362f20347e7ad76a8c9fa88be8d9c758119720de68cbaf621e3874778a-6.0.lap 2016-03-24 18:22:01 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2ae4f0aa-5f1baf81 2016-03-24 18:22:01 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\10c14eab-2e0b1d48 2016-03-24 21:18:20 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-5aa77f13 2016-03-24 21:18:28 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-6b65428f 2016-03-24 21:54:32 174FFC4E22AE26A5405FB258FF95B360 440 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\15572e2f-41694544281111002522c6b48ddbb4d76cd061a82fbd515381a7e9bfde183633-6.0.lap 2016-03-24 21:54:27 C611538EFED63F122E4A07F748AC01B3 793 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\15572e2f-7358394a 2016-03-24 18:22:21 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\7f7cc0b1-299b3763 2016-03-24 21:54:32 CA3F623E08DA85C7F0CE476E741B2FAC 485257 ----a-w- C:\Users\Harrie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\3b1cd333-1ead773d ====== C:\Windows\SysWOW64 ===== 2016-03-24 21:17:14 446734E63D58CB28A6FA5ACC828F22B3 97856 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-03-24 15:51:52 3E283BDF45F1D107B1CEF91FC5CD8A90 5306560 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-03-24 21:31:23 B95C3BE37AE9B3AFB1CBB788C46AA798 110144 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll ====== C:\Windows\Sysnative\drivers ===== 2016-03-09 15:54:38 47B2D0B31BDC3EBE6090228E2BA3764D 1684416 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2016-03-09 15:54:35 D029DD09E22EB24318A8FC3D8138BA43 91648 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2016-03-09 15:52:45 CC1B3B52F33CBC1CE60867DA4E23537C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-03-09 15:52:44 8D383CED28332B5F3894658857472F47 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-03-09 15:52:44 8856E45D23BFF4D977BF06D0543BCD96 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-03-09 15:52:44 211A379BAAB812A7B437319BD85B2435 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-03-09 15:52:44 07F8F6B0CAEC7ADD30EBD94940A315D7 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys ====== C:\Windows\Tasks ====== 2016-03-20 11:48:41 AF9D919CCF888AAE4D9F42A8055393CD 336 ----a-w- C:\Windows\Tasks\HPCeeScheduleForHarrie.job 2016-03-20 11:48:41 83D59048A8FDB1AC33C99B4076E4E2E0 3192 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForHarrie ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-03-24 21:30:33 -------- d-----w- C:\Program Files\Java ======= C:\PROGRA~2 ===== 2016-03-24 21:17:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== 2016-03-21 18:08:13 0F28FAF39D3B737A8A80B2A4F4A77989 1125 ----a-w- C:\ipconfig.txt ====== C:\Users\Harrie\AppData\Roaming ====== 2016-03-24 18:16:40 -------- d-----w- C:\Users\Harrie\AppData\Roaming\Sun 2016-03-19 21:45:30 -------- d-----w- C:\Users\Harrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Harrie ====== 2016-03-24 21:17:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-24 21:13:14 B8E5BB81B24DFE58B0E5078D02A48844 50796608 ----a-w- C:\Users\Harrie\Downloads\jre-8u77-windows-i586.exe 2016-03-24 18:16:39 -------- d-----w- C:\Users\Harrie\.oracle_jre_usage 2016-03-22 23:46:29 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\Harrie\.recently-used.xbel 2016-03-22 19:28:02 E679FCF33FFB57BCABBC598AB5C18BE8 6868672 ----a-w- C:\Users\Harrie\Downloads\ccsetup516.exe 2016-03-21 18:21:11 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Harrie\Downloads\RSITx64.exe 2016-03-20 10:24:16 -------- d-----w- C:\Users\Harrie\Mijn Huawei ====== C: exe-files == 2016-03-25 17:21:12 A2DB4545022F8413D8C918FB66045C5A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3501651407-2194613331-2408708868-1000\$IM2DRT9.exe 2016-03-25 17:18:49 7EA0260488F304D68067A50B33A23AC2 1309184 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3501651407-2194613331-2408708868-1000\$RM2DRT9.exe 2016-03-24 21:31:15 FD0E50473E178CEA9B2C35759877AB8F 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\tnameserv.exe 2016-03-24 21:31:15 EDBB3E2D9E5EB2D2F6EB2978F5A5702F 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\pack200.exe 2016-03-24 21:31:15 E3F8DBD142C452CFB227D263003357EF 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-03-24 21:31:15 AB0C0110DB996548FA129BCFE3229DBB 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\rmid.exe 2016-03-24 21:31:15 A218DEA24A7D552C252D0FAF41BCA3B7 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\orbd.exe 2016-03-24 21:31:15 6944510CAC9B3BC242C48F8ADE8C2633 197184 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\unpack200.exe 2016-03-24 21:31:15 243F04B62E8845F877DB9BC6CD6986FA 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\policytool.exe 2016-03-24 21:31:15 0FF8DFCEB89888427EF97555C1CF6F1C 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\servertool.exe 2016-03-24 21:31:15 0A1DEC23CB7B39D1A2944D41A74DF8FA 67136 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\ssvagent.exe 2016-03-24 21:31:14 F917A357E1D5CEDD7BFAF3FD468F0CFD 101440 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-03-24 21:31:14 B63E7A0ABBBCED10BB9BA5493D83A435 34368 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jabswitch.exe 2016-03-24 21:31:14 884EB051BA56B6EDCD7E464902F2FC6B 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jjs.exe 2016-03-24 21:31:14 88398DD856CAB4436486FA446489626B 77888 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javacpl.exe 2016-03-24 21:31:14 78C0192856E0BDE9D26D850C04190734 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\kinit.exe 2016-03-24 21:31:14 7376052E6A79A81878F2656B3B086AB1 206912 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javaw.exe 2016-03-24 21:31:14 6A90345F572E6B166D4772533288146D 315456 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javaws.exe 2016-03-24 21:31:14 543FE4728706AD279C3CDB958C0C627C 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\java-rmi.exe 2016-03-24 21:31:14 4DE69284A13C68A957BB8A6298C38690 206912 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\java.exe 2016-03-24 21:31:14 48C878EB1214A0C31BF0B4EBE1230D7B 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\ktab.exe 2016-03-24 21:31:14 22E77B46250D024EC065600C51E11F8A 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\keytool.exe 2016-03-24 21:31:14 1DEFC4DEFC9DBF270F3233AB079C840E 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\klist.exe 2016-03-24 21:26:52 DA691970B58AB3928D9C45A81E47005C 57594432 ----a-w- C:\Users\Harrie\Documents\Java\jre-8u77-windows-x64.exe 2016-03-24 21:17:15 7376052E6A79A81878F2656B3B086AB1 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2016-03-24 21:17:15 6A90345F572E6B166D4772533288146D 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2016-03-24 21:17:15 4DE69284A13C68A957BB8A6298C38690 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2016-03-24 21:17:07 F85C40988E94C2F463508FBEE94025BF 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\kinit.exe 2016-03-24 21:17:07 F4E94CBB9DEF622171D8943F2160B214 51776 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssvagent.exe 2016-03-24 21:17:07 E2AF676759086BAE2F16D6B5033E7F46 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\policytool.exe 2016-03-24 21:17:07 D763E321831C859D9195ADF15A951E95 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java-rmi.exe 2016-03-24 21:17:07 D709404CB67D09946628987244B98A60 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\servertool.exe 2016-03-24 21:17:07 D62B10425DC16A177CB64D6B0356F915 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jjs.exe 2016-03-24 21:17:07 C558C87F624CF96F812028165190EEDE 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\pack200.exe 2016-03-24 21:17:07 C31F1BDBB1902458FA15515BD0D8340B 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java.exe 2016-03-24 21:17:07 C1F46A7656D1DED6326D8E28B1CF1862 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-03-24 21:17:07 AC4F3A4F853070419C9E8479B3868103 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\tnameserv.exe 2016-03-24 21:17:07 AAADCD8DA5BCE8986D6FEC09FAB7B70D 68672 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javacpl.exe 2016-03-24 21:17:07 A756D5633F6596B0E4711E60D3F61BCA 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\orbd.exe 2016-03-24 21:17:07 A5AECC1529B64CB123B1880D3AD0F1AE 268352 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaws.exe 2016-03-24 21:17:07 A48BDE309534612FBA41D58E754A38BE 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\unpack200.exe 2016-03-24 21:17:07 8DF0EA1993F98096557A4AFA6235DE4E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmid.exe 2016-03-24 21:17:07 724998551979EB4E0DF53CA3994AF035 77888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-03-24 21:17:07 6101EC702C56D5F688AA578AC457A440 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jabswitch.exe 2016-03-24 21:17:07 5192C3656176D1D21D21372E1061D1A4 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ktab.exe 2016-03-24 21:17:07 4CC7AA4DCC143BB06999A62B8763EA6C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\keytool.exe 2016-03-24 21:17:07 2AD9EFBB015490AA315707BAC2BFD816 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaw.exe 2016-03-24 21:17:07 26E779D9D96192E312E5DC042E993DED 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\klist.exe 2016-03-24 21:13:14 B8E5BB81B24DFE58B0E5078D02A48844 50796608 ----a-w- C:\Users\Harrie\Downloads\jre-8u77-windows-i586.exe 2016-03-24 21:11:48 FE65F17EACB8C525B9224AC653E66640 734784 ----a-w- C:\Users\Harrie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17MB1YP\JavaSetup8u77.exe 2016-03-24 18:12:31 B8E5BB81B24DFE58B0E5078D02A48844 50796608 ----a-w- C:\Users\Harrie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWTJ8P37\jre-8u77-windows-i586.exe 2016-03-22 19:28:02 E679FCF33FFB57BCABBC598AB5C18BE8 6868672 ----a-w- C:\Users\Harrie\Downloads\ccsetup516.exe 2016-03-21 18:21:11 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Harrie\Downloads\RSITx64.exe 2016-03-20 21:57:48 5C6E6BA9BEA5B157466618CC53530BCD 436760 ----a-w- C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe 2016-03-20 21:57:38 C9B67BCB8E384064A8C2263740B0C437 595480 ----a-w- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 2016-03-20 21:57:26 B17404D208C4B20518592AA43B81E04B 927256 ----a-w- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe 2016-03-20 11:45:33 FD61C891F90D2E2D9DD2939ACC733EFC 44424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\Detect_EnableFirewall.exe 2016-03-20 11:45:33 3DD49A1B9C6CC023AD0BEA5C2C0B0516 43072 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\Detect_RangerWebcamProgram.exe 2016-03-19 21:45:13 E43AA745F344781FB6327217A403CE11 173032 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe 2016-03-19 21:45:13 96929028E3465F942244D65E5CC5E4F2 25577864 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\Dropbox.exe 2016-03-19 21:45:13 4FBC7F8467B13B972AA551A7B8C898C8 29992 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe 2016-03-19 21:45:13 11C0FD048F0B27643EAB1EB95C4FB236 29480 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe 2016-03-19 21:44:01 2D6F0B10D099AB8E4CCD4FF5CA4718A9 70569968 ----a-w- C:\Users\Harrie\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.16.1\DropboxClient_3.16.1.exe === C: other files == 2016-03-24 21:31:15 03564D4A8DB44575C00F82B1E8571A56 14130 ----a-w- C:\Program Files\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-03-24 21:17:07 4EDC09D3151E434741F50E8F7210D162 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-03-24 18:18:04 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\dumpsd.sys 2016-03-24 18:18:04 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\sdbus.sys 2016-03-20 17:26:08 751C968945EFD42469FE52D6CE384196 577768 ----a-w- C:\Windows\System32\drivers\NSBUx64\1606000.08E\symnets.sys 2016-03-20 17:26:08 1DE0CBF15AC67AE0E5B456ADEFB89493 24192 ----a-r- C:\Windows\System32\drivers\NSBUx64\1606000.08E\symelam.sys 2016-03-20 17:26:07 EC8538693C84E5B85014CB0F4174A8B7 295664 ----a-w- C:\Windows\System32\drivers\NSBUx64\1606000.08E\ironx64.sys 2016-03-20 17:26:07 D6786650A26543FFF83806057458B96E 928504 ----a-w- C:\Windows\System32\drivers\NSBUx64\1606000.08E\srtsp64.sys 2016-03-20 17:26:07 BA2ABBEA69BD1866C973DE11CB0CE9F8 50936 ----a-r- C:\Windows\System32\drivers\NSBUx64\1606000.08E\srtspx64.sys 2016-03-20 17:26:07 6F227CF9E64364578E2DABD1EF6E51A4 1621232 ----a-w- C:\Windows\System32\drivers\NSBUx64\1606000.08E\symefasi64.sys 2016-03-20 17:26:07 5A1C7DBDDB001BC6F1D1720E655445E2 173808 ----a-r- C:\Windows\System32\drivers\NSBUx64\1606000.08E\ccsetx64.sys 2016-03-19 21:45:13 99EE4E194F003E3F8A4821ED753DFF42 58992 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-stable.sys 2016-03-19 21:45:13 99EE4E194F003E3F8A4821ED753DFF42 58992 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-dev.sys 2016-03-19 21:45:13 99EE4E194F003E3F8A4821ED753DFF42 58992 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-canary.sys 2016-03-19 21:45:13 53D529D2E3555EB95745D32ABCB76775 49264 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_x86\dbx-stable.sys 2016-03-19 21:45:13 53D529D2E3555EB95745D32ABCB76775 49264 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_x86\dbx-dev.sys 2016-03-19 21:45:13 53D529D2E3555EB95745D32ABCB76775 49264 ----a-w- C:\Users\Harrie\AppData\Roaming\Dropbox\bin\driver_x86\dbx-canary.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3501651407-2194613331-2408708868-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN51F220JH060F:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Agile1pAgent"="C:\Program Files (x86)\1Password 4\Agile1pAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN51F220JH060F:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)] "command"="" "hkey"="HKLM" "item"="(default)" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\80349BA34FE5DD4D7B1A6A2388202CBC061931E6._service_run] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="80349BA34FE5DD4D7B1A6A2388202CBC061931E6._service_run" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AppleIEDAV" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ApplePhotoStreams" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dropbox Update" "hkey"="HKCU" "command"="\"C:\\Users\\Harrie\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Easybits Recovery] "command"="C:\\Program Files (x86)\\EasyBits For Kids\\ezRecover.exe" "hkey"="HKLM" "item"="Easybits Recovery" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FAHConsole] "command"="C:\\Program Files\\File Association Helper\\FAHConsole.exe" "hkey"="HKLM" "item"="FAHConsole" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_AC34191ACB769155CF0F47A9A60D940E] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleChromeAutoLaunch_AC34191ACB769155CF0F47A9A60D940E" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "command"="C:\\Windows\\system32\\hkcmd.exe" "hkey"="HKLM" "item"="HotKeysCmds" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Quick Launch] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Quick Launch" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch\\HPMSGSVC.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPConnectionManager] "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Connection Manager\\HPCMDelayStart.exe" "hkey"="HKLM" "item"="HPConnectionManager" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPOSD] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPOSD" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP On Screen Display\\HPOSD.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudDrive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iCloudDrive" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudDrive.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudPhotos] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iCloudPhotos" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudPhotos.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iCloudServices" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "command"="C:\\Windows\\system32\\igfxtray.exe" "hkey"="HKLM" "item"="IgfxTray" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Download Assistant] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Logitech Download Assistant" "hkey"="HKLM" "command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\System32\\LogiLDA.dll,LogiFetch" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Magic Desktop for HP notification] "command"="\"C:\\ProgramData\\Easybits Magic Desktop for HP\\mdhpSUN.exe\"" "hkey"="HKLM" "item"="Magic Desktop for HP notification" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Monitor] "command"="C:\\Windows\\PixArt\\PAC207\\Monitor.exe" "hkey"="HKLM" "item"="Monitor" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyDriveConnect.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MyDriveConnect.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\MyDrive Connect\\TomTom MyDrive Connect.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyTomTomSA.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MyTomTomSA.exe" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\MyTomTom 3\\MyTomTomSA.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OneDrive" "hkey"="HKCU" "command"="\"C:\\Users\\Harrie\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "command"="C:\\Windows\\system32\\igfxpers.exe" "hkey"="HKLM" "item"="Persistence" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Photobucket Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Photobucket Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Photobucket Backup\\Photobucket.App.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "hkey"="HKLM" "item"="QuickTime Task" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SetDefault] "command"="C:\\Program Files\\Hewlett-Packard\\HP LaunchBox\\SetDefault.exe" "hkey"="HKLM" "item"="SetDefault" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun" "hkey"="HKLM" "item"="StartCCC" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SysTrayApp" "hkey"="HKLM" "command"="C:\\Program Files\\IDT\\WDM\\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON] "command"="\"C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\"" "hkey"="HKLM" "item"="USB3MON" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Harrie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Harrie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Harrie\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Harrie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verzenden naar OneNote.lnk] "path"="C:\\Users\\Harrie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Verzenden naar OneNote.lnk" "backup"="C:\\Windows\\pss\\Verzenden naar OneNote.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Program Files\\Microsoft Office 15\\root\\office15\\ONENOTEM.EXE /tsr" "item"="Verzenden naar OneNote" ==== Startup Folders ====================== 2015-10-22 18:41:04 1139 ----a-w- C:\Users\Tineke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-03-2016 18:18] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1000Core.job --a------ C:\Users\Harrie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17-06-2015 22:28] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1000UA.job --a------ C:\Users\Harrie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17-06-2015 22:28] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1003Core.job --a------ [Undetermined Task] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1003UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 19:23] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 19:23] C:\Windows\tasks\HPCeeScheduleForHarrie.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 08:51] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1000Core" [C:\Users\Harrie\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1000UA" [C:\Users\Harrie\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1003Core" [C:\Users\Tineke\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3501651407-2194613331-2408708868-1003UA" [C:\Users\Tineke\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 6e2dbf60780f479489b0925fe671da250398815e876b48549e0e11ba9b6ca4aa" [C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - f68b9a974fc14dfa968aa108a97c21333dde5086fe6c4a5ca4517c6c686ddbf0" [C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForHarrie" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP ENVY 4500 series" ["C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\WSCStub.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{0D0EBE82-518B-47B0-A060-E08A76399763}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2F14A7F3-B7C5-44A6-AA3A-8D02D4857434}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{326D633C-1E2C-4515-8D0B-68B77A84B393}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{92EEA6D1-06DF-4822-A068-C90EC104B3B2}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E84B2285-6C90-4794-BB07-A478A5989A86}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{5AEFEA08-421E-4463-A603-6ED3EA8A972D}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe] "C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Security with Backup\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Security with Backup\Norton Error Processor" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton Security with Backup\Upgrade.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon" [21-03-2016 18:50] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon" [21-03-2016 18:50] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Harrie\AppData\Roaming\Thunderbird\Profiles\qdbo9zyf.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\Harrie\AppData\Roaming\TomTom\HOME\Profiles\qvlvjbuq.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security with Backup\Engine\22.6.0.142\Exts\Chrome.crx[21-02-2016 07:41] iikflkcanblccfahdhdonehdalibjnif - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08-01-2016 10:47] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx[] Google Docs - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Safe - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Norton Security Toolbar - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Sudoku - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj 1Password - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk Google Drive - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf selector is not a valid CSS selector - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Norton Security Toolbar - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Norton Home Page for Chrome - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe Google Docs Offline - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi CloudConvert - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk Office Online Copy and Paste - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej Norton Safe Search as default for Chrome - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl Chrome Web Store Payments - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Engels Nederlands Vertaling - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbbejgfiogomdiigjmgankmdoppeehc Music Database - Harrie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofcjknkmljccjonioncdjojfadngkgk Google Slides - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Norton Security Toolbar - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Google Search - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Norton Identity Safe - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif Skype Click to Call - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Outlook.com - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge Gmail - Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Norton Identity Safe - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Skype Click to Call - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - TiHa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Norton Security Toolbar - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Google Search - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail Offline - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Norton Identity Safe - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Skype - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Tineke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", C:\Users\TiHa\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "startup_urls": [ "http://www.google.com/" ] C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", ==== Chromium Fix ====================== C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Search Page"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\TiHa\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\TiHa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp was reset successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully C:\Users\TiHa\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\TiHa\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8086A3D08B281BB4EBA5EA7DB5F3C620 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8086A3D08B281BB4EBA5EA7DB5F3C620 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Harrie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Harrie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\TiHa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TiHa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Tineke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tineke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Harrie\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\TiHa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Tineke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=127 folders=52 109842172 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Harrie\AppData\Local\Temp will be emptied at reboot C:\Users\TiHa\AppData\Local\Temp emptied successfully C:\Users\Tineke\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Harrie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on vr 25-03-2016 at 18:56:32,88 ======================