Zoek.exe v5.0.0.0 Updated 19-November-2014
Tool run by Anke on do 20/11/2014 at 11:23:57.26.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Anke\Desktop\zoek.scr [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-11-27-171918.log	25361 bytes
C:\zoek-results2013-11-27-175820.log	57874 bytes
C:\zoek-results2014-05-27-054916.log	578 bytes
C:\zoek-results2014-05-27-062340.log	30613 bytes
C:\zoek-results2014-05-27-073909.log	16976 bytes
C:\zoek-results2014-05-28-050919.log	1890 bytes

==== Empty Folders Check ======================

C:\Program Files\stinger deleted successfully
C:\Users\Anke\AppData\Local\Sparta deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-766547166-3330058944-3535508039-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default

user.js not found
---- Lines Kozaka removed from prefs.js ----
user_pref("extensions.Kozaka.aul", "1385410115089");
user_pref("extensions.Kozaka.irl", true);
user_pref("extensions.Kozaka.is", "EF22DDBE");
user_pref("extensions.Kozaka.ug", "EB4136C0-2C56-4FF4-89BE-EA01F8D25A67");
---- Lines Kozaka modified from prefs.js ----

user_pref("extensions.enabledAddons", "faststartff%40gmail.com:4.3.0,01bf1725-5590-4682-b84a-f1b66741dcc3%4025e6b5c3-aaac-478f-a1d3-df3214c71799.com:0
user_pref("extensions.installCache", "[{\"name\":\"app-profile\",\"addons\":{\"01bf1725-5590-4682-b84a-f1b66741dcc3@25e6b5c3-aaac-478f-a1d3-df3214c717
---- Lines a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020 removed from prefs.js ----
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.active", true);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.addressbar", "NA");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.addressbarenhanced", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.backgroundver", 2);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.certdomaininstaller", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.changeprevious", false);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.cookie.InstallationTime.value", "1385410112");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.description", "This plugin allows you to watch H
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.domain", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.enablesearch", false);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.homepage", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.iframe", false);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.InstallationTime", 1385410112);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.lastUpdate", "1385410113745");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.manifesturl", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.name", "HD Video Plugin");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.newtab", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.opensearch", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.publisher", "Plugin");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.setnewtab", false);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.thankyou", "");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.44020.updateinterval", 360);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.adsOldValue", -1);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.bic", "14290e0abd1979b9feaa99c589d3a96e");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.installationdate", 1385410112);
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.modetype", "production");
user_pref("extensions.a01bf172555904682b84af1b66741dcc325e6b5c3aaac478fa1d3df3214c71799com44020.reportInstall", true);
---- Lines Sweet removed from prefs.js ----
user_pref("browser.newtab.url", "http://www.sweet-page.com/newtab/?type=nt&ts=1415263302&from=cor&uid=ST380013AS_3JVDABXY");
user_pref("browser.search.defaultenginename", "sweet-page");
user_pref("browser.search.selectedEngine", "sweet-page");
user_pref("browser.startup.homepage", "http://www.sweet-page.com/?type=hp&ts=1415263302&from=cor&uid=ST380013AS_3JVDABXY");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ---- 

prefs_20142011_1145_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="C:\\Program Files\\Mozilla Firefox\\firefox.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\staged deleted
C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\faststartff@gmail.com deleted
C:\ProgramData\2308189059 deleted
C:\ProgramData\3537eb60efafda deleted
C:\ProgramData\dealpeak deleted
C:\ProgramData\GetTheDiscount deleted
C:\Users\Anke\AppData\Roaming\sweet-page deleted
C:\PROGRA~2\1341 deleted
C:\PROGRA~2\15261 deleted
C:\PROGRA~2\5388 deleted
C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Browse and Search the Internet.lnk deleted
C:\PROGRA~2\Microsoft\Windows\Start Menu\GoforFiles deleted
C:\PROGRA~2\AVG Security Toolbar deleted
C:\Users\Anke\AppData\Local\CrashRpt deleted
C:\Users\Anke\Downloads\avg_free_stb_all_2014_4744_cnet.exe deleted
C:\Users\Anke\Downloads\bsplayer266.1075.exe deleted
C:\Users\Anke\Downloads\bsplayer_installer.exe deleted
C:\Users\Anke\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
"C:\Program Files\Mozilla Firefox\searchplugins\sweet-page.xml" deleted
"C:\Program Files\Mozilla Firefox\searchplugins\sweet-page.xml" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Anke\AppData\Local\Temp ====
2014-11-07 07:35:16	A15C17140BA45C88ADB95D5CB7EA3418	19216	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\x86\Teamviewer_PrintProcessor.dll
2014-11-07 07:35:15	DCF9BAFBC560DD21CAB60CBA901C241C	368400	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_ru.dll
2014-11-07 07:35:15	C68FB507C47197B9A1358CB1F42530F1	369936	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_uk.dll
2014-11-07 07:35:15	A1CE35AA9C7F14E81D954AFEA86CAAD6	346384	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_th.dll
2014-11-07 07:35:15	7BAC36C1D1BD7D301FBC5A5DC8C3D469	364304	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_sr.dll
2014-11-07 07:35:15	619FBF857138AF0F4EC2E598B26CEEA2	206096	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_zhCN.dll
2014-11-07 07:35:15	5C328885FEF7B41F79059244EE64723E	359696	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_tr.dll
2014-11-07 07:35:15	4FB95AB9919513800E588D89E88DFD9F	207120	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_zhTW.dll
2014-11-07 07:35:15	48E9769B89A0BF89B69AB813B860FEB2	362768	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_sk.dll
2014-11-07 07:35:15	20B36993C2D6E6CC28B03A0E2D04457F	382224	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_vi.dll
2014-11-07 07:35:14	FCA18CA2F228C1CC5D898E5AF8931586	356624	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_cs.dll
2014-11-07 07:35:14	FC387D6979BD76253A8B8067C2395ADD	303888	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_he.dll
2014-11-07 07:35:14	BFCB375315604B13F30F3FAEC70F9E3F	387344	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_ro.dll
2014-11-07 07:35:14	B77ACCDE8470D9237F3B6009FB48285F	331536	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_ar.dll
2014-11-07 07:35:14	98B67034002B8182E1434051975472CE	373008	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_bg.dll
2014-11-07 07:35:14	88531DB4860A90F0077CE36DA71A4108	406800	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_el.dll
2014-11-07 07:35:14	8820D43A8DE88327A51FE7ACA867D433	375568	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_lt.dll
2014-11-07 07:35:14	81F6AC89AE9EFEECD4122BC682C18DF6	246032	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_ja.dll
2014-11-07 07:35:14	70431F1D562FC5E52CDDA0175625DD5D	122128	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\outlook\TeamViewerMeetingAddinShim.dll
2014-11-07 07:35:14	6C47A8F5E3218DB5E62973805163E200	243472	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_ko.dll
2014-11-07 07:35:14	6B20BD25A6A3F461FEA710BFC88DAC57	376592	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_hu.dll
2014-11-07 07:35:14	6450FC4F06F9F32C8853A827423D4EC3	353552	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_fi.dll
2014-11-07 07:35:14	562FA8421D610B281D9E6EDBD46DDE8F	373520	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_pl.dll
2014-11-07 07:35:14	55004BC4101C4501DB0C55529A382309	146704	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\outlook\TeamViewerMeetingAddinShim64.dll
2014-11-07 07:35:14	4BE28575F51793C7E6BDAA60E0FDE7CA	348432	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_no.dll
2014-11-07 07:35:14	36EA7B0D9E1953600058DD3B8804F64E	356624	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_id.dll
2014-11-07 07:35:14	1670B4892CC9085351A22821CE4EA235	365328	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_hr.dll
2014-11-07 07:35:13	FAF1DC273D5EEB78FFFAE7DFAD3262DC	11536	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\outlook\ManagedAggregator.dll
2014-11-07 07:35:13	40D168A585DE4A1C5DD3673B74669FA2	321808	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\outlook\TeamViewerMeetingAddIn.dll
2014-11-06 12:28:42	FA67913B78E7C7D5195CC53EA09994A4	3052304	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_StaticRes.dll
2014-11-06 12:28:42	7B5F5058499274D42F2F519AB34046BF	368400	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_pt.dll
2014-11-06 12:28:42	65355863C2A4C3462A09F9574E07F93E	347920	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_sv.dll
2014-11-06 12:28:42	62A22CF67F0B27FC1219F2D7469E6AAB	373520	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_nl.dll
2014-11-06 12:28:42	4CED559981E38EB824B4281FB32118CB	246544	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\tv_w32.dll
2014-11-06 12:28:42	24A4E0AA22EF8B91651023E7E6C0A8E3	271632	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\tv_x64.dll
2014-11-06 12:28:41	FB34E438DBA813CD85347ACC7AFE38E3	383760	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_de.dll
2014-11-06 12:28:41	C6ED02AF463750060F3FBE558FFEBEFC	380176	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_es.dll
2014-11-06 12:28:41	BAD7DE5FBB5C85D5F71D7ED09A6F0478	346896	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_en.dll
2014-11-06 12:28:41	694243C38B1327120F890E44E94B24AD	382224	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_it.dll
2014-11-06 12:28:41	68CA63A0880FEFC1B4845D4826F69985	398096	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_fr.dll
2014-11-06 12:28:41	4E1D995188FEC39438C0331C17BC43D6	349968	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Resource_da.dll
2014-11-06 12:28:40	8C8E7948B3940BC2987D06D633DF4AEA	264464	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\tv_x64.exe
2014-11-06 12:28:40	83DE0CC30F2E7F7108F550AEBDDCE4C7	229648	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\tv_w32.exe
2014-11-06 12:28:40	56A04933B617CA7A12D1629C4BA9B48C	585144	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\uninstall.exe
2014-11-06 12:28:40	4ACFC5853A3F0C6C2F54E537C23EE90F	4799760	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Service.exe
2014-11-06 12:28:39	DE8E8FA274122C38CE0A7ED291177759	4812048	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_Desktop.exe
2014-11-06 12:28:36	12220BA871C6D7BAE08FFDD137BAB697	13559056	----a-w-	C:\Users\Anke\AppData\Local\Temp\TeamViewer\Version9\TeamViewer.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2014-11-19 16:07:47	ADFB31FA72AFE0298A60BF4AC1045A42	550912	----a-w-	C:\Windows\System32\kerberos.dll
2014-11-19 16:07:47	98B3C919C6B9C5F810FF2CAFA339822B	186880	----a-w-	C:\Windows\System32\pku2u.dll
2014-11-18 09:49:15	EDA54D2E17C0271D2CDA946ABE344110	571904	----a-w-	C:\Windows\System32\oleaut32.dll
2014-11-18 09:49:07	5FDBDEECA34E73325D87C5ACD16A3EEC	701440	----a-w-	C:\Windows\System32\IMJP10K.DLL
2014-11-18 09:49:00	CB55B9AAB060C803BE4AD229AA0FEC28	2363904	----a-w-	C:\Windows\System32\msi.dll
2014-11-18 09:48:32	537184E7306E06BB22C5B93D2AFA4DF8	1237504	----a-w-	C:\Windows\System32\msxml3.dll
2014-11-18 09:48:32	09FA271EE1F9AD68B2D1C1C210F4B71F	2048	----a-w-	C:\Windows\System32\msxml3r.dll
2014-11-18 09:48:29	F4157B3CECF19B1C266C83AFF051C97A	475136	----a-w-	C:\Windows\System32\audiosrv.dll
2014-11-18 09:48:29	8D338464B851DDD76E2B876A3E09EB70	442880	----a-w-	C:\Windows\System32\AUDIOKSE.dll
2014-11-18 09:48:28	FD79B005E849DF3D7E9B5EB7A637C528	374784	----a-w-	C:\Windows\System32\AudioEng.dll
2014-11-18 09:48:28	639B0199F4D995CD63D7328799A92B57	275968	----a-w-	C:\Windows\System32\EncDump.dll
2014-11-18 09:48:27	AA7325057A1E1CC401798C0B1238E182	195584	----a-w-	C:\Windows\System32\AudioSes.dll
2014-11-18 09:48:25	F6AF80581A85F657CFCD8ADC7ED0B3DA	2379264	----a-w-	C:\Windows\System32\win32k.sys
2014-11-18 09:48:17	8FE6AB488ECDC60930CE973A7051B0D4	221184	----a-w-	C:\Windows\System32\ncrypt.dll
2014-11-18 09:48:17	8CFAEFCD7F1E004950FCAE870A501B3E	248832	----a-w-	C:\Windows\System32\schannel.dll
2014-11-18 09:48:16	B580A6B9932669DE703001AEE66D5BB1	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2014-11-18 09:48:16	9CEA80FFC617E6B6DD7B52E6225C0D38	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2014-11-18 09:48:16	37BC079204BF9B087D6DE6B728908B4B	172032	----a-w-	C:\Windows\System32\wdigest.dll
2014-11-18 09:48:15	8205E55DFB11809E5F2AAD1C48840535	17408	----a-w-	C:\Windows\System32\credssp.dll
2014-11-18 09:47:56	B1C9CACC1E667E4C6FC0AFC15474035C	203776	----a-w-	C:\Windows\System32\aepdu.dll
2014-11-18 09:47:56	AB6F34F32648142224856F2159FF08BA	254464	----a-w-	C:\Windows\System32\generaltel.dll
2014-11-18 09:47:55	BC322704472B89D2C48C9B525FE7AD90	302592	----a-w-	C:\Windows\System32\aeinv.dll
2014-11-18 09:47:53	0F39AC3274312EFFD03928291E8BA7CA	67584	----a-w-	C:\Windows\System32\packager.dll
2014-11-18 09:47:48	FCFD4F50419B4BC72E80066DA10D2E54	523776	----a-w-	C:\Windows\System32\termsrv.dll
2014-11-18 09:47:48	980EEEE8815DA7593708774D1225BD35	681984	----a-w-	C:\Windows\System32\adtschema.dll
2014-11-18 09:47:47	9AB39ADD28C7C1A685B1EA8C6A25CF08	146432	----a-w-	C:\Windows\System32\msaudite.dll
2014-11-18 09:47:47	1D4B52E5F3FD3875A5B3B6296F2BEB11	1059840	----a-w-	C:\Windows\System32\lsasrv.dll
2014-11-18 09:45:31	843BD9DAF03ABB6761DEE6D155301F28	60416	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-18 09:45:31	7760760CDC8BC42644A8F641BD64E496	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-11-18 09:45:31	5D5640C34C4A97467F77489DBB157568	47616	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2014-11-18 09:45:30	6E0CFB5D1EF8A193A77364BE460A621E	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-18 09:45:29	FB56C76FEA44693752BD99D7D9930ABA	341168	----a-w-	C:\Windows\System32\iedkcs32.dll
2014-11-18 09:45:29	B6273619A3DF28F03B64E911E45A6AB2	30720	----a-w-	C:\Windows\System32\iernonce.dll
2014-11-18 09:45:29	17AF9A2CB9971C95245754BD5F8BC79C	683008	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-11-18 09:45:28	4772DB007FFBD4BBE3F526704BCA67FE	1310208	----a-w-	C:\Windows\System32\urlmon.dll
2014-11-18 09:45:27	8A46404AC1AEB22AA2D4C906D0FC86C2	620032	----a-w-	C:\Windows\System32\jscript9diag.dll
2014-11-18 09:45:27	6DDC0F44A70976C492CB1666BA9A7912	47104	----a-w-	C:\Windows\System32\jsproxy.dll
2014-11-18 09:45:27	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-11-18 09:45:26	A1A2EE55A2C69F79AED00973E604B9C4	418304	----a-w-	C:\Windows\System32\dxtmsft.dll
2014-11-18 09:45:26	5E01004CBC35A78FE2AB4016CCAD4760	708096	----a-w-	C:\Windows\System32\ieapfltr.dll
2014-11-18 09:45:26	26EE6C9780A8FC872C60F9E35D7EBD4B	688640	----a-w-	C:\Windows\System32\msfeeds.dll
2014-11-18 09:45:25	5972510EF1C6097D9C14C17387A5EDB2	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2014-11-18 09:45:24	7748B3DDDC92C7FC11F7462DB872E8E7	2051072	----a-w-	C:\Windows\System32\inetcpl.cpl
2014-11-18 09:45:23	19D68FDEE62519C5A0387EB4E88A01EF	62464	----a-w-	C:\Windows\System32\iesetup.dll
2014-11-18 09:45:23	139E85C4E5DF322AE1BF6544D8C32B0A	168960	----a-w-	C:\Windows\System32\msrating.dll
2014-11-18 09:45:21	E31840C3603948EDE6D9F97C617E8E0A	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2014-11-18 09:45:21	6DD7D61A8EF3DFEC4FAEFEB395E77424	1892864	----a-w-	C:\Windows\System32\wininet.dll
2014-11-18 09:45:19	66F4FFDBCD501260ABC198317D2B0D10	285696	----a-w-	C:\Windows\System32\dxtrans.dll
2014-11-18 09:45:18	8585BC27224F97458C186AA085B754A7	478208	----a-w-	C:\Windows\System32\ieui.dll
2014-11-18 09:45:17	36EE0A2A981617610F921BCBB997DB06	12819456	----a-w-	C:\Windows\System32\ieframe.dll
2014-11-18 09:45:15	A6E51BDCB8F4B84E874F918F0452763D	76288	----a-w-	C:\Windows\System32\mshtmled.dll
2014-11-18 09:45:14	755D0A90CFC4BCB178D7070B0351F0AE	64000	----a-w-	C:\Windows\System32\MshtmlDac.dll
2014-11-18 09:45:14	4169C6A6613856D69224498620F0C2B5	1155072	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2014-11-18 09:45:13	FA310BD4A5DE904445DDDE54C5A654F2	2277376	----a-w-	C:\Windows\System32\iertutil.dll
2014-11-18 09:45:07	93074C4FA92A8399404D032F6AF72C1B	19781632	----a-w-	C:\Windows\System32\mshtml.dll
2014-11-18 09:45:05	9ED3132B7F0D36FA9911721E8B2CB968	501248	----a-w-	C:\Windows\System32\vbscript.dll
2014-11-18 09:45:04	AE39939F1E25401B9A4952A7A8D372AC	4298240	----a-w-	C:\Windows\System32\jscript9.dll
2014-11-08 02:05:50	54540EFB081D4960B5AE3E9F6BFB59A5	2744320	----a-w-	C:\Windows\System32\rdpcorets.dll
2014-11-08 02:05:24	0C9988BDA3CEC3C421B773982C5E2EC6	5703168	----a-w-	C:\Windows\System32\mstscax.dll
2014-11-08 00:30:59	F70CE04DD355A61DB6FE1B19540CF2F5	13824	----a-w-	C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-11-07 10:00:57	3228AB5F8652EAABFF3C5FC7FD0F603A	221184	----a-w-	C:\Windows\System32\rdpudd.dll
2014-11-07 10:00:56	8999F18D38D55E34D356796507FFD639	192000	----a-w-	C:\Windows\System32\rdpendp_winip.dll
2014-11-07 09:58:49	F37167FCDB661FD4B54CAD4755ABDD61	32256	----a-w-	C:\Windows\System32\TsUsbGDCoInstaller.dll
2014-11-07 09:58:30	D60E27D4BD5A91FCD17D2CB27F86738E	12800	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-07 09:58:07	AB5EFB103DB01C1912C9D2F545EA5621	17920	----a-w-	C:\Windows\System32\wksprtPS.dll
2014-11-07 09:58:07	A90F47CDCC0898733596B5070039FC15	14336	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-07 09:58:06	2EFB1279E7BEA7D12D9F4D6508D27880	50176	----a-w-	C:\Windows\System32\MsRdpWebAccess.dll
2014-11-07 09:58:05	8DEEE20D8D30E9B0FBDCA31E58A027BD	53248	----a-w-	C:\Windows\System32\tsgqec.dll
2014-11-07 09:58:03	AF40D823F3B03C7899AEF2293F84D0D7	76288	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2014-11-07 09:58:03	5E676B296B762E211D83B87635F2C330	855552	----a-w-	C:\Windows\System32\rdvidcrl.dll
2014-11-07 09:58:02	0FC6922517964E9D90DE84DC86F63E40	350208	----a-w-	C:\Windows\System32\wksprt.exe
2014-11-07 09:58:00	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\System32\mstsc.exe
====== C:\Windows\system32\drivers =====
2014-11-18 09:47:47	1E1845606C5A4579F7F3D95796CC1ED1	136632	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-11-07 10:01:54	65375DF758CA1872AB7EBBBA457FD5E6	14848	----a-w-	C:\Windows\System32\drivers\rdpvideominiport.sys
2014-11-07 09:58:20	C6A5FBD4977305E1FA23E02C042DB463	49152	----a-w-	C:\Windows\System32\drivers\TsUsbFlt.sys
====== C:\Windows\Tasks ======
2014-11-20 10:24:04	6B9F2A7E978F8C023D157B6C9BBA4939	3116	----a-w-	C:\Windows\system32\Tasks\{14BF49C4-428E-42F0-B9E9-6473FC80EF5F}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-11-20 07:19:41	--------	d-----w-	C:\Program Files\Common Files\Java
2014-11-06 20:44:10	--------	d-----w-	C:\Program Files\ClamWin
2014-11-06 09:49:09	--------	d-----w-	C:\Program Files\LibreOffice 4
2014-11-06 08:23:26	--------	d-----w-	C:\Program Files\Kingsoft
======= C: =====
====== C:\Users\Anke\AppData\Roaming ======
2014-11-06 20:44:54	--------	d-----w-	C:\Users\Anke\AppData\Roaming\.clamwin
2014-11-06 12:29:06	--------	d-----w-	C:\Users\Anke\AppData\Roaming\TeamViewer
2014-11-06 09:59:17	--------	d-----w-	C:\Users\Anke\AppData\Roaming\LibreOffice
2014-11-06 08:26:42	--------	d-----w-	C:\Users\Anke\AppData\Local\Kingsoft
2014-11-06 08:23:15	--------	d-----w-	C:\Users\Anke\AppData\Roaming\Kingsoft
====== C:\Users\Anke ======
2014-11-20 07:12:35	3A582BF6FD39DC6A52AAF316126B40BA	638888	----a-w-	C:\Users\Anke\Desktop\chromeinstall-8u25.exe
2014-11-19 20:35:05	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Anke\Desktop\RSIT.exe
2014-11-07 10:07:23	DE24D1197C268C68334F02A6A271FA1B	2480784	----a-w-	C:\Users\Anke\Desktop\SIWPortable_2011.10.29.paf.exe
2014-11-06 20:44:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus
2014-11-06 20:44:10	--------	d-----w-	C:\ProgramData\.clamwin
2014-11-06 09:57:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3

====== C: exe-files ==
2014-11-20 07:19:10	75D477E868CA51EC1B09D730570F322B	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2014-11-20 07:19:10	691D49FB44EDE9788288CABE4F7E0DAF	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2014-11-20 07:19:09	AA3520FB0133A56BEE1DB34D74DBEF64	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2014-11-20 07:18:54	67F763B09F4BC8689E6FA9761E068D74	159656	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\unpack200.exe
2014-11-20 07:18:53	DC197DCE6325CBAC905DE0D0E3BA3E8E	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\rmid.exe
2014-11-20 07:18:53	57E1F756FAA787623DFCD2C1B2AACC68	51112	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\ssvagent.exe
2014-11-20 07:18:53	33D2AF53E209DA3E2BA939EB89801DC0	16296	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\rmiregistry.exe
2014-11-20 07:18:53	29E65AC6AFD8A0A9CAA361FF6F7B4886	16296	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\servertool.exe
2014-11-20 07:18:53	28FC00F89631B0F6E1E9CA386FADD566	16296	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\tnameserv.exe
2014-11-20 07:18:52	E3E6B18458FFB07CB24D7A0BA77C9FDF	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\pack200.exe
2014-11-20 07:18:52	7AB1F1B3FB6C3DACA34EA2F988CDF5AC	16296	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\orbd.exe
2014-11-20 07:18:52	75EE99C7F0038C746D82C76221ECA4EF	16296	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\policytool.exe
2014-11-20 07:18:52	4109C4DB4BD48F5BF8115C7523A6B6F8	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\klist.exe
2014-11-20 07:18:52	26C7F32186B1F0364CD06EA69227A79D	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\ktab.exe
2014-11-20 07:18:51	B719E0F43166037DF46B5CFBE60A5118	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\jjs.exe
2014-11-20 07:18:51	A458E2535E46151690E53E2A03FAA711	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\keytool.exe
2014-11-20 07:18:51	9BFAEF308D50779F6B255CB7BA7DCA5A	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\kinit.exe
2014-11-20 07:18:51	4367C05B0CF5553E71B34F51003D0615	76200	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\jp2launcher.exe
2014-11-20 07:18:50	75D477E868CA51EC1B09D730570F322B	176552	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
2014-11-20 07:18:50	70E67429D2C011FD0419AF899A8D0D70	68520	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe
2014-11-20 07:18:50	691D49FB44EDE9788288CABE4F7E0DAF	272296	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe
2014-11-20 07:18:49	BB8C890E3E6372F2720709262BD42BF4	30632	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\jabswitch.exe
2014-11-20 07:18:49	AA3520FB0133A56BEE1DB34D74DBEF64	176552	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\java.exe
2014-11-20 07:18:49	74713E9C1B01B152DDD3A1A3519A3647	15784	----a-w-	C:\Program Files\Java\jre1.8.0_25\bin\java-rmi.exe
2014-11-20 07:12:35	3A582BF6FD39DC6A52AAF316126B40BA	638888	----a-w-	C:\Users\Anke\Desktop\chromeinstall-8u25.exe
2014-11-19 20:35:05	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Anke\Desktop\RSIT.exe
2014-11-18 09:49:05	7EEB4D2A17421D337F970FB5C3B24410	106496	----a-w-	C:\Windows\System32\IME\IMEJP10\imjpuexc.exe
2014-11-18 09:47:56	5EDB363A2B6FC9899116656337F84463	42664	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2014-11-18 09:47:55	94972E1B98CA7277C41CD3579509C014	138912	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-11-18 09:45:31	7760760CDC8BC42644A8F641BD64E496	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-11-18 09:45:30	6E0CFB5D1EF8A193A77364BE460A621E	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-18 09:45:29	B569522A58F9B53B20D16516D26E0DD8	221184	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-11-18 09:45:29	17AF9A2CB9971C95245754BD5F8BC79C	683008	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-11-18 09:45:27	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-11-18 09:45:24	B5724D61C7CB3FC9BACD9F8E58A77A03	468992	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-18 09:45:22	591C6FD1541BAFAEEE82B1F5831C8532	815280	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
=== C: other files ==
2014-11-20 07:18:54	CE44A9D4918DCDC7CCCF5503BF4D7A3D	14130	----a-w-	C:\Program Files\Java\jre1.8.0_25\lib\deploy\ffjcext.zip
2014-11-18 09:48:25	F6AF80581A85F657CFCD8ADC7ED0B3DA	2379264	----a-w-	C:\Windows\System32\win32k.sys
2014-11-18 09:47:47	1E1845606C5A4579F7F3D95796CC1ED1	136632	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-766547166-3330058944-3535508039-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:/Program Files/Media Freeware/Free Youtube To Video Converter/Free Youtube To Video Converter.exe"="C:\Program Files\Media Freeware\Free Youtube To Video Converter\Free Youtube To Video Converter.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Adobe Creative Cloud"="C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"
"ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe --logon"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:/Program Files/Media Freeware/Free Youtube To Video Converter/Free Youtube To Video Converter.exe"="C:\Program Files\Media Freeware\Free Youtube To Video Converter\Free Youtube To Video Converter.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"item"="McAfee Security Scan Plus"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"
"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\MCAFEE~1\\307523~1.318\\SSSCHE~1.EXE"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18/11/2014 11:17]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20/10/2014 00:29]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20/10/2014 00:29]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe online update program" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Zot_geval-Anke" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\system32\tasks\NCH Software\VideoPadDowngrade" [C:\Program Files\NCH Software\VideoPad\videopad.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"faststartff@gmail.com"="C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\faststartff@gmail.com" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default
64C4ADE063A9C93D3BAE09922AD90C27	- C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
446BCAE59E26321802E000FC3E0C390A	- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
B36641D2192E1E537A269FEFEA47F1FD	- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll -	AdobeAAMDetect
BBF0479C2D30519A2E746D12CAE54B43	- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 7 U71
7ED046C92891B83CFAC5238650B6CD5E	- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll -	AdobeAAMDetect
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\system32\npmproxy.dll -	Microsoft® Windows® Operating System


==== Fake Chromium Profiles Check ======================

Fake profile C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22]

easytoshop - Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpeealnodffohflcegaadmeohennfjbn
Skype Click to Call - Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
OpenBook It - Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlgeajkpagegaanjcffndokbmifddcdn
Docs - Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.yahoo.be/",
"startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1415263302&from=cor&uid=ST380013AS_3JVDABXY" ],


==== Chromium Fix ======================

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage-journal deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage-journal deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_govome.inspsearch.com_0.localstorage deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_govome.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpeealnodffohflcegaadmeohennfjbn deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlgeajkpagegaanjcffndokbmifddcdn deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mlgeajkpagegaanjcffndokbmifddcdn_0.localstorage deleted successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mlgeajkpagegaanjcffndokbmifddcdn_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7NDKB_en"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Users\Anke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Anke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=457 folders=114 200203980 bytes)

==== Empty Temp Folders ======================

C:\Users\Anke\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Anke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on do 20/11/2014 at 12:03:15.24 ======================