Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Olaf De Wit on di 30/08/2016 at 12:35:39,20. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Olaf De Wit\Downloads\zoek (1).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-11-23-205402.log 161137 bytes ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Belarc deleted successfully C:\Program Files\Adobe deleted successfully C:\PROGRA~3\Dumps deleted successfully C:\PROGRA~3\WinZip deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\BrowserBackup deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\Driver Downloader deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\QuickScan deleted successfully C:\Users\Olaf De Wit\AppData\Local\CDex deleted successfully C:\Users\Olaf De Wit\AppData\Local\Skype deleted successfully C:\Users\Olaf De Wit\AppData\Local\softthinks deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 15.14 (x64) Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 22 NPAPI Adobe Flash Player 22 PPAPI Adobe Refresh Manager Adobe Shockwave Player 12.2 Ansel Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Application Verifier x64 External Package Awesome Duplicate Photo Finder v. 1.1 Bitdefender Total Security 2015 Bonjour BootRacer BrowserBackup CCleaner CyberLink LabelPrint 2.5 CyberLink Media Suite 10 CyberLink Media Suite Essentials CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD 12 D3DX10 Dell Backup and Recovery Dell Customer Connect Dell Digital Delivery Dell Product Registration Dell SupportAssist Dell System Detect Dell System E-Support Tool (3.7.0) Dell Update Dell WLAN and Bluetooth Client Installation FastStone Image Viewer 5.7 FastStone Photo Resizer 3.5 FBackup 6 FBackup 6.1 File Shredder 2.5 FileASSASSIN Fotogalerie Galerie de photos Google Chrome Google Update Helper Hekasoft Backup & Restore 0.53 HostsMan 4.6.103 iCloud Intel(R) Manageability Engine Firmware Recovery Agent Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel© Trusted Connect Service Client iTunes Kits Configuration Installer Last.fm Scrobbler 2.1.37 Linkman Pro Malwarebytes Anti-Malware version 2.2.1.1043 Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 SDK Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Microsoft SQL Server 2012 RsFx Driver Microsoft SQL Server 2012 Setup (English) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918 Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918 Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918 Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker MozBackup 1.5.1 Mozilla Firefox 38.0.6 (x86 en-US) Mozilla Firefox 39.0.3 (x86 en-US) Mozilla Firefox 41.0.2 (x86 en-US) Mozilla Firefox 43.0.2 (x86 nl) Mozilla Firefox 48.0 (x86 en-US) Mozilla Maintenance Service Mp3tag v2.73 MSI Development Tools MSVCRT MSVCRT110 MSVCRT110_amd64 MultiMon 2.50 NirSoft BlueScreenView NirSoft WebBrowserPassView NVIDIA-configuratiescherm 372.54 NVIDIA 3D Vision controllerstuurprogramma 369.04 NVIDIA 3D Vision stuurprogramma 372.54 NVIDIA GeForce Experience 2.11.4.0 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 372.54 NVIDIA HD Audio-stuurprogramma 1.3.34.15 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Miracast virtuele audio 368.81 NVIDIA Network Service NVIDIA Optimus Update 2.11.3.5 NVIDIA PhysX Systeem Software 9.16.0318 NVIDIA ShadowPlay 2.11.4.0 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.11.4.0 NVIDIA Update Core NVIDIA Virtual Audio 1.2.40 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Opera Stable 39.0.2256.48 Photo Common Photo Gallery Qualcomm Atheros Bluetooth Suite (64) QuickTime 7 Realtek Card Reader Realtek Ethernet Controller All-In-One Windows Driver Realtek High Definition Audio Driver Realtek USB Audio Registrar Registry Manager 7.75 Revo Uninstaller 1.95 Revo Uninstaller 2.0.0 SDK Debuggers SHIELD Streaming SHIELD Wireless Controller Driver Skype Click to Call SkypeT 7.26 SoulseekQt Spybot - Search & Destroy SQL Server 2012 Common Files SQL Server 2012 Database Engine Services SQL Server 2012 Database Engine Shared Sql Server Customer Experience Improvement Program SUPERAntiSpyware swMSM Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TagScanner 6.0.5 Unlocker 1.9.2 VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) VLC media player WhoCrashed 5.51 Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit EULA Windows Software Development Kit for Windows 8.1 Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote Windows Software Development Kit Redistributables WinPatrol WPT Redistributables WPTx64 XYplorerFree 17.00 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe C:\Program Files (x86)\BootRacer\BootRacerServ.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Softland\FBackup 6\bService.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Softland\FBackup 6\bTray.exe C:\Program Files (x86)\Dell Customer Connect\DCCService.exe c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Dell Update\DellUpService.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Dell Update\DellUpTray.exe C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe C:\Users\Olaf De Wit\Downloads\zoek (1).exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163008_1247_.backup ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163008_1247_.backup ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163008_1247_.backup ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163008_1247_.backup ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\0eizuwpg.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163008_1247_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled] ==== Batch Command(s) Run By Tool====================== Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Belarc not found C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\tasks\LaunchPreSignup deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted C:\Users\Olaf De Wit\Documents\Add-in Express deleted C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\firefox@ghostery.com.xpi deleted C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\jetpack deleted C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker\extensions\firefox@ghostery.com.xpi deleted C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker\Invalidprefs.js deleted C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker\jetpack deleted C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit\jetpack deleted C:\Users\Olaf De Wit\Downloads\wpsetup(1).exe deleted "C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\CookiesIE@yahoo.com.xpi" deleted "C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\CookiesIE@yahoo.com.xpi" deleted ==== Registry Search Results for "AutorunsDisabled" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\AutorunsDisabled\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\AutorunsDisabled\{2670000A-7350-4f3c-8081-5663EE0C6C49}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\AutorunsDisabled\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\AutorunsDisabled\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\Apple.DAV.Addin] "AutorunsDisabled"=dword:00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled\AccExt] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled\Atheros] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled\CLVDShellExt] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled\Mp3tagShell] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled\SafeBoxContext] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AutorunsDisabled\{9EF1900C-CF6C-476A-99BE-384B8847985C}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\AutorunsDisabled\FTShellContext] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\AutorunsDisabled\Ath_CopyHook] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\AutorunsDisabled\CLVDShellExt] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AutorunsDisabled\AccExt] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\AutorunsDisabled\skypec2c] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\AutorunsDisabled] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\AutorunsDisabled\skypec2c] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeUpdateService] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AGSService] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Apple Mobile Device Service] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AtherosSvc] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bonjour Service] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\c2cautoupdatesvc] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\c2cpnrsvc] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLVirtualDrive] "AutorunsDisabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iPod Service] "AutorunsDisabled"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RichVideo] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SkypeUpdate] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SupportAssistTrapListener] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdobeUpdateService] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AGSService] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Apple Mobile Device Service] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AtherosSvc] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\c2cautoupdatesvc] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\c2cpnrsvc] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CLVirtualDrive] "AutorunsDisabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iPod Service] "AutorunsDisabled"=dword:00000003 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RichVideo] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SkypeUpdate] "AutorunsDisabled"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SupportAssistTrapListener] "AutorunsDisabled"=dword:00000002 [HKEY_USERS\S-1-5-21-3353583409-2322390238-1352878597-1002\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled] ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 12240 MB CPU Info: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz CPU Speed: 3393,5 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: NVIDIA GeForce GTX 645 | NVIDIA GeForce GTX 645 | NVIDIA GeForce GTX 645 | NVIDIA GeForce GTX 645 Monitors: 1x; DELL S2240L(Analog) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Bluetooth Device (Personal Area Network) | Dell Wireless 1703 802.11b/g/n (2.4GHz) | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (D: | ) D: MATSHITADVD+-RW SW830 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 919,6GB Hard Disks - Free: C: 462,9GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | | DELL - 20100118 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0KWVT8 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46} Default Browser: Firefox 48.0 Internet Explorer Version: 11.0.9600.18427 Mozilla Firefox version: 38.0.6 (x86 en-US) Mozilla Firefox version: 39.0.3 (x86 en-US) Mozilla Firefox version: 41.0.2 (x86 en-US) Mozilla Firefox version: 43.0.2 (x86 nl) Mozilla Firefox version: 48.0 (x86 en-US) Opera Browser version: 39.0.2256.48 Google Chrome version: 52.0.2743.116 Adobe Reader version: 15.17.20050.192152 Flash Player version: 22.0.0.209 Shockwave Player version: 12.2.4r194 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\OLAFDE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-08-23 11:51:17 28B40C187878E23112AC1277DD1BB128 84672 ----a-w- C:\WINDOWS\SysWOW64\perf-MSSQL$ADK-sqlctr11.3.6020.0.dll 2016-08-23 11:51:16 ECA62B4161260EEF1BBE2C14FEC1813F 211544 ----a-w- C:\WINDOWS\SysWOW64\SQSRVRES.DLL 2016-08-23 10:47:21 9BBC5F173AF17061929CC506ED4FBCCC 46272 ----a-w- C:\WINDOWS\SysWOW64\perf-MSSQL11.ADK-sqlagtctr.dll 2016-08-23 10:47:01 3FE6F1234DBE0C5F3A17CA329C1A9641 69208 ----a-w- C:\WINDOWS\SysWOW64\fssres.dll 2016-08-23 10:47:00 1AE2553364FFC0782839793AF2DBFCE4 155328 ----a-w- C:\WINDOWS\SysWOW64\hadrres.dll 2016-08-22 15:58:23 ED956F37B8E92FB1D35C1D0548C1F0DF 138808 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-08-22 15:56:51 FFBB3C0CB0B6F29E4C10E33F482CF270 584896 ----a-w- C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-08-22 15:56:51 FEC43F991D80D6FB87A312DAB851AFC0 131720 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-08-22 15:56:51 FA016182A21445F1E23C65EB37A1EF02 8674320 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll 2016-08-22 15:56:51 CE1968BA05A23E7AA473BCE3A4DDB835 3166264 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-08-22 15:56:51 8520D0138C5986C3B7B37C1194658C85 409624 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-08-22 15:56:51 8105C52AFBBD12DD05B4C35AFFC68831 159352 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll 2016-08-22 15:56:51 71030726EC69B12B32E94A4CFB415CB6 459088 ----a-w- C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-08-22 15:56:51 551C6829A5D7F93C138E75120C259304 17249896 ----a-w- C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-08-22 15:56:51 4BC185AE209A73EAD6B5F4D60C46E428 28203968 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-08-22 15:56:51 41A1AE469460A132E956EED2A7E540C3 8644640 ----a-w- C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-08-22 15:56:51 3BD906FCFA267EC4B31792503F0F7DD1 897592 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll 2016-08-22 15:56:51 38BC42476A2C3A1B2C507BFA2225ACAC 9078776 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll 2016-08-22 15:56:51 3136000EB8E8FF07F86E3A04EA3FDCBC 395320 ----a-w- C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-08-22 15:56:51 17224CDEE333270937056EF048F6D95A 958912 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll 2016-08-22 15:56:50 6F4B0C0AFF0A0C0F201691FEA9F15F91 35182648 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-08-22 15:56:50 46CA34918B5936F5BF77B5AF17BD9892 669 ----a-w- C:\WINDOWS\SysWOW64\nv-vk32.json ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-08-22 15:56:51 FD70FEE1B8C834605BC5FB03E9E939F5 10530960 ----a-w- C:\WINDOWS\Sysnative\nvptxJitCompiler.dll 2016-08-22 15:56:51 FCC81CC7432AD1CF3513BB0534357445 544256 ----a-w- C:\WINDOWS\Sysnative\nvEncodeAPI64.dll 2016-08-22 15:56:51 D2F48A0A42D1FD6EC3B544F09AB6276B 494120 ----a-w- C:\WINDOWS\Sysnative\nvumdshimx.dll 2016-08-22 15:56:51 C6F1B36AB700CE484DD733557A3F142D 54728 ----a-w- C:\WINDOWS\Sysnative\nvhdap64.dll 2016-08-22 15:56:51 C0B949FD3D67B826E3A326C6DF8AFE99 1586744 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6437254.dll 2016-08-22 15:56:51 B9B387FB4631749D5336A9D8BCCAC279 10264136 ----a-w- C:\WINDOWS\Sysnative\nvcuda.dll 2016-08-22 15:56:51 9533DF60C60C95D6C83223EE1EB8372B 181488 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll 2016-08-22 15:56:51 83077F6F823DF688E21B0AD865087105 442816 ----a-w- C:\WINDOWS\Sysnative\NvIFROpenGL.dll 2016-08-22 15:56:51 81150FAD0D7E91AF3BD8A59869D177D0 695136 ----a-w- C:\WINDOWS\Sysnative\nvfatbinaryLoader.dll 2016-08-22 15:56:51 7141CD965E6E4E6C7A7543FB1472CB03 945088 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll 2016-08-22 15:56:51 6EF2B21B734EAF4C2617B335077697CF 1021888 ----a-w- C:\WINDOWS\Sysnative\NvFBC64.dll 2016-08-22 15:56:51 50EC45412FE4E0C31B0BEDC5F43FF985 1922616 ----a-w- C:\WINDOWS\Sysnative\nvdispco6437254.dll 2016-08-22 15:56:51 45421A95D98D20442D15ACC1DE00058A 34798528 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll 2016-08-22 15:56:51 296200EBDB3C52A7C2A7ACD5BBF03669 153368 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll 2016-08-22 15:56:51 28624D12611CC44032AC9A681F256613 3597248 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll 2016-08-22 15:56:51 2567086F500F2395019FB189B9291CEB 17462904 ----a-w- C:\WINDOWS\Sysnative\nvd3dumx.dll 2016-08-22 15:56:51 102C6B095A45F3A0E1B489E60F083AA0 10719920 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll 2016-08-22 15:56:50 A523C801B6B0DC16E9361B937A596DFF 669 ----a-w- C:\WINDOWS\Sysnative\nv-vk64.json 2016-08-22 15:56:50 4D1A4A713FD68EE4FE1020CC45E120B6 40068544 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-08-23 10:39:09 E38C06074161DE1C344A10FA57BC3A4E 48304 ----a-w- C:\WINDOWS\Sysnative\drivers\RegHiveRecovery.sys 2016-08-22 15:56:51 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\WINDOWS\Sysnative\drivers\nvhda64v.sys 2016-08-22 15:56:51 417660347EF07FF511284E668C9E2CB6 14075960 ----a-w- C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys 2016-08-10 22:06:00 4065615E836BF8C61AF6278EB2A9D1D6 201728 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2016-08-03 11:59:52 3E75A47D2DEFD2683DCA409572FBE8B2 452040 ----a-w- C:\WINDOWS\Sysnative\drivers\trufos.sys 2016-08-03 11:59:51 C8B54E81501386A91B0E0BD596965C9B 155912 ----a-w- C:\WINDOWS\Sysnative\drivers\gzflt.sys ====== C:\WINDOWS\Tasks ====== 2016-08-29 15:53:19 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Softland 2016-08-14 14:45:37 44D329DE54F3DA6C1E08DA6D3B705DBE 3178 ----a-w- C:\WINDOWS\Sysnative\Tasks\PCDoctorBackgroundMonitorTask-Retry ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-08-25 11:48:48 -------- d-----w- C:\Program Files\Microsoft SQL Server 2016-08-13 14:51:56 -------- d-----w- C:\Program Files\VS Revo Group 2016-08-04 09:01:13 -------- d-----w- C:\Program Files\Dell Support Center ======= C:\PROGRA~2 ===== 2016-08-29 15:53:07 -------- d-----w- C:\PROGRA~2\Softland 2016-08-29 15:31:42 -------- d-----w- C:\PROGRA~2\BrowserBackup 2016-08-24 12:38:53 -------- d-----w- C:\PROGRA~2\BootRacer 2016-08-23 10:46:31 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 10.0 2016-08-23 10:44:24 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server 2016-08-20 20:41:06 -------- d-----w- C:\PROGRA~2\FastStone Image Viewer 5.7 ======= C: ===== 2016-08-25 14:08:54 E1A5CEB6C5066175A141584B3FC53B99 107 ---ha-w- C:\DBAR_Ver.txt ====== C:\Users\Olaf De Wit\AppData\Roaming ====== 2016-08-30 10:28:20 -------- d-----r- C:\Users\Olaf De Wit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2016-08-29 15:53:16 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Softland 2016-08-29 15:31:42 -------- d-----w- C:\Users\Olaf De Wit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserBackup 2016-08-23 17:11:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\TightVNC 2016-08-23 10:47:24 -------- d-s---w- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\AppData\Local\Temp 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\AppData\Local\Microsoft 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-08-23 10:26:06 -------- d-----w- C:\Users\Olaf De Wit\AppData\Local\Windows Performance Analyzer ====== C:\Users\Olaf De Wit ====== 2016-08-29 18:02:15 3E47F17CAD982BF4F0DA641CDC4CD2D1 901632 ----a-w- C:\Users\Olaf De Wit\Downloads\OperaBackupPro.v2.3.exe 2016-08-29 17:58:58 36410B20166D259F87954A93145D7787 48190904 ----a-w- C:\Users\Olaf De Wit\Downloads\setup_x64.exe 2016-08-29 17:57:13 43478CB424708775AA391C261854F3F5 997736 ----a-w- C:\Users\Olaf De Wit\Downloads\zebnet_opera_backup_2012.exe 2016-08-29 15:53:07 -------- d-----w- C:\ProgramData\Softland 2016-08-29 15:53:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBackup 6 2016-08-29 15:53:01 -------- d-----w- C:\ProgramData\regid.2006-01.com.fbackup 2016-08-29 15:52:07 F73995A49111EE2D07D1F114323F0806 71397992 ----a-w- C:\Users\Olaf De Wit\Downloads\fbsetup-full.exe 2016-08-29 15:30:38 AB873782F563D0E72EA1013C5994BD6B 1142640 ----a-w- C:\Users\Olaf De Wit\Downloads\browserbackup_9000_setup.exe 2016-08-29 14:48:47 9A327F2B895581E32443A1FF1BDA85DA 6287360 ----a-w- C:\Users\Olaf De Wit\Downloads\FavBackup.exe 2016-08-29 10:47:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Olaf De Wit\Downloads\RSITx64(1).exe 2016-08-28 20:56:36 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (4).exe 2016-08-28 20:56:35 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (3).exe 2016-08-28 20:56:35 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (2).exe 2016-08-28 20:56:30 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (1).exe 2016-08-28 20:56:25 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1.exe 2016-08-25 17:42:15 AB873782F563D0E72EA1013C5994BD6B 1142640 ----a-w- C:\Users\Olaf De Wit\Documents\browserbackup_9000_setup.exe 2016-08-25 11:49:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 2016-08-24 13:18:48 662DE31942F4FE3BDE15627053273FDC 1463424 ----a-w- C:\Users\Olaf De Wit\Documents\SkypeSetup.exe 2016-08-24 13:11:13 -------- d-----w- C:\ProgramData\BootRacer 2016-08-23 17:11:12 4DA8F567276DCC7EC82D34C01690AC81 193 ----a-w- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2016-08-23 11:00:39 -------- d-----w- C:\ProgramData\WindowsPerformanceRecorder 2016-08-23 10:47:25 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\MSSQL$ADK\ntuser.ini 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\Saved Games 2016-08-23 10:47:24 -------- d-----w- C:\Users\MSSQL$ADK\AppData 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Videos 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Pictures 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Music 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Links 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Favorites 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Downloads 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Documents 2016-08-23 10:47:24 -------- d-----r- C:\Users\MSSQL$ADK\Desktop 2016-08-23 10:45:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2016-08-22 20:12:07 2864D10544A29684ACC389F170600E3B 7829640 ----a-w- C:\Users\Olaf De Wit\Documents\DX81NTdut.exe 2016-08-20 20:18:56 EBB4B1D9BC322CDE20CDB2E3EB36DDAD 6386757 ----a-w- C:\Users\Olaf De Wit\Downloads\FSViewerSetup57(1).exe 2016-08-20 20:15:55 EBB4B1D9BC322CDE20CDB2E3EB36DDAD 6386757 ----a-w- C:\Users\Olaf De Wit\Downloads\FSViewerSetup57.exe 2016-08-19 17:16:09 8EF81BE0347C74E1F7C4E24836702ADE 1369272 ----a-w- C:\Users\Olaf De Wit\Downloads\EraserPortable_5.8.8.1_English.paf (1).exe 2016-08-19 17:16:02 8EF81BE0347C74E1F7C4E24836702ADE 1369272 ----a-w- C:\Users\Olaf De Wit\Downloads\EraserPortable_5.8.8.1_English.paf.exe 2016-08-13 14:51:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-08-04 09:01:14 -------- d-----w- C:\ProgramData\PC-Doctor for Windows 2016-08-03 12:01:48 A457BA51E612235A935254074407DE39 529215 ----a-w- C:\ProgramData\1470225485.bdinstall.bin 2016-08-03 12:01:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 ====== C: exe-files == 2016-08-29 18:02:15 3E47F17CAD982BF4F0DA641CDC4CD2D1 901632 ----a-w- C:\Users\Olaf De Wit\Downloads\OperaBackupPro.v2.3.exe 2016-08-29 17:58:58 36410B20166D259F87954A93145D7787 48190904 ----a-w- C:\Users\Olaf De Wit\Downloads\setup_x64.exe 2016-08-29 17:57:13 43478CB424708775AA391C261854F3F5 997736 ----a-w- C:\Users\Olaf De Wit\Downloads\zebnet_opera_backup_2012.exe 2016-08-29 17:49:21 C80BB0EAE06400CD884F96F62C6D0F6E 8759568 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\Packages\000092be\DAO.21102435.exe 2016-08-29 16:19:56 354F4EAAEA5876E653A88F8DE1A8529E 346552 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-08-29 16:19:54 297EA25B702EAAB336FCE660374D98B3 403896 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-08-29 15:52:07 F73995A49111EE2D07D1F114323F0806 71397992 ----a-w- C:\Users\Olaf De Wit\Downloads\fbsetup-full.exe 2016-08-29 15:30:38 AB873782F563D0E72EA1013C5994BD6B 1142640 ----a-w- C:\Users\Olaf De Wit\Downloads\browserbackup_9000_setup.exe 2016-08-29 14:48:47 9A327F2B895581E32443A1FF1BDA85DA 6287360 ----a-w- C:\Users\Olaf De Wit\Downloads\FavBackup.exe 2016-08-29 10:47:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Olaf De Wit\Downloads\RSITx64(1).exe 2016-08-28 20:56:36 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (4).exe 2016-08-28 20:56:35 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (3).exe 2016-08-28 20:56:35 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (2).exe 2016-08-28 20:56:30 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1 (1).exe 2016-08-28 20:56:25 B8FC1873814715DAC72C94064DBE1668 2001544 ----a-w- C:\Users\Olaf De Wit\Downloads\pc-decrapifier-3.0.1.exe 2016-08-26 17:40:26 2DFA62928335CD9C7419FD9513C005DF 711824 ----a-w- C:\Users\Olaf De Wit\AppData\Local\NVIDIA\NvBackend\Packages\000092b3\CoProc update.21095515.exe 2016-08-26 13:16:10 6BF9CBE2A4A0722D636D4BFED559025E 1583096 ----a-w- C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\SwReporter\10.66.3\software_reporter_tool.exe 2016-08-25 17:42:15 AB873782F563D0E72EA1013C5994BD6B 1142640 ----a-w- C:\Users\Olaf De Wit\Documents\browserbackup_9000_setup.exe 2016-08-24 13:18:48 662DE31942F4FE3BDE15627053273FDC 1463424 ----a-w- C:\Users\Olaf De Wit\Documents\SkypeSetup.exe 2016-08-23 11:46:34 C4F3CFF831158DB400B483A834C71C98 89792 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\1033_enu_lp\x86\setup\sqlsupport_msi\pfiles\sqlservr\110\setup\lkykxdut\x86\setuparp.exe 2016-08-23 11:46:34 C366E5C3956DD3F4EF1AC54EEB0C4736 77504 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\x86\scenarioengine.exe 2016-08-23 11:46:34 C366E5C3956DD3F4EF1AC54EEB0C4736 77504 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\1033_enu_lp\x86\setup\sqlsupport_msi\pfiles\sqlservr\110\setup\lkykxdut\x86\-fb6pr51.exe 2016-08-23 11:46:34 9584F822E9B6071D688B4783AB752384 458432 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\x86\landingpage.exe 2016-08-23 11:46:34 9584F822E9B6071D688B4783AB752384 458432 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\1033_enu_lp\x86\setup\sqlsupport_msi\pfiles\sqlservr\110\setup\lkykxdut\x86\qphmbavs.exe 2016-08-23 11:46:34 825888AB8C0151D3AF25FFCBFA4E7C9A 61120 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\x86\fixsqlregistrykey_x86.exe 2016-08-23 11:46:34 825888AB8C0151D3AF25FFCBFA4E7C9A 61120 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\1033_enu_lp\x86\setup\sqlsupport_msi\pfiles\sqlservr\110\setup\lkykxdut\x86\oax0i8iu.exe 2016-08-23 11:46:34 81700843AF38F85EEA9F0078AF455AF1 57024 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\x86\fixsqlregistrykey_x64.exe 2016-08-23 11:46:34 81700843AF38F85EEA9F0078AF455AF1 57024 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\1033_enu_lp\x86\setup\sqlsupport_msi\pfiles\sqlservr\110\setup\lkykxdut\x86\b0k-cfdu.exe 2016-08-23 11:46:34 7B15FA2DA29920EB4A218EB529DE8534 205504 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\setup.exe 2016-08-23 11:46:34 7B15FA2DA29920EB4A218EB529DE8534 205504 ----a-w- C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\Update Cache\KB3072779\ServicePack\1033_enu_lp\x86\setup\sqlsupport_msi\pfiles\sqlservr\110\setup\lkykxdut\setup.exe === C: other files == 2016-08-29 17:46:20 0D57D7E5B60C7489D3301A69EAB41235 637279 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RQIRNG7\dictionaries\nl.zip 2016-08-29 17:41:21 EF53ADD6CABBA8695350BA64EDCA0878 150384 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi 2016-08-29 17:41:21 D9F85F9D864DDDE1E7BD7D3117D3738E 105345 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi 2016-08-29 17:41:21 B6F0DE7FEB9A69F0E337AB58BDF0C5AA 1036367 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2016-08-29 17:41:21 8FBFCE05035D4796C00CE7A0A464B00F 518692 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi 2016-08-29 17:41:20 E60590E188D0D2F69CBEC5C6382F15FD 564604 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi 2016-08-29 17:41:20 57EEB57AD3C051A02BFD9EC5100CF234 710273 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi 2016-08-29 17:41:20 12637F01584BEFE2468A39D6FA335869 292441 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi 2016-08-29 17:41:19 F11708ED4C25574DDF07D27E642F029C 29109 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\the-addon-bar@GeekInTraining-GiT.xpi 2016-08-29 17:41:19 EA5A9648B80D4279224CC35BAE27362E 559490 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi 2016-08-29 17:41:19 EA2D8C5FB4F8276A0AD3BEF9465EC986 1713257 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\uMatrix@raymondhill.net.xpi 2016-08-29 17:41:19 CB969457C2EA9EC3112AC2672C00D205 106831 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\jid1-D7momAzRw417Ag@jetpack.xpi 2016-08-29 17:41:19 B61613F295E8BBDEA964FD9100D508F3 1581376 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\uBlock0@raymondhill.net.xpi 2016-08-29 17:41:19 900637D9B2755A33CADB962508DC4FCA 261727 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\OPIE@guid.customsoftwareconsult.com.xpi 2016-08-29 17:41:19 0EFE9FB89020B8AD2E98959E42647C36 98284 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi 2016-08-29 17:41:18 BDA9FFE4C1327E4DADA040027DAEA5B5 1560692 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\firefox@ghostery.com.xpi 2016-08-29 17:41:18 ABA0EDBE2BE29095B89A5988669C3D91 43255 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\flashstopper@byo.co.il.xpi 2016-08-29 17:41:18 5BA9B301A808D7A47A28AB6AFB07D14D 403015 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\ffext_basicvideoext@startpage24.xpi 2016-08-29 17:41:18 4EA4A54C6407537F985E3115097482FB 834170 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\firefoxbookmarkchecker@everhelper.me.xpi 2016-08-29 17:41:18 113A5FF78A5F3C6A0BDF00B57253731A 80138 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi 2016-08-29 17:41:17 ECE420D77FCA02980ED30C677F073B2B 120217 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\elemhidehelper@adblockplus.org.xpi 2016-08-29 17:41:17 86E58B1A7906F477714A007035D258AF 9968 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\bookmarkdup@localghost.net.xpi 2016-08-29 17:41:17 756DD2347B9C8A7D7816335DE0BAF6D0 358694 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi 2016-08-29 17:41:17 47C300DC486FEE9E42267DB42AFF0562 19394 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\bookmarkdeduplicator@foxhatdev.xpi 2016-08-29 17:41:17 09C5ECFB3E8986EA343EB7959DBE6BEE 6726 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3353583409-2322390238-1352878597-1002\$RLJ2A28\extensions\CookiesIE@yahoo.com.xpi 2016-08-29 13:54:08 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\FirefoxHello{1.4.3}.xpi 2016-08-29 13:53:59 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\Pocket{1.0.4}.xpi 2016-08-29 13:53:50 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\Multi-processstagedrollout{1.0}.xpi 2016-08-29 13:53:46 EF53ADD6CABBA8695350BA64EDCA0878 150384 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\BetterPrivacy{1.74}.xpi 2016-08-29 13:53:46 D9F85F9D864DDDE1E7BD7D3117D3738E 105345 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\YouTubeFlashVideoPlayer{48.1}.xpi 2016-08-29 13:53:46 B6F0DE7FEB9A69F0E337AB58BDF0C5AA 1036367 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\AdblockPlus{2.7.3}.xpi 2016-08-29 13:53:46 8FBFCE05035D4796C00CE7A0A464B00F 518692 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\UnMHT{8.2.0}.xpi 2016-08-29 13:53:46 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\BitdefenderWallet{2.0}.xpi 2016-08-29 13:53:46 57EEB57AD3C051A02BFD9EC5100CF234 710273 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\VideoDownloadHelper{6.0.0}.xpi 2016-08-29 13:53:45 F11708ED4C25574DDF07D27E642F029C 29109 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\TheAddonBarrestored{3.2.9-compat-fixed-4}.xpi 2016-08-29 13:53:45 ECE420D77FCA02980ED30C677F073B2B 120217 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\ElementHidingHelperforAdblockPlus{1.3.9}.xpi 2016-08-29 13:53:45 EA5A9648B80D4279224CC35BAE27362E 559490 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\SessionManager{0.8.1.12}.xpi 2016-08-29 13:53:45 EA2D8C5FB4F8276A0AD3BEF9465EC986 1713257 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\uMatrix{0.9.3.6}.xpi 2016-08-29 13:53:45 E60590E188D0D2F69CBEC5C6382F15FD 564604 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\NoScript{2.9.0.14}.xpi 2016-08-29 13:53:45 CB969457C2EA9EC3112AC2672C00D205 106831 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\WikiwandWikipediaModernized{4.5.13}.xpi 2016-08-29 13:53:45 BDA9FFE4C1327E4DADA040027DAEA5B5 1560692 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\Ghostery{6.3.2}.xpi 2016-08-29 13:53:45 B61613F295E8BBDEA964FD9100D508F3 1581376 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\uBlockOrigin{1.9.2}.xpi 2016-08-29 13:53:45 ABA0EDBE2BE29095B89A5988669C3D91 43255 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\FlashStopper{1.4.2}.xpi 2016-08-29 13:53:45 98A53955B7EC2277617E35E0257DAB4D 118372 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\Flashblock{1.5.20}.xpi 2016-08-29 13:53:45 975E11B8AB65093AC1580AFCDBF55E23 1339642 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\FEBE{8.9.2}.xpi 2016-08-29 13:53:45 900637D9B2755A33CADB962508DC4FCA 261727 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\OPIE{6.6}.xpi 2016-08-29 13:53:45 86E58B1A7906F477714A007035D258AF 9968 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\BookmarkDuplicateCleaner{0.2.1-signed.1-signed}.xpi 2016-08-29 13:53:45 756DD2347B9C8A7D7816335DE0BAF6D0 358694 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\CookieKeeper{1.9.3.1}.xpi 2016-08-29 13:53:45 5BA9B301A808D7A47A28AB6AFB07D14D 403015 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\VideoDownloaderprofessional{1.97.37.1-signed.1-signed}.xpi 2016-08-29 13:53:45 4EA4A54C6407537F985E3115097482FB 834170 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\BookmarksChecker-checkforbadlinks{5.8.1}.xpi 2016-08-29 13:53:45 47C300DC486FEE9E42267DB42AFF0562 19394 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\BookmarkDeduplicator{1.3.1.1-signed.1-signed}.xpi 2016-08-29 13:53:45 1D9A2270D0F9646ED98CF88E01836A83 90825 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\LeechBlock{1.0.5}.xpi 2016-08-29 13:53:45 12637F01584BEFE2468A39D6FA335869 292441 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\SpeedDial{0.9.6.18}.xpi 2016-08-29 13:53:45 113A5FF78A5F3C6A0BDF00B57253731A 80138 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\Self-DestructingCookies{0.4.10}.xpi 2016-08-29 13:53:45 0EFE9FB89020B8AD2E98959E42647C36 98284 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\FlashControl{2.1.4}.xpi 2016-08-29 13:53:45 09C5ECFB3E8986EA343EB7959DBE6BEE 6726 ----a-w- C:\Users\Olaf De Wit\Documents\Browser Backups\Firefox Backups\FEBE 2016 29.08 15.53.43\CookiesExportimport{1.0.1-signed.1-signed}.xpi 2016-08-29 11:50:25 C31F1433ABE2FD2FF44AFCCCDD8EFC93 1728732 ----a-w- C:\Users\Olaf De Wit\Downloads\W10Privacy.zip 2016-08-25 14:14:13 BF011843D3692C31C7C39387C0843D1E 50625573 ----a-w- C:\Users\Olaf De Wit\AppData\Local\ElevatedDiagnostics\2560293460\2016082514.000\DataStoreAndWULogFiles.zip 2016-08-24 12:37:26 3C46D81EEB5B5D4FA2A7F704AE818EAF 5295360 ----a-w- C:\Users\Olaf De Wit\Downloads\bootracer-fee-dutch.zip 2016-08-23 14:56:31 0100BD99EF604F27602FF662802FB852 137869 ----a-w- C:\Users\Olaf De Wit\Downloads\searchmyfiles-x64.zip 2016-08-23 14:56:24 C20E8D66AF9CB8EECB6891B12548FEA4 107201 ----a-w- C:\Users\Olaf De Wit\Downloads\searchmyfiles.zip ==== Orphaned Tasks deleted from Registry ====================== Dell Digital Delivery Service One-Time Delayed Start deleted LaunchPreSignup deleted SystemToolsDailyTest_once deleted tmp2F8C deleted tmp472A deleted tmpA522 deleted tmpB03F deleted tmpC245 deleted tmpE004 deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3353583409-2322390238-1352878597-1002\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "FBackup 6 Tray Agent"="C:\Program Files (x86)\Softland\FBackup 6\bTray.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Linkman"="C:\Program Files (x86)\Linkman\Linkman.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "WinPatrol"="C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "FBackup 6 Tray Agent"="C:\Program Files (x86)\Softland\FBackup 6\bTray.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Linkman"="C:\Program Files (x86)\Linkman\Linkman.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "WinPatrol"="C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" "BootRacer"="C:\Program Files (x86)\BootRacer\Bootrace.exe /2" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" "BootRacer"="C:\Program Files (x86)\BootRacer\Bootrace.exe /2" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [13/07/2016 12:07] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/11/2015 14:02] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/11/2015 14:02] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe] "C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-OlafDeWit-Olaf De Wit" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\WINDOWS\SysNative\tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" [C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1446999707" [C:\Program Files (x86)\Opera\launcher.exe] "C:\WINDOWS\SysNative\tasks\PCDDataUploadTask" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\Dell\SupportAssist\sessionchecker.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask-Retry" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\SupportAssistNascentDSETInstall" ["C:\Program Files (x86)\Dell\SupportAssist\downloads\DSET_3.7.0.0.exe"] "C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0FCE55B7-9C1A-4780-ADD5-9A8844D98AB5}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Dell\Dell System Registration" [C:\Program Files (x86)\System Registration\prodreg.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default user_pref("browser.search.defaultenginename", "Bing"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "bdwteff@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff" [24/03/2015 11:54] ==== Firefox Extensions ====================== ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel - FEBE - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - LeechBlock - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} - Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - LeechBlock - %ProfilePath%\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} - Bookmark Deduplicator - %ProfilePath%\extensions\bookmarkdeduplicator@foxhatdev.xpi - Bookmark Duplicate Cleaner - %ProfilePath%\extensions\bookmarkdup@localghost.net.xpi - CookieKeeper - %ProfilePath%\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi - Video Downloader Professional - %ProfilePath%\extensions\ffext_basicvideoext@startpage24.xpi - Bookmarks Checker - check for bad links - %ProfilePath%\extensions\firefoxbookmarkchecker@everhelper.me.xpi - FlashStopper - %ProfilePath%\extensions\flashstopper@byo.co.il.xpi - Self-Destructing Cookies - %ProfilePath%\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi - Wikiwand: Wikipedia Modernized - %ProfilePath%\extensions\jid1-D7momAzRw417Ag@jetpack.xpi - Flash Control - %ProfilePath%\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi - OPIE - %ProfilePath%\extensions\OPIE@guid.customsoftwareconsult.com.xpi - The Addon Bar restored - %ProfilePath%\extensions\the-addon-bar@GeekInTraining-GiT.xpi - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - Undetermined - %ProfilePath%\extensions\uMatrix@raymondhill.net.xpi - Trnh Qun L Phin - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi - Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - BetterPrivacy em:version1.74 em:type2 em:creatorGreg Yardley version 0.2 www.yardley.ca em:descriptionquot - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi - YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi - UnMHT - %ProfilePath%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker - Flash Video Downloader - YouTube HD Download [4K] - %ProfilePath%\extensions\artur.dubovoy@gmail.com - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - CookieKeeper - %ProfilePath%\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi - FlashStopper - %ProfilePath%\extensions\flashstopper@byo.co.il.xpi - Self-Destructing Cookies - %ProfilePath%\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi - Undetermined - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi - Flash Control - %ProfilePath%\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi - OPIE - %ProfilePath%\extensions\OPIE@guid.customsoftwareconsult.com.xpi - The Addon Bar restored - %ProfilePath%\extensions\the-addon-bar@GeekInTraining-GiT.xpi - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - Trnh Qun L Phin - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi - Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - YouTube Flash Video Player - %ProfilePath%\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi - UnMHT - %ProfilePath%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit - FEBE - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - Flashblock - C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} - Bookmark Duplicate Cleaner - %ProfilePath%\extensions\bookmarkdup@localghost.net.xpi - CookieKeeper - %ProfilePath%\extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi - Wikiwand: Wikipedia Modernized - %ProfilePath%\extensions\jid1-D7momAzRw417Ag@jetpack.xpi - Flash Control - %ProfilePath%\extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\OLAFDE~1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\0eizuwpg.default - DOM - %ProfilePath%\extensions\inspector@mozilla.org.xpi - ChatZilla - %ProfilePath%\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director 62D98B286C805E193568037B70D936D2 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\iwfxxajf.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\m5piylsg.Standaardgebruiker 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin Profilepath: C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\sckioql6.stupid shit 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Olaf De Wit\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fabcmochhfpldjekobfaaggijgohadih - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions fcfenmboojpjinhpgggodefccipikbpd - No path found[] Google Slides - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Video Downloader - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc Google Docs - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Flash Master - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacfnookefkldifaigjdedpophfjkjeh selector is not a valid CSS selector - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb uBlockâ‚€ - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm Google Search - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Session Buddy - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko Video Downloader professional - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil Wikiwand - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj Bitdefender Wallet - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih Google Sheets - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap EditThisCookie - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg Google Docs Offline - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Speed Dial 2 - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik Chromarks - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdheengilgkagjehknnnofigbmlnnfj noflashcontent - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhjanpmhcanjknkcfjiikkjdecjkmngn Flashcontrol - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe Ghostery - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij GetThemAll Video Downloader - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm Chrome Web Store Payments - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm f*ck overlays - Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppedokobpbdajgiejhnjfbdjlgobcpkp Ghostery - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg noflashcontent - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb TabHamster - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\flaibmngbecjljogddbgojfenfcneanb Video Downloader Pro - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe uBlockâ‚€ - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida History Eraser - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm FVD Video Downloader - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple selector is not a valid CSS selector - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp Edit This Cookie - Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppmhhincfabcahokokgpdcckmjghpian ==== Chromium Fix ====================== C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adult-planet.info_0.localstorage deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_adultstarvlog.com_0.localstorage deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aiimdkdngfcipjohbjenkahhlhccpdbc_0.localstorage deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nbkekaeindpfpcoldfckljplboolgkfm_0.localstorage deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ibehiiilehaakkhkigckfjfknboalpbe deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple deleted successfully C:\Users\Olaf De Wit\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_neacgcjokggofibnbfapeaejhclmpple_0.localstorage deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage deleted successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{DC6B075B-449F-48E1-82D3-2FDE2319178E}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\SearchScopes\{DC6B075B-449F-48E1-82D3-2FDE2319178E} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{DC6B075B-449F-48E1-82D3-2FDE2319178E}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes\{DC6B075B-449F-48E1-82D3-2FDE2319178E} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB HKCU\SearchScopes "DefaultScope"="{DC6B075B-449F-48E1-82D3-2FDE2319178E}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms} HKCU\SearchScopes\{DC6B075B-449F-48E1-82D3-2FDE2319178E} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [FBackup 6 Tray Agent] "C:\Program Files (x86)\Softland\FBackup 6\bTray.exe" O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" O4 - HKLM\..\Policies\Explorer\Run: [BootRacer] "C:\Program Files (x86)\BootRacer\Bootrace.exe" /2 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Show Linkman - file://C:\Users\Olaf De Wit\Documents\Linkman\iescript_show.htm O9 - Extra button: (no name) - AutorunsDisabled - (no file) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dell.com O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - https://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1472122438859 O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file) O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe O23 - Service: BootRacerServ - Greatis Software, LLC - C:\Program Files (x86)\BootRacer\BootRacerServ.exe O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FBackup 6 Service (FBackup6Srv) - Softland - C:\Program Files (x86)\Softland\FBackup 6\bService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: SafeBox - Bitdefender - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: SNMP Trap (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: Dell SupportAssist Service (SupportAssistService) - Apache Software Foundation - C:\Program Files (x86)\Dell\SupportAssist\bin\prunsrvamd64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Olaf De Wit\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Olaf De Wit\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Olaf De Wit\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Olaf De Wit\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\storage\default\https+++www.pinterest.com\cache emptied successfully C:\Users\Olaf De Wit\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.schijtprofiel\storage\default\https+++www.porndig.com\cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Olaf De Wit\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Olaf De Wit\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1045 folders=355 845076801 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\MSSQL$ADK\AppData\Local\Temp emptied successfully C:\Users\Olaf De Wit\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\OLAFDE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 30/08/2016 at 12:58:12,00 ======================