Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Brenda on vr 24/07/2015 at 16:21:20,73. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Brenda\Contacts\Downloads\zoek (2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 24/07/2015 16:25:40 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\PROGRA~3\Soulseek deleted successfully ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3948 MB CPU Info: Intel(R) Celeron(R) CPU B800 @ 1.50GHz CPU Speed: 1496,5 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 720 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR5B97 Wireless Network Adapter CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8B0 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 445,7GB Hard Disks - Free: C: 321,3GB Manufacturer *: Packard Bell BIOS Info: AT/AT COMPATIBLE | 09/07/11 | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Packard Bell SJV50_HR Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton AntiVirus On-access scanning disabled (Outdated) Anti-Virus: AVG AntiVirus 2015 On-access scanning disabled (Outdated) Anti-Spyware: Norton AntiVirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus 2015 disabled (Outdated) Default Browser: Google Chrome 44.0.2403.89 Internet Explorer Version: 10.0.9200.17377 Google Chrome version: 44.0.2403.89 Adobe Reader version: 11.0.12.18 Shockwave Player version: 12.0.7r148 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Brenda\AppData\Local\Temp ==== 2015-07-23 08:23:58 EEFEB67026D892A1B4AE422027B9702D 185160 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\psmachine.dll 2015-07-23 08:23:58 87FA54DFF97E242DF939D080CC20D529 215368 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\psuser_64.dll 2015-07-23 08:23:58 7944219A5413F91883658529D903D68F 215368 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\psmachine_64.dll 2015-07-23 08:23:58 553E407F0CF87A9EF6E120F0B0C6C826 185160 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\psuser.dll 2015-07-23 08:23:58 1F352B5944AF5C2204D9EFF7F845C5AF 593224 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\npGoogleUpdate3.dll 2015-07-23 08:23:57 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateComRegisterShell64.exe 2015-07-23 08:23:57 D941FE54FC0617C95D0A5388C356FF97 45056 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateHelper.msi 2015-07-23 08:23:57 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateOnDemand.exe 2015-07-23 08:23:57 D1D5FD51E89F0E15756DECFA603BFFC9 1683272 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\goopdate.dll 2015-07-23 08:23:57 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdate.exe 2015-07-23 08:23:57 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateSetup.exe 2015-07-23 08:23:57 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateWebPlugin.exe 2015-07-23 08:23:57 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleCrashHandler64.exe 2015-07-23 08:23:57 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateBroker.exe 2015-07-23 08:23:57 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleCrashHandler.exe ====== Java Cache ===== 2015-07-14 08:24:22 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Brenda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1c3ae8ef 2015-07-17 13:41:14 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Brenda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-3c04c093 2015-07-17 13:41:12 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Brenda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-472fd6c9 2015-07-14 08:24:20 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Brenda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-62a96f72 ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-06-26 07:49:10 E3DC1089EDAD57F5279804167E6142E9 293296 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys ====== C:\Windows\Tasks ====== 2015-07-24 07:18:43 BE160D9A096CC61F127326FDA647FFD6 2728 ----a-w- C:\Windows\Sysnative\Tasks\AVG-Secure-Search-Update_0715tb_RML 2015-07-24 07:18:43 A25D3566B89C0C259EA354F3C595D1F4 342 ----a-w- C:\Windows\Tasks\AVG-Secure-Search-Update_0715tb_RML.job 2015-07-24 07:17:59 DB7B0FCA69DF6DD63186410740CC8661 2646 ----a-w- C:\Windows\Sysnative\Tasks\AVG-Secure-Search-Update_0715tb_rel 2015-07-24 07:17:58 6391D73FF4265D39ECD23407B18EA142 354 ----a-w- C:\Windows\Tasks\AVG-Secure-Search-Update_0715tb_rel.job 2015-06-30 11:45:19 D9EB7615F17A73E8E8679F5051C618D7 2624 ----a-w- C:\Windows\Sysnative\Tasks\GlaryInitialize 4 2015-06-30 11:45:19 8DCB120D53302D5B91499C5FA3E4735B 324 ----a-w- C:\Windows\Tasks\GlaryInitialize 4.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-07-01 11:35:18 -------- d-----w- C:\Program Files\Common Files\AV 2015-06-27 19:20:44 -------- d-----w- C:\Program Files\VDownloader ======= C:\PROGRA~2 ===== 2015-07-02 07:34:29 -------- d-----w- C:\PROGRA~2\COMMON~1\AVG Secure Search 2015-07-02 07:34:05 -------- d-----w- C:\PROGRA~2\AVG Web TuneUp 2015-06-30 11:45:06 -------- d-----w- C:\PROGRA~2\Glary Utilities 4 2015-06-27 18:43:57 -------- d-----w- C:\PROGRA~2\BearShare Applications ======= C: ===== ====== C:\Users\Brenda\AppData\Roaming ====== 2015-07-23 07:04:33 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg 2015-07-18 09:45:51 -------- d-----w- C:\Users\Brenda\AppData\Local\CEF 2015-07-04 10:19:17 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software 2015-07-04 10:19:17 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software 2015-07-04 10:17:17 -------- d-----w- C:\Users\Brenda\AppData\Local\Avg 2015-07-02 07:34:55 -------- d-----w- C:\Users\Brenda\AppData\Local\AVG Web TuneUp 2015-07-02 07:34:53 -------- d-----w- C:\Users\Brenda\AppData\Locallow\AVG Web TuneUp 2015-07-02 07:34:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp 2015-07-01 11:35:41 -------- d-----w- C:\Users\Brenda\AppData\Roaming\AVG2015 2015-07-01 11:35:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-07-01 11:35:04 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2015-07-01 11:33:50 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2015-07-01 11:31:08 -------- d-----w- C:\Users\Brenda\AppData\Local\Avg2015 2015-06-27 19:21:36 -------- d-----w- C:\Users\Brenda\AppData\Locallow\VDownloader 2015-06-27 19:21:20 -------- d-----w- C:\Users\Brenda\AppData\Roaming\VDownloader 2015-06-27 19:20:53 -------- d-----w- C:\Users\Brenda\AppData\Local\VDownloader 2015-06-27 19:19:45 -------- d-----w- C:\Users\Brenda\AppData\Roaming\sweet-page ====== C:\Users\Brenda ====== 2015-07-23 08:13:21 -------- d-----w- C:\Users\Public\Documents\sun 2015-07-23 08:11:36 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4 2015-07-02 07:34:32 -------- d-----w- C:\ProgramData\AVG Secure Search 2015-07-02 07:34:27 -------- d-----w- C:\ProgramData\AVG Web TuneUp 2015-07-01 11:35:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-07-01 11:34:28 -------- d-----w- C:\ProgramData\AVG2015 2015-06-30 11:45:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4 2015-06-27 19:20:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader ====== C: exe-files == 2015-07-24 07:17:34 9453F659823154F0C0E7D1DF7840572E 2484112 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.8.0\ScriptHelper.exe 2015-07-24 07:17:31 38E739B52CBAEFE78CC31DAACA541DBF 1874320 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe 2015-07-24 07:17:31 0ACCB81916A1C1A1925A7FAFFE77275D 168336 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe 2015-07-23 08:24:21 5F9D66C40F1F81B5EA4517C836007A22 42960976 ----a-w- C:\Program Files (x86)\Google\Update\Install\{FABD0899-DC56-4B19-A983-3C19A2053C29}\44.0.2403.89_chrome_installer.exe 2015-07-23 08:24:18 5F9D66C40F1F81B5EA4517C836007A22 42960976 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.89\44.0.2403.89_chrome_installer.exe 2015-07-23 08:23:57 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateComRegisterShell64.exe 2015-07-23 08:23:57 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateOnDemand.exe 2015-07-23 08:23:57 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdate.exe 2015-07-23 08:23:57 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateSetup.exe 2015-07-23 08:23:57 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateWebPlugin.exe 2015-07-23 08:23:57 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleCrashHandler64.exe 2015-07-23 08:23:57 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleUpdateBroker.exe 2015-07-23 08:23:57 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Users\Brenda\AppData\Local\Temp\{7A0BB816-4888-4855-84C0-289A882ADC87}\GoogleCrashHandler.exe 2015-07-23 06:02:23 0CEED1D533CAE0741D56D83AB5CB004F 1525064 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_CA8A7236098B8F9A.exe 2015-07-23 06:02:17 71FF025C24EA6E0FC972427208B7AF9D 1105864 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_D6EBD55792EF3063.exe 2015-07-23 06:00:58 7D2D1E575711AF3C4340304F4A78E35A 532312 ----a-w- C:\Program Files (x86)\Google\Update\Install\{69E1EEA0-0D0B-4339-99CF-C20777EBF59C}\GoogleToolbarInstaller_updater_signed.exe 2015-07-23 06:00:58 7D2D1E575711AF3C4340304F4A78E35A 532312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6710.2136\GoogleToolbarInstaller_updater_signed.exe 2015-07-22 21:16:50 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe 2015-07-22 21:16:44 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe 2015-07-22 21:16:42 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe 2015-07-22 21:13:50 E33A0AB793722DAD14490815A1B44E78 25512 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe 2015-07-22 21:13:50 D52765E58BD45144429844CC8052FA94 71592 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe 2015-07-22 21:13:50 81045CC5E4303B048A74B95FBF8935E5 24488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe 2015-07-22 21:13:49 8B6D4826F7F797CF55233246BD09B918 6822672 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe 2015-07-22 21:13:36 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe 2015-07-22 21:10:52 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe 2015-07-22 21:10:43 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe 2015-07-22 21:10:37 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe 2015-07-22 21:09:51 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe 2015-07-22 21:09:44 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{82FD51F0-C56F-40FE-9F71-22B09D6FB5D3}\GoogleUpdateSetup.exe 2015-07-22 21:09:43 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe 2015-07-18 11:52:49 7D2D1E575711AF3C4340304F4A78E35A 532312 ----a-w- C:\Program Files (x86)\Google\Update\Install\{F723BDCB-CADC-4CFE-A8BF-C34CDB17D67E}\GoogleToolbarInstaller_updater_signed.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1317670609-1908533779-1924947057-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "AVG-Secure-Search-Update_0715tb"="C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe /PROMPT /CMPID=0715tb " [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "AVG-Secure-Search-Update_0715tb"="C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe /PROMPT /CMPID=0715tb " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CsrHCRPServer"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe" "CsrAudioguiCtrl"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe" "CsrSyncMLServer"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe" "vksts"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe" "HarmonyUserStartup"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe" "CSRHarmonySkypePlugin"="C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe" "VDownloader"="C:\Program Files\VDownloader\VDownloader4.exe /silent" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWBMOUSE] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LWBMOUSE" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Browser Mouse\\Browser Mouse\\1.0\\lwbwheel.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Power Management] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Power Management" "hkey"="HKLM" "command"="C:\\Program Files\\Packard Bell\\Packard Bell Power Management\\ePowerTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Mobile Device Center" "hkey"="HKLM" "command"="%windir%\\WindowsMobile\\wmdc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk" "backup"="C:\\Windows\\pss\\Microsoft Office.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\MICROS~4\\Office10\\OSA.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Brenda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk] "path"="C:\\Users\\Brenda\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.4.1.lnk" "backup"="C:\\Windows\\pss\\OpenOffice.org 3.4.1.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE " "item"="OpenOffice.org 3.4.1" ==== Startup Folders ====================== 2014-11-16 17:31:38 1903 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [23/07/2015 08:00] C:\Windows\tasks\AVG-Secure-Search-Update_0715tb_rel.job --a------ C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe [24/07/2015 09:17] C:\Windows\tasks\AVG-Secure-Search-Update_0715tb_RML.job --a------ C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe [24/07/2015 09:17] C:\Windows\tasks\AVG_SYS_TASK_0715tb_DELETE.job --a------ C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe [24/07/2015 09:17] C:\Windows\tasks\GlaryInitialize 4.job --a------ C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [14/04/2014 10:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/10/2013 20:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/10/2013 20:41] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\SysNative\tasks\AVG-Secure-Search-Update_0715tb_rel" [C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe] "C:\Windows\SysNative\tasks\AVG-Secure-Search-Update_0715tb_RML" [C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe] "C:\Windows\SysNative\tasks\AVG_SYS_TASK_0715tb_DELETE" [C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GlaryInitialize 4" [C:\Program Files (x86)\Glary Utilities 4\Initialize.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\NBAgent" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\WSCStub.exe"] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1317670609-1908533779-1924947057-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1317670609-1908533779-1924947057-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{29BAA485-4E4C-4A94-8407-443CD4812E93}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe] "C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [22/07/2015 22:43] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Brenda\AppData\Roaming\Thunderbird\Profiles\kv7be63f.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Brenda\AppData\Roaming\Mozilla\Firefox\Profiles\q98yifzs.default F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.89 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] efaidnbmnnnibpcajpcglclefindmkaj - No path found[] Google Docs - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Adobe Acrobat - Create PDF - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Motitags - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimekcmjahalpgniahhigkfichaihfkp MyFunCards - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkbnhlhcdndaamafgbelomapajcnjpde Chrome Web Store Payments - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Preferences late\":{},\"color\":{\"option\":[{\"is_default\":true,\"type\":\"STANDARD_COLOR\",\"vendor_id\":\"2\"},{\"type\":\"STANDARD_MONOCHROME\",\"vendor_id\":\"1\"}]},\"copies\":{},\"duplex\":{\"option\":[{\"is_default\":true,\"type\":\"NO_DUPLEX\"},{\"type\":\"LONG_EDGE\"},{\"type\":\"SHORT_EDGE\"}]},\"media_size\":{\"option\":[{\"custom_display_name\":\"Letter 22x28cm 8.5\\\"x11\\\"\",\"height_microns\":279400,\"name\":\"NA_LETTER\",\"vendor_id\":\"1\",\"width_microns\":215900},{\"custom_display_name\":\"Legal 22x36cm 8.5\\\"x14\\\"\",\"height_microns\":355600,\"name\":\"NA_LEGAL\",\"vendor_id\":\"5\",\"width_microns\":215900},{\"custom_display_name\":\"A5\",\"height_microns\":210000,\"name\":\"ISO_A5\",\"vendor_id\":\"11\",\"width_microns\":148000},{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},{\"custom_display_name\":\"B5\",\"height_microns\":257000,\"name\":\"JIS_B5\",\"vendor_id\":\"13\",\"width_microns\":182000},{\"custom_display_name\":\"10x15cm 4\\\"x6\\\"\",\"height_microns\":152400,\"name\":\"NA_INDEX_4X6\",\"vendor_id\":\"119\",\"width_microns\":101600},{\"custom_display_name\":\"13x18cm 5\\\"x7\\\"\",\"height_microns\":177800,\"name\":\"NA_5X7\",\"vendor_id\":\"121\",\"width_microns\":127000},{\"custom_display_name\":\"20x25cm 8\\\"x10\\\"\",\"height_microns\":254000,\"name\":\"NA_GOVT_LETTER\",\"vendor_id\":\"122\",\"width_microns\":203200},{\"custom_display_name\":\"L 89x127mm\",\"height_microns\":127000,\"vendor_id\":\"134\",\"width_microns\":89000},{\"custom_display_name\":\"2L 127x178mm\",\"height_microns\":178000,\"name\":\"NA_5X7\",\"vendor_id\":\"135\",\"width_microns\":127000},{\"custom_display_name\":\"Hagaki 100x148mm\",\"height_microns\":148000,\"name\":\"JPN_HAGAKI\",\"vendor_id\":\"43\",\"width_microns\":100000},{\"custom_display_name\":\"Hagaki 2 200x148mm\",\"height_microns\":200000,\"name\":\"JPN_OUFUKU\",\"vendor_id\":\"69\",\"width_microns\":148000},{\"custom_display_name\":\"Comm. Env. #10\",\"height_microns\":241300,\"name\":\"NA_NUMBER_10\",\"vendor_id\":\"20\",\"width_microns\":104700},{\"custom_display_name\":\"DL Env.\",\"height_microns\":220000,\"name\":\"ISO_DL\",\"vendor_id\":\"27\",\"width_microns\":110000},{\"custom_display_name\":\"Choukei 3 120x235mm\",\"height_microns\":235000,\"name\":\"JPN_CHOU3\",\"vendor_id\":\"73\",\"width_microns\":120000},{\"custom_display_name\":\"Choukei 4 90x205mm\",\"height_microns\":205000,\"name\":\"JPN_CHOU4\",\"vendor_id\":\"74\",\"width_microns\":90000},{\"custom_display_name\":\"Youkei 4 105x235mm\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Youkei 6 98x190mm\",\"height_microns\":190000,\"name\":\"NA_MONARCH\",\"vendor_id\":\"136\",\"width_microns\":98000}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"Canon MG3200 series Printer\",\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000}}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]www.fotofabriek.nl,*":{"setting":1}},"geolocation":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]www.roblox.com,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]www.fotofabriek.nl,*":{"fullscreen":1},"[*.]www.roblox.com,*":{"plugins":1}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"created_by_version":"36.0.1985.125","exit_type":"Crashed","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/s256-c/photo.jpg","gaia_info_update_time":"13082139478764087","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"savefile":{"default_directory":"C:\\Users\\Brenda\\Pictures","type":1},"selectfile":{"last_directory":"C:\\BluetoothExchangeFolder"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13051983844902046"},"spellcheck":{"dictionary":"nl"},"sync":{"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAeQSx7aIGbE6skqzjV5e+DwAAAAACAAAAAAAQZgAAAAEAACAAAAA08j4nipIeT51KMaw8CRcilPLKfXx+3Q/H2d/SILzZCQAAAAAOgAAAAAIAACAAAADoBNrX7plGaqACsTF9zy43UlM8O5Zs5jATCMZoklvIAEAAAAAxwJ4UhLIbwM7OJkZeLzPofUn+NdWajfdGPJmi7HR5cEaI2f3SXpyHoXWNAu3ne1Ijzhu5hAyMhSY318Fmd4AgQAAAAG66BY3RMrYviv+c5lCT8zCrbBH/41OsGMO3uE5bMyhpMPn4sDOB4o+Gdyq+6A/532ozL6XB2GnozhaZOlEL7xw=","extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"first_sync_time":"13054820378167734","has_setup_completed":true,"history_delete_directives":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAeQSx7aIGbE6skqzjV5e+DwAAAAACAAAAAAAQZgAAAAEAACAAAADqqZDJoJZqc0ZP2VAvpXMjYiEQBAlGW/vQujX4m3smYwAAAAAOgAAAAAIAACAAAADaLaHUn+bHoQtAl89y5B9TLqFKF4781Ew/3NcRhJbmZFAAAAALBghmlyFBsUDSlrH9n4dDVDav6j+1D1UDGFWMQhayTG0pB5kLwDcRynzSK4yVy/RJdcqTb5BoEadgziP9kbG+Mag1vMOeY0OBZjgSJYj4k0AAAACafjwfhun+fK6EUCE6zd32+Adax7rED9wqZynk9Ea8W8AdgxK0hKym0hfAN5DmLMEnwXecqjrmhRtZ4F+CBVrS","last_synced_time":"13082221400288343","managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":11,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_synctV0z/ZrYcFV4YV5dIe8uGQ==","sessions":true,"shutdown_cleanly":false,"suppress_start":false,"tabs":true,"themes":true,"typed_urls":true},"translate_accepted_count":{"en":0,"fr":0},"translate_blocked_languages":["es"],"translate_denied_count":{"en":17,"fr":1},"translate_denied_count_for_language":{"en":1},"translate_last_denied_time":1413536305167.747,"translate_last_denied_time_for_language":{"en":1437639913307.24},"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}} []},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13057177198373404","lastpingday":"13082194810780561","location":1,"manifest":{"chrome_settings_overrides":{"search_provider":{"alternate_urls":[],"encoding":"UTF-8","favicon_url":"http://www.default-search.net/images/favicon.ico","instant_url":"http://www.default-search.net/?sid=476&aid=100000&itype=n&src=hmp","instant_url_post_params":"","is_default":true,"keyword":"Default-Search","name":"Default-Search","search_url":"http://www.default-search.net/search?sid=476&aid=100000&itype=u&src=ds&p={searchTerms}","search_url_post_params":""},"startup_pages":["http://www.default-search.net/?sid=476&aid=100000&itype=n&src=hmp"]},"chrome_url_overrides":{"newtab":"newtab.html"},"description":"This extension gives you quick and easy access to search the internet","icons":{"128":"icon128.png","16":"icon16.png","48":"icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml/I0aBP2/JxC8vWNEkbBS2/3FmHlEQTqTOQoshPEFc3lP6Jh4R8ODxrbtHPxxDlDXhsN0Z/Kh8C4+dW3BDKbfrVxMpVHNeFUlEsjriPDTa4dvFKEku8mAXvlCpB0Xii9nX9qiESWrKYW+Tt+pt2KDKreYKka9mrkOcz9g88xSyU3mmVnFdVihZcAn1OPBGY/86Z/cZGXEOeonVg+mSkKCMKopNb4goQ2Y55JRhm2kHJuFrcorQ2EsagCY7U7KakJljN6unq2OUyLUtuYHG87NmziAHDt3BDwGIAPLGFAn5Dw4ll86wyPC2UDduTvKgjtehDy65kAZDQZqmwuH2+lwIDAQAB","manifest_version":2,"name":"Default-Search","permissions":["http://*/*","https://*/*","nativeMessaging","tabs","storage","management","webRequest","webRequestBlocking"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.3"},"path":"poimdfnhgefmnkeefbjibbiemlimdnof\\1.3_0","preferences":{"default_search_provider.enabled":true,"session.restore_on_startup":4,"session.startup_urls":["http://www.default-search.net/?sid=476&aid=100000&itype=n&src=hmp"]},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"account_id":"engelbewaarster@msn.com","last_username":"engelbewaarster@msn.com"}},"homepage":"http://www.google.be/","homepage_changed":true,"homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"EDE7A166BD5ABDF241501B1D1BE849DBE74F8067F563FFCF45288596AE7DCDBF"},"default_search_provider":{"keyword":"FB75FDA18EE1A489D065E8174CBFB95117F4C3BA60AA813EDF8290AC8F28E8B5","name":"F7C879B17660099D8E8450E19D24579B0C9E1B42451AAEBC3487B84399E17EE7","search_url":"01C687BDAD2DC5F993F8B3A16601C30C0D0A9EFF1C7548028BA8FB22FD935462"},"default_search_provider_data":{"template_url_data":"DF3E87278C6D9BF259697883AD9DF882646DF05AD3E4E870D26C4C17C25090FB"},"extensions":{"settings":{"aaaaafeopjhkcolncjbedbhofpocmdbn":"B76D07FAEB690B35CABADA0939C223E3A99B184BDC52E96A7A5A405E92C8F84D","ahfgeienlihckogmohjhadlkjgocpleb":"FAA6647873DFBF334E3B54E7B46CB5FF585C64F10A76FC17F7888F75B8CF67EC","aohghmighlieiainnegkcijnfilokake":"C9D6C3E166CB5A200779F8972B39BAC6FA5A7FFBE3834FE6E5831D9DDCF84527","apdfllckaahabafndbhieahigkjlhalf":"1E810EAF49F41E8AA544598F0A6F17901C88BE2AA6C8B8DB1029B028C986D8AD","bepbmhgboaologfdajaanbcjmnhjmhfn":"A23084C69AEBE155028C2B638B0EDDC99C438FE1CC131CBC8CD9CE027CB102DE","blpcfgokakmgnkcojhhkbfbldkacnbeo":"A03CC54FC7548F374B1FB7A85DEC9FDD42CA0E3F545ACE7C330E75D0D428A25A","coobgpohoikkiipiblmjeljniedjpjpf":"DBC6BCC2599BBDE0F0D07494730BD2E5F0E7B4E27A97DA41A6BEFA82CF5D04B1","eemcgdkfndhakfknompkggombfjjjeno":"177467BEE582E7DBD93FC1DD9C4BBF80FBAE3CD9AE5C7F74F3B3E5E613F3F85E","efaidnbmnnnibpcajpcglclefindmkaj":"51AD4C46AD3748545C90D3265DF01970E0A2BB9B0FA76D58B9B48AC500D1587E","ehjkfdmkpocpileolmldepapdjbfegei":"A303269B19ACA0465A19B1E6E9CB43DF4C9B7A0AE0F0D0B1C691616587E46BCD","ennkphjdgehloodpbhlhldgbnhmacadg":"C8A5C07EAE807839EA17F0EC494EE715F5EC60C089219B20750EFBB24CF82B6E","gfdkimpbcpahaombhbimeihdjnejgicl":"8EE10F5B5A2ECD5A30CB67D9A7FEE4151CC08354466536289E0758172CA9BF72","jimekcmjahalpgniahhigkfichaihfkp":"DAA2BA9F543B01AAED590B25B939A18AC1D2D7DAA04EA06E8FB6A6A15E80E30F","jkbnhlhcdndaamafgbelomapajcnjpde":"1CAD803BD5EE7F211E5A0F87A051998FA91A82C2F9FBA2682411FBDAB8807276","kmendfapggjehodndflmmgagdbamhnfd":"5E7D28010C1E1F5ACB395A41DF52B9EE51C61F72C3A6C901713E89B27652C7AC","mfehgcgbbipciphmccgaenjidiccnmng":"AE972E466C820D320831AD24C134C1B3249E4063D98DD3E97DE4178487B7FE75","mfffpogegjflfpflabcdkioaeobkgjik":"74E4F38F361C4003AE78EE763E6F9712ACEAB756A104C68BD0A60AB9DBE3CCDA","mgndgikekgjfcpckkfioiadnlibdjbkf":"33F5F7C5592DDA2A29CF08E8DBC88A0254758B8BBB3F89812DB1AE2765C77399","mhjfbmdgcfjbbpaeojofohoefgiehjai":"605AA6B17BD26F6B9F1AF572FA66F097951FA4BD85705E5A2CFA6987B9D2C42B","neajdppkdcdipfabeoofebfddakdcjhd":"84DDF579FEA1D9ED58AE75D549D7F10B83CC4FC1DBA4A74097640F7DCF6B84C1","nkeimhogjdpnpccoofpliimaahmaaome":"ABB3F6F888CAC0EB938DBB0A52BF3780B66CAC4034D940026A7B72BC76CCEB4C","nmmhkkegccagdldgiimedpiccmgmieda":"A383FB629594EF8A68FEB4791E475145C06ABBC8BFE7B50FD6AFBF4745445F23","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"7259FF12E0404B9B601C33B4FDC1887A02F67FAB487F07A2F3BF2805BA905D60","pjkljhegncpnkpknbcohdijeoejaedia":"4D5EF6F6F8186628CC7FE2DCF9A5A320DBC98E75BF417080A7451827ADFB5CB5","poimdfnhgefmnkeefbjibbiemlimdnof":"EB8F4FA86BF4CF7A73C3285B33294F94DEF7A706BB2274529A144216011878E4"}},"google":{"services":{"account_id":"FE9859CAB713F60248DB6A78FBD0D812F28A3CDE904156F2222576646E6FC573","last_username":"2CE88BB16F8958557910B4550E5FC0DA43A6DFE0A222EBEB246BAE0DEEC4523B","username":"A81DD05B57BB861F6920DD36162A2FC4165F184D04548AC5E4BF5775F647B785"}},"homepage":"0DF768D4014116D2CCB0FF120BCD842D727A701859457E5C001F0CD3A451F3DB","homepage_is_newtabpage":"D9C3449FE51BAF99A9CBB5985D2D4D581BA5D59FAF1F1F11238F55802AF47687","pinned_tabs":"1A62BADD445ECF98C642E1B7BCCDD201997CEA7BD9D9E7165E5347B870A077EE","prefs":{"preference_reset_time":"3DBE2CD4CEE3950E7F90D7A749A9CADA26923D737A35B224635373A07CC5E03A"},"profile":{"reset_prompt_memento":"F5307F33883827844546F1BDA60A82C79BDF079DB435FF8C48D2E6D2807DFFC1"},"safebrowsing":{"incidents_sent":"C0D44DCF9BFF95E23E7CF4790BF3906633EF252656F22F325AA84DEE78899480"},"search_provider_overrides":"AC14E9569D0989FF01BB0D94B9311A82BC48768DB9DD1D6B77055AE37F657B01","session":{"restore_on_startup":"43724C9D887931ED89B9B4CFC06AF9BD7625F919FADAD9A3EFC9BECEAC5D8561","startup_urls":"A843AB855E368C8D6C6FCA375E5F977924273960BD9F569F4D8586F49128E9E6"},"software_reporter":{"prompt_reason":"3A9ABFFAE23C9551FB123A7C79DFE38B5A812AF90C27A94FA6A17F974796E6A8","prompt_seed":"66EA77FC4BDECD627CFC7E4916E64F30BB5EC9845E340155DEA9FD44BDD69169","prompt_version":"98E1B9D7D59014967C02465A764D968A5400C3BCC523B8144B34A6D0EA9C17EB"},"sync":{"remaining_rollback_tries":"546DA0DDBA0C30E92D10044CDF83FC7A5E8BB93F8E9F244D5345661B12FC6FC0"}},"super_mac":"290273B1E88B95DD8BF5A42D4570A417F4E6EDC03C5C16A2B475D5E72DABEF49"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/webhp?source=search_app","http://www.sweet-page.com/?type=hp&ts=1435432784&z=d15b503fdcb2f84315e83e6g0z9cbw4z6ceo1m5bde&from=cor&uid=WDCXWD5000BPVT-22HXZT3_WD-WXE1A813090430904"]},"sync":{"remaining_rollback_tries":0}} ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1435432784&z=d15b503fdcb2f84315e83e6g0z9cbw4z6ceo1m5bde&from=cor&uid=WDCXWD5000BPVT-22HXZT3_WD-WXE1A813090430904&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1435432784&z=d15b503fdcb2f84315e83e6g0z9cbw4z6ceo1m5bde&from=cor&uid=WDCXWD5000BPVT-22HXZT3_WD-WXE1A813090430904&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Shopping App by Ask BHO - {4F524A2D-5354-2D53-5045-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" (file missing) O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll O3 - Toolbar: Shopping App by Ask - {4F524A2D-5354-2D53-5045-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0715tb] "C:\ProgramData\Avg_Update_0715tb\AVG-Secure-Search-Update_0715tb.exe" /PROMPT /CMPID=0715tb O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bluetooth Schakelservice (BtSwitcherService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe O23 - Service: CSR Bluetooth geluidsservice (CSRBtAudioService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe O23 - Service: CSR OBEX Service (CsrBtOBEXService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe O23 - Service: CSR Bluetooth Service (CsrBtService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soluto Auto Update Service (SolutoUpdate) - Soluto - C:\ProgramData\Soluto\Update\SolutoUpdateService.exe O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater18.8.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on vr 24/07/2015 at 16:34:18,45 ======================