Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Jef on di 03/01/2017 at 13:30:54,82. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jef\Pictures\Xzoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 3/01/2017 13:32:24 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Apple Software Update deleted successfully C:\PROGRA~2\Dirk's Projects deleted successfully C:\PROGRA~2\goopad deleted successfully C:\PROGRA~3\01b525ae-00d3-1 deleted successfully C:\PROGRA~3\01b525ae-0201-1 deleted successfully C:\PROGRA~3\01b525ae-0311-0 deleted successfully C:\PROGRA~3\01b525ae-04b5-0 deleted successfully C:\PROGRA~3\01b525ae-05f3-1 deleted successfully C:\PROGRA~3\01b525ae-0761-1 deleted successfully C:\PROGRA~3\01b525ae-0825-1 deleted successfully C:\PROGRA~3\01b525ae-0857-0 deleted successfully C:\PROGRA~3\01b525ae-0917-0 deleted successfully C:\PROGRA~3\01b525ae-0967-0 deleted successfully C:\PROGRA~3\01b525ae-0985-0 deleted successfully C:\PROGRA~3\01b525ae-0b65-0 deleted successfully C:\PROGRA~3\01b525ae-0ec1-0 deleted successfully C:\PROGRA~3\01b525ae-0f51-0 deleted successfully C:\PROGRA~3\01b525ae-0fa7-1 deleted successfully C:\PROGRA~3\01b525ae-0fc3-0 deleted successfully C:\PROGRA~3\01b525ae-1223-1 deleted successfully C:\PROGRA~3\01b525ae-12e7-0 deleted successfully C:\PROGRA~3\01b525ae-1357-0 deleted successfully C:\PROGRA~3\01b525ae-1527-0 deleted successfully C:\PROGRA~3\01b525ae-1617-0 deleted successfully C:\PROGRA~3\01b525ae-1687-1 deleted successfully C:\PROGRA~3\01b525ae-16a1-1 deleted successfully C:\PROGRA~3\01b525ae-16b7-1 deleted successfully C:\PROGRA~3\01b525ae-16d3-0 deleted successfully C:\PROGRA~3\01b525ae-17f7-1 deleted successfully C:\PROGRA~3\01b525ae-1893-0 deleted successfully C:\PROGRA~3\01b525ae-1a37-1 deleted successfully C:\PROGRA~3\01b525ae-1cc1-0 deleted successfully C:\PROGRA~3\01b525ae-1d05-1 deleted successfully C:\PROGRA~3\01b525ae-1e87-0 deleted successfully C:\PROGRA~3\01b525ae-20f5-0 deleted successfully C:\PROGRA~3\01b525ae-2181-1 deleted successfully C:\PROGRA~3\01b525ae-2347-1 deleted successfully C:\PROGRA~3\01b525ae-2393-0 deleted successfully C:\PROGRA~3\01b525ae-2397-1 deleted successfully C:\PROGRA~3\01b525ae-2433-1 deleted successfully C:\PROGRA~3\01b525ae-24e1-0 deleted successfully C:\PROGRA~3\01b525ae-27f5-0 deleted successfully C:\PROGRA~3\01b525ae-2851-1 deleted successfully C:\PROGRA~3\01b525ae-2875-1 deleted successfully C:\PROGRA~3\01b525ae-2891-0 deleted successfully C:\PROGRA~3\01b525ae-2935-0 deleted successfully C:\PROGRA~3\01b525ae-2977-0 deleted successfully C:\PROGRA~3\01b525ae-2981-1 deleted successfully C:\PROGRA~3\01b525ae-2a15-0 deleted successfully C:\PROGRA~3\01b525ae-2ec1-0 deleted successfully C:\PROGRA~3\01b525ae-2f53-1 deleted successfully C:\PROGRA~3\01b525ae-2f77-1 deleted successfully C:\PROGRA~3\01b525ae-31b5-0 deleted successfully C:\PROGRA~3\01b525ae-3283-0 deleted successfully C:\PROGRA~3\01b525ae-3297-1 deleted successfully C:\PROGRA~3\01b525ae-33d1-0 deleted successfully C:\PROGRA~3\01b525ae-34b1-0 deleted successfully C:\PROGRA~3\01b525ae-35e5-1 deleted successfully C:\PROGRA~3\01b525ae-3661-0 deleted successfully C:\PROGRA~3\01b525ae-3877-0 deleted successfully C:\PROGRA~3\01b525ae-3915-0 deleted successfully C:\PROGRA~3\01b525ae-3c01-1 deleted successfully C:\PROGRA~3\01b525ae-3cf1-0 deleted successfully C:\PROGRA~3\01b525ae-3e45-0 deleted successfully C:\PROGRA~3\01b525ae-3ff7-1 deleted successfully C:\PROGRA~3\01b525ae-4093-0 deleted successfully C:\PROGRA~3\01b525ae-40d5-1 deleted successfully C:\PROGRA~3\01b525ae-4117-1 deleted successfully C:\PROGRA~3\01b525ae-4173-1 deleted successfully C:\PROGRA~3\01b525ae-41f7-1 deleted successfully C:\PROGRA~3\01b525ae-4363-0 deleted successfully C:\PROGRA~3\01b525ae-44f3-0 deleted successfully C:\PROGRA~3\01b525ae-4753-0 deleted successfully C:\PROGRA~3\01b525ae-4777-0 deleted successfully C:\PROGRA~3\01b525ae-4955-1 deleted successfully C:\PROGRA~3\01b525ae-4a25-1 deleted successfully C:\PROGRA~3\01b525ae-4a53-1 deleted successfully C:\PROGRA~3\01b525ae-4ad1-0 deleted successfully C:\PROGRA~3\01b525ae-4d05-0 deleted successfully C:\PROGRA~3\01b525ae-4d55-0 deleted successfully C:\PROGRA~3\01b525ae-4d87-1 deleted successfully C:\PROGRA~3\01b525ae-4db5-1 deleted successfully C:\PROGRA~3\01b525ae-4f95-1 deleted successfully C:\PROGRA~3\01b525ae-5043-1 deleted successfully C:\PROGRA~3\01b525ae-5223-1 deleted successfully C:\PROGRA~3\01b525ae-5311-0 deleted successfully C:\PROGRA~3\01b525ae-5351-1 deleted successfully C:\PROGRA~3\01b525ae-5397-1 deleted successfully C:\PROGRA~3\01b525ae-5585-1 deleted successfully C:\PROGRA~3\01b525ae-5871-0 deleted successfully C:\PROGRA~3\01b525ae-5945-0 deleted successfully C:\PROGRA~3\01b525ae-5981-1 deleted successfully C:\PROGRA~3\01b525ae-59e7-1 deleted successfully C:\PROGRA~3\01b525ae-5a13-0 deleted successfully C:\PROGRA~3\01b525ae-5a67-0 deleted successfully C:\PROGRA~3\01b525ae-5ad3-0 deleted successfully C:\PROGRA~3\01b525ae-5c45-1 deleted successfully C:\PROGRA~3\01b525ae-5c97-1 deleted successfully C:\PROGRA~3\01b525ae-5d61-1 deleted successfully C:\PROGRA~3\01b525ae-5d91-1 deleted successfully C:\PROGRA~3\01b525ae-5f83-0 deleted successfully C:\PROGRA~3\01b525ae-6103-0 deleted successfully C:\PROGRA~3\01b525ae-6145-1 deleted successfully C:\PROGRA~3\01b525ae-6153-1 deleted successfully C:\PROGRA~3\01b525ae-6257-1 deleted successfully C:\PROGRA~3\01b525ae-6433-0 deleted successfully C:\PROGRA~3\01b525ae-6481-1 deleted successfully C:\PROGRA~3\01b525ae-6537-0 deleted successfully C:\PROGRA~3\01b525ae-6585-0 deleted successfully C:\PROGRA~3\01b525ae-6767-1 deleted successfully C:\PROGRA~3\01b525ae-67c7-1 deleted successfully C:\PROGRA~3\01b525ae-6843-1 deleted successfully C:\PROGRA~3\01b525ae-6987-0 deleted successfully C:\PROGRA~3\01b525ae-69e7-0 deleted successfully C:\PROGRA~3\01b525ae-6c15-0 deleted successfully C:\PROGRA~3\01b525ae-6e15-0 deleted successfully C:\PROGRA~3\01b525ae-6fe3-1 deleted successfully C:\PROGRA~3\01b525ae-7095-1 deleted successfully C:\PROGRA~3\01b525ae-71c3-0 deleted successfully C:\PROGRA~3\01b525ae-71d5-1 deleted successfully C:\PROGRA~3\01b525ae-7215-1 deleted successfully C:\PROGRA~3\01b525ae-7271-1 deleted successfully C:\PROGRA~3\01b525ae-73c7-0 deleted successfully C:\PROGRA~3\01b525ae-7643-0 deleted successfully C:\PROGRA~3\01b525ae-76f7-1 deleted successfully C:\PROGRA~3\01b525ae-7ae1-1 deleted successfully C:\PROGRA~3\01b525ae-7da1-0 deleted successfully C:\PROGRA~3\9fdfd7d7-5917-1 deleted successfully C:\PROGRA~3\9fdfd7d7-79b7-0 deleted successfully C:\PROGRA~3\Musicnotes deleted successfully C:\PROGRA~3\{007ef023-512c-0} deleted successfully C:\PROGRA~3\{007ef023-512c-1} deleted successfully C:\PROGRA~3\{0138712b-5064-0} deleted successfully C:\PROGRA~3\{016e7fec-40c8-0} deleted successfully C:\PROGRA~3\{01769564-712c-0} deleted successfully C:\PROGRA~3\{02531751-712c-0} deleted successfully C:\PROGRA~3\{049d2688-712c-0} deleted successfully C:\PROGRA~3\{04d39adb-412c-1} deleted successfully C:\PROGRA~3\{052a2086-412c-0} deleted successfully C:\PROGRA~3\{079012f8-712c-1} deleted successfully C:\PROGRA~3\{0bc6cac7-30c8-1} deleted successfully C:\PROGRA~3\{0d11880c-0064-1} deleted successfully C:\PROGRA~3\{0e032cae-412c-0} deleted successfully C:\PROGRA~3\{0e7882b6-012c-0} deleted successfully C:\PROGRA~3\{107C3F6E-A7D7-88C5-85BF-9FB97A5D00F7} deleted successfully C:\PROGRA~3\{1136e623-212c-0} deleted successfully C:\PROGRA~3\{1144b344-512c-1} deleted successfully C:\PROGRA~3\{20cfbeb5-512c-0} deleted successfully C:\PROGRA~3\{221993B7-95B2-241C-C3B2-CB614993EF20} deleted successfully C:\PROGRA~3\{239e2599-012c-0} deleted successfully C:\PROGRA~3\{2f9e2cfe-612c-1} deleted successfully C:\PROGRA~3\{30c79d1b-112c-1} deleted successfully C:\PROGRA~3\{3bf73111-112c-0} deleted successfully C:\PROGRA~3\{4f9260be-612c-0} deleted successfully C:\PROGRA~3\{92C8D8A3-2563-6F08-4F0A-8970FF9C07D7} deleted successfully C:\PROGRA~3\{E5856AD2-522E-DD79-AD7C-80368AD7E48E} deleted successfully C:\Users\Jef\AppData\Roaming\ezMagicMail deleted successfully C:\Users\Jef\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Jef\AppData\Roaming\WarThunder deleted successfully C:\Users\Jef\AppData\Roaming\{0B25623F-12C4-FE1E-B85F-A3B09E09657A} deleted successfully C:\Users\Jef\AppData\Local\Adobe deleted successfully C:\Users\Jef\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Jef\AppData\Local\EmieSiteList deleted successfully C:\Users\Jef\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 4.21 Adobe Flash Player 24 ActiveX Agatha Christie - Peril at End House AMD APP SDK Runtime Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support ATI Catalyst Install Manager AuthenTec TrueAPI Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Bonjour Bounce Symphony Cake Mania Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Desktop ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chronicles of Albian Chuzzle Deluxe Contr“le ActiveX Windows Live Mesh pour connexions … distance Cradle of Rome 2 D3DX10 Definition Update for Microsoft Office 2010 (KB3054883) 64-Bit Edition DHTML Editing Component Farm Frenzy FATE File Scavenger 5.2 (nl) Final Drive: Nitro Galerie de photos Windows Live Google Chrome Google Toolbar for Internet Explorer Google Update Helper goopad Governor of Poker 2 Premium Edition Hewlett-Packard ACLM.NET v1.2.2.3 HL-2250DN HP Auto HP Client Services HP Customer Experience Enhancements HP Games HP LinkUp HP Odometer HP Setup HP Setup Manager HP SimplePass PE 2011 HP Support Assistant HP Support Information HP Support Solutions Framework HP Update HP Vision Hardware Diagnostics HydraVision Intel(R) Identity Protection Technology 1.1.2.0 Intel(R) Management Engine Components Java 8 Update 31 Java Auto Updater Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update Magic Desktop Mah Jong Medley Mesh Runtime Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Mathematics Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD More Games from HP Games MSVCRT MSVCRT_amd64 Musicnotes Software Suite 1.7.2 Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN NWZ-E380 WALKMAN Guide OneSafe PC Cleaner v4 PDF Complete Special Edition Penguins Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Poker Superstars III Polar Bowler Polar Golfer Ralink 802.11n Wireless LAN Card Realtek High Definition Audio Driver Recovery Manager Recuva Red AdBlocker Reimage Repair Remote Graphics Receiver Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft Excel 2010 (KB3054845) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2863817) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054834) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3054835) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition Security Update for Microsoft Word 2010 (KB3054842) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Slingo Supreme Speccy Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Access 2010 (KB2837601) 64-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition Update for Microsoft Office 2010 (KB2965291) 64-Bit Edition Update for Microsoft Office 2010 (KB2965296) 64-Bit Edition Update for Microsoft Office 2010 (KB2965301) 64-Bit Edition Update for Microsoft Office 2010 (KB3054875) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2965297) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3054881) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio 2010 (KB2965292) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition Update Installer for WildTangent Games App Vacation Quest - The Hawaiian Islands VDownloader 4.1.1463 Video Download Converter version 1.0.0.0 VIP Access SDK (1.0.1.4) Virtual Tour Expo 58 NL Virtual Villagers 5 - New Believers Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPcap 4.1.1 Wondershare Data Recovery(Build 4.8.3.4) Zuma Deluxe ==== Running Processes ====================== C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\ProgramData\Logic Handler\set.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Users\Jef\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Program Files (x86)\OneSafe PC Cleaner\OSPCSchedule.exe C:\Program Files (x86)\vulpeculox\AX\AX.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\ProgramData\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}\1BB3E897-AC18-5F3C-EEE1-C26127479615.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\ProgramData\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}\B6CF3C81-0164-8B2A-B586-4F25BE949FEF.exe C:\ProgramData\{683B3FC3-DF90-8868-785C-11198BE08574}\F3FA7837-4451-CF9C-2B53-B60F0F2727E4.exe C:\ProgramData\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}\407C68DF-F7D7-DF74-496F-2A1DFF3F5674.exe C:\ProgramData\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}\CA08F96F-7DA3-4EC4-D8F6-48192BF69E5D.exe C:\ProgramData\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}\D6B541CE-611E-F665-E857-2BDC98444954.exe C:\ProgramData\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}\98B1DA3B-2F1A-6D90-4716-5CC0430E0750.exe C:\ProgramData\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}\CAA7EB11-7D0C-5CBA-BAD5-BD28821CCD07.exe C:\ProgramData\{928F2389-2524-9422-2795-3497B6128519}\7DC7BC09-CA6C-0BA2-B052-53E4DE5428A8.exe C:\ProgramData\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}\E77ABE14-50D1-09BF-AD07-455AABDBD41D.exe C:\ProgramData\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}\6409AF01-D3A2-18AA-D287-F5BDE177A1F6.exe C:\ProgramData\{9A52A0B7-2DF9-171C-2879-FB88485801CB}\C258FB58-75F3-4CF3-198D-5C261E3FB57F.exe C:\Users\Jef\Pictures\Xzoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe c:\programdata\{cf088ba5-c128-528c-cf08-88ba5c122e97}\hqghumeaylnlf.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ReimageRealTimeProtector deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-643D-4270-9D49-7389EA579090}"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Apple Software Update not found C:\PROGRA~2\Dirk's Projects not found C:\PROGRA~2\goopad not found C:\ProgramData\Quotenamron not found C:\ProgramData\Quotenamron not found C:\PROGRA~3\{107C3F6E-A7D7-88C5-85BF-9FB97A5D00F7} not found C:\PROGRA~3\{221993B7-95B2-241C-C3B2-CB614993EF20} not found C:\PROGRA~3\{92C8D8A3-2563-6F08-4F0A-8970FF9C07D7} not found C:\PROGRA~3\{E5856AD2-522E-DD79-AD7C-80368AD7E48E} not found C:\PROGRA~2\ChheApeMe deleted C:\PROGRA~2\DDigiSavver deleted C:\PROGRA~2\DigIISaavvEr deleted C:\PROGRA~2\EnjoayCooupon deleted C:\PROGRA~2\ExStraSavionogs deleted C:\PROGRA~2\FindBeStiDeal deleted C:\PROGRA~2\JoniCoiupoN deleted C:\PROGRA~2\JonIICoupon deleted C:\PROGRA~2\MinimumProice deleted C:\PROGRA~2\RRandomPriece deleted C:\PROGRA~2\ShOpDriop deleted C:\PROGRA~2\SSaveNeWaApaPz deleted C:\PROGRA~2\Announcify deleted C:\PROGRA~2\DigiCouponn deleted C:\PROGRA~2\DubLi Toolbar deleted C:\PROGRA~2\EnjoyCoUUpoon deleted C:\PROGRA~2\EXXSTRaCoupon deleted C:\PROGRA~2\Facebook Chat Platinum deleted C:\PROGRA~2\FuanDDeals deleted C:\PROGRA~2\FuN2Save deleted C:\PROGRA~2\GGreatSaave4U deleted C:\PROGRA~2\Gigantic Spot deleted C:\PROGRA~2\Spreed speed read the web deleted C:\ProgramData\Reimage Protector deleted C:\Program Files\Reimage deleted C:\rei deleted C:\Users\Jef\AppData\Roaming\OneSafe PC Cleaner deleted C:\PROGRA~3\chhomebiimppolfhdmphdkmgfdoombgm deleted C:\windows\SysNative\Tasks\Bidaily Synchronize Task[8da6] deleted C:\windows\SysNative\Tasks\JefProoferMezuzahsV2 deleted C:\windows\SysNative\Tasks\Superclean deleted C:\windows\SysNative\Tasks\{1D492C48-AAE2-9BE3-4A5F-C0555A3FE403} deleted C:\windows\SysNative\Tasks\{267D3C94-91D6-8B3F-AB30-07045816DEF0} deleted C:\windows\SysNative\Tasks\{2CDDF7D7-9B76-407C-606F-C02E64FFA6CF} deleted C:\windows\SysNative\Tasks\{4F6947B0-F8C2-F01B-4FC8-3F037DDE7948} deleted C:\windows\SysNative\Tasks\{69F510CC-DE5E-A767-0A26-4F877C501F98} deleted C:\windows\SysNative\Tasks\{75579F70-C2FC-28DB-2848-AC0AC5289951} deleted C:\windows\SysNative\Tasks\{7747082A-C0EC-BF81-9F3F-51B94E32A517} deleted C:\windows\SysNative\Tasks\{7A8B5536-CD20-E29D-ACBB-1CF0395C0597} deleted C:\windows\SysNative\Tasks\{C3EAAA43-7441-1DE8-8E7F-66632604D061} deleted C:\windows\SysNative\Tasks\{D25CD338-65F7-6493-0704-F7D844DD11BD} deleted C:\windows\SysNative\Tasks\{D5583943-62F3-8EE8-C1A4-A52662B204E8} deleted C:\windows\SysNative\Tasks\{F0421C6A-47E9-ABC1-F6ED-7D03C7021059} deleted C:\windows\SysNative\Tasks\{F1CCE1C8-4667-5663-E091-77058343E738} deleted C:\windows\SysNative\Tasks\{F8D161CD-4F7A-D666-CB0B-9C1BC682057E} deleted C:\Windows\tasks\Bidaily Synchronize Task[8da6].job deleted C:\Windows\tasks\Superclean.job deleted C:\PROGRA~3\{534EA945-E4E5-1EEE-FE44-D35B8672CC80} deleted C:\PROGRA~3\{7cb2a96c-21b2-5b13-7cb2-2a96c21ba5b0} deleted C:\PROGRA~3\{8B90F3E1-3C3B-444A-4DC6-BC1140057EBF} deleted C:\PROGRA~3\{e7542b3b-ef72-eeb9-e754-42b3bef7acef} deleted C:\PROGRA~3\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3 deleted C:\PROGRA~3\11242333079931493239 deleted C:\Users\Jef\Documents\OneSafe PC Cleaner deleted C:\PROGRA~2\OneSystemCare deleted C:\PROGRA~2\Wondershare deleted C:\PROGRA~2\ver2SpeedCheck deleted C:\PROGRA~2\Search Web Know deleted C:\PROGRA~2\COMMON~1\074666a9-9c4a-46c0-9d2f-0ac2cbbb1ef3 deleted C:\PROGRA~2\COMMON~1\219d5106-5a99-41fd-b942-db6b503b0178 deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\Users\Jef\AppData\Roaming\WB.CFG deleted C:\Users\Jef\AppData\Roaming\appdataFr3.bin deleted C:\Users\Jef\AppData\Roaming\One System Care deleted C:\Users\Jef\AppData\Roaming\VDownloader deleted C:\Users\Jef\AppData\Roaming\GoldenGate deleted C:\Users\Jef\AppData\Roaming\uninstall_temp.ico deleted C:\Users\Jef\AppData\Roaming\Scorch_Install.log deleted C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted C:\PROGRA~3\Red AdBlocker deleted C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\FWdsManProF deleted C:\Users\Jef\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner deleted C:\Users\Jef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\Reimage.ini deleted C:\windows\SysNative\tasks\LaunchPreSignup deleted C:\windows\SysNative\tasks\Reimage Reminder deleted C:\windows\SysNative\tasks\ReimageUpdater deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Windows\SysWOW64\ezUPBHook64.dll" deleted "C:\Windows\SysWOW64\ezUPBHook32.dll" deleted "C:\windows\SysNative\drivers\avgtpx64.sys" deleted "C:\Windows\SysWOW64\ezUPBHook64.dll" deleted "C:\Windows\SysWOW64\ezUPBHook32.dll" deleted "C:\windows\SysNative\drivers\avgtpx64.sys" deleted "C:\Program Files (x86)\OneSafe PC Cleaner\OSPCSchedule.exe" deleted "C:\Program Files (x86)\OneSafe PC Cleaner\OSPCSchedule.exe" deleted "C:\PROGRA~3\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}\B6CF3C81-0164-8B2A-B586-4F25BE949FEF.exe" deleted "C:\PROGRA~3\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}\CAA7EB11-7D0C-5CBA-BAD5-BD28821CCD07.exe" deleted "C:\PROGRA~3\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}\407C68DF-F7D7-DF74-496F-2A1DFF3F5674.exe" deleted "C:\PROGRA~3\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}\E77ABE14-50D1-09BF-AD07-455AABDBD41D.exe" deleted "C:\PROGRA~3\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}\98B1DA3B-2F1A-6D90-4716-5CC0430E0750.exe" deleted "C:\PROGRA~3\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}\6409AF01-D3A2-18AA-D287-F5BDE177A1F6.exe" deleted "C:\PROGRA~3\{683B3FC3-DF90-8868-785C-11198BE08574}\F3FA7837-4451-CF9C-2B53-B60F0F2727E4.exe" deleted "C:\PROGRA~3\{928F2389-2524-9422-2795-3497B6128519}\7DC7BC09-CA6C-0BA2-B052-53E4DE5428A8.exe" deleted "C:\PROGRA~3\{9A52A0B7-2DF9-171C-2879-FB88485801CB}\C258FB58-75F3-4CF3-198D-5C261E3FB57F.exe" deleted "C:\PROGRA~3\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}\CA08F96F-7DA3-4EC4-D8F6-48192BF69E5D.exe" deleted "C:\PROGRA~3\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}\1BB3E897-AC18-5F3C-EEE1-C26127479615.exe" deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}\aedb509262979cf" deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}\c710135c01fd9e1b" deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}\hqghumeaylnlf.exe" deleted "C:\PROGRA~3\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}\D6B541CE-611E-F665-E857-2BDC98444954.exe" deleted "C:\PROGRA~2\OneSafe PC Cleaner\OSPCSchedule.exe" deleted "C:\PROGRA~3\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}\B6CF3C81-0164-8B2A-B586-4F25BE949FEF.exe" deleted "C:\PROGRA~3\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}\CAA7EB11-7D0C-5CBA-BAD5-BD28821CCD07.exe" deleted "C:\PROGRA~3\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}\407C68DF-F7D7-DF74-496F-2A1DFF3F5674.exe" deleted "C:\PROGRA~3\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}\E77ABE14-50D1-09BF-AD07-455AABDBD41D.exe" deleted "C:\PROGRA~3\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}\98B1DA3B-2F1A-6D90-4716-5CC0430E0750.exe" deleted "C:\PROGRA~3\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}\6409AF01-D3A2-18AA-D287-F5BDE177A1F6.exe" deleted "C:\PROGRA~3\{683B3FC3-DF90-8868-785C-11198BE08574}\F3FA7837-4451-CF9C-2B53-B60F0F2727E4.exe" deleted "C:\PROGRA~3\{928F2389-2524-9422-2795-3497B6128519}\7DC7BC09-CA6C-0BA2-B052-53E4DE5428A8.exe" deleted "C:\PROGRA~3\{9A52A0B7-2DF9-171C-2879-FB88485801CB}\C258FB58-75F3-4CF3-198D-5C261E3FB57F.exe" deleted "C:\PROGRA~3\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}\CA08F96F-7DA3-4EC4-D8F6-48192BF69E5D.exe" deleted "C:\PROGRA~3\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}\1BB3E897-AC18-5F3C-EEE1-C26127479615.exe" deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}\aedb509262979cf" deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}\c710135c01fd9e1b" deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}\hqghumeaylnlf.exe" deleted "C:\PROGRA~3\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}\D6B541CE-611E-F665-E857-2BDC98444954.exe" deleted "C:\Program Files (x86)\OneSafe PC Cleaner" deleted "C:\Program Files (x86)\OneSafe PC Cleaner" deleted "C:\PROGRA~3\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}" not deleted "C:\PROGRA~3\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}" not deleted "C:\PROGRA~3\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}" not deleted "C:\PROGRA~3\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}" not deleted "C:\PROGRA~3\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}" not deleted "C:\PROGRA~3\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}" not deleted "C:\PROGRA~3\{683B3FC3-DF90-8868-785C-11198BE08574}" not deleted "C:\PROGRA~3\{928F2389-2524-9422-2795-3497B6128519}" not deleted "C:\PROGRA~3\{9A52A0B7-2DF9-171C-2879-FB88485801CB}" not deleted "C:\PROGRA~3\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}" not deleted "C:\PROGRA~3\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}" not deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}" deleted "C:\PROGRA~3\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}" not deleted "C:\PROGRA~2\OneSafe PC Cleaner" deleted "C:\PROGRA~3\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}" not deleted "C:\PROGRA~3\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}" not deleted "C:\PROGRA~3\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}" not deleted "C:\PROGRA~3\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}" not deleted "C:\PROGRA~3\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}" not deleted "C:\PROGRA~3\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}" not deleted "C:\PROGRA~3\{683B3FC3-DF90-8868-785C-11198BE08574}" not deleted "C:\PROGRA~3\{928F2389-2524-9422-2795-3497B6128519}" not deleted "C:\PROGRA~3\{9A52A0B7-2DF9-171C-2879-FB88485801CB}" not deleted "C:\PROGRA~3\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}" not deleted "C:\PROGRA~3\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}" not deleted "C:\PROGRA~3\{cf088ba5-c128-528c-cf08-88ba5c122e97}" deleted "C:\PROGRA~3\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4077 MB CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz CPU Speed: 3035.3 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: AMD RADEON HD 6450 | AMD RADEON HD 6450 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | 802.11n Wireless LAN Card | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: hp DVD-RAM GH80N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 916.7GB | D: 14.8GB Hard Disks - Free: C: 820.8GB | D: 1.2GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | 10/21/11 | HPQOEM - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Foxconn 2ABF Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Google Chrome 43.0.2357.134 Internet Explorer Version: 11.0.9600.17843 Google Chrome version: 43.0.2357.134 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Jef\AppData\Local\Temp ==== 2016-12-23 19:54:45 FDA55F62F77F1C227901F5116EB61733 13695568 ----a-w- C:\Users\Jef\AppData\Local\Temp\ReimagePackage.exe 2016-12-20 14:48:09 2588678F9F9BD2462FCE16B92250E677 33640 ----a-w- C:\Users\Jef\AppData\Local\Temp\HPWC\HP.SSF.Config.dll 2016-12-20 14:47:22 DF6AF82D6A1A3FCB1F3F2EF3DD9514F9 1079144 ----a-w- C:\Users\Jef\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\HPWarrantyChecker.exe 2016-12-20 14:47:22 A10E161A73A50AD629E7D25CECC94150 20872 ----a-w- C:\Users\Jef\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\Interop.DeviceDetectionCOMLib.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2016-12-26 11:01:34 ABFA7B15F44861B9FEAF16FF0F826B65 3238 ----a-w- C:\Windows\Sysnative\Tasks\OneSafe PC Cleaner Schedule 2016-12-08 20:34:51 3BAE9DC87982E64599788D2DA6668AF2 324 ----a-w- C:\Windows\Tasks\HPCeeScheduleForJef.job 2016-12-08 20:34:51 324723442B362BD8812FCD0C57F30DE8 3174 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForJef ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-12-31 15:22:18 -------- d-----w- C:\Program Files\Speccy ======= C:\PROGRA~2 ===== 2016-12-11 23:11:35 -------- d-----w- C:\PROGRA~2\EasyBits For Kids ======= C: ===== ====== C:\Users\Jef\AppData\Roaming ====== ====== C:\Users\Jef ====== 2017-01-02 19:22:17 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jef\Pictures\DroskeRSITx64.exe 2016-12-31 15:22:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2016-12-20 11:59:02 -------- d-----w- C:\ProgramData\01b525ae-7647-1 2016-12-20 11:59:02 -------- d-----w- C:\ProgramData\01b525ae-5bb3-0 2016-12-19 11:59:46 -------- d-----w- C:\ProgramData\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35} 2016-12-19 11:59:46 -------- d-----w- C:\ProgramData\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3} 2016-12-18 17:59:57 -------- d-----w- C:\ProgramData\{928F2389-2524-9422-2795-3497B6128519} 2016-12-18 17:59:51 -------- d-----w- C:\ProgramData\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D} 2016-12-18 11:59:47 -------- d-----w- C:\ProgramData\{3C30B553-8B9B-02F8-3F72-667A578BE3B9} 2016-12-18 11:59:45 -------- d-----w- C:\ProgramData\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0} 2016-12-17 00:00:11 -------- d-----w- C:\ProgramData\{9A52A0B7-2DF9-171C-2879-FB88485801CB} 2016-12-17 00:00:11 -------- d-----w- C:\ProgramData\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D} 2016-12-16 05:59:45 -------- d-----w- C:\ProgramData\{40846A48-F72F-DDE3-9AD6-79E697CFAB50} 2016-12-16 05:59:42 -------- d-----w- C:\ProgramData\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F} 2016-12-16 05:10:18 -------- d-----w- C:\ProgramData\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA} 2016-12-16 05:10:13 -------- d-----w- C:\ProgramData\{683B3FC3-DF90-8868-785C-11198BE08574} 2016-12-16 05:10:08 -------- d-----w- C:\ProgramData\{7ad346df-112c-1} 2016-12-16 05:10:08 -------- d-----w- C:\ProgramData\{10e57439-712c-0} ====== C: exe-files == 2017-01-03 12:25:00 47A74ECF1B1B54A6EAD40E7849D621DE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$II3ZP3N.exe 2017-01-03 12:23:21 7EA0260488F304D68067A50B33A23AC2 1309184 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$RI3ZP3N.exe 2017-01-02 19:24:35 FDA7C445C9AF338E439BFAAD4F37F398 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$I12HK3D.exe 2017-01-02 19:24:31 1DFC37C9D3975F40AA6BE97872862B73 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$IVY3ODX.exe 2017-01-02 19:24:15 2A5FDBB3A76274DFA6C6E3EEEDB33E0E 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$ISAGJD0.exe 2017-01-02 19:24:09 43CA68D92C8B9F52081B43CE385D0A03 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$IV9IUZV.exe 2017-01-02 19:22:17 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Documents and Settings\Jef\Pictures\DroskeRSITx64.exe 2017-01-02 19:21:10 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Documents and Settings\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RRABNN8\RSITx64.exe 2017-01-02 19:17:26 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$RSAGJD0.exe 2016-12-31 20:46:08 6254315AA6F5B5B9104956E7A01D5A8D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3538665699-716225954-3718293510-1001\$INDSWME.exe 2016-12-31 15:21:58 0942AE8ABF027AC095EF3CE2B590448A 6293184 ----a-w- C:\Documents and Settings\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4UGVBKF9\spsetup130.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 CA93C49AEE4069C7BEC0F488A7AD6450 150048 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{541EE798-5471-70CC-421F-ECC5A4903397}-HPSAObjUtil8.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-29 22:00:10 B5AB82D6DC995A51E9222D0E35E8AFA6 41320 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{F5643CB8-831C-947F-833A-B8BCD27F2C9E}-Detect_SpectrePreEOL.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{4B5E1002-C1D8-BFA9-2F38-FB10DEF56A80}-ReimageReminder.exe 2016-12-28 23:40:21 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{20A72733-AC43-5F90-0D6A-401ED9098C48}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:48 4B0C6725182ED7861D5E1FB371559224 4477800 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{5CE79EDC-2EF7-0706-F5B6-94E3E73B4DA0}-ReimageReminder.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:17 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{CB64AB2E-07B0-D014-099E-FF291CF04254}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-28 23:36:12 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{6A0E8552-4414-03EF-8478-9927D3D6FD86}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:11:04 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{FC57BC16-B4F7-3F3F-7946-47E766EE5637}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe 2016-12-27 23:10:58 1D1C1B325777FCB168FB075887D1119F 9673576 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{8577A56F-75E5-03C8-B9E9-23E6A77E18DD}-Reimage.exe === C: other files == ==== Orphaned Tasks deleted from Registry ====================== HPCeeScheduleForJEF-HP$ deleted JefProoferMezuzahsV2 deleted LaunchPreSignup deleted Opera N deleted Opera N Saturday deleted Opera N Sunday deleted Reimage Reminder deleted ReimageUpdater deleted {1D492C48-AAE2-9BE3-4A5F-C0555A3FE403} deleted {267D3C94-91D6-8B3F-AB30-07045816DEF0} deleted {2CDDF7D7-9B76-407C-606F-C02E64FFA6CF} deleted {4F6947B0-F8C2-F01B-4FC8-3F037DDE7948} deleted {69F510CC-DE5E-A767-0A26-4F877C501F98} deleted {75579F70-C2FC-28DB-2848-AC0AC5289951} deleted {7747082A-C0EC-BF81-9F3F-51B94E32A517} deleted {7A8B5536-CD20-E29D-ACBB-1CF0395C0597} deleted {C3EAAA43-7441-1DE8-8E7F-66632604D061} deleted {D25CD338-65F7-6493-0704-F7D844DD11BD} deleted {D5583943-62F3-8EE8-C1A4-A52662B204E8} deleted {F0421C6A-47E9-ABC1-F6ED-7D03C7021059} deleted {F1CCE1C8-4667-5663-E091-77058343E738} deleted {F8D161CD-4F7A-D666-CB0B-9C1BC682057E} deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "BingSvc"="C:\Users\Jef\AppData\Local\Microsoft\BingSvc\BingSvc.exe" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory=Profile 1 --extensions-on-chrome-urls --test-type --load-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.6.12 --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "Easybits Recovery"="C:\Program Files (x86)\Easybits For Kids\ezRecover.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "BingSvc"="C:\Users\Jef\AppData\Local\Microsoft\BingSvc\BingSvc.exe" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory=Profile 1 --extensions-on-chrome-urls --test-type --load-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.6.12 --flag-switches-begin --flag-switches-end --restore-last-session" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "VDownloader"="C:\Program Files\VDownloader\VDownloader4.exe /silent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\ProgramData\\Quotenamron\\Medlam.dll" ==== Startup Folders ====================== 2013-10-06 11:10:14 1106 ----a-w- C:\Users\Jef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AX.lnk 2015-09-21 15:49:41 1072 ----a-w- C:\Users\Jef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/12/2016 22:06] C:\Windows\tasks\HPCeeScheduleForJef.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe [] C:\Windows\tasks\{1161F58D-E3E4-278D-AAA6-0A2722C32598}.job --a------ C:\Users\Jef\AppData\Roaming\1161F1\SyncTask.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DNSKINGSTON" [dnskingston.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForJef" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\OneSafe PC Cleaner Schedule" ["C:\Program Files (x86)\OneSafe PC Cleaner\OSPCSchedule.exe"] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{3490FE78-24AF-4068-8AD7-9636467DEAD0}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{1161F58D-E3E4-278D-AAA6-0A2722C32598}" [C:\Users\Jef\AppData\Roaming\{1161F~1\SyncTask.exe] "C:\Windows\SysNative\tasks\{3A08F9D0-0CB6-4720-BAF7-023A3504BEE6}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.111.396/nl/abandoninstall?page=tsOptions&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled] "C:\Windows\SysNative\tasks\{44D0136F-5D45-04BD-AE25-B501328DFF31}" [C:\Windows\system32\regsvr32.exe] "C:\Windows\SysNative\tasks\{8F019D86-10C6-46FD-961C-07FC7956453B}" [C:\Program Files (x86)\iTunes\iTunes.exe] "C:\Windows\SysNative\tasks\{96173316-4A47-47D6-B771-91331E07E264}" [C:\Program Files (x86)\iTunes\iTunes.exe] "C:\Windows\SysNative\tasks\{C0E25795-49F7-4003-BA10-EC2DD5AAEB16}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{C7FE3587-C69B-4696-993E-3C81B09F14D8}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{CE49D6AB-A7BE-4A7C-B6C9-176DC46D6C98}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{DAC7358E-1B82-42DA-8DAA-EF3535E882F0}" [C:\Program Files (x86)\iTunes\iTunes.exe] "C:\Windows\SysNative\tasks\{F875F7A2-2141-4FDF-BCED-E365856FD89A}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.111.396/nl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.134 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jidkebcigjgheaahopdnlfaohgnocfai - No path found[] jpgfhihjicjofdejkbjgnjlaglaciobe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[03/06/2011 12:55] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions fcfenmboojpjinhpgggodefccipikbpd - No path found[] Search Web Know - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\homjgaaogabmlnkipbmbpbjnhikddkhj Innovate Direct - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lihnbgdcmmjekicadchelngbopabgpbn Google Slides - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf FuN2Save - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elmfdcgioelopafgldnflhleafknndol MSN Homepage Bing Search Engine - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd Google Sheets - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap SafeFinder - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jidkebcigjgheaahopdnlfaohgnocfai Website Logon - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe Google Wallet - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adultfriendfinder.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adultfriendfinder.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advertising-support.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_advertising-support.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.senvzw.be_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.senvzw.be_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_searches.vi-view.com_0.localstorage deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_searches.vi-view.com_0.localstorage-journal deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elmfdcgioelopafgldnflhleafknndol deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://goggle.be/" "Search Page"="http://www.bing.com/search?q={searchTerms}" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{ielnksrch}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://goggle.be/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{ielnksrch}" HKLM\Wow6432Node\SearchScopes\ielnksrch - http://www.bing.com/search?q={searchTerms} HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{1A95AFB2-2514-4835-9855-4F0BB2B96ADE} - http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} HKLM\Wow6432Node\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1553-111073-34115-7?mpre=http://shop.ebay.com/?_nkw={searchTerms} HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{ielnksrch} - http://www.bing.com/search?q={searchTerms} ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{863788fa} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OneSafe PC Cleaner_is1 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\Easybits For Kids\ezRecover.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\Jef\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory="Profile 1" --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app\37.1329.6.12" --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: AX.lnk = C:\Program Files (x86)\vulpeculox\AX\AX.exe O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.cbc.be O15 - Trusted Zone: *.isabel.be O15 - Trusted Zone: *.isabel.eu O15 - Trusted Zone: *.myisabel.be O15 - Trusted Zone: *.myisabel.eu O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2D2B700F-AEDD-42BB-9747-3FD41B5D5C5E}: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{4282DE61-607B-4245-B20C-C3E3735EF43E}: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CCS\Services\Tcpip\..\{F1C2B561-1D9A-408E-A9AC-146C546793BF}: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CS1\Services\Tcpip\..\{2D2B700F-AEDD-42BB-9747-3FD41B5D5C5E}: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CS2\Services\Tcpip\..\{2D2B700F-AEDD-42BB-9747-3FD41B5D5C5E}: NameServer = 82.163.143.176 82.163.142.178 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.176 82.163.142.178 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Background Logic Handler (backlh) - Unknown owner - C:\ProgramData\Logic Handler\set.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1PBKUB0 will be deleted at reboot C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OPKI1M6 will be deleted at reboot C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CC8ELBA9 will be deleted at reboot C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYH0M9P2 will be deleted at reboot C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PPC1MW4Q will be deleted at reboot C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U1SM4NQJ will be deleted at reboot C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WH1YQ5JL will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Jef\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=484 folders=175 291875998 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jef\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jef\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\SysWOW64\ezUPBHook64.dllsearch" not found "C:\Windows\SysWOW64\ezUPBHook32.dllsearch" not found "C:\Windows\SysWOW64\ezUPBHook64.dllsearch" not found "C:\Windows\SysWOW64\ezUPBHook32.dllsearch" not found "C:\PROGRA~3\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}" not found "C:\PROGRA~3\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}" not found "C:\PROGRA~3\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}" not found "C:\PROGRA~3\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}" not found "C:\PROGRA~3\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}" not found "C:\PROGRA~3\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}" not found "C:\PROGRA~3\{683B3FC3-DF90-8868-785C-11198BE08574}" not found "C:\PROGRA~3\{928F2389-2524-9422-2795-3497B6128519}" not found "C:\PROGRA~3\{9A52A0B7-2DF9-171C-2879-FB88485801CB}" not found "C:\PROGRA~3\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}" not found "C:\PROGRA~3\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}" not found "C:\PROGRA~3\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}" not found "C:\PROGRA~3\{1918A2DA-AEB3-1571-6E22-FC7F72AED2BA}" not found "C:\PROGRA~3\{2B212DB9-9C8A-9A12-6DF7-DCD9B0E9B05F}" not found "C:\PROGRA~3\{3C30B553-8B9B-02F8-3F72-667A578BE3B9}" not found "C:\PROGRA~3\{40846A48-F72F-DDE3-9AD6-79E697CFAB50}" not found "C:\PROGRA~3\{481D8DE4-FFB6-3A4F-00BD-4968DFFCE3D3}" not found "C:\PROGRA~3\{58541D5A-EFFF-AAF1-1EA2-709C4EECEB4D}" not found "C:\PROGRA~3\{683B3FC3-DF90-8868-785C-11198BE08574}" not found "C:\PROGRA~3\{928F2389-2524-9422-2795-3497B6128519}" not found "C:\PROGRA~3\{9A52A0B7-2DF9-171C-2879-FB88485801CB}" not found "C:\PROGRA~3\{9C872A1B-2B2C-9DB0-BC32-66D8CC71ECB0}" not found "C:\PROGRA~3\{C3A46CD3-740F-DB78-4F7A-72A44CF7852D}" not found "C:\PROGRA~3\{EE7E18C3-59D5-AF68-72B9-5E2E58C5EC35}" not found "C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd" not found "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1PBKUB0" deleted "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OPKI1M6" not found "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CC8ELBA9" not found "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NYH0M9P2" not found "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PPC1MW4Q" not found "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U1SM4NQJ" not found "C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WH1YQ5JL" not found ==== EOF on di 03/01/2017 at 13:55:07,11 ======================