Ga naar inhoud

virus?


beaba

Aanbevolen berichten

Ik heb denk ik een virus op mijn pc heb.

Wil iemand mij hierbij helpen en meekijken in deze log?

Met name YourFile.exe krijg ik iet verwijderd.

Wat HD-Agent.exe is weet ik ook niet precies. Dat staat er als pictogram tussen op mijn taakbalk.(BlueStacks-agent online)

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 16:02:53, on 9-1-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE

C:\PROGRAM FILES (X86)\ASUS\ATKOSD2\ATKOSD2.EXE

C:\PROGRAM FILES (X86)\ASUSTEK\ASUSDVD 8\PDVD8SERV.EXE

C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Downloads\HijackThis (1).exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll

O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: LastPass - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=lastpass

O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=fillforms

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: Windows Firewall Control (wfcs) - BiniSoft.org - C:\Program Files\Windows Firewall Control\wfcs.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13705 bytes

Link naar reactie
Delen op andere sites

  • Reacties 40
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Bea at 2014-01-09 17:05:51

Microsoft Windows 7 Professional Service Pack 1

System drive C: has 10 GB (13%) free of 76 GB

Total RAM: 4095 MB (25% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"

"C:\Windows\system32\nvvsvc.exe"

C:\Windows\system32\svchost.exe -k RPCSS

"C:\Program Files\Microsoft Security Client\MsMpEng.exe"

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Windows\system32\FBAgent.exe"

"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"

"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"

C:\Windows\System32\spoolsv.exe

"taskhost.exe"

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"

Atouch64.exe

taskeng.exe {68E1F0B0-9634-4A5B-8974-D48546D3FF98}

"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"

"C:\Program Files\P4G\BatteryLife.exe"

"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"

"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"

"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"

"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP

"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

ATKOSD.exe

"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding

KBFiltr.exe

WDC.exe

"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"

"C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe"

"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"

C:\Windows\SysWOW64\NLSSRV32.EXE

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Windows Firewall Control\wfcs.exe"

"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"

"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3016.0.1855618592\1814771311" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0649 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3165 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.1.891228675\1836992531" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.2.5992\1112043605" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.3.184959119\1007230096" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.4.1957033279\1385836779" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.5.1611726235\2066915312" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.6.1403444221\1298711960" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.7.1843714322\1013641859" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.8.1350697363\436570254" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.9.1549845055\884524437" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.10.1758640677\569002984" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.11.1092450873\468670240" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.12.191314067\1946322563" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.13.561392783\102733708" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.14.1077861012\49724939" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.15.360523537\72181389" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.16.1901270832\65877531" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.17.240386638\684110366" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\\1.0.0_0\Plugin/ASCPlugin_Protect.dll" --lang=nl --channel="3016.18.149999417\1985133597" /prefetch:-390060480

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\LastPass\nplastpass.dll" --lang=nl --channel="3016.23.962181024\1668528910" /prefetch:-390060480

C:\Windows\system32\svchost.exe -k SDRSVC

"C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE" /autostart

"C:\PROGRAM FILES (X86)\ASUS\ATKOSD2\ATKOSD2.EXE"

"C:\PROGRAM FILES (X86)\ASUSTEK\ASUSDVD 8\PDVD8SERV.EXE"

"C:\PROGRAM FILES\ELANTECH\ETDCTRL.EXE"

"C:\PROGRAM FILES\WINDOWS FIREWALL CONTROL\WFC.EXE"

"C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE" /autostart

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="3016.31.1429907311\1641474688" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.32.2061087341\1143146347" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.36.1783159620\89543365" /prefetch:673131151

"C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.68.1822023826\511612177" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.69.50636067\1086007791" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.72.1413733537\1414286372" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.74.2009200803\2133843707" /prefetch:673131151

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.129.615022759\1264718553" /prefetch:673131151

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

"C:\Users\Bea\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\AutoKMS.job

C:\Windows\tasks\Driver Booster Startup.job

C:\Windows\tasks\Driver Booster Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-22 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]

Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]

LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-12-19 916992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-02 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]

LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]

FlashGetBHO - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16 1432224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-02 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-12-19 916992]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16 1432224]

{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-12-04 863184]

"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-11-11 2283808]

"uTorrent"=C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-19 1142864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-05-11 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

C:\Windows\AsScrPro.exe [2009-12-05 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]

c:\program files (x86)\asus\atkosd2\atkosd2.exe [2009-08-17 6859392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]

c:\program files\elantech\etdctrl.exe [2009-09-30 621440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74D]

c:\program files (x86)\google\chrome\application\chrome.exe [2013-12-04 863184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]

c:\program files (x86)\google\drive\googledrivesync.exe [2013-12-06 20203904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]

c:\program files (x86)\asustek\asusdvd 8\language\language.exe [2009-04-16 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]

c:\program files (x86)\asustek\asusdvd 8\pdvd8serv.exe [2009-04-16 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-23 13662936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

c:\users\bea\appdata\roaming\utorrent\utorrent.exe [2013-11-19 1142864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Deployer.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DriverBooster.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamgui.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbampt.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamscheduler.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamservice.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Promote.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Scheduler.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpdateDB.exe]

"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-09 17:05:51 ----D---- C:\rsit

2014-01-09 17:05:51 ----D---- C:\Program Files\trend micro

2013-12-19 19:14:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2013-12-19 19:14:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-12-19 19:14:42 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-12-19 19:14:42 ----A---- C:\Windows\system32\jsproxy.dll

2013-12-19 19:14:42 ----A---- C:\Windows\system32\ieUnatt.exe

2013-12-19 19:14:42 ----A---- C:\Windows\system32\ieui.dll

2013-12-19 19:14:41 ----A---- C:\Windows\system32\iesetup.dll

2013-12-19 19:14:41 ----A---- C:\Windows\system32\iernonce.dll

2013-12-19 19:14:41 ----A---- C:\Windows\system32\ieetwproxystub.dll

2013-12-19 19:14:41 ----A---- C:\Windows\system32\ieetwcollector.exe

2013-12-19 19:14:41 ----A---- C:\Windows\system32\ie4uinit.exe

2013-12-19 19:14:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2013-12-19 19:14:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2013-12-19 19:14:40 ----A---- C:\Windows\system32\mshtml.dll

2013-12-19 19:14:40 ----A---- C:\Windows\system32\jscript9diag.dll

2013-12-19 19:14:40 ----A---- C:\Windows\system32\ieapfltr.dll

2013-12-19 19:14:39 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-12-19 19:14:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-12-19 19:14:39 ----A---- C:\Windows\system32\iertutil.dll

2013-12-19 19:14:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-12-19 19:14:38 ----A---- C:\Windows\system32\wininet.dll

2013-12-19 19:14:38 ----A---- C:\Windows\system32\urlmon.dll

2013-12-19 19:14:37 ----A---- C:\Windows\system32\ieframe.dll

2013-12-19 19:14:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-12-19 19:14:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-12-19 19:14:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-12-19 19:14:33 ----A---- C:\Windows\system32\jscript9.dll

2013-12-17 08:55:39 ----A---- C:\Windows\system32\IEUDINIT.EXE

2013-12-17 08:50:13 ----A---- C:\Windows\SYSWOW64\elshyph.dll

2013-12-17 08:50:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\msrating.dll

2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\msls31.dll

2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\jsIntl.dll

2013-12-17 08:50:06 ----A---- C:\Windows\system32\elshyph.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\wextract.exe

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\url.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\licmgr10.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\inseng.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iexpress.exe

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\icardie.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\pngfilt.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\occache.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\mshta.exe

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\imgutil.dll

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\mshtmler.dll

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll

2013-12-17 08:50:03 ----A---- C:\Windows\system32\jsIntl.dll

2013-12-17 08:50:02 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2013-12-17 08:50:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-12-17 08:50:02 ----A---- C:\Windows\system32\msrating.dll

2013-12-17 08:50:02 ----A---- C:\Windows\system32\msls31.dll

2013-12-17 08:50:02 ----A---- C:\Windows\system32\mshtmler.dll

2013-12-17 08:50:02 ----A---- C:\Windows\system32\msfeedssync.exe

2013-12-17 08:50:02 ----A---- C:\Windows\system32\msfeedsbs.dll

2013-12-17 08:50:02 ----A---- C:\Windows\system32\iesysprep.dll

2013-12-17 08:50:02 ----A---- C:\Windows\system32\IEAdvpack.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\wextract.exe

2013-12-17 08:50:01 ----A---- C:\Windows\system32\webcheck.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\vbscript.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\url.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\mshtmlmedia.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\mshtmled.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\msfeeds.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\licmgr10.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\inseng.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\iexpress.exe

2013-12-17 08:50:01 ----A---- C:\Windows\system32\iedkcs32.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\ieapfltr.dat

2013-12-17 08:50:01 ----A---- C:\Windows\system32\icardie.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\dxtrans.dll

2013-12-17 08:50:01 ----A---- C:\Windows\system32\dxtmsft.dll

2013-12-17 08:50:00 ----A---- C:\Windows\system32\pngfilt.dll

2013-12-17 08:50:00 ----A---- C:\Windows\system32\occache.dll

2013-12-17 08:50:00 ----A---- C:\Windows\system32\MshtmlDac.dll

2013-12-17 08:50:00 ----A---- C:\Windows\system32\mshta.exe

2013-12-17 08:50:00 ----A---- C:\Windows\system32\jscript.dll

2013-12-17 08:50:00 ----A---- C:\Windows\system32\imgutil.dll

2013-12-17 08:50:00 ----A---- C:\Windows\system32\iepeers.dll

2013-12-16 16:56:02 ----D---- C:\Program Files (x86)\Cabri II Plus

2013-12-12 15:54:00 ----A---- C:\Windows\system32\wmploc.DLL

2013-12-12 15:53:59 ----A---- C:\Windows\SYSWOW64\wmploc.DLL

2013-12-12 15:53:59 ----A---- C:\Windows\SYSWOW64\wmp.dll

2013-12-12 15:53:57 ----A---- C:\Windows\system32\wmp.dll

2013-12-12 14:34:51 ----A---- C:\Windows\system32\msieftp.dll

2013-12-12 14:34:50 ----A---- C:\Windows\SYSWOW64\msieftp.dll

2013-12-12 14:34:48 ----A---- C:\Windows\system32\win32k.sys

2013-12-12 14:34:47 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

2013-12-12 14:34:46 ----A---- C:\Windows\system32\WMPhoto.dll

2013-12-12 14:34:45 ----A---- C:\Windows\system32\imagehlp.dll

2013-12-12 14:34:44 ----A---- C:\Windows\SYSWOW64\imagehlp.dll

2013-12-12 14:34:43 ----A---- C:\Windows\SYSWOW64\wscript.exe

2013-12-12 14:34:43 ----A---- C:\Windows\SYSWOW64\scrrun.dll

2013-12-12 14:34:43 ----A---- C:\Windows\SYSWOW64\cscript.exe

2013-12-12 14:34:43 ----A---- C:\Windows\system32\wscript.exe

2013-12-12 14:34:43 ----A---- C:\Windows\system32\scrrun.dll

2013-12-12 14:34:43 ----A---- C:\Windows\system32\cscript.exe

2013-12-12 14:34:42 ----A---- C:\Windows\system32\drivers\portcls.sys

2013-12-12 14:34:42 ----A---- C:\Windows\system32\drivers\drmk.sys

2013-12-12 14:34:38 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-12-12 14:34:38 ----A---- C:\Windows\system32\tzres.dll

2013-12-10 23:33:29 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin

2013-12-10 23:24:37 ----D---- C:\Users\Bea\AppData\Roaming\Spotnet

======List of files/folders modified in the last 1 month======

2014-01-09 17:05:51 ----RD---- C:\Program Files

2014-01-09 17:05:13 ----D---- C:\Windows\Temp

2014-01-09 15:49:05 ----D---- C:\Users\Bea\AppData\Roaming\uTorrent

2014-01-09 15:41:47 ----D---- C:\Windows\system32\config

2014-01-09 15:40:12 ----D---- C:\Program Files (x86)\Common Files

2014-01-09 15:29:48 ----D---- C:\AdwCleaner

2014-01-09 14:52:17 ----D---- C:\Windows\system32\catroot2

2014-01-09 14:49:13 ----D---- C:\Windows\SoftwareDistribution

2014-01-09 14:47:26 ----D---- C:\Windows\SysWOW64

2014-01-09 14:39:18 ----AD---- C:\Windows

2014-01-09 14:39:10 ----D---- C:\Windows\debug

2014-01-09 10:24:50 ----SD---- C:\Users\Bea\AppData\Roaming\Microsoft

2014-01-09 10:09:19 ----SHD---- C:\Boot

2014-01-06 19:14:45 ----D---- C:\Windows\system32\FxsTmp

2014-01-06 19:09:44 ----SHD---- C:\Windows\Installer

2014-01-06 19:09:44 ----SHD---- C:\Config.Msi

2014-01-06 19:07:22 ----SHD---- C:\System Volume Information

2014-01-06 18:57:58 ----D---- C:\ProgramData\ProductData

2014-01-03 01:19:16 ----D---- C:\Windows\Microsoft.NET

2014-01-03 00:49:58 ----RSD---- C:\Windows\assembly

2014-01-03 00:49:48 ----HD---- C:\ProgramData

2014-01-03 00:49:45 ----RD---- C:\Program Files (x86)

2014-01-02 23:55:32 ----D---- C:\ProgramData\BlueStacksSetup

2014-01-02 23:53:23 ----D---- C:\Windows\Prefetch

2014-01-02 23:02:46 ----D---- C:\Windows\system32\Tasks

2013-12-24 23:09:00 ----D---- C:\Program Files\CCleaner

2013-12-24 21:51:22 ----D---- C:\Users\Bea\AppData\Roaming\calibre

2013-12-24 21:02:29 ----D---- C:\Windows\inf

2013-12-24 20:34:23 ----D---- C:\Windows\System32

2013-12-24 20:34:23 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-12-24 15:13:54 ----D---- C:\Program Files (x86)\Calibre2

2013-12-19 22:00:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-12-19 19:46:37 ----D---- C:\Program Files (x86)\LastPass

2013-12-19 19:33:43 ----D---- C:\Windows\winsxs

2013-12-19 19:28:31 ----D---- C:\Program Files (x86)\Internet Explorer

2013-12-19 19:28:30 ----D---- C:\Program Files\Internet Explorer

2013-12-19 19:14:59 ----D---- C:\Windows\system32\catroot

2013-12-19 16:00:20 ----A---- C:\Windows\system32\acovcnt.exe

2013-12-19 10:07:14 ----D---- C:\Windows\Panther

2013-12-19 10:07:14 ----D---- C:\Windows\Logs

2013-12-17 20:35:39 ----D---- C:\Windows\rescache

2013-12-17 09:01:17 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-12-17 09:01:16 ----D---- C:\Windows\system32\nl-NL

2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\pt-PT

2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\it-IT

2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\he-IL

2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\el-GR

2013-12-17 09:01:11 ----D---- C:\Windows\SYSWOW64\wbem

2013-12-17 09:01:11 ----D---- C:\Windows\SYSWOW64\migration

2013-12-17 09:01:11 ----D---- C:\Windows\SYSWOW64\fr-FR

2013-12-17 09:01:10 ----D---- C:\Windows\SYSWOW64\zh-TW

2013-12-17 09:01:10 ----D---- C:\Windows\SYSWOW64\es-ES

2013-12-17 09:01:10 ----D---- C:\Windows\SYSWOW64\de-DE

2013-12-17 09:01:09 ----D---- C:\Windows\SYSWOW64\en-US

2013-12-17 09:01:04 ----D---- C:\Windows\PolicyDefinitions

2013-12-17 09:01:03 ----D---- C:\Windows\system32\pt-PT

2013-12-17 09:01:03 ----D---- C:\Windows\system32\migration

2013-12-17 09:01:03 ----D---- C:\Windows\system32\it-IT

2013-12-17 09:01:03 ----D---- C:\Windows\system32\he-IL

2013-12-17 09:01:03 ----D---- C:\Windows\system32\fr-FR

2013-12-17 09:01:03 ----D---- C:\Windows\system32\el-GR

2013-12-17 09:01:02 ----D---- C:\Windows\system32\zh-TW

2013-12-17 09:01:02 ----D---- C:\Windows\system32\wbem

2013-12-17 09:01:02 ----D---- C:\Windows\system32\es-ES

2013-12-17 09:01:02 ----D---- C:\Windows\system32\de-DE

2013-12-17 09:01:01 ----D---- C:\Windows\system32\en-US

2013-12-17 08:47:23 ----D---- C:\Windows\system32\MRT

2013-12-17 00:52:08 ----A---- C:\Windows\system32\MRT.exe

2013-12-16 16:07:50 ----D---- C:\ProgramData\IObit

2013-12-12 17:56:51 ----D---- C:\Program Files (x86)\Windows Media Player

2013-12-12 17:56:50 ----D---- C:\Program Files\Windows Media Player

2013-12-12 17:56:31 ----D---- C:\Windows\system32\DriverStore

2013-12-12 17:56:29 ----D---- C:\Windows\system32\drivers

2013-12-12 15:53:30 ----D---- C:\ProgramData\Microsoft Help

2013-12-11 11:58:35 ----D---- C:\Users\Bea\AppData\Roaming\Nitro PDF

2013-12-10 23:52:41 ----D---- C:\ProgramData\Spotnet

2013-12-10 23:32:52 ----D---- C:\Program Files (x86)\Spotnet

2013-12-10 22:40:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-05 35384]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2013-08-27 244328]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-04-03 39504]

R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-10-03 3884032]

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-23 3707864]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-08-27 194488]

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-03 883928]

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]

S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]

S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-16 2151232]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]

R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-03-25 230408]

R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]

R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-27 239176]

R2 wfcs;Windows Firewall Control; C:\Program Files\Windows Firewall Control\wfcs.exe [2013-11-21 75776]

R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]

R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [2013-12-16 247968]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-15 271760]

S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [2013-12-16 193696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-02 1255736]

S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]

aangepast door beaba
Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

standardsearch;
autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

via Z-Analyse:

Z-Analyse V1.0.0.1 Updated 23-December-2013

Tool run by Bea on do 09-01-2014 at 18:09:37,52.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

Running in: Normal Mode No Internet Access Detected

Launched: C:\Users\Bea\Desktop\Z-Analyse\Z-Analyse.exe [Deep Scan]

==== System Restore Info ======================

9-1-2014 18:11:12 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe

C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

C:\Windows\SysWOW64\NLSSRV32.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE

C:\PROGRAM FILES (X86)\ASUS\ATKOSD2\ATKOSD2.EXE

C:\PROGRAM FILES (X86)\ASUSTEK\ASUSDVD 8\PDVD8SERV.EXE

C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Desktop\Z-Analyse\Z-Analyse.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Users\Bea\AppData\Local\Temp\NirCmd.exe

==== System Specs ======================

Operating System: Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 64-bits

Manufacturer: ASUSTeK Computer Inc. - Model: K70IC

Install Date: 2-7-2013 15:26:22

Last Boot: 9-1-2014 15:30:26

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz

Number of Processors: 2

Work Station

Bootmode: Normal boot

Total RAM: 4095 MB (free 972 MB - 23)

Computername: BEA-LAPTOP

Domain: WORKGROUP

User: Bea (Administrator account)

Local Disk: C:\ - NTFS - 74 GB (free 10 GB)

Local Disk: D:\ - NTFS - 208 GB (free 67 GB)

CD \ DVD Drive: E:\

Bootdevice: \Device\HarddiskVolume2

Windows update:

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Default Browser: Google Chrome 31.0.1650.63

Internet Explorer Version: 11.0.9600.16476

Google Chrome version: 31.0.1650.63

Adobe Reader version: 11.0.04.63

Sun Java version: 1.7.0_45 (32-bit)

Flash Player version: 11.9.900.170

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Bea\AppData\Local\Temp ====

2014-01-02 22:02:46 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\AppData\Local\Temp\uninstall7998795.exe

2014-01-02 22:02:46 20EF7EED836BB8F1C11C4E371A60BD52 399472 ----a-w- C:\Users\Bea\AppData\Local\Temp\uninstall7998779.exe

2014-01-02 22:01:58 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\Bea\AppData\Local\Temp\htmlayout.dll

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-12-12 13:34:42 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys

2013-12-12 13:34:42 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys

====== C:\Windows\Tasks ======

2014-01-02 22:02:46 E8C240A84B7113D05FAE5889A3BAAA65 3116 ----a-w- C:\Windows\Sysnative\Tasks\YourFile DownloaderUpdate

2013-12-12 13:12:18 79A136AF9EFC16C5FDEC7C1C7A83CFB7 3132 ----a-w- C:\Windows\Sysnative\Tasks\{20E73814-90B3-4AB4-9104-5CC3360EDA8C}

2013-12-12 12:46:15 E7B54917C0815759B78BC2F4A7B18A37 3120 ----a-w- C:\Windows\Sysnative\Tasks\{4A10D1D8-D68B-47AC-8869-8554F2CCD718}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-09 16:05:51 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2013-12-16 15:56:02 -------- d-----w- C:\PROGRA~2\Cabri II Plus

======= C: =====

2014-01-09 17:09:34 776D15C3F5DA6B8D352168F2C9516A5E 539 ----a-w- C:\runcheck.txt

====== C:\Users\Bea\AppData\Roaming ======

2014-01-09 14:37:45 -------- d-----r- C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD 8

2014-01-02 22:06:37 2DA4E0ED89DDDFCFC687CBF3ACFB1018 43 ----a-w- C:\Users\Bea\AppData\Roaming\mbam.context.scan

2013-12-19 09:19:04 -------- d-----w- C:\Users\Default\AppData\Local\Google

2013-12-19 09:19:04 -------- d-----w- C:\Users\Default User\AppData\Local\Google

2013-12-10 22:34:41 -------- d-----w- C:\Users\Bea\AppData\Local\Spotnet

2013-12-10 22:24:37 -------- d-----w- C:\Users\Bea\AppData\Roaming\Spotnet

====== C:\Users\Bea ======

2014-01-09 16:05:03 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Bea\Downloads\RSITx64.exe

2014-01-09 14:15:19 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\Bea\Downloads\adwcleaner.exe

2014-01-02 22:50:54 4751B5BE312920D9F6CF9C7E2A9ED2EB 10245808 ----a-w- C:\Users\Bea\Downloads\BlueStacks-SplitInstaller_native.exe

2014-01-02 22:29:44 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (2).exe

2014-01-02 22:27:05 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (1).exe

2014-01-02 22:26:59 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011.exe

2014-01-02 22:01:33 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader (1).exe

2014-01-02 21:47:59 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader.exe

2014-01-02 21:34:25 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader (1).exe

2014-01-02 21:34:17 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader.exe

2013-12-16 15:56:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cabri Geometry II Plus

====== C: exe-files ==

2014-01-09 17:08:40 9B6158521550B55E691851CD764CAE06 1281024 ----a-w- C:\Users\Bea\Desktop\Z-Analyse\Z-Analyse.exe

2014-01-09 16:05:03 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Bea\Downloads\RSITx64.exe

2014-01-09 14:40:12 C823DCBB879777B695F51E42CDDB6F83 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-314706107-1989528577-1666421781-1001\$I8BU6FK.exe

2014-01-09 14:15:19 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\Bea\Downloads\adwcleaner.exe

2014-01-09 09:18:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Toolbox_Download\Sur12_DiskDoctor.exe

2014-01-09 09:05:04 D9B8018BD363B1623E69B5691059520B 29120600 ----a-w- C:\Users\Bea\Google Drive\handleidingen\Google_\Google+\asc7-setup-beta.exe

2014-01-06 18:06:46 561674D1EFCABCDFB3C259CBC9E5AB9E 11468448 ----a-w- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0oemBingBarSetup-Partner.EXE

2014-01-02 22:50:54 4751B5BE312920D9F6CF9C7E2A9ED2EB 10245808 ----a-w- C:\Users\Bea\Downloads\BlueStacks-SplitInstaller_native.exe

2014-01-02 22:29:44 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (2).exe

2014-01-02 22:27:05 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (1).exe

2014-01-02 22:26:59 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011.exe

2014-01-02 22:02:46 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\AppData\Local\Temp\uninstall7998795.exe

2014-01-02 22:02:46 20EF7EED836BB8F1C11C4E371A60BD52 399472 ----a-w- C:\Users\Bea\AppData\Local\Temp\uninstall7998779.exe

2014-01-02 22:01:33 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader (1).exe

2014-01-02 21:47:59 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader.exe

2014-01-02 21:34:25 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader (1).exe

2014-01-02 21:34:17 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader.exe

=== C: other files ==

2014-01-09 17:07:53 42142D1488F3429CAF525FF49404D22D 2545620 ----a-w- C:\Users\Bea\Downloads\Z-Analyse.zip

2014-01-09 14:37:51 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bea\AppData\Local\Temp\_MEI25002\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-01-09 13:47:28 397F2DC524463C7A7D2DA4DF47F223D5 3922578 ----a-w- C:\Users\Bea\AppData\Local\Temp\lptmp2076237464\lp_languages.zip

2014-01-09 13:46:48 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bea\AppData\Local\Temp\_MEI72842\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-01-09 09:22:59 F532FEF5D9CF873D44F8DFF358955969 137952 ----a-w- C:\Users\Bea\AppData\LocalLow\LastPass\lpicons2_e2a01799f67d270e1338d1ac03502c86c51e26ce9cf32b92165495fc6029081e.zip

2014-01-09 09:05:51 70BE18AFAF7BF7FCB9EDA7C89EAFC559 27675 ----a-w- C:\Users\Bea\Google Drive\handleidingen\Google_\Google Chrome\beababijn@gmail.com-takeout.zip

2014-01-09 08:50:18 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bea\AppData\Local\Temp\_MEI28362\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-01-06 17:56:36 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bea\AppData\Local\Temp\_MEI23922\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-01-02 22:55:26 E1510408BFE1E6BF23768DC152B0B463 147986315 ----a-w- C:\ProgramData\BlueStacksSetup\runtimedata_0.8.4.3036.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-314706107-1989528577-1666421781-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"uTorrent"="C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"

"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"uTorrent"="C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe"

"hkey"="HKLM"

"item"="Adobe ARM"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"hkey"="HKLM"

"item"="Adobe Reader Speed Launcher"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray]

"command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe"

"hkey"="HKLM"

"item"="ADSMTray"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKOSD2]

"command"="c:\\program files (x86)\\asus\\atkosd2\\atkosd2.exe"

"hkey"="HKLM"

"item"="ATKOSD2"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\Cyberlink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDWare]

"command"="c:\\program files\\elantech\\etdctrl.exe"

"hkey"="HKLM"

"item"="ETDWare"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74D]

"command"="\"c:\\program files (x86)\\google\\chrome\\application\\chrome.exe\" --no-startup-window"

"hkey"="HKCU"

"item"="GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74D"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync]

"command"="\"c:\\program files (x86)\\google\\drive\\googledrivesync.exe\" /autostart"

"hkey"="HKCU"

"item"="GoogleDriveSync"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut]

"command"="c:\\program files (x86)\\asustek\\asusdvd 8\\language\\language.exe"

"hkey"="HKLM"

"item"="PDVD8LanguageShortcut"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8]

"command"="c:\\program files (x86)\\asustek\\asusdvd 8\\pdvd8serv.exe"

"hkey"="HKLM"

"item"="RemoteControl8"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

"hkey"="HKLM"

"item"="RtHDVCpl"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"command"="\"c:\\users\\bea\\appdata\\roaming\\utorrent\\utorrent.exe\" /minimized"

"hkey"="HKLM"

"item"="uTorrent"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2014-01-09 14:38:18 1298 ----a-w- C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2013 22:40]

C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe []

C:\Windows\tasks\Driver Booster Startup.job --a------ C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [08-09-2013 10:39]

C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [08-09-2013 10:12]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-07-2013 20:16]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-07-2013 20:16]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]

"C:\Windows\SysNative\tasks\ASC7_SkipUac_Bea" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]

"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]

"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]

"C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe]

"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]

"C:\Windows\SysNative\tasks\Driver Booster Startup" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]

"C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\P4G\IntlCtrl.exe]

"C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe]

"C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5AC32AB6-BE18-430B-B6F3-EEE24D667F6E}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe]

"C:\Windows\SysNative\tasks\YourFile DownloaderUpdate" [C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe]

"C:\Windows\SysNative\tasks\{59DF2F61-B35D-4CDF-B1DE-FFE77969A3E6}" [C:\Program Files\Windows Firewall Control\wfc.exe]

"C:\Windows\SysNative\tasks\{F1163D3A-82EB-4C6C-8DF4-6883148D83DB}" [C:\Program Files\Windows Firewall Control\wfc.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12-10-2013 13:04]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

apdfllckaahabafndbhieahigkjlhalf - C:\Users\Bea\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[24-08-2013 23:37]

Google Translate - Bea - Backup Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb

Google Slides - Bea - Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Magic Actions for YouTube\u2122 - Bea - Backup Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif

Prezi - Bea - Backup Default\Extensions\acoonfmhnndodekhecidldfdjgooefpg

CookiesOK - Bea - Backup Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni

Send using Gmail\u2122 no button - Bea - Backup Default\Extensions\ahldefgplekckalfcolhhnljbbgaiboc

Facebook App for Google Chrome\u2122 - Bea - Backup Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm

Check It Later Extension - Bea - Backup Default\Extensions\amcmidlnbalnbkilajedfgiibhcfmbkh

Delibookmarks (Delicious Bookmarks) - Bea - Backup Default\Extensions\animchmhhndbcfahoigdpelodbhnhepg

Google Docs - Bea - Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake

Lucidchart Diagrams Online - Bea - Backup Default\Extensions\apboafhkiegglekeafbckfjldecefkhn

Google Drive - Bea - Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Embed WMPlayer inline - Bea - Backup Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli

MindMeister - Bea - Backup Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm

Open with Google Drive\u2122 Viewer - Bea - Backup Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan

Show the YouTube Channel bar or the name. - Bea - Backup Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

Cloud Kite - Bea - Backup Default\Extensions\biagdapeolcddppdgcocjkdjfhlodegf

HootSuite Hootlet - Bea - Backup Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn

Web2PDFConverter - Bea - Backup Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk

Google Notifications - Bea - Backup Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi

SmoothScroll - Bea - Backup Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn

Last updated at time on date - Bea - Backup Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Webpage Screenshot Capture - Bea - Backup Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki

Symbaloo Bookmarker 0.4 - Bea - Backup Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm

Circloscope Free (Inactives+) - Bea - Backup Default\Extensions\dhcfgcecigkknnimiljlbcjmnbeeodhl

Gmelius - Ad Blocker and Better UI for Gmail\u2122 - Bea - Backup Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl

PicMonkey Extension - Bea - Backup Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl

KeyRocket for Gmail\u2122 - Bea - Backup Default\Extensions\dmocchgkijnbjdjkmlglaemjhhdiobbp

MindMup - Bea - Backup Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej

*Auto Logout Google Accounts* - Bea - Backup Default\Extensions\ecobfildhmfjnalpfhjagnoldllommec

Drive Template Gallery - Bea - Backup Default\Extensions\edccfahmoapjmcaahncgcekjodejmhkg

GENDERselectfemalePhotos of USER_NAMEmalePhotos of USER_NAMEotherPhotos of USER_NAME - Bea - Backup Default\Extensions\efjnaogkjbogokcnohkmnjdojkikgobo

Black Menu for Google\u2122 - Bea - Backup Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke

Gmail Offline - Bea - Backup Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk

Add to Feedly - Bea - Backup Default\Extensions\ejkjjleifeeaccajkekdcckflfpenoen

Box - 5 GB Free Storage - Bea - Backup Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl

Silver Bird - Bea - Backup Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic

Google Sheets - Bea - Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Replies and more for Google - Bea - Backup Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea

google sites - Bea - Backup Default\Extensions\fmkfojklejfhcdgknoeocdabfpgikeai

Circloscope Free (Uncirclers+) - Bea - Backup Default\Extensions\fnckobddbbbgfabnhogmncmghngohflh

Edmodo - Bea - Backup Default\Extensions\fpcdidgjjebefhmlhjlgnkahlimgaemc

Torrent Turbo Search - Bea - Backup Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio

Facebook for Chrome - Bea - Backup Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp

Mail Checker Plus for Google Mail\u2122 - Bea - Backup Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe

Android Desktop Notifications - Bea - Backup Default\Extensions\giicnncicnopjohcpamieklkiacdoeni

Untitled audio - Bea - Backup Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne

DocuSign - Bea - Backup Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd

Voice Comments - Bea - Backup Default\Extensions\hcdoaikeblbbiphjibkhliiedjhnbbke

SearchPreview - Bea - Backup Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo

LastPass - Bea - Backup Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd

Refresh for Twitter - Bea - Backup Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp

Feedly - News Blogs and Youtube - Bea - Backup Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob

Google Keep - Bea - Backup Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki

goo.gl URL Shortener - Bea - Backup Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk

Power Twitter for Google Chrome\u2122 - Bea - Backup Default\Extensions\iieehhjfejnoljbnnhfnhibcjhmifffo

Dropbox - Bea - Backup Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl

Google Translate for Google - Bea - Backup Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl

Google Forms - Bea - Backup Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg

History Eraser App - Bea - Backup Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa

Speed Dial 2 - Bea - Backup Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik

TorrentFish - real-time torrent search - Bea - Backup Default\Extensions\kjgofhanoglcjdjaoknnjaebdoalfpah

Phone 2 Google Chrome\u2122 - Bea - Backup Default\Extensions\lnlgojabfogikedjanecphloghlegpdm

Lazarus Form Recovery - Bea - Backup Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno

Boomerang for Gmail - Bea - Backup Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll

A simple extension for lazy man: Open Chrome Download Manager directly by one click from the toolbar. - Bea - Backup Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe

Presentation Remote - Bea - Backup Default\Extensions\mhfdnafbhfglkcjgkgoopjoadaopcomi

Google Drawings - Bea - Backup Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme

Ghostery - Bea - Backup Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij

Advanced SystemCare Surfing Protection - Bea - Backup Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

SkyDrive - Bea - Backup Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk

Atomic Bookmarks 2 - Bea - Backup Default\Extensions\njacljdblagcjdmljcgpjkcinfflmgdk

Get Torrent - Bea - Backup Default\Extensions\nkfhaigiecjnddldaekokjcgjppnfmih

RSS Subscription Extension by Google - Bea - Backup Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd

Card number - Bea - Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Docs PDFPowerPoint Viewer by Google - Bea - Backup Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn

Weeronline actueel Nederland - Bea - Backup Default\Extensions\npgafdngocgnaincgfbpeblbeaadkpfa

Google Chrome to Phone Extension - Bea - Backup Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco

TS Magic Player - Bea - Backup Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg

Checker Plus for Gmail\u2122 - Bea - Backup Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

Currently authorized user: \u003Ci\u003E1\u003Ci\u003E. - Bea - Backup Default\Extensions\ofmekfknoepmlkpkpcmpecddpfdkbaif

Twitter Preview URLs - Bea - Backup Default\Extensions\oijgblonhcagdhfbgjilnpjipmijimmn

Google Quick Scroll - Bea - Backup Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc

WeVideo - Video Editor - Bea - Backup Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb

Online Muziek Luisteren - Bea - Backup Default\Extensions\olacollommkcihebibpjdbhkngcnhgdg

Diigo Web Collector - Capture and Annotate - Bea - Backup Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole

Scoop.it - Bea - Backup Default\Extensions\opjkhfahjokocpjfihcbfkmipdhcaknn

Instagram for Chrome - Bea - Backup Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb

None - Bea - Backup Default\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg

Cacoo - Diagramming Real-Time Collaboration - Bea - Backup Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh

ClickClean App - Bea - Backup Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp

Appie - Bea - Backup Default\Extensions\pidjpfnhaidmahnblgikaaadclebmoio

Evernote Web Clipper - Bea - Backup Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc

Chrome Update Notifier Plus - Bea - Backup Default\Extensions\plfbafagepmnjfhgoaakiobjffddcnbd

iReader - Bea - Backup Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc

Netvibes Chrome Extension - Bea - Backup Default\Extensions\ppfnnghflmcnehkalpghfnidkpcjclbm

Google Translate - Bea - Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb

Google Slides - Bea - Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Magic Actions for YouTube\u2122 - Bea - Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif

Prezi - Bea - Default\Extensions\acoonfmhnndodekhecidldfdjgooefpg

CookiesOK - Bea - Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni

Send using Gmail\u2122 no button - Bea - Default\Extensions\ahldefgplekckalfcolhhnljbbgaiboc

Check It Later Extension - Bea - Default\Extensions\amcmidlnbalnbkilajedfgiibhcfmbkh

Delibookmarks (Delicious Bookmarks) - Bea - Default\Extensions\animchmhhndbcfahoigdpelodbhnhepg

TechSmith Snagit Extension - Bea - Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce

Google Docs - Bea - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Lucidchart Diagrams - Online - Bea - Default\Extensions\apboafhkiegglekeafbckfjldecefkhn

Google Drive - Bea - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Embed WMPlayer inline - Bea - Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli

MindMeister - Bea - Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm

Open with Google Drive\u2122 Viewer - Bea - Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan

Show the YouTube Channel bar or the name. - Bea - Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

HootSuite Hootlet - Bea - Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn

Web2PDFConverter - Bea - Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk

YouTube - Bea - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Notifications - Bea - Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi

SmoothScroll - Bea - Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn

OpenDyslexic - Bea - Default\Extensions\cdnapgfjopgaggbmfgbiinmmbdcglnam

Last updated at time on date - Bea - Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Pushbullet - Bea - Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd

Webpage Screenshot Capture - Bea - Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki

Symbaloo Bookmarker 0.4 - Bea - Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm

Send to Google Drive - Bea - Default\Extensions\cppogeekogbladboceekjeiibihnkbhp

Read Later Fast - Bea - Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji

Symbaloo - Bea - Default\Extensions\dfnbdccaiknlpdgabdgjijniolkgmoeh

PicMonkey Extension - Bea - Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl

KeyRocket for Gmail\u2122 - Bea - Default\Extensions\dmocchgkijnbjdjkmlglaemjhhdiobbp

MindMup - Bea - Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej

*Auto Logout Google Accounts* - Bea - Default\Extensions\ecobfildhmfjnalpfhjagnoldllommec

Drive Template Gallery - Bea - Default\Extensions\edccfahmoapjmcaahncgcekjodejmhkg

Torrent Turbo Search App - Bea - Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif

Search All - Bea - Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk

Photos from Google Drive wont be deleted from Drive. - Bea - Default\Extensions\efjnaogkjbogokcnohkmnjdojkikgobo

Black Menu for Google\u2122 - Bea - Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke

Gmail Offline - Bea - Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk

Google Calendar - Bea - Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

Add to Feedly - Bea - Default\Extensions\ejkjjleifeeaccajkekdcckflfpenoen

Box - Bea - Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl

Silver Bird - Bea - Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic

Google Apps Script - Bea - Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl

TechSmith Snagit - Bea - Default\Extensions\fcnghgbgmemnlbckdipnmelbanpgneik

Google Sheets - Bea - Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Chrome Notepad - Bea - Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

Replies and more for Google - Bea - Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea

Presentation Remote for Google Drive\u2122 - Bea - Default\Extensions\fjdgmdaaacgdbfdohoidfjiipmbnbnho

PowerInbox - Bea - Default\Extensions\fmmgljeemhhajnponhffhpjioiclpmbh

VoiceThread - Bea - Default\Extensions\gajclnhcflhoicggnpmgkedchldikjgn

Facebook for Chrome - Bea - Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp

Mail Checker Plus for Google Mail\u2122 - Bea - Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe

Android Desktop Notifications - Bea - Default\Extensions\giicnncicnopjohcpamieklkiacdoeni

DocuSign - Bea - Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd

TweetDeck by Twitter - Bea - Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl

Kaizena (Voice Comments) - Bea - Default\Extensions\hcdoaikeblbbiphjibkhliiedjhnbbke

SearchPreview - Bea - Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo

LastPass - Bea - Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd

Refresh for Twitter - Bea - Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp

JustDelete.me - Bea - Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf

Feedly - News Blogs and Youtube - Bea - Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob

Google Keep - Bea - Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki

goo.gl URL Shortener - Bea - Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk

BitTorrent Surf (Beta) - Bea - Default\Extensions\ibpbofogepkkeoockhkfcgngjkimndlp

Power Twitter for Google Chrome\u2122 - Bea - Default\Extensions\iieehhjfejnoljbnnhfnhibcjhmifffo

Dropbox - Bea - Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl

Google Translate for Google - Bea - Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl

History Eraser App - Bea - Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa

Speed Dial 2 - Bea - Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik

Calculator - Bea - Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Bookmarks - Bea - Default\Extensions\ljcgggmjhkegncpcaffddonfhpnfocdk

Phone 2 Google Chrome\u2122 - Bea - Default\Extensions\lnlgojabfogikedjanecphloghlegpdm

Lazarus Form Recovery - Bea - Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno

Boomerang for Gmail - Bea - Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll

LinkedIn Notifications - Bea - Default\Extensions\menceeiihdbmfffpmgeokellaigfjcdm

A simple extension for lazy man: Open Chrome Download Manager directly by one click from the toolbar. - Bea - Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe

Presentation Remote - Bea - Default\Extensions\mhfdnafbhfglkcjgkgoopjoadaopcomi

Pocket - Bea - Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk

Google Drawings - Bea - Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme

Ghostery - Bea - Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij

Advanced SystemCare Surfing Protection - Bea - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

SkyDrive - Bea - Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk

Atomic Bookmarks 2 - Bea - Default\Extensions\njacljdblagcjdmljcgpjkcinfflmgdk

RSS Subscription Extension by Google - Bea - Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd

Google Wallet - Bea - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Docs PDFPowerPoint Viewer by Google - Bea - Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn

Weeronline actueel Nederland - Bea - Default\Extensions\npgafdngocgnaincgfbpeblbeaadkpfa

Google Chrome to Phone Extension - Bea - Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco

Checker Plus for Gmail\u2122 - Bea - Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

Twitter Preview URLs - Bea - Default\Extensions\oijgblonhcagdhfbgjilnpjipmijimmn

Google Quick Scroll - Bea - Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc

WeVideo - Video Editor and Maker - Bea - Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb

Online Muziek Luisteren - Bea - Default\Extensions\olacollommkcihebibpjdbhkngcnhgdg

Picasa - Bea - Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb

Diigo Web Collector - Capture and Annotate - Bea - Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole

RealtimeBoard Whiteboard for Collaboration - Bea - Default\Extensions\opfmbdmhambgleempeofcjjhjclimccg

Scoop.it - Bea - Default\Extensions\opjkhfahjokocpjfihcbfkmipdhcaknn

Instagram for Chrome - Bea - Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb

None - Bea - Default\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg

Cacoo - Diagramming Real-Time Collaboration - Bea - Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh

ClickClean App - Bea - Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp

SpeakIt - Bea - Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak

Appie - Bea - Default\Extensions\pidjpfnhaidmahnblgikaaadclebmoio

Evernote Web Clipper - Bea - Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc

Chrome Update Notifier Plus - Bea - Default\Extensions\plfbafagepmnjfhgoaakiobjffddcnbd

iReader - Bea - Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc

Netvibes Chrome Extension - Bea - Default\Extensions\ppfnnghflmcnehkalpghfnidkpcjclbm

Google Docs - Bea - Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Bea - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Loupe Collage - Bea - Profile 1\Extensions\bhaonknplhhecdgjpphnooeomecgipkc

YouTube - Bea - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

GeoGebra - Bea - Profile 1\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee

ScootPad - Bea - Profile 1\Extensions\boihgpoojeingjbbdjmoocbdibophjap

Google Search - Bea - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Sumo Paint - Bea - Profile 1\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

Gmail Offline - Bea - Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk

Haiku LMS - Solo Teacher Account - Bea - Profile 1\Extensions\fgpoakifbipnkhifgabffhdkdnloobhm

Stupeflix Video Maker - Bea - Profile 1\Extensions\fkdmcfnoimoilncpjchamnenebopocem

AdBlock - Bea - Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom

VocabularySpellingCity - Bea - Profile 1\Extensions\gnbihkjgkedgkepcakdjcnbicklpgfpm

Pictico - Bea - Profile 1\Extensions\gndkeamlgkegbmmoheplcndpopglacgf

LastPass - Bea - Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd

CK-12 - Bea - Profile 1\Extensions\ilmbnmigihncgeckjgmkehcgkdeohkhl

MeeGenius Children's Books - Bea - Profile 1\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc

LearnBoost - Bea - Profile 1\Extensions\lfbigbedbdencpbioocekehcblgokpno

Advanced SystemCare Surfing Protection - Bea - Profile 1\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Google Wallet - Bea - Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

TypingClub - Bea - Profile 1\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah

Checker Plus for Gmail\u2122 - Bea - Profile 1\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

WeVideo - Video Editor and Maker - Bea - Profile 1\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb

Khan Academy - Bea - Profile 1\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko

DOGOnews - Bea - Profile 1\Extensions\pcolnnhmiknpeonnnmoadeficjagocgf

Gmail - Bea - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Bea - Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Bea - Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Bea - Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Bea - Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Calendar - Bea - Profile 2\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

LastPass - Bea - Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd

Advanced SystemCare Surfing Protection - Bea - Profile 2\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Google Wallet - Bea - Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Bea - Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

"Search Page"="http://www.google.com"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"SearchAssistant"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{7EF149D8-62F6-4D4F-9A2A-059FE750405F}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{7EF149D8-62F6-4D4F-9A2A-059FE750405F} Yahoo! Search Url="http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll

O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: LastPass - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=lastpass

O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=fillforms

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: Windows Firewall Control (wfcs) - BiniSoft.org - C:\Program Files\Windows Firewall Control\wfcs.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on do 09-01-2014 at 18:21:17,92 ======================

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Windows\Sysnative\Tasks\YourFile DownloaderUpdate;fs
 C:\Windows\Sysnative\Tasks\{20E73814-90B3-4AB4-9104-5CC3360EDA8C};fs
 C:\Windows\Sysnative\Tasks\{4A10D1D8-D68B-47AC-8869-8554F2CCD718};fs
 C:\Windows\tasks\AutoKMS.job;f
 C:\Windows\SysNative\tasks\AutoKMS;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Ik krijg geen invoervak te zien en ook geen knop options?

De optie "Scan All Users" staat standaard aangevinkt.

Klik nu op de knop "Run script" heb ik beide ook niet gezien.

Bij het klikken op zoek.exe krijg ik het resultatenlog in kladblok. Meer heb ik niet kunnen ontdekken. Ik heb Download zoek.exe version 5.0.0.0 gedownload.

Ligt het daar misschien aan en moet ik toch zoek.exe version 5.0.0.0 (zip) (rar) hebben?

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 09-Januari-2014

Tool run by Bea on do 09-01-2014 at 20:30:43,62.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Bea\Desktop\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-09-172117.log 54886 bytes

C:\zoek-results2014-01-09-181335.log 54614 bytes

C:\zoek-results2014-01-09-182509.log 54703 bytes

C:\zoek-results2014-01-09-184502.log 50798 bytes

C:\zoek-results2014-01-09-192450.log 56690 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully

C:\Program Files\trend micro deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\Uniblue deleted successfully

C:\Users\Bea\AppData\Roaming\.# deleted successfully

C:\Users\Bea\AppData\Roaming\FlashgetSetup deleted successfully

C:\Users\Bea\AppData\Local\Secunia PSI deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-314706107-1989528577-1666421781-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7EF149D8-62F6-4D4F-9A2A-059FE750405F} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Windows\Sysnative\Tasks\YourFile DownloaderUpdate not found

C:\Windows\Sysnative\Tasks\{20E73814-90B3-4AB4-9104-5CC3360EDA8C} deleted

C:\Windows\Sysnative\Tasks\{4A10D1D8-D68B-47AC-8869-8554F2CCD718} deleted

C:\Windows\SysNative\tasks\AutoKMS deleted

"C:\Windows\tasks\AutoKMS.job" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Bea\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-12-12 13:34:42 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys

2013-12-12 13:34:42 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2013-12-16 15:56:02 -------- d-----w- C:\PROGRA~2\Cabri II Plus

======= C: =====

====== C:\Users\Bea\AppData\Roaming ======

2014-01-09 19:33:03 -------- d-----r- C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUSTek ASUSDVD 8

2014-01-09 19:20:56 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-01-09 19:20:56 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-01-09 19:20:56 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-01-09 19:20:56 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-01-09 19:20:56 -------- d-----w- C:\Users\Bea\AppData\Local\Temp

2014-01-02 22:06:37 2DA4E0ED89DDDFCFC687CBF3ACFB1018 43 ----a-w- C:\Users\Bea\AppData\Roaming\mbam.context.scan

2013-12-19 09:19:04 -------- d-----w- C:\Users\Default\AppData\Local\Google

2013-12-19 09:19:04 -------- d-----w- C:\Users\Default User\AppData\Local\Google

2013-12-10 22:34:41 -------- d-----w- C:\Users\Bea\AppData\Local\Spotnet

2013-12-10 22:24:37 -------- d-----w- C:\Users\Bea\AppData\Roaming\Spotnet

====== C:\Users\Bea ======

2014-01-09 16:05:03 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Bea\Downloads\RSITx64.exe

2014-01-09 14:15:19 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\Bea\Downloads\adwcleaner.exe

2014-01-02 22:50:54 4751B5BE312920D9F6CF9C7E2A9ED2EB 10245808 ----a-w- C:\Users\Bea\Downloads\BlueStacks-SplitInstaller_native.exe

2014-01-02 22:29:44 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (2).exe

2014-01-02 22:27:05 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (1).exe

2014-01-02 22:26:59 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011.exe

2014-01-02 22:01:33 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader (1).exe

2014-01-02 21:47:59 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader.exe

2014-01-02 21:34:25 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader (1).exe

2014-01-02 21:34:17 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader.exe

2013-12-16 15:56:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cabri Geometry II Plus

====== C: exe-files ==

2014-01-09 17:08:40 9B6158521550B55E691851CD764CAE06 1281024 ----a-w- C:\Users\Bea\Desktop\Z-Analyse\Z-Analyse.exe

2014-01-09 16:05:03 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Bea\Downloads\RSITx64.exe

2014-01-09 14:15:19 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\Bea\Downloads\adwcleaner.exe

2014-01-09 09:18:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Toolbox_Download\Sur12_DiskDoctor.exe

2014-01-09 09:05:04 D9B8018BD363B1623E69B5691059520B 29120600 ----a-w- C:\Users\Bea\Google Drive\handleidingen\Google_\Google+\asc7-setup-beta.exe

2014-01-06 18:06:46 561674D1EFCABCDFB3C259CBC9E5AB9E 11468448 ----a-w- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0oemBingBarSetup-Partner.EXE

2014-01-02 22:50:54 4751B5BE312920D9F6CF9C7E2A9ED2EB 10245808 ----a-w- C:\Users\Bea\Downloads\BlueStacks-SplitInstaller_native.exe

2014-01-02 22:29:44 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (2).exe

2014-01-02 22:27:05 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011 (1).exe

2014-01-02 22:26:59 EEECB0DA686B428B62BADF7A675B9DD7 445856 ----a-w- C:\Users\Bea\Downloads\Asterisk_Password_Spy_Tool_2011.exe

2014-01-02 22:01:33 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader (1).exe

2014-01-02 21:47:59 2D77EA0FB7E56370B9A41BD4415BBEA2 6558480 ----a-w- C:\Users\Bea\Downloads\whatsapp_hack_sh4x_v162_downloader.exe

2014-01-02 21:34:25 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader (1).exe

2014-01-02 21:34:17 3008B1F6F574C0688D011C1DA4B4F7F0 6617448 ----a-w- C:\Users\Bea\Downloads\Facebook-Account-Hacker-Tool-Black-Code_downloader.exe

=== C: other files ==

2014-01-09 19:33:03 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bea\AppData\Local\Temp\_MEI40762\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2014-01-09 17:07:53 42142D1488F3429CAF525FF49404D22D 2545620 ----a-w- C:\Users\Bea\Downloads\Z-Analyse.zip

2014-01-09 09:22:59 F532FEF5D9CF873D44F8DFF358955969 137952 ----a-w- C:\Users\Bea\AppData\LocalLow\LastPass\lpicons2_e2a01799f67d270e1338d1ac03502c86c51e26ce9cf32b92165495fc6029081e.zip

2014-01-09 09:05:51 70BE18AFAF7BF7FCB9EDA7C89EAFC559 27675 ----a-w- C:\Users\Bea\Google Drive\handleidingen\Google_\Google Chrome\beababijn@gmail.com-takeout.zip

2014-01-02 22:55:26 E1510408BFE1E6BF23768DC152B0B463 147986315 ----a-w- C:\ProgramData\BlueStacksSetup\runtimedata_0.8.4.3036.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-314706107-1989528577-1666421781-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"uTorrent"="C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"

"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"uTorrent"="C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe"

"hkey"="HKLM"

"item"="Adobe ARM"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray]

"command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe"

"hkey"="HKLM"

"item"="ADSMTray"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKOSD2]

"command"="c:\\program files (x86)\\asus\\atkosd2\\atkosd2.exe"

"hkey"="HKLM"

"item"="ATKOSD2"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\Cyberlink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDWare]

"command"="c:\\program files\\elantech\\etdctrl.exe"

"hkey"="HKLM"

"item"="ETDWare"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74D]

"command"="\"c:\\program files (x86)\\google\\chrome\\application\\chrome.exe\" --no-startup-window"

"hkey"="HKCU"

"item"="GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74D"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync]

"command"="\"c:\\program files (x86)\\google\\drive\\googledrivesync.exe\" /autostart"

"hkey"="HKCU"

"item"="GoogleDriveSync"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut]

"command"="c:\\program files (x86)\\asustek\\asusdvd 8\\language\\language.exe"

"hkey"="HKLM"

"item"="PDVD8LanguageShortcut"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8]

"command"="c:\\program files (x86)\\asustek\\asusdvd 8\\pdvd8serv.exe"

"hkey"="HKLM"

"item"="RemoteControl8"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

"hkey"="HKLM"

"item"="RtHDVCpl"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"command"="\"c:\\users\\bea\\appdata\\roaming\\utorrent\\utorrent.exe\" /minimized"

"hkey"="HKLM"

"item"="uTorrent"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2014-01-09 14:38:18 1298 ----a-w- C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2013 22:40]

C:\Windows\tasks\Driver Booster Startup.job --a------ C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [08-09-2013 10:39]

C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [08-09-2013 10:12]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-07-2013 20:16]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-07-2013 20:16]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]

"C:\Windows\SysNative\tasks\ASC7_SkipUac_Bea" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]

"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]

"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]

"C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]

"C:\Windows\SysNative\tasks\Driver Booster Startup" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]

"C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\P4G\IntlCtrl.exe]

"C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe]

"C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5AC32AB6-BE18-430B-B6F3-EEE24D667F6E}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe]

"C:\Windows\SysNative\tasks\{59DF2F61-B35D-4CDF-B1DE-FFE77969A3E6}" [C:\Program Files\Windows Firewall Control\wfc.exe]

"C:\Windows\SysNative\tasks\{F1163D3A-82EB-4C6C-8DF4-6883148D83DB}" [C:\Program Files\Windows Firewall Control\wfc.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12-10-2013 13:04]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

apdfllckaahabafndbhieahigkjlhalf - C:\Users\Bea\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[24-08-2013 23:37]

Google Translate - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb

Google Slides - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Magic Actions for YouTube\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif

Prezi - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\acoonfmhnndodekhecidldfdjgooefpg

CookiesOK - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni

Send using Gmail\u2122 no button - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahldefgplekckalfcolhhnljbbgaiboc

Check It Later Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcmidlnbalnbkilajedfgiibhcfmbkh

Delibookmarks (Delicious Bookmarks) - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\animchmhhndbcfahoigdpelodbhnhepg

TechSmith Snagit Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce

Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Lucidchart Diagrams - Online - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn

Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Embed WMPlayer inline - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli

MindMeister - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm

Open with Google Drive\u2122 Viewer - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan

Show the YouTube Channel bar or the name. - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

HootSuite Hootlet - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn

Web2PDFConverter - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk

YouTube - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Notifications - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi

SmoothScroll - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn

OpenDyslexic - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnapgfjopgaggbmfgbiinmmbdcglnam

Last updated at time on date - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Pushbullet - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd

Webpage Screenshot Capture - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki

Symbaloo Bookmarker 0.4 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm

Send to Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppogeekogbladboceekjeiibihnkbhp

Read Later Fast - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji

Symbaloo - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfnbdccaiknlpdgabdgjijniolkgmoeh

PicMonkey Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl

KeyRocket for Gmail\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmocchgkijnbjdjkmlglaemjhhdiobbp

MindMup - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej

*Auto Logout Google Accounts* - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecobfildhmfjnalpfhjagnoldllommec

Drive Template Gallery - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\edccfahmoapjmcaahncgcekjodejmhkg

Torrent Turbo Search App - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif

Search All - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk

Photos from Google Drive wont be deleted from Drive. - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjnaogkjbogokcnohkmnjdojkikgobo

Black Menu for Google\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke

Gmail Offline - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk

Google Calendar - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

Add to Feedly - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkjjleifeeaccajkekdcckflfpenoen

Box - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl

Silver Bird - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic

Google Apps Script - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl

TechSmith Snagit - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcnghgbgmemnlbckdipnmelbanpgneik

Google Sheets - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Chrome Notepad - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

Replies and more for Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea

Presentation Remote for Google Drive\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjdgmdaaacgdbfdohoidfjiipmbnbnho

PowerInbox - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmgljeemhhajnponhffhpjioiclpmbh

VoiceThread - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajclnhcflhoicggnpmgkedchldikjgn

Facebook for Chrome - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp

Mail Checker Plus for Google Mail\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe

Android Desktop Notifications - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni

DocuSign - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd

TweetDeck by Twitter - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl

Kaizena (Voice Comments) - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdoaikeblbbiphjibkhliiedjhnbbke

SearchPreview - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo

LastPass - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd

Refresh for Twitter - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp

JustDelete.me - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf

Feedly - News Blogs and Youtube - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob

Google Keep - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki

goo.gl URL Shortener - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk

BitTorrent Surf (Beta) - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibpbofogepkkeoockhkfcgngjkimndlp

Power Twitter for Google Chrome\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\iieehhjfejnoljbnnhfnhibcjhmifffo

Dropbox - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl

Google Translate for Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl

History Eraser App - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa

Calculator - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Bookmarks - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljcgggmjhkegncpcaffddonfhpnfocdk

Phone 2 Google Chrome\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnlgojabfogikedjanecphloghlegpdm

Lazarus Form Recovery - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno

Boomerang for Gmail - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll

LinkedIn Notifications - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\menceeiihdbmfffpmgeokellaigfjcdm

Presentation Remote - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdnafbhfglkcjgkgoopjoadaopcomi

Pocket - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk

Google Drawings - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme

Ghostery - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij

Advanced SystemCare Surfing Protection - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

SkyDrive - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk

Atomic Bookmarks 2 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\njacljdblagcjdmljcgpjkcinfflmgdk

RSS Subscription Extension by Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd

Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Docs PDFPowerPoint Viewer by Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn

Weeronline actueel Nederland - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgafdngocgnaincgfbpeblbeaadkpfa

Google Chrome to Phone Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco

Checker Plus for Gmail\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

Twitter Preview URLs - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijgblonhcagdhfbgjilnpjipmijimmn

Google Quick Scroll - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc

WeVideo - Video Editor and Maker - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb

Online Muziek Luisteren - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\olacollommkcihebibpjdbhkngcnhgdg

Picasa - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb

Diigo Web Collector - Capture and Annotate - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole

RealtimeBoard Whiteboard for Collaboration - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfmbdmhambgleempeofcjjhjclimccg

Scoop.it - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjkhfahjokocpjfihcbfkmipdhcaknn

Instagram for Chrome - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb

None - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg

Cacoo - Diagramming Real-Time Collaboration - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh

ClickClean App - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp

SpeakIt - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak

Appie - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidjpfnhaidmahnblgikaaadclebmoio

Evernote Web Clipper - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc

Chrome Update Notifier Plus - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfbafagepmnjfhgoaakiobjffddcnbd

iReader - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc

Netvibes Chrome Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppfnnghflmcnehkalpghfnidkpcjclbm

Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Loupe Collage - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhaonknplhhecdgjpphnooeomecgipkc

YouTube - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

GeoGebra - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee

ScootPad - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boihgpoojeingjbbdjmoocbdibophjap

Google Search - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Sumo Paint - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

Gmail Offline - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk

Haiku LMS - Solo Teacher Account - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fgpoakifbipnkhifgabffhdkdnloobhm

Stupeflix Video Maker - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkdmcfnoimoilncpjchamnenebopocem

AdBlock - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom

VocabularySpellingCity - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gnbihkjgkedgkepcakdjcnbicklpgfpm

Pictico - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gndkeamlgkegbmmoheplcndpopglacgf

LastPass - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd

CK-12 - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilmbnmigihncgeckjgmkehcgkdeohkhl

MeeGenius Children's Books - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc

LearnBoost - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfbigbedbdencpbioocekehcblgokpno

Advanced SystemCare Surfing Protection - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

TypingClub - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah

Checker Plus for Gmail\u2122 - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj

WeVideo - Video Editor and Maker - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb

Khan Academy - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko

DOGOnews - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcolnnhmiknpeonnnmoadeficjagocgf

Gmail - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Calendar - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

LastPass - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd

Advanced SystemCare Surfing Protection - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{7EF149D8-62F6-4D4F-9A2A-059FE750405F}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{7EF149D8-62F6-4D4F-9A2A-059FE750405F} Yahoo//nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Bea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Bea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=183 folders=45 1296268 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Bea\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Bea\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 09-01-2014 at 20:49:22,32 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.