dwuyten

De snelheid is inderdaad merkelijk toegenomen, zelfs met de volle werking van het G-Data Antivirusprogramma.

Kan je me even duiden wat nu eigenlijk de oorzaak was? Dan kan ik ook hier in de toekomst rekening mee houden.

Alvast bedankt voor jullie uitstekende medewerking.

Als bijlage de logjes.

AdwCleaner[S1].txt

JRT.txt

Hierbij het logje.

log.txt

Mijn computer reageert de laatste tijd bijzonder traag, vooral bij het opstarten. Ik vermoed dat het G-Data antivirusprogramma er iets mee te maken heeft (zoekt en laadt steeds updates van het virusprogramma op), maar ben hier niet zeker van. Ik laat ook regelmatig CC Cleaner eens los op mijn computer en gebruik dit ook om mijn register op te schonen. Ook het automatisch opstarten van programma's kijk ik regelmatig na ... dus kan ik niet onmiddellijk een oorzaak vinden. Ik hoop dat er toch geen virus ergens doorgeglipt is ...

Inmiddels heb ik AVG Antivirus verwijderd.

[ATTACH]33892[/ATTACH]

log.txt

Logfile of random's system information tool 1.10 (written by random/random)

Run by Dirk Wuyten at 2014-07-19 19:24:36

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 452 GB (51%) free of 881 GB

Total RAM: 8098 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:24:52, on 19/07/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17207)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe

C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Launch Manager\OSD.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Dirk Wuyten\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Dirk Wuyten.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{BD8AA823-9479-43A4-B500-8B7F6D59BC48}: NameServer = 0.0.0.0

O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe

O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--

End of file - 17239 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=a283a414-bd9f-466b-afda-830ea17ac37c /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\efc48945-0e14-435b-b0cc-bd348cff753f-1c8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

"C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe"

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

"C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe"

C:\Windows\system32\WLANExt.exe 24396928

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

\??\C:\Windows\system32\conhost.exe "-640544613-6502468722023536640765776409925652389-477122562-1482770903-618672270

"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe"

"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"

C:\Windows\system32\svchost.exe -k bthsvcs

"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"

"C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe" -runService:MsDepSvc

"c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS

"C:\Program Files (x86)\Polar\Daemon\polard.exe"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=d8d57365-7bd0-4f5f-ac18-1d2cdcd13429 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\c6b5d203-4b48-4304-8264-dd0b3b4c915d-ba4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"

"c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe"

"C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"

"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"

WLIDSvcM.exe 4092

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe"

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray

"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

C:\Windows\system32\igfxsrvc.exe -Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\Launch Manager\OSD.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"

"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"

"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe" -Embedding

C:\Windows\system32\svchost.exe -k WindowsMobile

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"

"C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE"

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8776.0.260645659\881645331" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.1.628704075\1625783402" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.2.1393353055\916489611" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.3.1807348271\1193055336" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.4.8341521\622187547" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.5.1277066404\1905443452" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.6.635379628\1576619717" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.7.385795918\1029302257" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --instant-process --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.8.1815883061\1769204105" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.9.1966996872\1121619554" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8776.11.1537152487\264339871" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=nl --channel="8776.12.997749056\1299199394" /prefetch:-390060480

"C:\Users\Dirk Wuyten\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_91/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="8776.13.840546603\697180284" /prefetch:673131151

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\Dirk Wuyten\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001Core.job - C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001UA.job - C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-05-13 590408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-27 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-05-13 475208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-25 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-25 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-09-16 1935120]

"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-09-16 1935120]

"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-03 2294568]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-26 12681320]

"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-03 167704]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-03 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-03 416024]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648]

"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2014-05-15 122200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]

C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [2013-02-11 6869080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]

C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2014-01-21 4411952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]

C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-01-30 21822128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memory Cleaner]

C:\Users\Dirk Wuyten\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [2013-02-03 791560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Plex Media Server]

C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2014-06-16 4566664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

c:\program files (x86)\real\realplayer\Update\realsched.exe [2014-07-04 296520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]

C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-04-15 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]

C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-04-15 228448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Polar WebSync.lnk]

C:\PROGRA~2\Polar\WebSync\WebSync.exe [2013-02-26 6227512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk]

C:\PROGRA~2\Real\REALPL~1\RPDS\Bin64\RPSYST~1.EXE [2014-07-04 1022048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

C:\Users\DIRKWU~1\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-05-20 33322312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk]

C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]

"LMgrVolOSD"=C:\Program Files (x86)\Launch Manager\OSD.exe [2011-08-06 348960]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-04 107816]

"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2011-03-30 87336]

"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-02-03 506712]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

"GDFirewallTray"=C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2014-05-20 1756792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-19 19:24:36 ----D---- C:\rsit

2014-07-09 08:55:05 ----A---- C:\Windows\system32\drivers\afd.sys

2014-07-09 08:54:55 ----A---- C:\Windows\system32\aepdu.dll

2014-07-09 08:54:55 ----A---- C:\Windows\system32\aeinv.dll

2014-07-09 08:54:27 ----A---- C:\Windows\SYSWOW64\osk.exe

2014-07-09 08:54:27 ----A---- C:\Windows\system32\win32k.sys

2014-07-09 08:54:27 ----A---- C:\Windows\system32\osk.exe

2014-07-09 08:54:25 ----A---- C:\Windows\SYSWOW64\qedit.dll

2014-07-09 08:54:25 ----A---- C:\Windows\system32\qedit.dll

2014-07-09 08:54:22 ----A---- C:\Windows\SYSWOW64\schannel.dll

2014-07-09 08:54:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2014-07-09 08:54:22 ----A---- C:\Windows\system32\schannel.dll

2014-07-09 08:54:22 ----A---- C:\Windows\system32\kerberos.dll

2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll

2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2014-07-09 08:54:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll

2014-07-09 08:54:21 ----A---- C:\Windows\system32\wdigest.dll

2014-07-09 08:54:21 ----A---- C:\Windows\system32\TSpkg.dll

2014-07-09 08:54:21 ----A---- C:\Windows\system32\ncrypt.dll

2014-07-09 08:54:21 ----A---- C:\Windows\system32\msv1_0.dll

2014-07-09 08:54:21 ----A---- C:\Windows\system32\credssp.dll

2014-07-09 08:54:20 ----A---- C:\Windows\SYSWOW64\credssp.dll

2014-07-09 08:54:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-07-09 08:54:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-07-09 08:54:03 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-07-09 08:54:03 ----A---- C:\Windows\system32\iernonce.dll

2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-07-09 08:54:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-07-09 08:54:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 08:54:02 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-07-09 08:54:02 ----A---- C:\Windows\system32\iedkcs32.dll

2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-07-09 08:54:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-07-09 08:54:01 ----A---- C:\Windows\system32\urlmon.dll

2014-07-09 08:54:01 ----A---- C:\Windows\system32\msfeeds.dll

2014-07-09 08:54:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 08:54:01 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-07-09 08:54:01 ----A---- C:\Windows\system32\dxtmsft.dll

2014-07-09 08:54:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-07-09 08:54:00 ----A---- C:\Windows\system32\iesetup.dll

2014-07-09 08:54:00 ----A---- C:\Windows\system32\ie4uinit.exe

2014-07-09 08:53:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-07-09 08:53:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-07-09 08:53:59 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-07-09 08:53:59 ----A---- C:\Windows\system32\iertutil.dll

2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2014-07-09 08:53:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-07-09 08:53:58 ----A---- C:\Windows\system32\jsproxy.dll

2014-07-09 08:53:57 ----A---- C:\Windows\system32\ieui.dll

2014-07-09 08:53:57 ----A---- C:\Windows\system32\ieframe.dll

2014-07-09 08:53:57 ----A---- C:\Windows\system32\dxtrans.dll

2014-07-09 08:53:56 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-07-09 08:53:56 ----A---- C:\Windows\system32\mshtmled.dll

2014-07-09 08:53:56 ----A---- C:\Windows\system32\jscript9diag.dll

2014-07-09 08:53:56 ----A---- C:\Windows\system32\jscript9.dll

2014-07-09 08:53:56 ----A---- C:\Windows\system32\ieUnatt.exe

2014-07-09 08:53:55 ----A---- C:\Windows\system32\wininet.dll

2014-07-09 08:53:55 ----A---- C:\Windows\system32\vbscript.dll

2014-07-09 08:53:55 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-07-09 08:53:55 ----A---- C:\Windows\system32\ieapfltr.dll

2014-07-09 08:53:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 08:53:54 ----A---- C:\Windows\system32\msrating.dll

2014-07-09 08:53:54 ----A---- C:\Windows\system32\mshtml.dll

2014-07-09 08:53:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2014-07-09 08:53:49 ----A---- C:\Windows\SYSWOW64\secur32.dll

2014-07-09 08:53:49 ----A---- C:\Windows\system32\lsasrv.dll

2014-07-08 12:17:32 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Plex Home Theater

2014-07-08 12:06:14 ----D---- C:\Program Files (x86)\Plex Home Theater

2014-07-07 13:22:28 ----A---- C:\Windows\system32\drivers\GDKBFlt64.sys

2014-07-05 14:09:27 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Apple Computer

2014-07-05 14:09:26 ----D---- C:\ProgramData\boost_interprocess

2014-07-05 14:08:02 ----D---- C:\Program Files (x86)\Plex

2014-07-04 14:24:00 ----D---- C:\ProgramData\RealNetworks

2014-07-04 14:24:00 ----D---- C:\Program Files (x86)\RealNetworks

2014-07-04 14:23:25 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll

2014-07-04 14:23:04 ----A---- C:\Windows\SYSWOW64\pncrt.dll

2014-07-04 14:22:58 ----A---- C:\Windows\SYSWOW64\msvcr71.dll

2014-07-04 14:22:58 ----A---- C:\Windows\SYSWOW64\msvcp71.dll

======List of files/folders modified in the last 1 month======

2014-07-19 19:24:52 ----D---- C:\Windows\Prefetch

2014-07-19 19:24:47 ----D---- C:\Windows\Temp

2014-07-19 19:24:46 ----D---- C:\Program Files\trend micro

2014-07-19 18:49:16 ----D---- C:\Dirk

2014-07-19 18:11:03 ----SHD---- C:\System Volume Information

2014-07-19 17:18:16 ----D---- C:\Windows\inf

2014-07-19 17:18:15 ----D---- C:\Windows\Logs

2014-07-19 17:18:15 ----D---- C:\Windows\debug

2014-07-19 17:18:15 ----D---- C:\Windows

2014-07-19 16:41:21 ----D---- C:\Windows\system32\config

2014-07-19 15:29:49 ----D---- C:\ProgramData\MFAData

2014-07-19 14:36:57 ----D---- C:\Windows\system32\Tasks

2014-07-19 14:36:38 ----RD---- C:\Users

2014-07-19 14:36:36 ----A---- C:\Windows\SYSWOW64\log.txt

2014-07-19 14:30:19 ----D---- C:\ProgramData\NVIDIA

2014-07-18 14:06:12 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\vlc

2014-07-17 19:13:06 ----HD---- C:\Windows\system32\WLANProfiles

2014-07-13 22:09:04 ----D---- C:\Windows\pss

2014-07-13 12:39:39 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox

2014-07-13 12:39:04 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\DropboxMaster

2014-07-11 17:17:49 ----D---- C:\Windows\System32

2014-07-11 17:17:49 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-07-10 18:07:28 ----D---- C:\Windows\rescache

2014-07-10 14:03:44 ----D---- C:\Windows\winsxs

2014-07-10 13:56:20 ----D---- C:\Program Files\Windows Journal

2014-07-10 13:56:19 ----SD---- C:\Windows\system32\CompatTel

2014-07-10 13:56:18 ----D---- C:\Windows\SYSWOW64\Dism

2014-07-10 13:56:17 ----D---- C:\Windows\system32\Dism

2014-07-10 13:56:14 ----D---- C:\Windows\SysWOW64

2014-07-10 13:56:14 ----D---- C:\Windows\ehome

2014-07-10 13:56:13 ----D---- C:\Windows\system32\drivers

2014-07-10 13:56:11 ----D---- C:\Windows\system32\nl-NL

2014-07-10 13:56:10 ----D---- C:\Program Files\Internet Explorer

2014-07-10 13:56:09 ----D---- C:\Windows\SYSWOW64\en-US

2014-07-10 13:56:06 ----D---- C:\Windows\system32\en-US

2014-07-10 13:56:03 ----D---- C:\Program Files (x86)\Internet Explorer

2014-07-09 19:10:36 ----SHD---- C:\Windows\Installer

2014-07-09 19:10:28 ----D---- C:\ProgramData\Microsoft Help

2014-07-09 19:08:46 ----D---- C:\Windows\system32\MRT

2014-07-09 19:06:01 ----A---- C:\Windows\system32\MRT.exe

2014-07-09 08:54:09 ----D---- C:\Windows\system32\catroot

2014-07-09 08:53:39 ----D---- C:\Windows\system32\catroot2

2014-07-08 12:11:04 ----D---- C:\ProgramData\Package Cache

2014-07-08 12:06:14 ----RD---- C:\Program Files (x86)

2014-07-07 13:24:14 ----D---- C:\Windows\SYSWOW64\drivers

2014-07-07 13:19:06 ----D---- C:\ProgramData\G Data

2014-07-05 14:09:26 ----HD---- C:\ProgramData

2014-07-05 13:45:03 ----D---- C:\Windows\Tasks

2014-07-04 14:24:54 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\RealNetworks

2014-07-04 14:24:53 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Real

2014-07-04 14:24:17 ----D---- C:\Program Files (x86)\Real

2014-07-04 14:23:33 ----D---- C:\Program Files (x86)\Common Files

2014-07-04 14:23:31 ----D---- C:\ProgramData\Real

2014-06-25 22:36:15 ----D---- C:\Windows\system32\wfp

2014-06-25 22:36:10 ----D---- C:\Windows\system32\wbem

2014-06-25 22:34:27 ----D---- C:\Windows\system32\DriverStore

2014-06-25 22:34:16 ----D---- C:\Windows\system32\NDF

2014-06-25 22:34:16 ----D---- C:\Windows\system32\CodeIntegrity

2014-06-25 22:34:14 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\qBittorrent

2014-06-25 22:34:06 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-10-23 45880]

R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2014-07-07 55808]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-05-20 557848]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-10-17 28992]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 246072]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-04-15 240952]

R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]

R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2014-07-07 142336]

R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys [2014-07-07 64000]

R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2013-12-21 106272]

R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2014-07-07 61440]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008]

R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2012-08-26 138400]

R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]

R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]

R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-15 31088]

R3 GDKBFlt;G Data GDKBFlt Driver; \??\C:\Windows\system32\drivers\GDKBFlt64.sys [2014-07-07 20992]

R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2014-07-07 64000]

R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-30 3069032]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]

R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\drivers\iwdbus.sys [2011-09-09 25496]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-12-28 56344]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-09-18 8604672]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-03-15 311400]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2010-09-03 1392688]

R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-09-08 136000]

R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-09-08 409408]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-09-15 299008]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2011-03-08 46592]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]

S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-09-09 34200]

S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-10-27 158464]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 SMA_USBBUS;SMA USB Serial Converter; C:\Windows\system32\drivers\ftdibus.sys [2012-01-14 69320]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S4 RsFx0151;RsFx0151 Driver; C:\Windows\system32\DRIVERS\RsFx0151.sys [2011-06-17 313696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-15 1166848]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]

R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-05-27 2250360]

R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2013-12-19 914552]

R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2014-05-20 2683760]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]

R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-14 70952]

R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-14 312616]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-09-16 1518352]

R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-09-07 8704]

R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-05-15 443224]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-12-28 325656]

R2 MsDepSvc;Web Deployment Agent Service; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400]

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-06-17 62111072]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-17 1640768]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-17 2253120]

R2 Polar Daemon;Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [2012-08-17 413184]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-05-13 39568]

R2 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-07-04 1141848]

R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-05-23 23552]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-09-16 844560]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-12-14 244904]

R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-17 381248]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-28 2656280]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]

R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2014-05-20 3203392]

R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2014-05-20 700536]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-09-07 100864]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-09 1255736]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 431456]

S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]

-----------------EOF-----------------

Bedankt voor jullie medewerking. Laptop loopt terug aannemelijk.

Hierbij het logbestand:

# AdwCleaner v3.015 - Report created 16/12/2013 at 17:15:33

# Updated 10/12/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Sander - SANDER-LAPTOP

# Running from : C:\Users\Sander\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software

Folder Deleted : C:\Program Files (x86)\NCH Software

Folder Deleted : C:\Users\Sander_2\AppData\Roaming\NCH Software

File Deleted : C:\Windows\System32\ImhxxpComm.dll

File Deleted : C:\Users\Sander\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js

File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

Shortcut Disinfected : C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\f

Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader

Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr

Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore

Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform

Key Deleted : HKLM\SOFTWARE\Classes\Iminent

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1

Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore

Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1

Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd

Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr

Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab

Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab.1.0

Key Deleted : HKLM\SOFTWARE\Classes\sim-packages

Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [iminent]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [iminentMessenger]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f

Key Deleted : HKCU\Software\596da8ab76fbf41

Key Deleted : HKLM\SOFTWARE\596da8ab76fbf41

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_cheat-engine_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_cheat-engine_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_flv-player_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_flv-player_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gotclip-downloader_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gotclip-downloader_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_microsoft-excel-2010_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_microsoft-excel-2010_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\APN

Key Deleted : HKCU\Software\Ask.com

Key Deleted : HKCU\Software\AskPartnerNetwork

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Default Tab

Key Deleted : HKCU\Software\DefaultTab

Key Deleted : HKCU\Software\ExpressFiles

Key Deleted : HKCU\Software\GoforFiles

Key Deleted : HKCU\Software\IGearSettings

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\Iminent

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\mixidj

Key Deleted : HKCU\Software\NCH Software

Key Deleted : HKCU\Software\pc speed maximizer

Key Deleted : HKCU\Software\Smart Driver Updater

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\smartbarbackup

Key Deleted : HKCU\Software\smartbarlog

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\V9

Key Deleted : HKCU\Software\wnlt

Key Deleted : HKCU\Software\AppDataLow\SProtector

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab

Key Deleted : HKCU\Software\AppDataLow\Software\findlyrics

Key Deleted : HKCU\Software\AppDataLow\Software\HappyLyrics

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKLM\Software\APN

Key Deleted : HKLM\Software\AskPartnerNetwork

Key Deleted : HKLM\Software\AskToolbar

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Default Tab

Key Deleted : HKLM\Software\DefaultTab

Key Deleted : HKLM\Software\Desksvc

Key Deleted : HKLM\Software\eSafeSecControl

Key Deleted : HKLM\Software\ExpressFiles

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\GoforFiles

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\Software\mixidj

Key Deleted : HKLM\Software\NCH Software

Key Deleted : HKLM\Software\portaldositesSoftware

Key Deleted : HKLM\Software\SProtector

Key Deleted : HKLM\Software\systweak

Key Deleted : HKLM\Software\Trymedia Systems

Key Deleted : HKLM\Software\Umbrella

Key Deleted : HKLM\Software\Uniblue

Key Deleted : HKLM\Software\V9

Key Deleted : HKLM\Software\Vittalia

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1

Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

Key Deleted : [x64] HKLM\SOFTWARE\wnlt

Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B

Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v

[ File : C:\Users\Sander\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

*************************

AdwCleaner[R0].txt - [41379 octets] - [16/12/2013 17:12:22]

AdwCleaner[s0].txt - [40249 octets] - [16/12/2013 17:15:33]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [40310 octets] ##########

De vervelende pop-ups zijn al verleden tijd en ik heb de indruk dat hij sneller opstart.

Ik heb inmiddels G Data Internet Security er op geïnstalleerd en ben de laptop volledig aan het laten controleren op virussen.

Daarna de aanwezige programma's nog eens goed bekijken en eventueel overbodige programma's verwijderen.

Hierbij de log:

Zoek.exe v5.0.0.0 Updated 16-December-2013

Tool run by Sander on ma 16/12/2013 at 8:55:57,22.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sander\Downloads\zoek (1)\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-15-200402.log 185306 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ApnTBMon"=-

"ApnUpdater"=-

"Iminent"=-

"IminentMessenger"=-

"SweetIM"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"PC Speed Maximizer"=-

"Smart Driver Updater"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Ask.com not found

C:\Program Files (x86)\Iminent not found

C:\Program Files (x86)\SweetIM not found

C:\Program Files (x86)\AskPartnerNetwork not found

C:\Program Files (x86)\PC Speed Maximizer not found

C:\Program Files (x86)\Smart Driver Updater not found

C:\Program Files (x86)\HappyLyrics not found

"C:\ProgramData\AskPartnerNetwork\Toolbar\VDJ-V7\CRX\ToolbarCR.crx" not found

"C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx" not found

"C:\Users\Sander\AppData\Local\funmoods.crx" not found

"C:\Users\Sander\AppData\Roaming\BabSolution\CR\mixiDj.crx" not found

"C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx" not found

"C:\Program Files (x86)\HappyLyrics\Chrome.crx" not found

"C:\Users\Sander\AppData\Roaming\BabSolution\CR\delta2.crx" not found

"C:\Program Files (x86)\DealPly\DealPly.crx" not found

"C:\Program Files (x86)\FindLyrics\Chrome.crx" not found

"C:\Program Files (x86)\DefaultTab\DefaultTab.crx" not found

"c:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx" not found

"C:\Users\Sander\AppData\Local\funmoods.crx" not found

"C:\Users\Sander\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx" not found

C:\Windows\SysNative\tasks\0 deleted

"C:\Users\Sander\Desktop\VirtualDJ Home FREE.lnk" deleted

"C:\Users\Public\Desktop\Google Chrome.lnk" deleted

"C:\Users\Public\Desktop\MEDIONhome.lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Desk 365.lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk" deleted

"C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"fmdownloader@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox" [15/09/2012 13:20]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 11:14]

Happy Old Miner - Sander - Default\Extensions\aahdmajpnpehigpjimeikadfnmoadbff

Sniper World at War - Sander - Default\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Bejeweled - Sander - Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

Angry Birds - Sander - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Death Worm Game - Sander - Default\Extensions\akoadonkmjegkcihpcfnennfohfmohgn

Street Wheels 2 3D - Sander - Default\Extensions\aldgglkhhafnfnpihlfgegcbajdekmgj

Apple Shooter - Sander - Default\Extensions\amkbnncbhijlcnehhlpgloofblcfdbke

TV - Sander - Default\Extensions\beobeededemalmllhkmnkinmfembdimh

Show the YouTube Channel bar or the name. - Sander - Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

Truck Rush Seasons - Sander - Default\Extensions\bjaoeopnpdpehefaejhedebpkgljmgcc

YouTube - Sander - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Dirt Bike Games - Sander - Default\Extensions\bmbnpkmmbmniajjhocmmgblekhhmffge

Fun Pong - Sander - Default\Extensions\cdfbkajeecnjallmbomdodielkoplnai

Tequila Zombies - Sander - Default\Extensions\cdjohbopflfhpkaenekfcnhagifenlja

Battlefield Heroes - Sander - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh

Orcs Attack - Sander - Default\Extensions\cgkcopkfnlnofihnpdipnjkmmabpfpgf

Gun Bros - Sander - Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Counter Strike - Sander - Default\Extensions\cjcnlokcjbjgiibclplfblgkdkmldpcp

Max Speed - Sander - Default\Extensions\ckipmjioohlpgdjhdooogjjinlipckoe

Monster Dash - Sander - Default\Extensions\cknghehebaconkajgiobncfleofebcog

Chainsaw - Sander - Default\Extensions\cnhjeeoapamnboddppjdkiklkfdbnkkn

Prison Break Breakout - Sander - Default\Extensions\cnnbogdhmkifhilnndainjieplndpmbj

Facebook and Flickr photos made fun - Sander - Default\Extensions\cokhhceailhgobcmmhcdhihdoemmepej

Google Search - Sander - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gibbets - Sander - Default\Extensions\copjdfbaggaghhnajhgmcjpfejkfniba

Fun Switcher - Sander - Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Dash Or Crash - Sander - Default\Extensions\dgjpjgpikponlfappokopokggojlelni

World of Tanks Southeast Asia - Sander - Default\Extensions\djehgdpiejdcdjbjocbocahdeoklamdi

Barcodescanner - Sander - Default\Extensions\djhpfbgdddnoikiapfajgchbicmhlbig

Future Buddy - Sander - Default\Extensions\dknffcbjdomjglljnckcbffldhigapgj

Build The Bridge - Sander - Default\Extensions\dobkhdbgngejjepmdfapnihdnmicljjp

3D Racing - Sander - Default\Extensions\edibjaleplmkklgdabaddfombdbcafek

Pixlr-o-matic - Sander - Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj

Penguin Combat - Sander - Default\Extensions\ehoglceicemjdngkmfgpdamgglhediod

Transformers-2 - Sander - Default\Extensions\ejccmdbinibfjahdplhmokpbjhkgclha

Stunt Dirt Bike 2 - Sander - Default\Extensions\elfneekolekdcilnomihglgnfhfnjoff

deathCLICK - Sander - Default\Extensions\enbfnadfgciogjeghkkdclpnpagbpdkd

A Space Shooter for FREE - Sander - Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Crime City - Sander - Default\Extensions\fdbacnnicmbpfcmiapnfjbefkggclmco

Causality Games - Sander - Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander - Default\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Earn To Die - Sander - Default\Extensions\fhofbeoifjicanmgipjabehlipnlbmja

Dragon Quest - Sander - Default\Extensions\fjijhnpbbhmlfkefhdaajhabllehenlm

Stupeflix Video Maker - Sander - Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Ultimate Street Car Racer - Sander - Default\Extensions\fkhlplfgnlmpppihiigcpbgehohljaam

Digital Clock - Sander - Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo

Tower Inator - Sander - Default\Extensions\gipkgikjdkncfjdigghlhhagpkgieico

Tarzan Jungle Of Doom 3D - Sander - Default\Extensions\gjocnmdnbfghlogmiekgpmljhgjlgimp

Cut the Rope - Sander - Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj

Amazing Spiderman - Sander - Default\Extensions\gkjcckbgnllocijgaalmoaplfehcclng

Mad Tanks - Sander - Default\Extensions\gkpcnjdemhehddahgikcmlbdnoeknmdp

Counter Strike New Version - Sander - Default\Extensions\gmpehckjcedphjamnipbjbajnfgkfbkm

Fun with English - Sander - Default\Extensions\gnnihicnkdmmdnpjnjoegecndbhdkgmm

Crazy Buggy 3D - Sander - Default\Extensions\gooihknicmgbfhbfcobcgfjllcglkoik

Hang Man (Tamil Movies) - Sander - Default\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Counter Strike - Sander - Default\Extensions\hbnpeifkgfblmnmihpaeniclpnkhpdkg

Transformer Robot War - Sander - Default\Extensions\hcgibljfdjikojdglnfhffeoplhcjnfb

Marvel Comics - Sander - Default\Extensions\hjhfaknohpjconjoefidanhihokmkice

Transformers 3 - Sander - Default\Extensions\hmopeddmckkiokkopennmgdiadfnkcfk

Armenian Online TV - Sander - Default\Extensions\hogboicpepifiecelnhkpolkjkljmoak

Hitstick 6 - Sander - Default\Extensions\hpgphjoojglhpcfhpgjmhnfeabfekdme

Fun Tetris - Sander - Default\Extensions\ibelmnhbipjkokecobnlonmmfjklajkk

Serious Sam: The First Encounter (DEMO) - Sander - Default\Extensions\icbfppfaccaljnjbfeooceefehpccbkh

Google Play Music - Sander - Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg

Monster Shooting - Sander - Default\Extensions\ideadnndagipnaeokmkhcokccpmaapkm

Transformers Prestige - Sander - Default\Extensions\ifcnnldlbmpllpmbjcekgnmaipimjgma

Apocalypse City - Sander - Default\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

OrangeFPS on Roozz - Sander - Default\Extensions\ifnckhopllcmleegegheacblhehfifei

Billiard - Sander - Default\Extensions\ifohmelldfcaeocfiponabmlbmdpnkjj

Cubi Kill 2 - Sander - Default\Extensions\ignmcpkkgibhepbagkpnagoomodbjghn

TRANSFORMERS PRESTIGE - Sander - Default\Extensions\ihpilfgpklhifknjkilfapaghcidopah

Santa Can Fly - Sander - Default\Extensions\ijnjeadmcoiglgongpaknblabefpogei

Fast Car - Sander - Default\Extensions\ilnilkflnlkekeioahamkfjcklliecpf

Tanks Rage - Sander - Default\Extensions\imiagbbpcdaikfajfdpfemgmngigphfl

Dune Buggy - Sander - Default\Extensions\ioejnggmefeodnemhhbnmdcbmjpifebp

ButtonBeats Freestyle Mic - Sander - Default\Extensions\japiahodfdinifdeedclfnbeojkhkkmi

13 Days After - Sander - Default\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander - Default\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

Fun Kids Radio - Sander - Default\Extensions\jelkgophonighpbmekmdjpjnnelcncih

Drug Racer 3d - Sander - Default\Extensions\jfhdjifalcmagjkkclpbjglmnpnobjhp

Pirate Galaxy - Sander - Default\Extensions\jglbmpjjclfacomhldhlpekbjfbchedp

3D Bike race - Sander - Default\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

Newspaper Boy - Sander - Default\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

Truck Loader 2 - Sander - Default\Extensions\joidkelepbgedjiageepconmpfihhpni

Calculator - Sander - Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

CS Portable - Sander - Default\Extensions\kehgknidddmaiolpbpienmbkhkofalam

Hulk Smash Up - Sander - Default\Extensions\kfhjdimdpomcofilfpdbdengiafaoehd

Sharp Trigger 2 - Sander - Default\Extensions\kfkeaemnlafmglocfpcagiikdnjggdik

Halo Game - Sander - Default\Extensions\kijdoigcckfmpadchmhhnpbobbhijkil

Soldiers-Shooting - Sander - Default\Extensions\kijplmdlceddmoejcejdclmgameekglh

Blast PingPong - Sander - Default\Extensions\kjdkomgefikcdchdpjfgjfpagieofnem

Grepolis - Sander - Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog

Break The Wall - Sander - Default\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Meet new people on Badoo - Sander - Default\Extensions\kmaoahaepmkmdhaohjjakbkeeelpbenb

Little Alchemy - Sander - Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd

Satellite Finder - Sander - Default\Extensions\laadpcgmfdkmmkhnhoaalgbjoahkjlpn

Transformers Battle 3d HD - Sander - Default\Extensions\laekaknjpacoppmkicciehhfliihingk

Motocross - Sander - Default\Extensions\lddlapllhlmplllbneiocoojnlokmlcb

Air Hockey World Edition - Sander - Default\Extensions\ldpnjnhkipephakkibngncljbhmgjkfi

Webcam Toy - Sander - Default\Extensions\lfbgimoladefibpklnfmkpknadbklade

Formula 3D - Sander - Default\Extensions\lghfgmfahpnfhgccebpggchongngfepf

Skype Click to Call - Sander - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Supah Ninjas - Sander - Default\Extensions\liodkmfjhbljafkbhhhinlmodecefbcl

Happy Wheels - Sander - Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp

Apocalypse Motor Racers - Sander - Default\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

Contract Killer - Sander - Default\Extensions\meklndaflopgghbomkdpofehonfclipi

Google Mail Checker - Sander - Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff

ButtonBeats Guitar - Sander - Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander - Default\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Stunt Dirt Bike - Sander - Default\Extensions\mkoidgomcchlgmpnlpooohkbpjmpljmc

Plants vs Zombies - Sander - Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander - Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

BMX Park - Sander - Default\Extensions\moalaglehgefgniipmkfolhkhncbjbgb

Iron Man Armored Justice HD Game - Sander - Default\Extensions\moicjngdpebgblmedjmafhiedhimiplk

Crusader Tank - Sander - Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem

Urban Crusher - Sander - Default\Extensions\naklgfiamfbhmfbggjlbcogpkhgcngnb

Ace Pilots - Sander - Default\Extensions\ndfkfbdpnknippjjpkdoiadggmohdpfg

Online TV - Sander - Default\Extensions\noiljfbhlcdemimoiefmdnnddogepkmp

Live Online TV 24/7 - Sander - Default\Extensions\npdlhfeockcidgemjbccenihbmiadbnm

Rally Expert - Sander - Default\Extensions\occfbdbgdodefnegmkafdlebmmifikkn

Ogre Sample Browser NaCl - Sander - Default\Extensions\ocpoapiejnpokdojkgjhglijajghikla

3D Sniper - Sander - Default\Extensions\oddaibgpdefmpenbnpjbeejocmljfjka

Hang Man (Hollywood Movies) - Sander - Default\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Shanghai Mahjongg - Sander - Default\Extensions\odpibjjkhpmapleapondffcppfnhfffi

Bike Race - Sander - Default\Extensions\ogpdbicclanacoblahocfoggbfhaeend

Football forum info actu - LiveFoot - Sander - Default\Extensions\ojlhodidmnkeaiogakfggddlehjphmec

BMX Master - Sander - Default\Extensions\okljdbooggmpjllhjaloafbphmiaogje

Type Command Robot - Sander - Default\Extensions\omfgnhmkahndgcobggaeljcpklbcjbaf

Mafia The Revenge - Sander - Default\Extensions\onflccejinfcakflpembfjgfjlbnedcb

Sharp Triger 2hd - Sander - Default\Extensions\pcimmfgjfimldfhgfpipmfbloodlcdml

PhotoFit Me - Sander - Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

Free Online TV - Sander - Default\Extensions\picldhpkcgmgfnmombladhakcganoghd

Gmail - Sander - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Sander - Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Sander - Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Sander - Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Sander - Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Skype Click to Call - Sander - Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Sander - Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Sander - Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Happy Old Miner - Sander_2 - Default\Extensions\aahdmajpnpehigpjimeikadfnmoadbff

Sniper World at War - Sander_2 - Default\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Doodle Jump Deluxe Flash HD - Sander_2 - Default\Extensions\abkhhgjpfcnmmpmhghohpfkcgoineebk

Tetris Battle - Sander_2 - Default\Extensions\adjkpghbnknolhdbgpllnfmohekjfjmo

Bejeweled - Sander_2 - Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

Tanks V2 - Sander_2 - Default\Extensions\ailcjlbajockobcilfdmjglglhgjhacd

Angry Birds - Sander_2 - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Running Fred - Sander_2 - Default\Extensions\amfalcbcdebaemokjapphcfnldiogddk

Apple Shooter - Sander_2 - Default\Extensions\amkbnncbhijlcnehhlpgloofblcfdbke

Doodle or Die - Sander_2 - Default\Extensions\baocjgbppdpelkefhfhblacenjhhmlmf

TV - Sander_2 - Default\Extensions\beobeededemalmllhkmnkinmfembdimh

Show the YouTube Channel bar or the name. - Sander_2 - Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

FartDroid - Sander_2 - Default\Extensions\bfeefdenbeaddnjdahhfkakhinfppmbc

Truck Rush Seasons - Sander_2 - Default\Extensions\bjaoeopnpdpehefaejhedebpkgljmgcc

YouTube - Sander_2 - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Dirt Bike Games - Sander_2 - Default\Extensions\bmbnpkmmbmniajjhocmmgblekhhmffge

Call of Duty: Black OPS II - Sander_2 - Default\Extensions\bnfeapbdokcoajleapjdbmkhngkbgnbc

Swingers - Sander_2 - Default\Extensions\bppakloppheaamioeonkgjeegphlglaf

Fun Pong - Sander_2 - Default\Extensions\cdfbkajeecnjallmbomdodielkoplnai

Daily Bikini Babe - Sander_2 - Default\Extensions\checlelldfddipjbdhmijdjhiebcohkf

Tanki Online - Sander_2 - Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo

Gun Bros - Sander_2 - Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Monster Dash - Sander_2 - Default\Extensions\cknghehebaconkajgiobncfleofebcog

STRATEGO - Official - Sander_2 - Default\Extensions\ckpgdjbodiacocpojlgipgkphcihfbdo

Facebook and Flickr photos made fun - Sander_2 - Default\Extensions\cokhhceailhgobcmmhcdhihdoemmepej

Google Search - Sander_2 - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Farm Frenzy 2 - Sander_2 - Default\Extensions\dcfpkddmnpgkibhaebjicfmgmmbdjmap

Fun Switcher - Sander_2 - Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Dash Or Crash - Sander_2 - Default\Extensions\dgjpjgpikponlfappokopokggojlelni

Barcodescanner - Sander_2 - Default\Extensions\djhpfbgdddnoikiapfajgchbicmhlbig

Build a Robot - Sander_2 - Default\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo

Future Buddy - Sander_2 - Default\Extensions\dknffcbjdomjglljnckcbffldhigapgj

Candy Crush Saga - Sander_2 - Default\Extensions\dleebmllljpdnpdlhfimngmdnhabkgce

Sumo Paint - Sander_2 - Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

3D Quad Bike Racing - Sander_2 - Default\Extensions\eblldgmkeppinciamdhekgehoepckfpn

3D Racing - Sander_2 - Default\Extensions\edibjaleplmkklgdabaddfombdbcafek

Monster Trucks Nitro 2 - Sander_2 - Default\Extensions\edonejldekhljklclipjpdjdgmaimnbg

Tetris - Sander_2 - Default\Extensions\eeehcmbhicglclggakomjhhlmemhjbde

Magic Magnetic - Sander_2 - Default\Extensions\efkmdnbliigogeinkaghcmcmhpnjcndg

Pixlr-o-matic - Sander_2 - Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj

Penguin Combat - Sander_2 - Default\Extensions\ehoglceicemjdngkmfgpdamgglhediod

Fart Machine - Sander_2 - Default\Extensions\einpcfelmfefokagdipbcfomecfbdggn

On The Run 2 - Sander_2 - Default\Extensions\eipblbikehoiimjpjgjofhfkpojjboea

FruitFest on Roozz - Sander_2 - Default\Extensions\ejbfklcnojhimbbngfdgnnjodnekcjlc

Transformers-2 - Sander_2 - Default\Extensions\ejccmdbinibfjahdplhmokpbjhkgclha

deathCLICK - Sander_2 - Default\Extensions\enbfnadfgciogjeghkkdclpnpagbpdkd

A Space Shooter for FREE - Sander_2 - Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Who's knocking on the door? - Sander_2 - Default\Extensions\eppldkeacbgnkjkabpnikmlnokknlcbc

Bikini TV - Sander_2 - Default\Extensions\fcanljafkhmmideajcgekocpbdhkened

Causality Games - Sander_2 - Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander_2 - Default\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Stupeflix Video Maker - Sander_2 - Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Ultimate Street Car Racer - Sander_2 - Default\Extensions\fkhlplfgnlmpppihiigcpbgehohljaam

Voodoo Friends - Sander_2 - Default\Extensions\fmedapekkakaehidplfhmblngkelolaj

Christmas Match - Sander_2 - Default\Extensions\gaflplinpgjofgdajleeflpoeijeopgn

Digital Clock - Sander_2 - Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo

Tilt 3D - Sander_2 - Default\Extensions\ggaeedikcbkhmilmfafnbdmofhaiepdo

Cut the Rope - Sander_2 - Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj

Amazing Spiderman - Sander_2 - Default\Extensions\gkjcckbgnllocijgaalmoaplfehcclng

Mad Tanks - Sander_2 - Default\Extensions\gkpcnjdemhehddahgikcmlbdnoeknmdp

Crazy Buggy 3D - Sander_2 - Default\Extensions\gooihknicmgbfhbfcobcgfjllcglkoik

Hang Man (Tamil Movies) - Sander_2 - Default\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Counter Strike - Sander_2 - Default\Extensions\hbnpeifkgfblmnmihpaeniclpnkhpdkg

Fishdom 2 - Sander_2 - Default\Extensions\heocjlpcpbjfbnidbblimegpaddbhdmf

Marvel Comics - Sander_2 - Default\Extensions\hjhfaknohpjconjoefidanhihokmkice

Cargo Bridge: Armor Games Edition - Sander_2 - Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj

Troll Emoticons - Sander_2 - Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik

Illyriad - Sander_2 - Default\Extensions\hnfbcdoedgikkjokbgejbgkgijnoaanb

Fiery Music - Sander_2 - Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon

Armenian Online TV - Sander_2 - Default\Extensions\hogboicpepifiecelnhkpolkjkljmoak

Fun Tetris - Sander_2 - Default\Extensions\ibelmnhbipjkokecobnlonmmfjklajkk

Serious Sam: The First Encounter (DEMO) - Sander_2 - Default\Extensions\icbfppfaccaljnjbfeooceefehpccbkh

Google Play Music - Sander_2 - Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg

Red Crucible 2 - Sander_2 - Default\Extensions\iechpocbkaimjmlpfinoahkolenfdmig

Apocalypse City - Sander_2 - Default\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

OrangeFPS on Roozz - Sander_2 - Default\Extensions\ifnckhopllcmleegegheacblhehfifei

Ready for action space pilot? Evil aliens unknown phenomena and risky missions await you here - Sander_2 - Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj

Web Games - Sander_2 - Default\Extensions\iigfbhonoanhlehkpjifkhdfbnacokcg

Jabbott's Little Followers - Sander_2 - Default\Extensions\ijfdepoeianmbnkdjmlmllnnofodfmpg

Santa Can Fly - Sander_2 - Default\Extensions\ijnjeadmcoiglgongpaknblabefpogei

Alias Runner Apocalypse - Sander_2 - Default\Extensions\imaadejkkljcjjbobochcgbacjffjjdc

Tanks Rage - Sander_2 - Default\Extensions\imiagbbpcdaikfajfdpfemgmngigphfl

ButtonBeats Freestyle Mic - Sander_2 - Default\Extensions\japiahodfdinifdeedclfnbeojkhkkmi

13 Days After - Sander_2 - Default\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander_2 - Default\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

Fun Kids Radio - Sander_2 - Default\Extensions\jelkgophonighpbmekmdjpjnnelcncih

Pirate Galaxy: An Epic Space Game - Sander_2 - Default\Extensions\jglbmpjjclfacomhldhlpekbjfbchedp

3D Bike race - Sander_2 - Default\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

Newspaper Boy - Sander_2 - Default\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

Truck Loader 2 - Sander_2 - Default\Extensions\joidkelepbgedjiageepconmpfihhpni

Calculator - Sander_2 - Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Cargo Bridge - Sander_2 - Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn

Civiballs Xmas Levels - Sander_2 - Default\Extensions\kegbhdmfhnlffankokpjdnnnbefeejcb

Best App Finder - Sander_2 - Default\Extensions\khgajindohffipfffpblkdcofalhmkdn

Blast PingPong - Sander_2 - Default\Extensions\kjdkomgefikcdchdpjfgjfpagieofnem

Grepolis - Sander_2 - Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog

Break The Wall - Sander_2 - Default\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Meet new people on Badoo - Sander_2 - Default\Extensions\kmaoahaepmkmdhaohjjakbkeeelpbenb

Cover Orange Players Pack 3 - Sander_2 - Default\Extensions\kmbmidhlafbdocjgcckfbheingaemmhk

Bird Brawl - Sander_2 - Default\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk

Personal Trainer - Sander_2 - Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke

Monkey Go Happy 4 - Sander_2 - Default\Extensions\kmhcpeadjemaopamdggcfaelcjaibekm

Little Alchemy - Sander_2 - Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd

Satellite Finder - Sander_2 - Default\Extensions\laadpcgmfdkmmkhnhoaalgbjoahkjlpn

Motocross - Sander_2 - Default\Extensions\lddlapllhlmplllbneiocoojnlokmlcb

Webcam Toy - Sander_2 - Default\Extensions\lfbgimoladefibpklnfmkpknadbklade

Apocalypse Motor Racers - Sander_2 - Default\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

Fieldrunners - Sander_2 - Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak

Swing - Sander_2 - Default\Extensions\lpnmooccnldfhihdhcibcefallgdogda

Carbon Combat - Sander_2 - Default\Extensions\mamcmmijgmnpgdjlicejeeldnjoieoeo

Countdown to Star Wars: The Old Republic - Sander_2 - Default\Extensions\mbihkjkcifmppkkokenooaijbjblefdm

Contract Killer - Sander_2 - Default\Extensions\meklndaflopgghbomkdpofehonfclipi

Farm Frenzy 3: American Pie - Sander_2 - Default\Extensions\mgkcngacodlggphhjngelhdkkjkfdila

Google Mail Checker - Sander_2 - Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff

ButtonBeats Guitar - Sander_2 - Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander_2 - Default\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Plants vs Zombies - Sander_2 - Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander_2 - Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

Crusader Tank - Sander_2 - Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem

Urban Crusher - Sander_2 - Default\Extensions\naklgfiamfbhmfbggjlbcogpkhgcngnb

Ace Pilots - Sander_2 - Default\Extensions\ndfkfbdpnknippjjpkdoiadggmohdpfg

BeGone - Sander_2 - Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk

Curling - Sander_2 - Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp

Google Wallet - Sander_2 - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

DuckLife3 Evolution - Sander_2 - Default\Extensions\obnapbknabbfcfioencalfeobakjhnha

Rally Expert - Sander_2 - Default\Extensions\occfbdbgdodefnegmkafdlebmmifikkn

Ping Pong - Sander_2 - Default\Extensions\ockfllocbdnnmdgcmclaihhjkapdfajl

Ogre Sample Browser NaCl - Sander_2 - Default\Extensions\ocpoapiejnpokdojkgjhglijajghikla

3D Sniper - Sander_2 - Default\Extensions\oddaibgpdefmpenbnpjbeejocmljfjka

Hang Man (Hollywood Movies) - Sander_2 - Default\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Shanghai Mahjongg - Sander_2 - Default\Extensions\odpibjjkhpmapleapondffcppfnhfffi

Background Tab - Sander_2 - Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic

Private Joe: Urban Warfare - Sander_2 - Default\Extensions\ogmpedngmnolclkmlpcdgmfonlagkejp

Mini Ninjas - Sander_2 - Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi

Football forum info actu - LiveFoot - Sander_2 - Default\Extensions\ojlhodidmnkeaiogakfggddlehjphmec

Penguin Slice - Sander_2 - Default\Extensions\okflagoeojoippcanifjmfmiahbgjngh

Shimiegames - Sander_2 - Default\Extensions\oldobllpfnikfcngappiefcibionajof

Type Command Robot - Sander_2 - Default\Extensions\omfgnhmkahndgcobggaeljcpklbcjbaf

Climb or Drown - Sander_2 - Default\Extensions\omfoiaaaplodaeokegmjphakphcbmiip

PhotoFit Me - Sander_2 - Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

Actuele Vertrektijden - Sander_2 - Default\Extensions\pfebamleeekjjdnkcjbgimhgcdpcpdfd

Free Online TV - Sander_2 - Default\Extensions\picldhpkcgmgfnmombladhakcganoghd

4 Elements - Sander_2 - Default\Extensions\pikbkfgccjpiodjimjpkjdaihnigkcck

Gmail - Sander_2 - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Firebug - Sander_2 - Default\Extensions\pkinjljgfpalpgjebaiegcgnaapdbmif

Fishdom - Sander_2 - Default\Extensions\plkccdpiifjkmjpinpcmndkifhnjhooj

Sniper World at War - Sander_2 - Profile 1\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Doodle Jump Deluxe Flash HD - Sander_2 - Profile 1\Extensions\abkhhgjpfcnmmpmhghohpfkcgoineebk

Tetris Battle - Sander_2 - Profile 1\Extensions\adjkpghbnknolhdbgpllnfmohekjfjmo

Bejeweled - Sander_2 - Profile 1\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

Angry Birds - Sander_2 - Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Google Drive - Sander_2 - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Doodle or Die - Sander_2 - Profile 1\Extensions\baocjgbppdpelkefhfhblacenjhhmlmf

FartDroid - Sander_2 - Profile 1\Extensions\bfeefdenbeaddnjdahhfkakhinfppmbc

YouTube - Sander_2 - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Call of Duty: Black OPS II - Sander_2 - Profile 1\Extensions\bnfeapbdokcoajleapjdbmkhngkbgnbc

Swingers - Sander_2 - Profile 1\Extensions\bppakloppheaamioeonkgjeegphlglaf

Super Mario World - HD - Sander_2 - Profile 1\Extensions\ccinbiepgdpmkefofnclkgfmpelpnbbg

Battlefield Heroes - Sander_2 - Profile 1\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh

Daily Bikini Babe - Sander_2 - Profile 1\Extensions\checlelldfddipjbdhmijdjhiebcohkf

Tanki Online - Sander_2 - Profile 1\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo

Gun Bros - Sander_2 - Profile 1\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Monster Dash - Sander_2 - Profile 1\Extensions\cknghehebaconkajgiobncfleofebcog

STRATEGO - Official - Sander_2 - Profile 1\Extensions\ckpgdjbodiacocpojlgipgkphcihfbdo

Google Search - Sander_2 - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Farm Frenzy 2 - Sander_2 - Profile 1\Extensions\dcfpkddmnpgkibhaebjicfmgmmbdjmap

Fun Switcher - Sander_2 - Profile 1\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Build a Robot - Sander_2 - Profile 1\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo

Phineas and Ferb - Sander_2 - Profile 1\Extensions\dpengemjijcpdidhakhbmbichfkjhggo

Sumo Paint - Sander_2 - Profile 1\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

Fart Machine - Sander_2 - Profile 1\Extensions\einpcfelmfefokagdipbcfomecfbdggn

Raving Rabbids : Travel in Time - Sander_2 - Profile 1\Extensions\eoclppblfdkkjmmcjbbcedfnnodfecfm

A Space Shooter for FREE - Sander_2 - Profile 1\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Bikini TV - Sander_2 - Profile 1\Extensions\fcanljafkhmmideajcgekocpbdhkened

Causality Games - Sander_2 - Profile 1\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander_2 - Profile 1\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Stupeflix Video Maker - Sander_2 - Profile 1\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Voodoo Friends - Sander_2 - Profile 1\Extensions\fmedapekkakaehidplfhmblngkelolaj

Hang Man (Tamil Movies) - Sander_2 - Profile 1\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Cargo Bridge: Armor Games Edition - Sander_2 - Profile 1\Extensions\hlpiaibleklmjieibbnmkignbggodmmj

Illyriad - Sander_2 - Profile 1\Extensions\hnfbcdoedgikkjokbgejbgkgijnoaanb

Gran Theft Auto - GTA 2012 - Sander_2 - Profile 1\Extensions\idklkhdnfccdklhbanojgjccdiaphgih

Red Crucible 2 - Sander_2 - Profile 1\Extensions\iechpocbkaimjmlpfinoahkolenfdmig

Apocalypse City - Sander_2 - Profile 1\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

Buckle up for the final frontier: action-packed space battles evil aliens unknown phenomena and tricky missions await you in DarkOrbit - Sander_2 - Profile 1\Extensions\igfellpkdddmaldkbohekiikcmadbdnj

Jabbott's Little Followers - Sander_2 - Profile 1\Extensions\ijfdepoeianmbnkdjmlmllnnofodfmpg

13 Days After - Sander_2 - Profile 1\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander_2 - Profile 1\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

3D Bike race - Sander_2 - Profile 1\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

Newspaper Boy - Sander_2 - Profile 1\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

Calculator - Sander_2 - Profile 1\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Cargo Bridge - Sander_2 - Profile 1\Extensions\keembkgclppcbilkekfgpobhldjjhpmn

Best App Finder - Sander_2 - Profile 1\Extensions\khgajindohffipfffpblkdcofalhmkdn

Break The Wall - Sander_2 - Profile 1\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Bird Brawl - Sander_2 - Profile 1\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk

Personal Trainer - Sander_2 - Profile 1\Extensions\kmgohkgndpahjklgpdihieeedjeneoke

Webcam Toy - Sander_2 - Profile 1\Extensions\lfbgimoladefibpklnfmkpknadbklade

Apocalypse Motor Racers - Sander_2 - Profile 1\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

Fieldrunners - Sander_2 - Profile 1\Extensions\lkpikhjbfbffdblahfidklcohlaeabak

Carbon Combat - Sander_2 - Profile 1\Extensions\mamcmmijgmnpgdjlicejeeldnjoieoeo

Iron Spider - Sander_2 - Profile 1\Extensions\mcdmmanekhdkhfdlmkochncapnlllfcp

Contract Killer - Sander_2 - Profile 1\Extensions\meklndaflopgghbomkdpofehonfclipi

Farm Frenzy 3: American Pie - Sander_2 - Profile 1\Extensions\mgkcngacodlggphhjngelhdkkjkfdila

ButtonBeats Guitar - Sander_2 - Profile 1\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander_2 - Profile 1\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Plants vs Zombies - Sander_2 - Profile 1\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander_2 - Profile 1\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

BeGone - Sander_2 - Profile 1\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk

Curling - Sander_2 - Profile 1\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp

Card number - Sander_2 - Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Agent P Counterattack - Sander_2 - Profile 1\Extensions\occekbbkfnopofjpfmbdjlekkaecjlke

Hang Man (Hollywood Movies) - Sander_2 - Profile 1\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Private Joe: Urban Warfare - Sander_2 - Profile 1\Extensions\ogmpedngmnolclkmlpcdgmfonlagkejp

Mini Ninjas - Sander_2 - Profile 1\Extensions\oijfbknbncemokdnlboeabbcfhobechi

Battlefield Play4Free - Sander_2 - Profile 1\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh

Penguin Slice - Sander_2 - Profile 1\Extensions\okflagoeojoippcanifjmfmiahbgjngh

PhotoFit Me - Sander_2 - Profile 1\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

More Games - Sander_2 - Profile 1\Extensions\pgkgcpfgfpalljmibjcphggiecalkdlf

Gmail - Sander_2 - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\noiljfbhlcdemimoiefmdnnddogepkmp deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdlhfeockcidgemjbccenihbmiadbnm deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\picldhpkcgmgfnmombladhakcganoghd deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\picldhpkcgmgfnmombladhakcganoghd deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcanljafkhmmideajcgekocpbdhkened deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcanljafkhmmideajcgekocpbdhkened deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP&dt=072513"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP&dt=072513"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

{33BB0A4E-99AF-4226-BDF6-49120163DE86} Bing Url="http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072513&q={searchTerms}&src=IE-SearchBox"

{36F88097-F861-4803-8CE1-DB0080011084} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Sander_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Sander_2\AppData\Local\Temp emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Sander\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Sander\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 16/12/2013 at 9:28:41,22 ======================

Resultaat van zoek.exe:

Zoek.exe Version 4.0.0.5 Updated 14-December-2013

Tool run by Sander on zo 15/12/2013 at 19:54:47,79.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sander\Downloads\zoek (1)\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

15/12/2013 19:58:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Babylon deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Program Files\Google deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\Symantec deleted successfully

C:\Users\Sander\AppData\Roaming\ExpressFiles deleted successfully

C:\Users\Sander\AppData\Roaming\GoforFiles deleted successfully

C:\Users\Sander\AppData\Roaming\Systweak deleted successfully

C:\Users\Sander\AppData\Roaming\TP deleted successfully

C:\Users\Sander\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Sander\AppData\Roaming\WinRAR deleted successfully

C:\Users\Sander\AppData\Local\Downloaded Installations deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E5325F1F-E0CB-46DD-BFD1-FCD0A2719D74} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Iminent deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Iminent deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Desksvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Desksvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Desksvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Desksvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IBUpdaterService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IBUpdaterService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SProtection deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SProtection deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaulttabupdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\defaulttabupdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater17.2.0 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Sander\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Sander\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D57C9F-8346-CA45-F63A-AB06421BB4A2}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD80073C-5C93-88E2-3D79-29E2EB555770}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B11E0F7A-2051-EF8D-4077-88E517717704}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

"ApnUpdater"=-

"Iminent"=-

"IminentMessenger"=-

"SweetIM"=-

"ApnTBMon"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Browser Infrastructure Helper"=-

"Yontoo Desktop"=-

"Softonic for Windows"=-

"se"=-

"TBHostSupport"=-

"Desk 365"=-

==== Deleting Files \ Folders ======================

C:\Users\Sander\AppData\Roaming\Systweak not found

C:\Program Files (x86)\Babylon not found

C:\Users\Sander\AppData\Roaming\Desk 365 deleted

C:\Program Files (x86)\mixidj deleted

C:\Program Files (x86)\SearchNewTab deleted

C:\Users\Sander\AppData\Roaming\DefaultTab deleted

C:\Program Files (x86)\ssurF anDo keep deleted

C:\Users\Sander\AppData\Local\Smartbar deleted

C:\Users\Sander\AppData\Local\Softonic deleted

C:\Users\Sander\AppData\Roaming\ViberPC deleted

C:\Users\Sander\AppData\Roaming\ooVoo Details deleted

C:\8a870a588ac4d255b30c46 deleted

C:\found.003 deleted

C:\found.002 deleted

C:\found.001 deleted

C:\ProgramData\ssurF anDo keep deleted

C:\ProgramData\SearchNewTab deleted

C:\ProgramData\eSafe deleted

C:\ProgramData\DownlOAD keeper deleted

C:\ProgramData\InstallMate deleted

C:\ProgramData\504c2cf8db11ac3b deleted

C:\Users\Sander\AppData\LocalLow\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted

C:\Users\Sander\AppData\LocalLow\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted

C:\Users\Sander\AppData\LocalLow\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted

C:\Users\Sander\AppData\LocalLow\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted

C:\Users\Sander\AppData\LocalLow\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted

C:\Users\Sander\AppData\Local\Packages\windows_ie_ac_001\AC\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted

C:\Users\Sander\AppData\Local\Packages\windows_ie_ac_001\AC\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9} deleted

C:\Users\Sander\AppData\Local\Packages\windows_ie_ac_001\AC\{82D57C9F-8346-CA45-F63A-AB06421BB4A2} deleted

C:\Users\Sander\AppData\Local\Packages\windows_ie_ac_001\AC\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted

C:\Users\Sander\AppData\Local\Packages\windows_ie_ac_001\AC\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted

C:\ProgramData\YoutubeAdblocker deleted

C:\PROGRA~2\YoutubeAdblocker deleted

C:\PROGRA~2\DownlOAD keeper deleted

C:\PROGRA~2\Smart Driver Updater deleted

C:\PROGRA~2\FTDownloader.com deleted

C:\PROGRA~2\PC Speed Up deleted

C:\PROGRA~2\COMMON~1\Umbrella deleted

C:\Program Files\Babylon deleted

C:\PROGRA~2\ss helper deleted

C:\PROGRA~2\COMMON~1\337 deleted

C:\PROGRA~2\DefaultTab deleted

C:\PROGRA~2\FindLyrics deleted

C:\PROGRA~2\HappyLyrics deleted

C:\PROGRA~2\Yontoo deleted

C:\PROGRA~2\sweetpacks bundle uninstaller deleted

C:\PROGRA~2\Funmoods deleted

C:\found.000 deleted

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk deleted

C:\Users\Sander\AppData\Roaming\PC Speed Maximizer deleted

C:\Users\Sander\AppData\Roaming\SkypEmoticons deleted

C:\Users\Sander\AppData\Roaming\eIntaller deleted

C:\Users\Sander\AppData\Roaming\BabSolution deleted

C:\Users\Sander\AppData\Roaming\DealPly deleted

C:\Users\Sander\AppData\Roaming\Registry Mechanic deleted

C:\Users\Sander\AppData\Roaming\Smart Driver Updater deleted

C:\Users\Sander\AppData\Roaming\OpenCandy deleted

C:\Users\Sander_2\AppData\Roaming\GoforFiles deleted

C:\Users\Sander_2\AppData\Roaming\Desk 365 deleted

C:\Users\Sander_2\AppData\Roaming\Iminent deleted

C:\Users\Sander_2\AppData\Roaming\ExpressFiles deleted

C:\Users\Sander_2\AppData\Roaming\Babylon deleted

C:\Users\Sander_2\AppData\Roaming\Systweak deleted

C:\ProgramData\AskPartnerNetwork deleted

C:\ProgramData\APN deleted

C:\ProgramData\YoutubeBookmark deleted

C:\ProgramData\Partner deleted

C:\ProgramData\QuickSet deleted

C:\ProgramData\SweetIM deleted

C:\ProgramData\Computer Updater deleted

C:\ProgramData\Iminent deleted

C:\ProgramData\Tarma Installer deleted

C:\ProgramData\AVG Secure Search deleted

C:\ProgramData\WinterSoft deleted

C:\Users\Sander\AppData\Local\funmoods.crx deleted

C:\Users\Sander\AppData\Local\CRE deleted

C:\Users\Sander\AppData\Local\APN deleted

C:\Users\Sander\AppData\Local\AVG Secure Search deleted

C:\Users\Sander\AppData\Local\NativeMessaging deleted

C:\Users\Sander\AppData\Local\PutLockerDownloader deleted

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\bprotector web data deleted

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted

C:\Users\Sander_2\AppData\Local\AVG Secure Search deleted

C:\Users\Sander_2\AppData\Local\Babylon deleted

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\bprotector web data deleted

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365 deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater deleted

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic deleted

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com deleted

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\windows\SysNative\Tasks\DealPly deleted

C:\Users\Sander\Downloads\avg_free_stb_all_2013_2805_cnet.exe deleted

C:\Users\Sander\AppData\LocalLow\AVG Secure Search deleted

C:\Users\Sander\AppData\LocalLow\AskToolbar deleted

C:\Users\Sander\AppData\LocalLow\BabylonToolbar deleted

C:\Users\Sander\AppData\LocalLow\Smartbar deleted

C:\Users\Sander\AppData\LocalLow\Conduit deleted

C:\Users\Sander_2\AppData\LocalLow\AVG Secure Search deleted

C:\Users\Sander_2\AppData\LocalLow\boost_interprocess deleted

C:\Users\Sander_2\AppData\LocalLow\mixidj deleted

C:\Users\Sander_2\AppData\LocalLow\AskToolbar deleted

C:\Users\Sander_2\AppData\LocalLow\BabylonToolbar deleted

C:\Users\Sander_2\AppData\LocalLow\Delta deleted

C:\Users\Sander_2\AppData\LocalLow\Funmoods deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk deleted

C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted

C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted

C:\windows\SysNative\Tasks\Express FilesUpdate deleted

C:\windows\SysNative\Tasks\BrowserProtect deleted

C:\windows\SysNative\Tasks\GoforFilesUpdate deleted

C:\windows\SysNative\Tasks\EPUpdater deleted

C:\windows\SysNative\tasks\FindLyrics Update deleted

C:\Windows\tasks\FindLyrics Update.job deleted

C:\Windows\tasks\spmonitor.job deleted

C:\windows\SysNative\tasks\spmonitor deleted

C:\Windows\Syswow64\ARFC deleted

C:\Windows\Syswow64\WNLT deleted

C:\Windows\Syswow64\SafeAppRichList.ocx deleted

C:\Windows\Syswow64\CUUpdateComponent.ocx deleted

C:\Windows\Syswow64\ComputerUpdaterLM.ocx deleted

C:\Windows\Syswow64\InstallUtil.InstallLog deleted

C:\Windows\Syswow64\sho89A2.tmp deleted

C:\Windows\SysWow64\AI_RecycleBin deleted

C:\Windows\SysWow64\searchplugins deleted

C:\Windows\SysWow64\Extensions deleted

C:\Users\Sander\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftdownloader3@ftdownloader.com.xpi deleted

C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted

C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted

C:\Users\Sander\Desktop\FTDownloader.lnk deleted

C:\Users\Sander\Desktop\GotCLIP Downloader.lnk deleted

C:\Users\Sander\Desktop\Smart Driver Updater.lnk deleted

C:\Users\Sander\Desktop\rcpsetup_softonic_sd_global.exe deleted

C:\Users\Sander\Desktop\Softonic.lnk deleted

C:\Users\Sander\Desktop\PC Speed Maximizer.lnk deleted

C:\Users\Sander_2\Downloads\SkypEmoticons.exe deleted

"C:\Windows\Installer\24f54a5.msi" deleted

"C:\Windows\Installer\8f3b5.msi" deleted

"C:\Windows\Installer\8f3b5.msi" deleted

"C:\windows\SysNative\dmwu.exe" deleted

"C:\Users\Sander\AppData\Roaming\mixidj\sqlite3.dll" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted

"C:\Program Files (x86)\Desk 365\desk365.exe" deleted

"C:\Program Files (x86)\Desk 365\ebase.dll" deleted

"C:\Program Files (x86)\Desk 365\edeskcmn.dll" deleted

"C:\Program Files (x86)\Desk 365\edis64.dll" deleted

"C:\Program Files (x86)\Desk 365\ElexDbg.dll" deleted

"C:\Program Files (x86)\Desk 365\enotify.dll" deleted

"C:\Program Files (x86)\Desk 365\libpng.dll" deleted

"C:\Program Files (x86)\Desk 365\libpopdlg.dll" deleted

"C:\Program Files (x86)\Desk 365\mbdet.dll" deleted

"C:\Program Files (x86)\Desk 365\ouilibnl.dll" deleted

"C:\Program Files (x86)\Iminent\f_in_box.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Booster.UI.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Business.Connect.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Business.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Entity.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.exe" deleted

"C:\Program Files (x86)\Iminent\Iminent.Mediator.ActivePlayers.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Mediator.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Messengers.exe" deleted

"C:\Program Files (x86)\Iminent\Iminent.Services.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.WinCore.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Windows.dll" deleted

"C:\Program Files (x86)\Iminent\Iminent.Workflow.dll" deleted

"C:\Program Files (x86)\Iminent\System.Data.SQLite.dll" deleted

"C:\Program Files (x86)\GoforFiles\GFFUpdater.exe" deleted

"C:\Program Files (x86)\GoforFiles\htmlayout.dll" deleted

"C:\PROGRA~2\Uniblue\SpeedUpMyPC\spmonitor.exe" deleted

"C:\PROGRA~2\ExpressFiles\EFUpdater.exe" deleted

"C:\PROGRA~2\ExpressFiles\htmlayout.dll" deleted

"C:\PROGRA~2\PC Speed Maximizer\SPMReminder.exe" deleted

"C:\PROGRA~2\Iminent\f_in_box.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Booster.UI.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Business.Connect.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Business.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Entity.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.exe" deleted

"C:\PROGRA~2\Iminent\Iminent.Mediator.ActivePlayers.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Mediator.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Messengers.exe" deleted

"C:\PROGRA~2\Iminent\Iminent.Services.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.WinCore.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Windows.dll" deleted

"C:\PROGRA~2\Iminent\Iminent.Workflow.dll" deleted

"C:\PROGRA~2\Iminent\System.Data.SQLite.dll" deleted

"C:\PROGRA~2\GoforFiles\GFFUpdater.exe" deleted

"C:\PROGRA~2\GoforFiles\htmlayout.dll" deleted

"C:\PROGRA~2\Desk 365\desk365.exe" deleted

"C:\PROGRA~2\Desk 365\ebase.dll" deleted

"C:\PROGRA~2\Desk 365\edeskcmn.dll" deleted

"C:\PROGRA~2\Desk 365\edis64.dll" deleted

"C:\PROGRA~2\Desk 365\ElexDbg.dll" deleted

"C:\PROGRA~2\Desk 365\enotify.dll" deleted

"C:\PROGRA~2\Desk 365\libpng.dll" deleted

"C:\PROGRA~2\Desk 365\libpopdlg.dll" deleted

"C:\PROGRA~2\Desk 365\mbdet.dll" deleted

"C:\PROGRA~2\Desk 365\ouilibnl.dll" deleted

"C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted

"C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted

"C:\Users\Sander\AppData\Roaming\Uniblue\SpeedUpMyPC\monitor.log" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted

"C:\windows\SysNative\ljkb\lmrn.dll" deleted

"C:\windows\SysNative\ljkb\msvcp100.dll" deleted

"C:\windows\SysNative\ljkb\msvcr100.dll" not deleted

"C:\windows\SysNative\ljkb\stij.exe" deleted

"C:\Windows\Syswow64\jmdp\lmrn.dll" deleted

"C:\Windows\Syswow64\jmdp\msvcp100.dll" deleted

"C:\Windows\Syswow64\jmdp\msvcr100.dll" not deleted

"C:\Windows\Syswow64\jmdp\stij.exe" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted

"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\Users\Sander\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat" deleted

"C:\PROGRA~2\Ask.com\Updater\Updater.exe" deleted

"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.2.0\SiteSafety.dll" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.2.0\log4cplusU.dll" deleted

"C:\Users\Sander\AppData\Roaming\Uniblue\SpeedUpMyPC\monitor.log" deleted

"C:\Users\Sander\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted

"C:\Users\Sander\AppData\Roaming\mixidj" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo" deleted

"C:\Program Files (x86)\Desk 365" not deleted

"C:\Program Files (x86)\Iminent" deleted

"C:\Program Files (x86)\Ask.com" deleted

"C:\Program Files (x86)\SweetIM" not deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\Users\Sander\AppData\Roaming\Iminent" deleted

"C:\Program Files (x86)\GoforFiles" deleted

"C:\PROGRA~2\Uniblue\SpeedUpMyPC" deleted

"C:\PROGRA~2\ExpressFiles" deleted

"C:\PROGRA~2\PC Speed Maximizer" deleted

"C:\PROGRA~2\Iminent" deleted

"C:\PROGRA~2\GoforFiles" deleted

"C:\PROGRA~2\Desk 365" not deleted

"C:\PROGRA~2\Ask.com" deleted

"C:\PROGRA~2\AskPartnerNetwork" deleted

"C:\PROGRA~2\SweetIM" not deleted

"C:\PROGRA~2\AVG Secure Search" deleted

"C:\PROGRA~2\AVG Secure Search" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted

"C:\Users\Sander\AppData\Roaming\Uniblue" deleted

"C:\Users\Sander\AppData\Roaming\Uniblue\SpeedUpMyPC" deleted

"C:\Users\Sander\AppData\Roaming\Iminent" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo" deleted

"C:\ProgramData\Trymedia" deleted

"C:\Users\Sander\AppData\Local\TBHostSupport" deleted

"C:\windows\SysNative\ljkb" not deleted

"C:\Windows\Syswow64\jmdp" not deleted

"C:\Users\Sander\AppData\Roaming\Yontoo\dat" deleted

"C:\Program Files (x86)\Ask.com\Updater" deleted

"C:\Program Files (x86)\SweetIM\Messenger" not deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\Users\Sander\AppData\Roaming\Iminent\Mediator" deleted

"C:\Users\Sander\AppData\Roaming\Iminent\Mediator\Datas" deleted

"C:\PROGRA~2\Ask.com\Updater" deleted

"C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted

"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\PROGRA~2\SweetIM\Messenger" not deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.2.0" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.2.0" deleted

"C:\Users\Sander\AppData\Roaming\Uniblue\SpeedUpMyPC" deleted

"C:\Users\Sander\AppData\Roaming\Iminent\Mediator" deleted

"C:\Users\Sander\AppData\Roaming\Iminent\Mediator\Datas" deleted

"C:\Users\Sander\AppData\Roaming\Yontoo\dat" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Sander\AppData\Local\Temp ====

2013-12-15 13:11:26 DCED59E2445C62EAEBB418270AFC1C7B 264937 ----a-w- C:\Users\Sander\AppData\Local\Temp\is581794475\FindLyrics.exe

2013-12-15 13:11:24 1D283DD3AE2312EEE624E8B8C46F6ADB 729600 ----a-w- C:\Users\Sander\AppData\Local\Temp\{16F5C7E3-CBCC-4401-A6EA-83EECD16E515}\Addons\helper_setup.exe

2013-12-15 12:54:59 DD3D9D4150DBB867EFB1C1A7619B5BEE 248912 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\DeskExternal.exe

2013-12-15 12:54:59 B8866E1E98908969D1EC287A61847F84 424016 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\DeskSvc.exe

2013-12-15 12:54:59 893C4400C0C7BFAAE398AC14544F4FDD 99408 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\mbdet.dll

2013-12-15 12:54:59 65EEAB8A5742F8FEFFB9855D648F06E9 267856 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\WinZipperdl.exe

2013-12-15 12:54:59 5FB3FC66219CD099DCF1B71F31A84F54 1426432 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\eUpgrade\eupgrade.exe

2013-12-15 12:54:59 5AF27EB203D46FDC67487C86C1CEA25D 146512 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\enotify.dll

2013-12-15 12:54:59 45F3D90C4B5516D8FE1B549A3C60DB04 85072 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\eDhelper64.exe

2013-12-15 12:54:59 41DD8F21FBF4447D4312FFBFFE8D18B3 73296 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\libpopdlg.dll

2013-12-15 12:54:59 2F08259D4A1600B36815331BB1BBC69B 31824 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\eDhelper.exe

2013-12-15 12:54:59 1BD0239A2677F7CFBCCB51EE9E893B05 184912 ----a-w- C:\Users\Sander\AppData\Local\Temp\Desk365\Desk365_patch\v110\libpng.dll

2013-12-15 12:22:23 D263931585791BB6561CB57835D5A346 153280 ----a-w- C:\Users\Sander\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes_LD.dll

2013-12-15 12:22:23 81E88432DB2639DE4C8EC59007E5289C 264008 ----a-w- C:\Users\Sander\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes.dll

2013-12-15 12:22:23 20BE2DEE2C099DDD730AF8F7DE7861D9 761504 ----a-w- C:\Users\Sander\AppData\Local\Temp\MSS\3.8.130.10\McInstallerStartup.dll

2013-12-15 12:22:22 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Sander\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe

2013-12-15 12:22:22 2FBB1819B94F57AA7519F4F1959C99E9 565328 ----a-w- C:\Users\Sander\AppData\Local\Temp\MSS\3.8.130.10\mcbrwsr2.dll

2013-12-15 09:44:02 588F745773A657F69E3553BECE0CD136 1627776 ----a-w- C:\Users\Sander\AppData\Local\Temp\ONAIRSetup4.0.0.939.exe

2013-12-14 12:39:31 C8ED54001F3F046193FFFF91E050ACDC 13834752 ----a-w- C:\Users\Sander\AppData\Local\Temp\oovoosetup.msi

2013-12-14 12:39:24 2AC7B1C68346796BB2B494DDF7335401 1083824 ----a-w- C:\Users\Sander\AppData\Local\Temp\offercast.exe

2013-12-04 08:21:50 901FE9466B3555C9C3D3C7ECAEC4AEAF 389632 ----a-w- C:\Users\Sander\AppData\Local\Temp\banner.exe

====== Java Cache =====

2013-12-15 13:01:06 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Sander\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-45ac549f

====== C:\Windows\SysWOW64 =====

2013-12-15 13:05:13 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2013-12-15 13:05:04 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2013-12-15 13:05:04 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-12-15 13:05:04 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe

2013-12-13 10:22:04 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL

2013-12-13 10:22:03 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll

2013-12-13 10:16:20 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-12-13 10:16:12 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-12-13 10:16:12 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-12-13 10:16:08 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2013-12-13 10:16:06 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2013-12-13 10:16:04 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-12-13 10:16:04 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-12-13 10:16:04 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-12-13 10:16:04 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-12-13 10:16:00 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-12-13 10:15:58 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-12-13 10:15:57 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-12-12 10:16:47 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll

2013-12-12 10:16:44 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll

2013-12-12 10:16:43 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll

2013-12-12 10:16:40 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2013-12-12 10:16:35 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe

2013-12-12 10:16:35 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx

2013-12-12 10:16:34 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll

2013-12-12 10:16:34 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe

2013-12-04 12:18:26 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll

2013-12-04 12:18:18 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-12-04 12:18:18 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll

2013-12-04 12:18:18 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll

2013-12-04 12:18:17 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2013-12-04 12:18:16 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-12-04 12:18:16 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec

2013-12-04 12:18:16 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx

2013-12-04 12:18:15 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll

2013-12-04 12:18:15 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2013-12-04 12:18:15 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat

2013-12-04 12:18:15 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2013-12-04 12:18:15 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2013-12-04 12:18:14 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf

2013-12-04 12:18:14 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll

2013-12-04 12:18:14 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-12-04 12:18:14 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll

2013-12-04 12:18:14 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-12-04 12:18:14 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll

2013-12-04 12:18:13 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe

2013-12-04 12:18:13 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-12-04 12:18:13 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe

2013-12-04 12:18:13 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-12-04 12:18:13 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2013-12-04 12:18:13 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll

2013-12-04 12:18:12 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-12-04 12:18:12 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll

2013-12-04 12:18:11 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-12-04 12:18:11 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe

2013-12-04 12:18:11 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-12-04 12:18:11 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll

2013-12-04 12:18:11 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2013-12-04 12:18:11 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2013-12-04 12:18:11 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll

2013-12-04 12:18:10 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll

2013-12-04 12:18:10 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll

2013-12-04 12:18:10 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-12-04 12:18:10 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-12-04 12:18:10 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll

2013-12-04 12:18:10 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2013-12-04 12:18:10 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-12-13 10:22:05 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL

2013-12-13 10:22:00 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll

2013-12-13 10:16:20 A3427586C75749B51BF5DEBEDEB4AD5C 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-12-13 10:16:17 FB13F4873F6747AB4E3C37CAFEA8ACAE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2013-12-13 10:16:15 4E249022336591E9C6DE374A68C18EF6 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-12-13 10:16:12 2A0B7281854ACBECA25D8FDD06A4D714 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-12-13 10:16:12 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-12-13 10:16:11 EF098867663B07247587587C29E631DB 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-12-13 10:16:11 40B33A42F90DED26DE4F5AAFA00F24CA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2013-12-13 10:16:11 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-12-13 10:16:11 2E2875FFC6C2DC1ACF4F46AFC7819BD5 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-12-13 10:16:10 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2013-12-13 10:16:09 16B0A65F52531B769B891DC251ECC6C0 23183360 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-12-13 10:16:08 14074CF6190B937EB70BE2F93113B5FE 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2013-12-13 10:16:07 95EED00D70485F6F82983EB7C03CC42A 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2013-12-13 10:16:05 7016991D493B9F9FA492E75BD13D031D 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-12-13 10:16:04 C8CF11D73017CC588411FCB936891CF4 1395200 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-12-13 10:16:04 9B6678DB9C6A232C5A84D2FDFFF8B0E1 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-12-13 10:16:03 FA30E3DC75EA42FE19B819F30FBDED8D 1995264 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-12-13 10:16:02 EDF5C6A9F33FBD3D717D1B77A9864C64 12996608 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-12-13 10:15:57 6491B719695D713335B431FCF0EAE28B 5769216 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-12-12 10:16:47 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll

2013-12-12 10:16:46 97D50B0CABF18A6D40F8883D02DDB519 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys

2013-12-12 10:16:44 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll

2013-12-12 10:16:44 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll

2013-12-12 10:16:40 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2013-12-12 10:16:35 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe

2013-12-12 10:16:35 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll

2013-12-12 10:16:35 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx

2013-12-12 10:16:35 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe

2013-12-04 12:25:47 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE

2013-12-04 12:18:26 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2013-12-04 12:18:19 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll

2013-12-04 12:18:09 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll

2013-12-04 12:18:08 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-12-04 12:18:08 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll

2013-12-04 12:18:07 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2013-12-04 12:18:06 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe

2013-12-04 12:18:06 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll

2013-12-04 12:18:06 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe

2013-12-04 12:18:06 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll

2013-12-04 12:18:05 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll

2013-12-04 12:18:05 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-12-04 12:18:04 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2013-12-04 12:18:04 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx

2013-12-04 12:18:03 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec

2013-12-04 12:18:03 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2013-12-04 12:18:02 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf

2013-12-04 12:18:02 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2013-12-04 12:18:02 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat

2013-12-04 12:18:02 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll

2013-12-04 12:18:01 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2013-12-04 12:18:01 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll

2013-12-04 12:18:01 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2013-12-04 12:18:00 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll

2013-12-04 12:18:00 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll

2013-12-04 12:18:00 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-12-04 12:18:00 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll

2013-12-04 12:18:00 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe

2013-12-04 12:18:00 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe

2013-12-04 12:17:59 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-12-04 12:17:59 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-12-04 12:17:58 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll

2013-12-04 12:17:58 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll

2013-12-04 12:17:57 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-12-04 12:17:57 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2013-12-04 12:17:57 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe

2013-12-04 12:17:56 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll

2013-12-04 12:17:56 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll

====== C:\Windows\Sysnative\drivers =====

2013-12-12 10:16:36 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys

2013-12-12 10:16:36 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2013-12-15 13:09:03 -------- d-----w- C:\PROGRA~2\trend micro

2013-12-15 13:05:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

======= C: =====

2013-12-13 09:58:41 8D7CBC5FE55F887F0F556AC3E7DC046D 6768 ------w- C:\bootsqm.dat

====== C:\Users\Sander\AppData\Roaming ======

2013-12-15 12:50:53 -------- d-----w- C:\Users\Sander\AppData\Roaming\AVG2014

2013-12-15 12:49:35 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014

2013-12-15 12:47:33 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014

2013-12-15 12:45:16 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014

2013-12-15 12:41:23 -------- d-----w- C:\Users\Sander\AppData\Local\Avg2014

2013-12-15 09:43:31 CD7ADF45DD4E48BCC594C867985E8CF4 8220 ----a-w- C:\Users\Sander\AppData\Locallow\SkwConfig.bin

2013-12-14 16:51:39 -------- d-----w- C:\Users\Sander\AppData\Local\ElevatedDiagnostics

2013-12-14 16:11:44 -------- d-----w- C:\Users\Sander_2\AppData\Roaming\WinZip

2013-11-30 10:10:58 -------- d-----w- C:\Users\Sander_2\AppData\Roaming\ViberPC

2013-11-30 10:09:42 -------- d-----w- C:\Users\Sander\AppData\Local\Viber

2013-11-29 21:08:43 -------- d-----w- C:\Users\Sander\AppData\Local\VNT

2013-11-21 17:59:33 -------- d-----w- C:\Users\Sander_2\AppData\Local\Spotify

2013-11-21 17:59:28 -------- d-----w- C:\Users\Sander_2\AppData\Roaming\Spotify

2013-11-21 16:41:53 -------- d-----w- C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook

2013-11-16 10:01:21 -------- d-----w- C:\Users\Sander_2\AppData\Roaming\FlvtoConverter

2013-11-16 10:01:21 -------- d-----w- C:\Users\Sander_2\AppData\Local\FlvtoYoutubeDownloader

2013-11-16 10:00:39 -------- d-----w- C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader

2013-11-16 09:59:50 -------- d-----w- C:\Users\Sander_2\AppData\Local\Flvto Youtube Downloader

====== C:\Users\Sander ======

2013-12-15 13:08:44 DAAB3BCC6FA56354DECC22F4B9104F7F 339991 ----a-w- C:\Users\Sander\Downloads\RSIT-1.06.exe

2013-12-15 13:03:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-12-15 12:45:29 -------- d-----w- C:\ProgramData\AVG2014

2013-12-15 09:15:09 76B1717148C114D3A47147B1A5CCFFEA 4379048 ----a-w- C:\Users\Sander_2\Downloads\ccsetup407.exe

2013-12-14 12:38:43 E0F12443E372A1C7984252AC6C169DEB 2512960 ----a-w- C:\Users\Sander_2\Downloads\ooVooSetup.exe

2013-12-10 10:06:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==

2013-12-15 13:09:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Sander.exe

2013-12-15 12:45:15 0CB7E483A8A3F54F30EF1605C89D88CD 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3072491271-985545072-1069970057-1000\$I6YG76C.exe

2013-12-13 10:39:33 E718964FF769DA3690ADFB1EB745D17A 108032 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vtex.exe

2013-12-13 10:22:07 D21DD7BFC81C8623DE48EBB17133D59C 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2013-12-13 10:22:07 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2013-12-13 10:16:17 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2013-12-13 10:16:16 78CCC9D9665DC2A4DDC31CD99ED374FC 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2013-12-13 10:05:09 94118BEBD029F0CCB035D18C5B267DB3 2757632 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\hlmv.exe

2013-12-13 10:05:09 7A102CFE4065D4987216DA31031FA3BC 735744 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\dmxconvert.exe

2013-12-13 10:05:09 11FF6BBEE30852B60E19027051CF6423 8506880 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\studiomdl.exe

2013-12-11 15:14:44 D67FF39AB6D0F3AA11A311D960FBA242 33792 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\HardwareSurvey.exe

2013-12-11 15:13:51 0CEB7E0ED94727A5273C5332FD902879 29626816 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe

2013-12-11 12:13:53 39437C879606FD602D34B1E560E96181 78336 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\OpenVR\bin\openvr.exe

=== C: other files ==

2013-12-14 12:41:43 DDD6C31A2BB9FD3ECF3F0EA08D7816A9 255624 ----a-w- C:\Users\Sander\AppData\Local\Temp\scoped_dir_9668_27866\avg.crx

2013-12-12 10:16:46 97D50B0CABF18A6D40F8883D02DDB519 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-12-12 10:16:36 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys

2013-12-12 10:16:36 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys

2013-12-11 15:13:51 7621EDBBCA690E8C11B1FBE3B00B71F8 1918157 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Marvel Heroes\InstallDependencies\BranchConfigure\library.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Facebook Update"="C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"ONAIR"="C:\Program Files\ONAIR\ONAIR.exe"

"Clownfish"="C:\Program Files (x86)\Clownfish\Clownfish.exe"

"C32B1C3B921A67FAB6F28E040698993296D706C3._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

"GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"

"PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe"

"Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe"

"ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized"

[HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Sander_2\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

"7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

"Spotify"="C:\Users\Sander_2\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Sander_2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"SE"="C:\Users\Sander\AppData\Roaming\SkypEmoticons\SE.exe /minimized "

"Viber"="C:\Users\Sander\AppData\Local\Viber\Viber.exe StartMinimized"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

"Dolby Advanced Audio v2"="C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart"

"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

"Iminent"="C:\Program Files (x86)\Iminent\Iminent.exe /warmup F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"

"IminentMessenger"="C:\Program Files (x86)\Iminent\Iminent.Messengers.exe"

"SweetIM"="C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

"VNT"="C:\Program Files (x86)\VNT\vntldr.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Facebook Update"="C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"ONAIR"="C:\Program Files\ONAIR\ONAIR.exe"

"Clownfish"="C:\Program Files (x86)\Clownfish\Clownfish.exe"

"C32B1C3B921A67FAB6F28E040698993296D706C3._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

"GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"

"PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe"

"Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe"

"ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "

"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"

"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Folders ======================

2012-09-30 17:59:54 1326 ----a-w- C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 14:35]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000Core.job --a------ [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000UA.job --a------ C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe [30/09/2012 18:58]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002Core.job --a------ C:\Users\Sander_2\AppData\Local\Facebook\Update\FacebookUpdate.exe [21/11/2013 17:41]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002UA.job --a------ C:\Users\Sander_2\AppData\Local\Facebook\Update\FacebookUpdate.exe [21/11/2013 17:41]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/09/2012 17:01]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/09/2012 17:01]

C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe [21/03/2012 11:23]

C:\Windows\tasks\RMSchedule.job --a------ C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [21/03/2012 11:22]

C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17/01/2013 22:16]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000Core" [C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000UA" [C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002Core" [C:\Users\Sander_2\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002UA" [C:\Users\Sander_2\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\RMAutoUpdate" [C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe]

"C:\Windows\SysNative\tasks\RMSchedule" [C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe]

"C:\Windows\SysNative\tasks\ROC_REG_JAN_DELETE" [C:\ProgramData\AVG January 2013 Campaign\ROC.exe]

"C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"fmdownloader@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox" [15/09/2012 13:20]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"happylyrics@hpyproductions.net"="C:\Program Files (x86)\HappyLyrics\FF" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaajmgokiecajekipolejjhdgijlefj - C:\ProgramData\AskPartnerNetwork\Toolbar\VDJ-V7\CRX\ToolbarCR.crx[]

bbffdhejhaoiflnpooogkckfdcmmjppn - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]

bbjciahceamgodcoidkjpchnokgfpphh - C:\Users\Sander\AppData\Local\funmoods.crx[]

boipimhfjpakfgckhbljjengakjhkcbp - C:\Users\Sander\AppData\Roaming\BabSolution\CR\mixiDj.crx[]

bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[30/05/2012 14:56]

ealchnonpofjocgofjpopjdoegbbkofj - C:\Program Files (x86)\HappyLyrics\Chrome.crx[]

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Sander\AppData\Roaming\BabSolution\CR\delta2.crx[]

fmfnfnpmhcllokmkepffndflpnadjmma - C:\Program Files (x86)\DealPly\DealPly.crx[]

jmhhdaimhfblnamlcdijbaakkifakade - C:\Program Files (x86)\FindLyrics\Chrome.crx[]

kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[]

kpepfkjapeclaafmhoelccknpfedainn - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 11:14]

lpgjmggepafkhenaeknpnjiceakbedpi - C:\Users\Sander\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx[]

niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]

ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\SysWOW64\jmdp\SweetNT.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

amfclgbdpgndipgoegfpkkgobahigbcl - C:\Users\Sander\AppData\Local\Smartbar/Application\1Extension.crx[]

bbjciahceamgodcoidkjpchnokgfpphh - C:\Users\Sander\AppData\Local\funmoods.crx[]

lpgjmggepafkhenaeknpnjiceakbedpi - C:\Users\Sander\AppData\Local\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx[]

Happy Old Miner - Sander - Default\Extensions\aahdmajpnpehigpjimeikadfnmoadbff

Sniper World at War - Sander - Default\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Bejeweled - Sander - Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

ssurF anDo keep - Sander - Default\Extensions\afcflaijleeeoedohenpaonhgbhghmli

Angry Birds - Sander - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Death Worm Game - Sander - Default\Extensions\akoadonkmjegkcihpcfnennfohfmohgn

Street Wheels 2 3D - Sander - Default\Extensions\aldgglkhhafnfnpihlfgegcbajdekmgj

Snap.Do - Sander - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

Apple Shooter - Sander - Default\Extensions\amkbnncbhijlcnehhlpgloofblcfdbke

TV - Sander - Default\Extensions\beobeededemalmllhkmnkinmfembdimh

Show the YouTube Channel bar or the name. - Sander - Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

Truck Rush Seasons - Sander - Default\Extensions\bjaoeopnpdpehefaejhedebpkgljmgcc

YouTube - Sander - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Dirt Bike Games - Sander - Default\Extensions\bmbnpkmmbmniajjhocmmgblekhhmffge

Freemake Video Downloader - Sander - Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Fun Pong - Sander - Default\Extensions\cdfbkajeecnjallmbomdodielkoplnai

Tequila Zombies - Sander - Default\Extensions\cdjohbopflfhpkaenekfcnhagifenlja

Battlefield Heroes - Sander - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh

Orcs Attack - Sander - Default\Extensions\cgkcopkfnlnofihnpdipnjkmmabpfpgf

Gun Bros - Sander - Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Counter Strike - Sander - Default\Extensions\cjcnlokcjbjgiibclplfblgkdkmldpcp

Max Speed - Sander - Default\Extensions\ckipmjioohlpgdjhdooogjjinlipckoe

Monster Dash - Sander - Default\Extensions\cknghehebaconkajgiobncfleofebcog

Chainsaw - Sander - Default\Extensions\cnhjeeoapamnboddppjdkiklkfdbnkkn

Prison Break Breakout - Sander - Default\Extensions\cnnbogdhmkifhilnndainjieplndpmbj

Facebook and Flickr photos made fun - Sander - Default\Extensions\cokhhceailhgobcmmhcdhihdoemmepej

Google Search - Sander - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gibbets - Sander - Default\Extensions\copjdfbaggaghhnajhgmcjpfejkfniba

Fun Switcher - Sander - Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Shopping Cart Hero 3 - Sander - Default\Extensions\dfpkcohlgmgmbcileadnhbhbokpgpnhb

Dash Or Crash - Sander - Default\Extensions\dgjpjgpikponlfappokopokggojlelni

World of Tanks Southeast Asia - Sander - Default\Extensions\djehgdpiejdcdjbjocbocahdeoklamdi

Barcodescanner - Sander - Default\Extensions\djhpfbgdddnoikiapfajgchbicmhlbig

Future Buddy - Sander - Default\Extensions\dknffcbjdomjglljnckcbffldhigapgj

Build The Bridge - Sander - Default\Extensions\dobkhdbgngejjepmdfapnihdnmicljjp

3D Racing - Sander - Default\Extensions\edibjaleplmkklgdabaddfombdbcafek

Pixlr-o-matic - Sander - Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj

Penguin Combat - Sander - Default\Extensions\ehoglceicemjdngkmfgpdamgglhediod

Transformers-2 - Sander - Default\Extensions\ejccmdbinibfjahdplhmokpbjhkgclha

Stunt Dirt Bike 2 - Sander - Default\Extensions\elfneekolekdcilnomihglgnfhfnjoff

deathCLICK - Sander - Default\Extensions\enbfnadfgciogjeghkkdclpnpagbpdkd

A Space Shooter for FREE - Sander - Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Crime City - Sander - Default\Extensions\fdbacnnicmbpfcmiapnfjbefkggclmco

Causality Games - Sander - Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander - Default\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Earn To Die - Sander - Default\Extensions\fhofbeoifjicanmgipjabehlipnlbmja

Dragon Quest - Sander - Default\Extensions\fjijhnpbbhmlfkefhdaajhabllehenlm

Stupeflix Video Maker - Sander - Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Ultimate Street Car Racer - Sander - Default\Extensions\fkhlplfgnlmpppihiigcpbgehohljaam

Digital Clock - Sander - Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo

Tower Inator - Sander - Default\Extensions\gipkgikjdkncfjdigghlhhagpkgieico

Tarzan Jungle Of Doom 3D - Sander - Default\Extensions\gjocnmdnbfghlogmiekgpmljhgjlgimp

Cut the Rope - Sander - Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj

Amazing Spiderman - Sander - Default\Extensions\gkjcckbgnllocijgaalmoaplfehcclng

Mad Tanks - Sander - Default\Extensions\gkpcnjdemhehddahgikcmlbdnoeknmdp

Counter Strike New Version - Sander - Default\Extensions\gmpehckjcedphjamnipbjbajnfgkfbkm

DownlOAD keeper - Sander - Default\Extensions\gnddhnadliaapljldamjebhoahfmpkop

Fun with English - Sander - Default\Extensions\gnnihicnkdmmdnpjnjoegecndbhdkgmm

Crazy Buggy 3D - Sander - Default\Extensions\gooihknicmgbfhbfcobcgfjllcglkoik

Hang Man (Tamil Movies) - Sander - Default\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Counter Strike - Sander - Default\Extensions\hbnpeifkgfblmnmihpaeniclpnkhpdkg

Transformer Robot War - Sander - Default\Extensions\hcgibljfdjikojdglnfhffeoplhcjnfb

GrooveStation - Sander - Default\Extensions\hcmgeicdknaimapckemfeieiedealnno

Marvel Comics - Sander - Default\Extensions\hjhfaknohpjconjoefidanhihokmkice

Transformers 3 - Sander - Default\Extensions\hmopeddmckkiokkopennmgdiadfnkcfk

Armenian Online TV - Sander - Default\Extensions\hogboicpepifiecelnhkpolkjkljmoak

Hitstick 6 - Sander - Default\Extensions\hpgphjoojglhpcfhpgjmhnfeabfekdme

Fun Tetris - Sander - Default\Extensions\ibelmnhbipjkokecobnlonmmfjklajkk

Serious Sam: The First Encounter (DEMO) - Sander - Default\Extensions\icbfppfaccaljnjbfeooceefehpccbkh

Google Play Music - Sander - Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg

Monster Shooting - Sander - Default\Extensions\ideadnndagipnaeokmkhcokccpmaapkm

Transformers Prestige - Sander - Default\Extensions\ifcnnldlbmpllpmbjcekgnmaipimjgma

Apocalypse City - Sander - Default\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

OrangeFPS on Roozz - Sander - Default\Extensions\ifnckhopllcmleegegheacblhehfifei

Billiard - Sander - Default\Extensions\ifohmelldfcaeocfiponabmlbmdpnkjj

Iminent - Sander - Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl

Cubi Kill 2 - Sander - Default\Extensions\ignmcpkkgibhepbagkpnagoomodbjghn

TRANSFORMERS PRESTIGE - Sander - Default\Extensions\ihpilfgpklhifknjkilfapaghcidopah

Santa Can Fly - Sander - Default\Extensions\ijnjeadmcoiglgongpaknblabefpogei

Fast Car - Sander - Default\Extensions\ilnilkflnlkekeioahamkfjcklliecpf

Tanks Rage - Sander - Default\Extensions\imiagbbpcdaikfajfdpfemgmngigphfl

Dune Buggy - Sander - Default\Extensions\ioejnggmefeodnemhhbnmdcbmjpifebp

ButtonBeats Freestyle Mic - Sander - Default\Extensions\japiahodfdinifdeedclfnbeojkhkkmi

13 Days After - Sander - Default\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander - Default\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

Fun Kids Radio - Sander - Default\Extensions\jelkgophonighpbmekmdjpjnnelcncih

Drug Racer 3d - Sander - Default\Extensions\jfhdjifalcmagjkkclpbjglmnpnobjhp

Pirate Galaxy - Sander - Default\Extensions\jglbmpjjclfacomhldhlpekbjfbchedp

3D Bike race - Sander - Default\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

Newspaper Boy - Sander - Default\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

Truck Loader 2 - Sander - Default\Extensions\joidkelepbgedjiageepconmpfihhpni

Calculator - Sander - Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

CS Portable - Sander - Default\Extensions\kehgknidddmaiolpbpienmbkhkofalam

Hulk Smash Up - Sander - Default\Extensions\kfhjdimdpomcofilfpdbdengiafaoehd

Sharp Trigger 2 - Sander - Default\Extensions\kfkeaemnlafmglocfpcagiikdnjggdik

KWICK Community - Sander - Default\Extensions\kfmlccgdifmjkichgfmelkappjdfabka

Halo Game - Sander - Default\Extensions\kijdoigcckfmpadchmhhnpbobbhijkil

Soldiers-Shooting - Sander - Default\Extensions\kijplmdlceddmoejcejdclmgameekglh

Blast PingPong - Sander - Default\Extensions\kjdkomgefikcdchdpjfgjfpagieofnem

Grepolis - Sander - Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog

Break The Wall - Sander - Default\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Meet new people on Badoo - Sander - Default\Extensions\kmaoahaepmkmdhaohjjakbkeeelpbenb

Little Alchemy - Sander - Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd

YoutubeBookmark - Sander - Default\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo

MixiDj Chrome Toolbar - Sander - Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn

Satellite Finder - Sander - Default\Extensions\laadpcgmfdkmmkhnhoaalgbjoahkjlpn

Transformers Battle 3d HD - Sander - Default\Extensions\laekaknjpacoppmkicciehhfliihingk

Motocross - Sander - Default\Extensions\lddlapllhlmplllbneiocoojnlokmlcb

Air Hockey World Edition - Sander - Default\Extensions\ldpnjnhkipephakkibngncljbhmgjkfi

Webcam Toy - Sander - Default\Extensions\lfbgimoladefibpklnfmkpknadbklade

Formula 3D - Sander - Default\Extensions\lghfgmfahpnfhgccebpggchongngfepf

Skype Click to Call - Sander - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Supah Ninjas - Sander - Default\Extensions\liodkmfjhbljafkbhhhinlmodecefbcl

Happy Wheels - Sander - Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp

Apocalypse Motor Racers - Sander - Default\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

YoutubeAdblocker - Sander - Default\Extensions\lokopnapnolbgcmklbknjndpnogpiknm

Contract Killer - Sander - Default\Extensions\meklndaflopgghbomkdpofehonfclipi

Google Mail Checker - Sander - Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff

ButtonBeats Guitar - Sander - Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander - Default\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Stunt Dirt Bike - Sander - Default\Extensions\mkoidgomcchlgmpnlpooohkbpjmpljmc

Plants vs Zombies - Sander - Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander - Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

BMX Park - Sander - Default\Extensions\moalaglehgefgniipmkfolhkhncbjbgb

Iron Man Armored Justice HD Game - Sander - Default\Extensions\moicjngdpebgblmedjmafhiedhimiplk

SearchNewTab - Sander - Default\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali

Crusader Tank - Sander - Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem

Urban Crusher - Sander - Default\Extensions\naklgfiamfbhmfbggjlbcogpkhgcngnb

Ace Pilots - Sander - Default\Extensions\ndfkfbdpnknippjjpkdoiadggmohdpfg

Online TV - Sander - Default\Extensions\noiljfbhlcdemimoiefmdnnddogepkmp

Live Online TV 24/7 - Sander - Default\Extensions\npdlhfeockcidgemjbccenihbmiadbnm

Rally Expert - Sander - Default\Extensions\occfbdbgdodefnegmkafdlebmmifikkn

Ogre Sample Browser NaCl - Sander - Default\Extensions\ocpoapiejnpokdojkgjhglijajghikla

3D Sniper - Sander - Default\Extensions\oddaibgpdefmpenbnpjbeejocmljfjka

Hang Man (Hollywood Movies) - Sander - Default\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Shanghai Mahjongg - Sander - Default\Extensions\odpibjjkhpmapleapondffcppfnhfffi

Bike Race - Sander - Default\Extensions\ogpdbicclanacoblahocfoggbfhaeend

PhotoMania - Sander - Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj

Football forum info actu - LiveFoot - Sander - Default\Extensions\ojlhodidmnkeaiogakfggddlehjphmec

BMX Master - Sander - Default\Extensions\okljdbooggmpjllhjaloafbphmiaogje

Type Command Robot - Sander - Default\Extensions\omfgnhmkahndgcobggaeljcpklbcjbaf

Mafia The Revenge - Sander - Default\Extensions\onflccejinfcakflpembfjgfjlbnedcb

Sharp Triger 2hd - Sander - Default\Extensions\pcimmfgjfimldfhgfpipmfbloodlcdml

PhotoFit Me - Sander - Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

Free Online TV - Sander - Default\Extensions\picldhpkcgmgfnmombladhakcganoghd

SearchNewTab - Sander - Default\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd

Gmail - Sander - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Virtual DJ Toolbar - Sander - Profile 2\Extensions\aaaajmgokiecajekipolejjhdgijlefj

Happy Old Miner - Sander - Profile 2\Extensions\aahdmajpnpehigpjimeikadfnmoadbff

Sniper World at War - Sander - Profile 2\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Tetris Battle - Sander - Profile 2\Extensions\adjkpghbnknolhdbgpllnfmohekjfjmo

Bejeweled - Sander - Profile 2\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

ssurF anDo keep - Sander - Profile 2\Extensions\afcflaijleeeoedohenpaonhgbhghmli

Pick and Dig 3 - Sander - Profile 2\Extensions\aiicifcdhldlkckolgehbflbjiklhoim

Tanks V2 - Sander - Profile 2\Extensions\ailcjlbajockobcilfdmjglglhgjhacd

Angry Birds - Sander - Profile 2\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Running Fred - Sander - Profile 2\Extensions\amfalcbcdebaemokjapphcfnldiogddk

Snap.Do - Sander - Profile 2\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

Apple Shooter - Sander - Profile 2\Extensions\amkbnncbhijlcnehhlpgloofblcfdbke

Flying Penguins - Sander - Profile 2\Extensions\aodicoaabhbnkgdejjohokjnapopljhf

Google Drive - Sander - Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf

Doodle or Die - Sander - Profile 2\Extensions\baocjgbppdpelkefhfhblacenjhhmlmf

FTdownloader V3.0 - Sander - Profile 2\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn

Funmoods - Sander - Profile 2\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

TV - Sander - Profile 2\Extensions\beobeededemalmllhkmnkinmfembdimh

Show the YouTube Channel bar or the name. - Sander - Profile 2\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

FartDroid - Sander - Profile 2\Extensions\bfeefdenbeaddnjdahhfkakhinfppmbc

Truck Rush Seasons - Sander - Profile 2\Extensions\bjaoeopnpdpehefaejhedebpkgljmgcc

YouTube - Sander - Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Dirt Bike Games - Sander - Profile 2\Extensions\bmbnpkmmbmniajjhocmmgblekhhmffge

MixiDJ Toolbar - Sander - Profile 2\Extensions\boipimhfjpakfgckhbljjengakjhkcbp

Freemake Video Downloader - Sander - Profile 2\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Swingers - Sander - Profile 2\Extensions\bppakloppheaamioeonkgjeegphlglaf

Fun Pong - Sander - Profile 2\Extensions\cdfbkajeecnjallmbomdodielkoplnai

Daily Bikini Babe - Sander - Profile 2\Extensions\checlelldfddipjbdhmijdjhiebcohkf

Tanki Online - Sander - Profile 2\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo

Gun Bros - Sander - Profile 2\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Max Speed - Sander - Profile 2\Extensions\ckipmjioohlpgdjhdooogjjinlipckoe

Monster Dash - Sander - Profile 2\Extensions\cknghehebaconkajgiobncfleofebcog

Chainsaw - Sander - Profile 2\Extensions\cnhjeeoapamnboddppjdkiklkfdbnkkn

Facebook and Flickr photos made fun - Sander - Profile 2\Extensions\cokhhceailhgobcmmhcdhihdoemmepej

Google Search - Sander - Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gibbets - Sander - Profile 2\Extensions\copjdfbaggaghhnajhgmcjpfejkfniba

Farm Frenzy 2 - Sander - Profile 2\Extensions\dcfpkddmnpgkibhaebjicfmgmmbdjmap

Fun Switcher - Sander - Profile 2\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Shopping Cart Hero 3 - Sander - Profile 2\Extensions\dfpkcohlgmgmbcileadnhbhbokpgpnhb

Dash Or Crash - Sander - Profile 2\Extensions\dgjpjgpikponlfappokopokggojlelni

World of Tanks Southeast Asia - Sander - Profile 2\Extensions\djehgdpiejdcdjbjocbocahdeoklamdi

Barcodescanner - Sander - Profile 2\Extensions\djhpfbgdddnoikiapfajgchbicmhlbig

Build a Robot - Sander - Profile 2\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo

Future Buddy - Sander - Profile 2\Extensions\dknffcbjdomjglljnckcbffldhigapgj

Candy Crush Saga - Sander - Profile 2\Extensions\dleebmllljpdnpdlhfimngmdnhabkgce

Build The Bridge - Sander - Profile 2\Extensions\dobkhdbgngejjepmdfapnihdnmicljjp

Sumo Paint - Sander - Profile 2\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

Happy Lyrics - Sander - Profile 2\Extensions\ealchnonpofjocgofjpopjdoegbbkofj

3D Quad Bike Racing - Sander - Profile 2\Extensions\eblldgmkeppinciamdhekgehoepckfpn

3D Racing - Sander - Profile 2\Extensions\edibjaleplmkklgdabaddfombdbcafek

Monster Trucks Nitro 2 - Sander - Profile 2\Extensions\edonejldekhljklclipjpdjdgmaimnbg

Tetris - Sander - Profile 2\Extensions\eeehcmbhicglclggakomjhhlmemhjbde

Magic Magnetic - Sander - Profile 2\Extensions\efkmdnbliigogeinkaghcmcmhpnjcndg

Pixlr-o-matic - Sander - Profile 2\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj

Penguin Combat - Sander - Profile 2\Extensions\ehoglceicemjdngkmfgpdamgglhediod

Fart Machine - Sander - Profile 2\Extensions\einpcfelmfefokagdipbcfomecfbdggn

On The Run 2 - Sander - Profile 2\Extensions\eipblbikehoiimjpjgjofhfkpojjboea

FruitFest on Roozz - Sander - Profile 2\Extensions\ejbfklcnojhimbbngfdgnnjodnekcjlc

Transformers-2 - Sander - Profile 2\Extensions\ejccmdbinibfjahdplhmokpbjhkgclha

Stunt Dirt Bike 2 - Sander - Profile 2\Extensions\elfneekolekdcilnomihglgnfhfnjoff

deathCLICK - Sander - Profile 2\Extensions\enbfnadfgciogjeghkkdclpnpagbpdkd

Delta Toolbar - Sander - Profile 2\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

A Space Shooter for FREE - Sander - Profile 2\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Who's knocking on the door? - Sander - Profile 2\Extensions\eppldkeacbgnkjkabpnikmlnokknlcbc

7 Dragons - Sander - Profile 2\Extensions\falmapjpdbjldpjkfbekligjjedakmmk

Bikini TV - Sander - Profile 2\Extensions\fcanljafkhmmideajcgekocpbdhkened

Crime City - Sander - Profile 2\Extensions\fdbacnnicmbpfcmiapnfjbefkggclmco

Causality Games - Sander - Profile 2\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander - Profile 2\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Stupeflix Video Maker - Sander - Profile 2\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Ultimate Street Car Racer - Sander - Profile 2\Extensions\fkhlplfgnlmpppihiigcpbgehohljaam

Voodoo Friends - Sander - Profile 2\Extensions\fmedapekkakaehidplfhmblngkelolaj

Christmas Match - Sander - Profile 2\Extensions\gaflplinpgjofgdajleeflpoeijeopgn

Digital Clock - Sander - Profile 2\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo

Tilt 3D - Sander - Profile 2\Extensions\ggaeedikcbkhmilmfafnbdmofhaiepdo

Tower Inator - Sander - Profile 2\Extensions\gipkgikjdkncfjdigghlhhagpkgieico

Cut the Rope - Sander - Profile 2\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj

Amazing Spiderman - Sander - Profile 2\Extensions\gkjcckbgnllocijgaalmoaplfehcclng

Mad Tanks - Sander - Profile 2\Extensions\gkpcnjdemhehddahgikcmlbdnoeknmdp

Counter Strike New Version - Sander - Profile 2\Extensions\gmpehckjcedphjamnipbjbajnfgkfbkm

DownlOAD keeper - Sander - Profile 2\Extensions\gnddhnadliaapljldamjebhoahfmpkop

Fun with English - Sander - Profile 2\Extensions\gnnihicnkdmmdnpjnjoegecndbhdkgmm

4 Elements on Roozz - Sander - Profile 2\Extensions\gonkeffmgaefakoakpgmeecibpkoaokf

Crazy Buggy 3D - Sander - Profile 2\Extensions\gooihknicmgbfhbfcobcgfjllcglkoik

Hang Man (Tamil Movies) - Sander - Profile 2\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Counter Strike - Sander - Profile 2\Extensions\hbnpeifkgfblmnmihpaeniclpnkhpdkg

GrooveStation - Sander - Profile 2\Extensions\hcmgeicdknaimapckemfeieiedealnno

Fishdom 2 - Sander - Profile 2\Extensions\heocjlpcpbjfbnidbblimegpaddbhdmf

Marvel Comics - Sander - Profile 2\Extensions\hjhfaknohpjconjoefidanhihokmkice

Cargo Bridge: Armor Games Edition - Sander - Profile 2\Extensions\hlpiaibleklmjieibbnmkignbggodmmj

Troll Emoticons - Sander - Profile 2\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik

Illyriad - Sander - Profile 2\Extensions\hnfbcdoedgikkjokbgejbgkgijnoaanb

Fiery Music - Sander - Profile 2\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon

Armenian Online TV - Sander - Profile 2\Extensions\hogboicpepifiecelnhkpolkjkljmoak

Hitstick 6 - Sander - Profile 2\Extensions\hpgphjoojglhpcfhpgjmhnfeabfekdme

Fun Tetris - Sander - Profile 2\Extensions\ibelmnhbipjkokecobnlonmmfjklajkk

Serious Sam: The First Encounter (DEMO) - Sander - Profile 2\Extensions\icbfppfaccaljnjbfeooceefehpccbkh

Google Play Music - Sander - Profile 2\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg

Monster Shooting - Sander - Profile 2\Extensions\ideadnndagipnaeokmkhcokccpmaapkm

Apocalypse City - Sander - Profile 2\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

OrangeFPS on Roozz - Sander - Profile 2\Extensions\ifnckhopllcmleegegheacblhehfifei

Ready for action space pilot? Evil aliens unknown phenomena and risky missions await you here - Sander - Profile 2\Extensions\igfellpkdddmaldkbohekiikcmadbdnj

Cubi Kill 2 - Sander - Profile 2\Extensions\ignmcpkkgibhepbagkpnagoomodbjghn

TRANSFORMERS PRESTIGE - Sander - Profile 2\Extensions\ihpilfgpklhifknjkilfapaghcidopah

Web Games - Sander - Profile 2\Extensions\iigfbhonoanhlehkpjifkhdfbnacokcg

Santa Can Fly - Sander - Profile 2\Extensions\ijnjeadmcoiglgongpaknblabefpogei

Fast Car - Sander - Profile 2\Extensions\ilnilkflnlkekeioahamkfjcklliecpf

Alias Runner Apocalypse - Sander - Profile 2\Extensions\imaadejkkljcjjbobochcgbacjffjjdc

Tanks Rage - Sander - Profile 2\Extensions\imiagbbpcdaikfajfdpfemgmngigphfl

ButtonBeats Freestyle Mic - Sander - Profile 2\Extensions\japiahodfdinifdeedclfnbeojkhkkmi

13 Days After - Sander - Profile 2\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander - Profile 2\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

Fun Kids Radio - Sander - Profile 2\Extensions\jelkgophonighpbmekmdjpjnnelcncih

Pirate Galaxy: An Epic Space Game - Sander - Profile 2\Extensions\jglbmpjjclfacomhldhlpekbjfbchedp

3D Bike race - Sander - Profile 2\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

FindLyrics - Sander - Profile 2\Extensions\jmhhdaimhfblnamlcdijbaakkifakade

Newspaper Boy - Sander - Profile 2\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

Truck Loader 2 - Sander - Profile 2\Extensions\joidkelepbgedjiageepconmpfihhpni

Hangman - Sander - Profile 2\Extensions\kbdhnpbkeedljpiaicggknhgofminojn

DefaultTab - Sander - Profile 2\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Calculator - Sander - Profile 2\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Cargo Bridge - Sander - Profile 2\Extensions\keembkgclppcbilkekfgpobhldjjhpmn

Civiballs Xmas Levels - Sander - Profile 2\Extensions\kegbhdmfhnlffankokpjdnnnbefeejcb

Sharp Trigger 2 - Sander - Profile 2\Extensions\kfkeaemnlafmglocfpcagiikdnjggdik

KWICK Community - Sander - Profile 2\Extensions\kfmlccgdifmjkichgfmelkappjdfabka

Best App Finder - Sander - Profile 2\Extensions\khgajindohffipfffpblkdcofalhmkdn

Blast PingPong - Sander - Profile 2\Extensions\kjdkomgefikcdchdpjfgjfpagieofnem

Grepolis - Sander - Profile 2\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog

Break The Wall - Sander - Profile 2\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Meet new people on Badoo - Sander - Profile 2\Extensions\kmaoahaepmkmdhaohjjakbkeeelpbenb

Cover Orange Players Pack 3 - Sander - Profile 2\Extensions\kmbmidhlafbdocjgcckfbheingaemmhk

Bird Brawl - Sander - Profile 2\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk

Personal Trainer - Sander - Profile 2\Extensions\kmgohkgndpahjklgpdihieeedjeneoke

Monkey Go Happy 4 - Sander - Profile 2\Extensions\kmhcpeadjemaopamdggcfaelcjaibekm

Little Alchemy - Sander - Profile 2\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd

YoutubeBookmark - Sander - Profile 2\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo

Satellite Finder - Sander - Profile 2\Extensions\laadpcgmfdkmmkhnhoaalgbjoahkjlpn

Motocross - Sander - Profile 2\Extensions\lddlapllhlmplllbneiocoojnlokmlcb

Air Hockey World Edition - Sander - Profile 2\Extensions\ldpnjnhkipephakkibngncljbhmgjkfi

Webcam Toy - Sander - Profile 2\Extensions\lfbgimoladefibpklnfmkpknadbklade

Skype Click to Call - Sander - Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Angry Ninjas - Sander - Profile 2\Extensions\ligmjnhbaaodpipmddgffagbgiahjiba

Supah Ninjas - Sander - Profile 2\Extensions\liodkmfjhbljafkbhhhinlmodecefbcl

Happy Wheels - Sander - Profile 2\Extensions\ljdngafdeknonigdklkdlolkefpigejp

Apocalypse Motor Racers - Sander - Profile 2\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

Fieldrunners - Sander - Profile 2\Extensions\lkpikhjbfbffdblahfidklcohlaeabak

InnoGames International - Sander - Profile 2\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi

Swing - Sander - Profile 2\Extensions\lpnmooccnldfhihdhcibcefallgdogda

Carbon Combat - Sander - Profile 2\Extensions\mamcmmijgmnpgdjlicejeeldnjoieoeo

Countdown to Star Wars: The Old Republic - Sander - Profile 2\Extensions\mbihkjkcifmppkkokenooaijbjblefdm

Contract Killer - Sander - Profile 2\Extensions\meklndaflopgghbomkdpofehonfclipi

Farm Frenzy 3: American Pie - Sander - Profile 2\Extensions\mgkcngacodlggphhjngelhdkkjkfdila

Google Mail Checker - Sander - Profile 2\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff

ButtonBeats Guitar - Sander - Profile 2\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander - Profile 2\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Stunt Dirt Bike - Sander - Profile 2\Extensions\mkoidgomcchlgmpnlpooohkbpjmpljmc

Plants vs Zombies - Sander - Profile 2\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander - Profile 2\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

BMX Park - Sander - Profile 2\Extensions\moalaglehgefgniipmkfolhkhncbjbgb

SearchNewTab - Sander - Profile 2\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali

Crusader Tank - Sander - Profile 2\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem

Urban Crusher - Sander - Profile 2\Extensions\naklgfiamfbhmfbggjlbcogpkhgcngnb

Ace Pilots - Sander - Profile 2\Extensions\ndfkfbdpnknippjjpkdoiadggmohdpfg

BeGone - Sander - Profile 2\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk

AVG Security Toolbar - Sander - Profile 2\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Curling - Sander - Profile 2\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp

Tower Bloxx - Sander - Profile 2\Extensions\nkpbgebnjgjblcecedfimoijncdegpno

Google Wallet - Sander - Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Online TV - Sander - Profile 2\Extensions\noiljfbhlcdemimoiefmdnnddogepkmp

DuckLife3 Evolution - Sander - Profile 2\Extensions\obnapbknabbfcfioencalfeobakjhnha

Rally Expert - Sander - Profile 2\Extensions\occfbdbgdodefnegmkafdlebmmifikkn

Ping Pong - Sander - Profile 2\Extensions\ockfllocbdnnmdgcmclaihhjkapdfajl

Ogre Sample Browser NaCl - Sander - Profile 2\Extensions\ocpoapiejnpokdojkgjhglijajghikla

3D Sniper - Sander - Profile 2\Extensions\oddaibgpdefmpenbnpjbeejocmljfjka

Hang Man (Hollywood Movies) - Sander - Profile 2\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Demologic 2 - Sander - Profile 2\Extensions\odoacclbahchdiobeofhhikafdekcnmo

Shanghai Mahjongg - Sander - Profile 2\Extensions\odpibjjkhpmapleapondffcppfnhfffi

Background Tab - Sander - Profile 2\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic

SweetPacks Chrome Extension - Sander - Profile 2\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Private Joe: Urban Warfare - Sander - Profile 2\Extensions\ogmpedngmnolclkmlpcdgmfonlagkejp

Bike Race - Sander - Profile 2\Extensions\ogpdbicclanacoblahocfoggbfhaeend

PhotoMania - Sander - Profile 2\Extensions\ohodmcahedcphoipgooelhjcfahodhcj

Mini Ninjas - Sander - Profile 2\Extensions\oijfbknbncemokdnlboeabbcfhobechi

Football forum info actu - LiveFoot - Sander - Profile 2\Extensions\ojlhodidmnkeaiogakfggddlehjphmec

Penguin Slice - Sander - Profile 2\Extensions\okflagoeojoippcanifjmfmiahbgjngh

BMX Master - Sander - Profile 2\Extensions\okljdbooggmpjllhjaloafbphmiaogje

Shimiegames - Sander - Profile 2\Extensions\oldobllpfnikfcngappiefcibionajof

Type Command Robot - Sander - Profile 2\Extensions\omfgnhmkahndgcobggaeljcpklbcjbaf

Climb or Drown - Sander - Profile 2\Extensions\omfoiaaaplodaeokegmjphakphcbmiip

Mafia The Revenge - Sander - Profile 2\Extensions\onflccejinfcakflpembfjgfjlbnedcb

PhotoFit Me - Sander - Profile 2\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

Actuele Vertrektijden - Sander - Profile 2\Extensions\pfebamleeekjjdnkcjbgimhgcdpcpdfd

Running - Sander - Profile 2\Extensions\pibmbphgclmikgclcjlfnlepeofhcffm

Free Online TV - Sander - Profile 2\Extensions\picldhpkcgmgfnmombladhakcganoghd

4 Elements - Sander - Profile 2\Extensions\pikbkfgccjpiodjimjpkjdaihnigkcck

SearchNewTab - Sander - Profile 2\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd

Gmail - Sander - Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Firebug - Sander - Profile 2\Extensions\pkinjljgfpalpgjebaiegcgnaapdbmif

Fishdom - Sander - Profile 2\Extensions\plkccdpiifjkmjpinpcmndkifhnjhooj

Happy Old Miner - Sander_2 - Default\Extensions\aahdmajpnpehigpjimeikadfnmoadbff

Sniper World at War - Sander_2 - Default\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Doodle Jump Deluxe Flash HD - Sander_2 - Default\Extensions\abkhhgjpfcnmmpmhghohpfkcgoineebk

Tetris Battle - Sander_2 - Default\Extensions\adjkpghbnknolhdbgpllnfmohekjfjmo

Bejeweled - Sander_2 - Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

ssurF anDo keep - Sander_2 - Default\Extensions\afcflaijleeeoedohenpaonhgbhghmli

Tanks V2 - Sander_2 - Default\Extensions\ailcjlbajockobcilfdmjglglhgjhacd

Angry Birds - Sander_2 - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Running Fred - Sander_2 - Default\Extensions\amfalcbcdebaemokjapphcfnldiogddk

Apple Shooter - Sander_2 - Default\Extensions\amkbnncbhijlcnehhlpgloofblcfdbke

Doodle or Die - Sander_2 - Default\Extensions\baocjgbppdpelkefhfhblacenjhhmlmf

Funmoods - Sander_2 - Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

TV - Sander_2 - Default\Extensions\beobeededemalmllhkmnkinmfembdimh

Show the YouTube Channel bar or the name. - Sander_2 - Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

FartDroid - Sander_2 - Default\Extensions\bfeefdenbeaddnjdahhfkakhinfppmbc

Truck Rush Seasons - Sander_2 - Default\Extensions\bjaoeopnpdpehefaejhedebpkgljmgcc

YouTube - Sander_2 - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Dirt Bike Games - Sander_2 - Default\Extensions\bmbnpkmmbmniajjhocmmgblekhhmffge

Call of Duty: Black OPS II - Sander_2 - Default\Extensions\bnfeapbdokcoajleapjdbmkhngkbgnbc

Swingers - Sander_2 - Default\Extensions\bppakloppheaamioeonkgjeegphlglaf

Fun Pong - Sander_2 - Default\Extensions\cdfbkajeecnjallmbomdodielkoplnai

Daily Bikini Babe - Sander_2 - Default\Extensions\checlelldfddipjbdhmijdjhiebcohkf

Tanki Online - Sander_2 - Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo

Gun Bros - Sander_2 - Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Monster Dash - Sander_2 - Default\Extensions\cknghehebaconkajgiobncfleofebcog

STRATEGO - Official - Sander_2 - Default\Extensions\ckpgdjbodiacocpojlgipgkphcihfbdo

Facebook and Flickr photos made fun - Sander_2 - Default\Extensions\cokhhceailhgobcmmhcdhihdoemmepej

Google Search - Sander_2 - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Farm Frenzy 2 - Sander_2 - Default\Extensions\dcfpkddmnpgkibhaebjicfmgmmbdjmap

Fun Switcher - Sander_2 - Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Shopping Cart Hero 3 - Sander_2 - Default\Extensions\dfpkcohlgmgmbcileadnhbhbokpgpnhb

Dash Or Crash - Sander_2 - Default\Extensions\dgjpjgpikponlfappokopokggojlelni

Barcodescanner - Sander_2 - Default\Extensions\djhpfbgdddnoikiapfajgchbicmhlbig

Build a Robot - Sander_2 - Default\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo

Future Buddy - Sander_2 - Default\Extensions\dknffcbjdomjglljnckcbffldhigapgj

Candy Crush Saga - Sander_2 - Default\Extensions\dleebmllljpdnpdlhfimngmdnhabkgce

Sumo Paint - Sander_2 - Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

3D Quad Bike Racing - Sander_2 - Default\Extensions\eblldgmkeppinciamdhekgehoepckfpn

3D Racing - Sander_2 - Default\Extensions\edibjaleplmkklgdabaddfombdbcafek

Monster Trucks Nitro 2 - Sander_2 - Default\Extensions\edonejldekhljklclipjpdjdgmaimnbg

Tetris - Sander_2 - Default\Extensions\eeehcmbhicglclggakomjhhlmemhjbde

Magic Magnetic - Sander_2 - Default\Extensions\efkmdnbliigogeinkaghcmcmhpnjcndg

Pixlr-o-matic - Sander_2 - Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj

Penguin Combat - Sander_2 - Default\Extensions\ehoglceicemjdngkmfgpdamgglhediod

Fart Machine - Sander_2 - Default\Extensions\einpcfelmfefokagdipbcfomecfbdggn

On The Run 2 - Sander_2 - Default\Extensions\eipblbikehoiimjpjgjofhfkpojjboea

FruitFest on Roozz - Sander_2 - Default\Extensions\ejbfklcnojhimbbngfdgnnjodnekcjlc

Transformers-2 - Sander_2 - Default\Extensions\ejccmdbinibfjahdplhmokpbjhkgclha

deathCLICK - Sander_2 - Default\Extensions\enbfnadfgciogjeghkkdclpnpagbpdkd

A Space Shooter for FREE - Sander_2 - Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Who's knocking on the door? - Sander_2 - Default\Extensions\eppldkeacbgnkjkabpnikmlnokknlcbc

Bikini TV - Sander_2 - Default\Extensions\fcanljafkhmmideajcgekocpbdhkened

Causality Games - Sander_2 - Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander_2 - Default\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Stupeflix Video Maker - Sander_2 - Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Ultimate Street Car Racer - Sander_2 - Default\Extensions\fkhlplfgnlmpppihiigcpbgehohljaam

Voodoo Friends - Sander_2 - Default\Extensions\fmedapekkakaehidplfhmblngkelolaj

Christmas Match - Sander_2 - Default\Extensions\gaflplinpgjofgdajleeflpoeijeopgn

Digital Clock - Sander_2 - Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo

Tilt 3D - Sander_2 - Default\Extensions\ggaeedikcbkhmilmfafnbdmofhaiepdo

Cut the Rope - Sander_2 - Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj

Amazing Spiderman - Sander_2 - Default\Extensions\gkjcckbgnllocijgaalmoaplfehcclng

Mad Tanks - Sander_2 - Default\Extensions\gkpcnjdemhehddahgikcmlbdnoeknmdp

DownlOAD keeper - Sander_2 - Default\Extensions\gnddhnadliaapljldamjebhoahfmpkop

Crazy Buggy 3D - Sander_2 - Default\Extensions\gooihknicmgbfhbfcobcgfjllcglkoik

Hang Man (Tamil Movies) - Sander_2 - Default\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Counter Strike - Sander_2 - Default\Extensions\hbnpeifkgfblmnmihpaeniclpnkhpdkg

GrooveStation - Sander_2 - Default\Extensions\hcmgeicdknaimapckemfeieiedealnno

Fishdom 2 - Sander_2 - Default\Extensions\heocjlpcpbjfbnidbblimegpaddbhdmf

Marvel Comics - Sander_2 - Default\Extensions\hjhfaknohpjconjoefidanhihokmkice

Cargo Bridge: Armor Games Edition - Sander_2 - Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj

Troll Emoticons - Sander_2 - Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik

Illyriad - Sander_2 - Default\Extensions\hnfbcdoedgikkjokbgejbgkgijnoaanb

Fiery Music - Sander_2 - Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon

Armenian Online TV - Sander_2 - Default\Extensions\hogboicpepifiecelnhkpolkjkljmoak

Fun Tetris - Sander_2 - Default\Extensions\ibelmnhbipjkokecobnlonmmfjklajkk

Serious Sam: The First Encounter (DEMO) - Sander_2 - Default\Extensions\icbfppfaccaljnjbfeooceefehpccbkh

Google Play Music - Sander_2 - Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg

Red Crucible 2 - Sander_2 - Default\Extensions\iechpocbkaimjmlpfinoahkolenfdmig

Apocalypse City - Sander_2 - Default\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

OrangeFPS on Roozz - Sander_2 - Default\Extensions\ifnckhopllcmleegegheacblhehfifei

Ready for action space pilot? Evil aliens unknown phenomena and risky missions await you here - Sander_2 - Default\Extensions\igfellpkdddmaldkbohekiikcmadbdnj

Web Games - Sander_2 - Default\Extensions\iigfbhonoanhlehkpjifkhdfbnacokcg

Jabbott's Little Followers - Sander_2 - Default\Extensions\ijfdepoeianmbnkdjmlmllnnofodfmpg

Santa Can Fly - Sander_2 - Default\Extensions\ijnjeadmcoiglgongpaknblabefpogei

Alias Runner Apocalypse - Sander_2 - Default\Extensions\imaadejkkljcjjbobochcgbacjffjjdc

Tanks Rage - Sander_2 - Default\Extensions\imiagbbpcdaikfajfdpfemgmngigphfl

ButtonBeats Freestyle Mic - Sander_2 - Default\Extensions\japiahodfdinifdeedclfnbeojkhkkmi

13 Days After - Sander_2 - Default\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander_2 - Default\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

Fun Kids Radio - Sander_2 - Default\Extensions\jelkgophonighpbmekmdjpjnnelcncih

Pirate Galaxy: An Epic Space Game - Sander_2 - Default\Extensions\jglbmpjjclfacomhldhlpekbjfbchedp

3D Bike race - Sander_2 - Default\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

Newspaper Boy - Sander_2 - Default\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

Truck Loader 2 - Sander_2 - Default\Extensions\joidkelepbgedjiageepconmpfihhpni

Calculator - Sander_2 - Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Cargo Bridge - Sander_2 - Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn

Civiballs Xmas Levels - Sander_2 - Default\Extensions\kegbhdmfhnlffankokpjdnnnbefeejcb

KWICK Community - Sander_2 - Default\Extensions\kfmlccgdifmjkichgfmelkappjdfabka

Best App Finder - Sander_2 - Default\Extensions\khgajindohffipfffpblkdcofalhmkdn

Blast PingPong - Sander_2 - Default\Extensions\kjdkomgefikcdchdpjfgjfpagieofnem

Grepolis - Sander_2 - Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog

Break The Wall - Sander_2 - Default\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Meet new people on Badoo - Sander_2 - Default\Extensions\kmaoahaepmkmdhaohjjakbkeeelpbenb

Cover Orange Players Pack 3 - Sander_2 - Default\Extensions\kmbmidhlafbdocjgcckfbheingaemmhk

Bird Brawl - Sander_2 - Default\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk

Personal Trainer - Sander_2 - Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke

Monkey Go Happy 4 - Sander_2 - Default\Extensions\kmhcpeadjemaopamdggcfaelcjaibekm

Little Alchemy - Sander_2 - Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd

YoutubeBookmark - Sander_2 - Default\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo

Satellite Finder - Sander_2 - Default\Extensions\laadpcgmfdkmmkhnhoaalgbjoahkjlpn

Motocross - Sander_2 - Default\Extensions\lddlapllhlmplllbneiocoojnlokmlcb

Webcam Toy - Sander_2 - Default\Extensions\lfbgimoladefibpklnfmkpknadbklade

Apocalypse Motor Racers - Sander_2 - Default\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

Fieldrunners - Sander_2 - Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak

YoutubeAdblocker - Sander_2 - Default\Extensions\lokopnapnolbgcmklbknjndpnogpiknm

Swing - Sander_2 - Default\Extensions\lpnmooccnldfhihdhcibcefallgdogda

Carbon Combat - Sander_2 - Default\Extensions\mamcmmijgmnpgdjlicejeeldnjoieoeo

Countdown to Star Wars: The Old Republic - Sander_2 - Default\Extensions\mbihkjkcifmppkkokenooaijbjblefdm

Contract Killer - Sander_2 - Default\Extensions\meklndaflopgghbomkdpofehonfclipi

Farm Frenzy 3: American Pie - Sander_2 - Default\Extensions\mgkcngacodlggphhjngelhdkkjkfdila

Google Mail Checker - Sander_2 - Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff

ButtonBeats Guitar - Sander_2 - Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander_2 - Default\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Plants vs Zombies - Sander_2 - Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander_2 - Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

SearchNewTab - Sander_2 - Default\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali

Crusader Tank - Sander_2 - Default\Extensions\mpegcjgnjllooimlcfdnphhccfnmhfem

Urban Crusher - Sander_2 - Default\Extensions\naklgfiamfbhmfbggjlbcogpkhgcngnb

Ace Pilots - Sander_2 - Default\Extensions\ndfkfbdpnknippjjpkdoiadggmohdpfg

BeGone - Sander_2 - Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk

Curling - Sander_2 - Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp

Google Wallet - Sander_2 - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

DuckLife3 Evolution - Sander_2 - Default\Extensions\obnapbknabbfcfioencalfeobakjhnha

Rally Expert - Sander_2 - Default\Extensions\occfbdbgdodefnegmkafdlebmmifikkn

Ping Pong - Sander_2 - Default\Extensions\ockfllocbdnnmdgcmclaihhjkapdfajl

Ogre Sample Browser NaCl - Sander_2 - Default\Extensions\ocpoapiejnpokdojkgjhglijajghikla

3D Sniper - Sander_2 - Default\Extensions\oddaibgpdefmpenbnpjbeejocmljfjka

Hang Man (Hollywood Movies) - Sander_2 - Default\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Shanghai Mahjongg - Sander_2 - Default\Extensions\odpibjjkhpmapleapondffcppfnhfffi

Background Tab - Sander_2 - Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic

Private Joe: Urban Warfare - Sander_2 - Default\Extensions\ogmpedngmnolclkmlpcdgmfonlagkejp

PhotoMania - Sander_2 - Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj

Mini Ninjas - Sander_2 - Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi

Football forum info actu - LiveFoot - Sander_2 - Default\Extensions\ojlhodidmnkeaiogakfggddlehjphmec

Penguin Slice - Sander_2 - Default\Extensions\okflagoeojoippcanifjmfmiahbgjngh

Shimiegames - Sander_2 - Default\Extensions\oldobllpfnikfcngappiefcibionajof

Type Command Robot - Sander_2 - Default\Extensions\omfgnhmkahndgcobggaeljcpklbcjbaf

Climb or Drown - Sander_2 - Default\Extensions\omfoiaaaplodaeokegmjphakphcbmiip

PhotoFit Me - Sander_2 - Default\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

Actuele Vertrektijden - Sander_2 - Default\Extensions\pfebamleeekjjdnkcjbgimhgcdpcpdfd

Free Online TV - Sander_2 - Default\Extensions\picldhpkcgmgfnmombladhakcganoghd

4 Elements - Sander_2 - Default\Extensions\pikbkfgccjpiodjimjpkjdaihnigkcck

SearchNewTab - Sander_2 - Default\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd

Gmail - Sander_2 - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Firebug - Sander_2 - Default\Extensions\pkinjljgfpalpgjebaiegcgnaapdbmif

Fishdom - Sander_2 - Default\Extensions\plkccdpiifjkmjpinpcmndkifhnjhooj

Sniper World at War - Sander_2 - Profile 1\Extensions\abghehgeiiglmiedfplcnnbahibepnfp

Doodle Jump Deluxe Flash HD - Sander_2 - Profile 1\Extensions\abkhhgjpfcnmmpmhghohpfkcgoineebk

Tetris Battle - Sander_2 - Profile 1\Extensions\adjkpghbnknolhdbgpllnfmohekjfjmo

Bejeweled - Sander_2 - Profile 1\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

ssurF anDo keep - Sander_2 - Profile 1\Extensions\afcflaijleeeoedohenpaonhgbhghmli

Angry Birds - Sander_2 - Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Google Drive - Sander_2 - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Doodle or Die - Sander_2 - Profile 1\Extensions\baocjgbppdpelkefhfhblacenjhhmlmf

FartDroid - Sander_2 - Profile 1\Extensions\bfeefdenbeaddnjdahhfkakhinfppmbc

YouTube - Sander_2 - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Call of Duty: Black OPS II - Sander_2 - Profile 1\Extensions\bnfeapbdokcoajleapjdbmkhngkbgnbc

Swingers - Sander_2 - Profile 1\Extensions\bppakloppheaamioeonkgjeegphlglaf

Super Mario World - HD - Sander_2 - Profile 1\Extensions\ccinbiepgdpmkefofnclkgfmpelpnbbg

Battlefield Heroes - Sander_2 - Profile 1\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh

Daily Bikini Babe - Sander_2 - Profile 1\Extensions\checlelldfddipjbdhmijdjhiebcohkf

Tanki Online - Sander_2 - Profile 1\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo

Gun Bros - Sander_2 - Profile 1\Extensions\ciamkmigckbgfajcieiflmkedohjjohh

Monster Dash - Sander_2 - Profile 1\Extensions\cknghehebaconkajgiobncfleofebcog

STRATEGO - Official - Sander_2 - Profile 1\Extensions\ckpgdjbodiacocpojlgipgkphcihfbdo

Google Search - Sander_2 - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Farm Frenzy 2 - Sander_2 - Profile 1\Extensions\dcfpkddmnpgkibhaebjicfmgmmbdjmap

Fun Switcher - Sander_2 - Profile 1\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb

Build a Robot - Sander_2 - Profile 1\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo

Phineas and Ferb - Sander_2 - Profile 1\Extensions\dpengemjijcpdidhakhbmbichfkjhggo

Sumo Paint - Sander_2 - Profile 1\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod

Fart Machine - Sander_2 - Profile 1\Extensions\einpcfelmfefokagdipbcfomecfbdggn

Raving Rabbids : Travel in Time - Sander_2 - Profile 1\Extensions\eoclppblfdkkjmmcjbbcedfnnodfecfm

A Space Shooter for FREE - Sander_2 - Profile 1\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa

Bikini TV - Sander_2 - Profile 1\Extensions\fcanljafkhmmideajcgekocpbdhkened

Causality Games - Sander_2 - Profile 1\Extensions\femoooemgmjaebeodbbikbkmhlafenpl

Hangman (Beers) - Sander_2 - Profile 1\Extensions\fgcpdmdijhamfojigkldhhlheikbjine

Stupeflix Video Maker - Sander_2 - Profile 1\Extensions\fkdmcfnoimoilncpjchamnenebopocem

Voodoo Friends - Sander_2 - Profile 1\Extensions\fmedapekkakaehidplfhmblngkelolaj

DownlOAD keeper - Sander_2 - Profile 1\Extensions\gnddhnadliaapljldamjebhoahfmpkop

Hang Man (Tamil Movies) - Sander_2 - Profile 1\Extensions\hbdkkpbpanjedadmfkjmldcjoemamngp

Cargo Bridge: Armor Games Edition - Sander_2 - Profile 1\Extensions\hlpiaibleklmjieibbnmkignbggodmmj

Illyriad - Sander_2 - Profile 1\Extensions\hnfbcdoedgikkjokbgejbgkgijnoaanb

Gran Theft Auto - GTA 2012 - Sander_2 - Profile 1\Extensions\idklkhdnfccdklhbanojgjccdiaphgih

Red Crucible 2 - Sander_2 - Profile 1\Extensions\iechpocbkaimjmlpfinoahkolenfdmig

Apocalypse City - Sander_2 - Profile 1\Extensions\ifkogipjfpemebgfjelkfoifapppddeh

Buckle up for the final frontier: action-packed space battles evil aliens unknown phenomena and tricky missions await you in DarkOrbit - Sander_2 - Profile 1\Extensions\igfellpkdddmaldkbohekiikcmadbdnj

Jabbott's Little Followers - Sander_2 - Profile 1\Extensions\ijfdepoeianmbnkdjmlmllnnofodfmpg

13 Days After - Sander_2 - Profile 1\Extensions\jbbclnchgkmlpmjjipnegnbboallemlo

Math Motorway - Sander_2 - Profile 1\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb

3D Bike race - Sander_2 - Profile 1\Extensions\jjagmacpahjfbbkgekeijkhmddddepmd

Newspaper Boy - Sander_2 - Profile 1\Extensions\jobgmhepbhnaiaakcaiionfogejljoan

DefaultTab - Sander_2 - Profile 1\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Calculator - Sander_2 - Profile 1\Extensions\kdkgihpbaofhkiliohfepioflkkbapao

Cargo Bridge - Sander_2 - Profile 1\Extensions\keembkgclppcbilkekfgpobhldjjhpmn

Best App Finder - Sander_2 - Profile 1\Extensions\khgajindohffipfffpblkdcofalhmkdn

Break The Wall - Sander_2 - Profile 1\Extensions\klhfgnobmdkblmbdahcnpajbjnfmknpn

Bird Brawl - Sander_2 - Profile 1\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk

Personal Trainer - Sander_2 - Profile 1\Extensions\kmgohkgndpahjklgpdihieeedjeneoke

YoutubeBookmark - Sander_2 - Profile 1\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo

Webcam Toy - Sander_2 - Profile 1\Extensions\lfbgimoladefibpklnfmkpknadbklade

Apocalypse Motor Racers - Sander_2 - Profile 1\Extensions\lkkjbckdlfglhfciiaaceedafekmliem

Fieldrunners - Sander_2 - Profile 1\Extensions\lkpikhjbfbffdblahfidklcohlaeabak

YoutubeAdblocker - Sander_2 - Profile 1\Extensions\lokopnapnolbgcmklbknjndpnogpiknm

Carbon Combat - Sander_2 - Profile 1\Extensions\mamcmmijgmnpgdjlicejeeldnjoieoeo

Iron Spider - Sander_2 - Profile 1\Extensions\mcdmmanekhdkhfdlmkochncapnlllfcp

Contract Killer - Sander_2 - Profile 1\Extensions\meklndaflopgghbomkdpofehonfclipi

Farm Frenzy 3: American Pie - Sander_2 - Profile 1\Extensions\mgkcngacodlggphhjngelhdkkjkfdila

ButtonBeats Guitar - Sander_2 - Profile 1\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf

Encounter Specialist - Sander_2 - Profile 1\Extensions\mkkkehbfdceljnjdmnbnoffdeeinodoc

Plants vs Zombies - Sander_2 - Profile 1\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina

Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Sander_2 - Profile 1\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk

SearchNewTab - Sander_2 - Profile 1\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali

BeGone - Sander_2 - Profile 1\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk

Curling - Sander_2 - Profile 1\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp

Card number - Sander_2 - Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Agent P Counterattack - Sander_2 - Profile 1\Extensions\occekbbkfnopofjpfmbdjlekkaecjlke

Hang Man (Hollywood Movies) - Sander_2 - Profile 1\Extensions\odjnandaibfijdnpdpbclbpffileknnk

Private Joe: Urban Warfare - Sander_2 - Profile 1\Extensions\ogmpedngmnolclkmlpcdgmfonlagkejp

Mini Ninjas - Sander_2 - Profile 1\Extensions\oijfbknbncemokdnlboeabbcfhobechi

Battlefield Play4Free - Sander_2 - Profile 1\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh

Penguin Slice - Sander_2 - Profile 1\Extensions\okflagoeojoippcanifjmfmiahbgjngh

PhotoFit Me - Sander_2 - Profile 1\Extensions\pdpbdnchfplfpdjbckgbmpnddnjdijjk

More Games - Sander_2 - Profile 1\Extensions\pgkgcpfgfpalljmibjcphggiecalkdlf

SearchNewTab - Sander_2 - Profile 1\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd

Gmail - Sander_2 - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

DefaultTab - C:\Windows\sysWoW64\config\systemprofile - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_websearch.searchbomb.info_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_websearch.searchbomb.info_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_landing.dealplyshopping.com_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_landing.dealplyshopping.com_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.babylon.com_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.babylon.com_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_microsoft-office-2010.en.softonic.com_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_microsoft-office-2010.en.softonic.com_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_secure.tlbsearch.com_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_secure.tlbsearch.com_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_continuetosave.info_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boipimhfjpakfgckhbljjengakjhkcbp deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_boipimhfjpakfgckhbljjengakjhkcbp_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ealchnonpofjocgofjpopjdoegbbkofj deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jmhhdaimhfblnamlcdijbaakkifakade deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_lpgjmggepafkhenaeknpnjiceakbedpi_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_lpgjmggepafkhenaeknpnjiceakbedpi_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\databases\chrome-extension_lpgjmggepafkhenaeknpnjiceakbedpi_0 deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnddhnadliaapljldamjebhoahfmpkop deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gnddhnadliaapljldamjebhoahfmpkop deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnddhnadliaapljldamjebhoahfmpkop deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gnddhnadliaapljldamjebhoahfmpkop deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_gnddhnadliaapljldamjebhoahfmpkop_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_gnddhnadliaapljldamjebhoahfmpkop_0.localstorage-journal deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gnddhnadliaapljldamjebhoahfmpkop_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpcpiblggnbgfbddgnjhanlcgankiali deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_mpcpiblggnbgfbddgnjhanlcgankiali_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_mpcpiblggnbgfbddgnjhanlcgankiali_0.localstorage-journal deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpcpiblggnbgfbddgnjhanlcgankiali_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\mpcpiblggnbgfbddgnjhanlcgankiali deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pinlkacbeehnmnlgnmkelgcimfojmimd deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_pinlkacbeehnmnlgnmkelgcimfojmimd_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_pinlkacbeehnmnlgnmkelgcimfojmimd_0.localstorage-journal deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pinlkacbeehnmnlgnmkelgcimfojmimd_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcflaijleeeoedohenpaonhgbhghmli deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\afcflaijleeeoedohenpaonhgbhghmli deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcflaijleeeoedohenpaonhgbhghmli deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afcflaijleeeoedohenpaonhgbhghmli deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_afcflaijleeeoedohenpaonhgbhghmli_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_afcflaijleeeoedohenpaonhgbhghmli_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\afcflaijleeeoedohenpaonhgbhghmli deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komloiggdcbfaobcdbiooionbmdcnmoo deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpkcohlgmgmbcileadnhbhbokpgpnhb deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dfpkcohlgmgmbcileadnhbhbokpgpnhb deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfpkcohlgmgmbcileadnhbhbokpgpnhb deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmlccgdifmjkichgfmelkappjdfabka deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kfmlccgdifmjkichgfmelkappjdfabka deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmlccgdifmjkichgfmelkappjdfabka deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aaaajmgokiecajekipolejjhdgijlefj deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgeicdknaimapckemfeieiedealnno deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hcmgeicdknaimapckemfeieiedealnno deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgeicdknaimapckemfeieiedealnno deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\lokopnapnolbgcmklbknjndpnogpiknm deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lokopnapnolbgcmklbknjndpnogpiknm deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lokopnapnolbgcmklbknjndpnogpiknm deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lokopnapnolbgcmklbknjndpnogpiknm_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohodmcahedcphoipgooelhjcfahodhcj deleted successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ohodmcahedcphoipgooelhjcfahodhcj_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ohodmcahedcphoipgooelhjcfahodhcj_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_ohodmcahedcphoipgooelhjcfahodhcj_0.localstorage deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_ohodmcahedcphoipgooelhjcfahodhcj_0.localstorage-journal deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ohodmcahedcphoipgooelhjcfahodhcj_0 deleted successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\databases\chrome-extension_ohodmcahedcphoipgooelhjcfahodhcj_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP&dt=072513"

"Search Page"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

"Default_Page_URL"="http://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=ST9750423AS_5WS41Z7SXXXX5WS41Z7S&ts=1368623103"

"Search Bar"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

"SearchAssistant"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP&dt=072513"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

{33BB0A4E-99AF-4226-BDF6-49120163DE86} Bing Url="http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=072513&q={searchTerms}&src=IE-SearchBox"

{36F88097-F861-4803-8CE1-DB0080011084} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2292F6A8-EC3A-B1B1-2146-1990AF038892} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD80073C-5C93-88E2-3D79-29E2EB555770} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B11E0F7A-2051-EF8D-4077-88E517717704} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\happylyrics@hpyproductions.net deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\mozilla\Firefox\Extensions\findlyrics@findlyrics.co deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1002\Software\mozilla\Firefox\Extensions\findlyrics@findlyrics.co deleted successfully

HKEY_USERS\S-1-5-21-3072491271-985545072-1069970057-1000\Software\mozilla\Firefox\Extensions\happylyrics@hpyproductions.net deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Sander\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe

C:\Users\Sander\Desktop\Bandicam.lnk - C:\Program Files (x86)\Bandicam\bdcam.exe

C:\Users\Sander\Desktop\Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.2\Cheat Engine.exe

C:\Users\Sander\Desktop\City of Fools.lnk - C:\Zylom Games\City of Fools\ZY-city of fools.exe

C:\Users\Sander\Desktop\Clownfish.lnk - C:\Program Files (x86)\Clownfish\Clownfish.exe

C:\Users\Sander\Desktop\GameSpy Arcade.lnk - C:\Program Files (x86)\GameSpy Arcade\Aphex.exe

C:\Users\Sander\Desktop\Raptr.lnk - C:\Program Files (x86)\Raptr\raptrstub.exe

C:\Users\Sander\Desktop\Viber.lnk - C:\Users\Sander\AppData\Local\Viber\Viber.exe

C:\Users\Sander\Desktop\VirtualDJ Home FREE.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe

C:\Users\Sander_2\Desktop\CyberLink YouCam 5.lnk - C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe

C:\Users\Sander_2\Desktop\Flvto Youtube Downloader.lnk - C:\Users\Sander_2\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe

C:\Users\Sander_2\Desktop\kladblok.lnk - C:\Windows\system32\notepad.exe

C:\Users\Sander_2\Desktop\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe

C:\Users\Sander_2\Desktop\opnemen.lnk -

C:\Users\Sander_2\Desktop\Paint.lnk - C:\Windows\system32\mspaint.exe

C:\Users\Sander_2\Desktop\Schoon uw register gratis op.lnk -

C:\Users\Sander_2\Desktop\Spotify.lnk - C:\Users\Sander_2\AppData\Roaming\Spotify\spotify.exe

C:\Users\Sander_2\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

C:\Users\Sander_2\Desktop\Games\Chess.lnk -

C:\Users\Sander_2\Desktop\Games\FreeCell.lnk -

C:\Users\Sander_2\Desktop\Games\GameExplorer.lnk -

C:\Users\Sander_2\Desktop\Games\Hearts.lnk -

C:\Users\Sander_2\Desktop\Games\Mahjong.lnk -

C:\Users\Sander_2\Desktop\Games\Purble Place.lnk -

C:\Users\Sander_2\Desktop\Games\Solitaire.lnk -

C:\Users\Sander_2\Desktop\Games\Spider Solitaire.lnk -

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office Access 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office Groove 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office InfoPath 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office OneNote 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office Publisher 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office-hulpprogramma's\Digitaal certificaat voor VBA-projecten.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office-hulpprogramma's\Microsoft Mediagalerie.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office-hulpprogramma's\Microsoft Office 2007 - Taalinstellingen.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office-hulpprogramma's\Microsoft Office Diagnostische gegevens.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\Users\Sander_2\Desktop\Microsoft Office\Microsoft Office-hulpprogramma's\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\Users\Public\Desktop\Combat Arms EU.lnk - C:\Nexon\Combat Arms EU\CombatArms.exe

C:\Users\Public\Desktop\De Sims™ 2 Huisdieren.lnk -

C:\Users\Public\Desktop\GoforFiles.lnk - C:\Program Files (x86)\GoforFiles\GoforFiles.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Public\Desktop\Google SketchUp 8.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe

C:\Users\Public\Desktop\Medal of Honor Allied Assault.lnk - C:\Program Files (x86)\EA Games\MOHAA\MOHAA.exe

C:\Users\Public\Desktop\Medion FastBoot.lnk - C:\Windows\Installer\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}\_3BF550C2AC7750ECFA5076.exe

C:\Users\Public\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Public\Desktop\ScreenFlash.lnk - C:\Program Files (x86)\ScreenFlash\SFlash.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Public\Desktop\Medion MediaPack\Ashampoo Burning Studio.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Burning Studio\burningstudio.exe

C:\Users\Public\Desktop\Medion MediaPack\Ashampoo Photo Commander.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Photo Commander\apc.exe

C:\Users\Public\Desktop\Medion MediaPack\Ashampoo Photo Optimizer.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Photo Optimizer\photooptimizer.exe

C:\Users\Public\Desktop\Medion MediaPack\Ashampoo Snap.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk - C:\Users\Sander\AppData\Local\Viber\Viber.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Sander_2\AppData\Roaming\Spotify\spotify.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook\Facebook Messenger.lnk - C:\Users\Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Flvto Youtube Downloader.lnk - C:\Users\Sander_2\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader\Uninstall Flvto Youtube Downloader.lnk - C:\Users\Sander_2\AppData\Local\Flvto Youtube Downloader\UninstallFlvtoYoutubeDownloader.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk - C:\Program Files (x86)\Bandicam\bdcam.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Viber.lnk - C:\Users\Sander\AppData\Local\Viber\Viber.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7a5afdf4c340002b\World of Warcraft.lnk - C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Desk 365.lnk - C:\Program Files (x86)\Desk 365\desk365.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Viber.lnk - C:\Users\Sander\AppData\Local\Viber\Viber.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk - C:\Program Files (x86)\Bandicam\bdcam.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameRanger.lnk - C:\Users\Sander_2\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Flvto Youtube Downloader.lnk - C:\Users\Sander_2\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk - C:\Users\Sander_2\AppData\Roaming\Spotify\spotify.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Viber.lnk - C:\Users\Sander\AppData\Local\Viber\Viber.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VirtualDJ.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Sander_2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ACFD5B980E184AE4A8A0F404781ADD00 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{52129484-6549-5990-66A9-F80FEE6186CD} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF86D725-B142-1409-C13D-74AB4982828D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajmgokiecajekipolejjhdgijlefj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ealchnonpofjocgofjpopjdoegbbkofj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmhhdaimhfblnamlcdijbaakkifakade deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DB39E18E-8B2A-4305-B28A-BE635CF13453} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Maximizer_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ACFD5B980E184AE4A8A0F404781ADD00 deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\E81E93BDA2B850342BA8EB36C51F4335 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"

O4 - HKLM\..\Run: [iminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [ONAIR] C:\Program Files\ONAIR\ONAIR.exe

O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"

O4 - HKCU\..\Run: [C32B1C3B921A67FAB6F28E040698993296D706C3._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe

O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe

O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3072491271-985545072-1069970057-1002\..\Run: [Facebook Update] "C:\Users\Sander_2\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Sander_2')

O4 - HKUS\S-1-5-21-3072491271-985545072-1069970057-1002\..\Run: [spotify Web Helper] "C:\Users\Sander_2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (User 'Sander_2')

O4 - HKUS\S-1-5-21-3072491271-985545072-1069970057-1002\..\Run: [sE] "C:\Users\Sander\AppData\Roaming\SkypEmoticons\SE.exe" /minimized (User 'Sander_2')

O4 - HKUS\S-1-5-21-3072491271-985545072-1069970057-1002\..\Run: [Viber] "C:\Users\Sander\AppData\Local\Viber\Viber.exe" StartMinimized (User 'Sander_2')

O4 - HKUS\S-1-5-18\..\Run: [7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service (User 'Default user')

O4 - Startup: Facebook Messenger.lnk = Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (file missing)

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Sander\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sander_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Sander_2\AppData\Local\Temp emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Sander\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Sander\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\SysNative\ljkb\msvcr100.dll" deleted

"C:\Windows\Syswow64\jmdp\msvcr100.dll" not found

"C:\windows\SysNative\dmwu.exesearch" deleted

"C:\Program Files (x86)\Desk 365" not found

"C:\Program Files (x86)\SweetIM" not found

"C:\PROGRA~2\Desk 365" not found

"C:\PROGRA~2\SweetIM" not found

"C:\windows\SysNative\ljkb" deleted

"C:\Windows\Syswow64\jmdp" not found

"C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aaaajmgokiecajekipolejjhdgijlefj" not found

"C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjciahceamgodcoidkjpchnokgfpphh" not found

"C:\Users\Sander_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh" not found

"C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi" not found

"C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof" not found

"C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl" not found

==== EOF on zo 15/12/2013 at 21:04:02,96 ======================

Hallo, het gaat hier om de laptop van mijn zoon. Op deze PC stond ook AVG Antivirus geïnstalleerd ... maar wat hij er allemaal op uitgespookt heeft, weet ik niet.

Inmiddels heb ik een licentie van G Data InternetSecurity gekocht voor zijn laptop, die ik er nu zelf ga opzetten.

Ondertussen heb ik de zoek.exe opgestart op zijn laptop.

Alvast bedankt voor de reactie.

Vorige scan niet als administrator uitgevoerd.

Daarom opnieuw laten draaien met onderstaand resultaat:

Logfile of random's system information tool 1.08 (written by random/random)

Run by Sander at 2013-12-15 14:43:47

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 444 GB (67%) free of 663 GB

Total RAM: 3991 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:43:50, on 15/12/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe

C:\Program Files (x86)\GoforFiles\GFFUpdater.exe

C:\Program Files (x86)\ExpressFiles\EFUpdater.exe

C:\Users\Sander\AppData\Roaming\Desk 365\update\desk365_update_v1.14.20.exe

C:\Users\Sander\AppData\Local\Temp\Desk365\eUpgrade\eUpgrade.exe

C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Clownfish\Clownfish.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe

C:\Program Files (x86)\Desk 365\desk365.exe

C:\Windows\SysWOW64\jmdp\stij.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\Iminent\Iminent.exe

C:\Program Files (x86)\Iminent\Iminent.Messengers.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Users\Sander\AppData\Local\VNT\vntldr.exe

C:\Program Files (x86)\PHotkey\HCSynApi.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\Downloads\RSIT-1.06.exe

C:\Program Files (x86)\trend micro\Sander.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PortalDoSites

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: YoutubeAdblocker - {2292F6A8-EC3A-B1B1-2146-1990AF038892} - C:\Program Files (x86)\YoutubeAdblocker\bPc1amRJuy.dll

O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)

O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll

O2 - BHO: SearchNewTab - {638B2114-1E7C-FA36-C994-F2D90AD5BEF9} - C:\Program Files (x86)\SearchNewTab\g5I.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: ssurF anDo keep - {82D57C9F-8346-CA45-F63A-AB06421BB4A2} - C:\Program Files (x86)\ssurF anDo keep\uVXkN.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll

O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll

O2 - BHO: SearchNewTab - {AD80073C-5C93-88E2-3D79-29E2EB555770} - C:\Program Files (x86)\SearchNewTab\WWvYo.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: DownlOAD keeper - {B11E0F7A-2051-EF8D-4077-88E517717704} - C:\Program Files (x86)\DownlOAD keeper\ZFw41g2t.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)

O3 - Toolbar: VirtualDJ Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll

O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"

O4 - HKLM\..\Run: [iminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [ONAIR] C:\Program Files\ONAIR\ONAIR.exe

O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"

O4 - HKCU\..\Run: [C32B1C3B921A67FAB6F28E040698993296D706C3._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\Sander\AppData\Local\Smartbar\Application\SnapDo.exe startup

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe"

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe

O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe

O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\Sander\AppData\Local\Softonic\Softonic.exe" -minimize

O4 - HKCU\..\Run: [se] C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized

O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Sander\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin

O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized

O4 - HKCU\..\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service (User 'Default user')

O4 - Startup: Facebook Messenger.lnk = Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files (x86)\Desk 365\deskSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater17.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 23374 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000UA.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002UA.job

C:\Windows\tasks\FindLyrics Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\RMAutoUpdate.job

C:\Windows\tasks\RMSchedule.job

C:\Windows\tasks\ROC_REG_JAN_DELETE.job

C:\Windows\tasks\spmonitor.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2292F6A8-EC3A-B1B1-2146-1990AF038892}]

YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\bPc1amRJuy.dll [2013-11-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]

Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}]

mixidj Helper Object - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll [2013-04-26 307608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9}]

SearchNewTab - C:\Program Files (x86)\SearchNewTab\g5I.dll [2013-11-01 371712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]

Funmoods Helper Object - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll [2013-04-10 243664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-12-14 471160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D57C9F-8346-CA45-F63A-AB06421BB4A2}]

ssurF anDo keep - C:\Program Files (x86)\ssurF anDo keep\uVXkN.dll [2012-11-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}]

Related Searches - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-14 398968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]

IMinent WebBooster (BHO) - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll [2013-11-07 299600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD80073C-5C93-88E2-3D79-29E2EB555770}]

SearchNewTab - C:\Program Files (x86)\SearchNewTab\WWvYo.dll [2013-11-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B11E0F7A-2051-EF8D-4077-88E517717704}]

DownlOAD keeper - C:\Program Files (x86)\DownlOAD keeper\ZFw41g2t.dll [2012-11-01 371712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

VirtualDJ Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-11-17 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-10-24 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 297808]

{D4027C7F-154A-4066-A1AD-4243D8127440} - VirtualDJ Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-11-17 1515688]

{95B7759C-8C7F-4BF1-B163-73684A933233}

{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - MixiDJ Toolbar - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll [2013-04-26 300952]

{96A25A24-2E87-4374-8A50-CC6F943FCE4D} - Related Searches - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-14 398968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]

"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-21 507744]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-03 107816]

"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2011-03-30 87336]

"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-03-21 103896]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176]

""= []

"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-11-17 901800]

"Iminent"=C:\Program Files (x86)\Iminent\Iminent.exe [2013-04-02 1074736]

"IminentMessenger"=C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [2013-04-02 884784]

"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]

"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-12-09 2471448]

"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-29 1707472]

"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2013-10-29 202192]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []

"Facebook Update"=C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-30 138096]

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

"ONAIR"=C:\Program Files\ONAIR\ONAIR.exe [2012-10-21 3410944]

"Clownfish"=C:\Program Files (x86)\Clownfish\Clownfish.exe [2013-08-21 1277688]

"C32B1C3B921A67FAB6F28E040698993296D706C3._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-12-04 863184]

"Browser Infrastructure Helper"=C:\Users\Sander\AppData\Local\Smartbar\Application\SnapDo.exe [2013-12-15 13824]

"GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-12-04 863184]

"Yontoo Desktop"=C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe [2013-01-31 42784]

"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-02-27 3093624]

"PC Speed Maximizer"=C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [2012-12-11 82304]

"Smart Driver Updater"=C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe [2012-09-20 338576]

"Softonic for Windows"=C:\Users\Sander\AppData\Local\Softonic\Softonic.exe [2013-12-04 4124144]

"se"=C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized []

"TBHostSupport"=C:\Users\Sander\AppData\Local\TBHostSupport\TBHostSupport.dll [2013-11-06 458016]

"ooVoo.exe"=C:\Program Files (x86)\ooVoo\oovoo.exe /minimized []

"Desk 365"=C:\Program Files (x86)\Desk 365\desk365.exe [2013-12-15 1011792]

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Facebook Messenger.lnk - C:\Users\Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-12-15 14:09:03 ----D---- C:\Program Files (x86)\trend micro

2013-12-15 14:09:02 ----D---- C:\rsit

2013-12-15 14:05:36 ----D---- C:\ProgramData\Oracle

2013-12-15 14:05:32 ----D---- C:\Program Files (x86)\Common Files\Java

2013-12-15 14:05:13 ----A---- C:\Windows\SysWOW64\javaws.exe

2013-12-15 14:05:04 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-12-15 14:05:04 ----A---- C:\Windows\SysWOW64\javaw.exe

2013-12-15 14:05:04 ----A---- C:\Windows\SysWOW64\java.exe

2013-12-15 13:50:53 ----D---- C:\Users\Sander\AppData\Roaming\AVG2014

2013-12-15 13:45:29 ----D---- C:\ProgramData\AVG2014

2013-12-15 12:07:25 ----D---- C:\8a870a588ac4d255b30c46

2013-12-15 10:58:22 ----SHD---- C:\found.003

2013-12-15 10:45:34 ----D---- C:\Users\Sander\AppData\Roaming\Iminent

2013-12-15 10:44:01 ----D---- C:\Users\Sander\AppData\Roaming\ViberPC

2013-12-15 10:43:30 ----D---- C:\Windows\SysWOW64\jmdp

2013-12-14 19:46:29 ----D---- C:\21f376cb655f3e86bba5

2013-12-14 13:42:56 ----D---- C:\Users\Sander\AppData\Roaming\ooVoo Details

2013-12-13 11:22:04 ----A---- C:\Windows\SysWOW64\wmploc.DLL

2013-12-13 11:22:03 ----A---- C:\Windows\SysWOW64\wmp.dll

2013-12-13 11:16:12 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2013-12-13 11:16:12 ----A---- C:\Windows\SysWOW64\ieui.dll

2013-12-13 11:16:08 ----A---- C:\Windows\SysWOW64\jscript9diag.dll

2013-12-13 11:16:06 ----A---- C:\Windows\SysWOW64\ieapfltr.dll

2013-12-13 11:16:04 ----A---- C:\Windows\SysWOW64\wininet.dll

2013-12-13 11:16:04 ----A---- C:\Windows\SysWOW64\urlmon.dll

2013-12-13 11:16:04 ----A---- C:\Windows\SysWOW64\iertutil.dll

2013-12-13 11:16:00 ----A---- C:\Windows\SysWOW64\ieframe.dll

2013-12-13 11:15:58 ----A---- C:\Windows\SysWOW64\mshtml.dll

2013-12-13 11:15:57 ----A---- C:\Windows\SysWOW64\jscript9.dll

2013-12-12 11:16:47 ----A---- C:\Windows\SysWOW64\msieftp.dll

2013-12-12 11:16:44 ----A---- C:\Windows\SysWOW64\WMPhoto.dll

2013-12-12 11:16:43 ----A---- C:\Windows\SysWOW64\imagehlp.dll

2013-12-12 11:16:40 ----A---- C:\Windows\SysWOW64\tzres.dll

2013-12-12 11:16:35 ----A---- C:\Windows\SysWOW64\wscript.exe

2013-12-12 11:16:34 ----A---- C:\Windows\SysWOW64\scrrun.dll

2013-12-12 11:16:34 ----A---- C:\Windows\SysWOW64\cscript.exe

2013-12-05 13:10:24 ----SHD---- C:\found.002

2013-12-04 13:18:26 ----A---- C:\Windows\SysWOW64\elshyph.dll

2013-12-04 13:18:18 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-12-04 13:18:18 ----A---- C:\Windows\SysWOW64\msls31.dll

2013-12-04 13:18:18 ----A---- C:\Windows\SysWOW64\jsIntl.dll

2013-12-04 13:18:17 ----A---- C:\Windows\SysWOW64\msrating.dll

2013-12-04 13:18:16 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\url.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\dxtrans.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\dxtmsft.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\licmgr10.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\inseng.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\iesetup.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\iernonce.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\icardie.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\wextract.exe

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\webcheck.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\mshtmled.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\msfeeds.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\iexpress.exe

2013-12-04 13:18:12 ----A---- C:\Windows\SysWOW64\vbscript.dll

2013-12-04 13:18:12 ----A---- C:\Windows\SysWOW64\pngfilt.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\occache.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\mshta.exe

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\jscript.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\imgutil.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\ieUnatt.exe

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\mshtmler.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\msfeedssync.exe

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\iesysprep.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\iepeers.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll

2013-12-03 17:33:32 ----SHD---- C:\found.001

2013-11-28 19:12:17 ----D---- C:\ProgramData\QuickSet

2013-11-28 19:11:28 ----D---- C:\ProgramData\YoutubeBookmark

2013-11-28 19:11:21 ----D---- C:\ProgramData\YoutubeAdblocker

2013-11-28 19:11:20 ----D---- C:\Program Files (x86)\YoutubeAdblocker

2013-11-28 19:10:57 ----D---- C:\ProgramData\ssurF anDo keep

2013-11-28 19:10:55 ----D---- C:\Program Files (x86)\ssurF anDo keep

2013-11-17 19:37:21 ----A---- C:\Windows\SysWOW64\sho89A2.tmp

======List of files/folders modified in the last 1 months======

2013-12-15 14:40:11 ----D---- C:\Windows\Temp

2013-12-15 14:11:26 ----D---- C:\ProgramData\SearchNewTab

2013-12-15 14:11:25 ----D---- C:\ProgramData\eSafe

2013-12-15 14:11:25 ----D---- C:\ProgramData\DownlOAD keeper

2013-12-15 14:11:22 ----D---- C:\Program Files (x86)\GoforFiles

2013-12-15 14:11:04 ----D---- C:\ProgramData\MFAData

2013-12-15 14:09:03 ----RD---- C:\Program Files (x86)

2013-12-15 14:05:36 ----HD---- C:\ProgramData

2013-12-15 14:05:33 ----SHD---- C:\Windows\Installer

2013-12-15 14:05:33 ----D---- C:\Config.Msi

2013-12-15 14:05:32 ----D---- C:\Program Files (x86)\Common Files

2013-12-15 14:05:13 ----D---- C:\Windows\SysWOW64

2013-12-15 14:05:03 ----D---- C:\Program Files (x86)\Java

2013-12-15 14:04:45 ----D---- C:\Windows\Tasks

2013-12-15 14:04:44 ----D---- C:\Users\Sander\AppData\Roaming\Systweak

2013-12-15 14:03:12 ----SHD---- C:\System Volume Information

2013-12-15 14:03:12 ----D---- C:\Windows\System32

2013-12-15 14:03:12 ----D---- C:\Windows\inf

2013-12-15 14:01:28 ----D---- C:\Program Files (x86)\PC Speed Up

2013-12-15 14:00:00 ----D---- C:\Users\Sander\AppData\Roaming\Desk 365

2013-12-15 14:00:00 ----A---- C:\Windows\SysWOW64\log.txt

2013-12-15 13:56:40 ----D---- C:\Users\Sander\AppData\Roaming\Yontoo

2013-12-15 13:56:21 ----D---- C:\Users\Sander\AppData\Roaming\Skype

2013-12-15 13:55:53 ----D---- C:\Program Files (x86)\Desk 365

2013-12-15 13:54:50 ----AD---- C:\ProgramData\Temp

2013-12-15 13:54:36 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic

2013-12-15 13:51:25 ----D---- C:\Program Files (x86)\AVG

2013-12-15 13:50:30 ----HD---- C:\$AVG

2013-12-15 13:49:40 ----D---- C:\ProgramData\AVG2013

2013-12-15 13:43:43 ----RD---- C:\Program Files

2013-12-15 13:39:46 ----D---- C:\ProgramData\Norton

2013-12-15 13:17:22 ----D---- C:\Program Files (x86)\Steam

2013-12-15 13:12:22 ----D---- C:\Program Files (x86)\Babylon

2013-12-15 12:55:07 ----D---- C:\Windows

2013-12-15 12:18:56 ----SD---- C:\ProgramData\Microsoft

2013-12-15 12:18:03 ----D---- C:\Windows\SysWOW64\en-US

2013-12-15 12:17:22 ----D---- C:\Windows\Microsoft.NET

2013-12-15 11:26:53 ----D---- C:\Windows\registration

2013-12-15 10:43:00 ----RD---- C:\Users

2013-12-15 10:17:21 ----D---- C:\Windows\Panther

2013-12-15 10:17:21 ----D---- C:\Windows\Logs

2013-12-15 10:17:21 ----D---- C:\Windows\debug

2013-12-15 08:26:53 ----RSD---- C:\Windows\assembly

2013-12-15 08:18:58 ----D---- C:\Windows\Prefetch

2013-12-14 19:51:44 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2013-12-14 11:58:59 ----D---- C:\Windows\winsxs

2013-12-14 11:53:49 ----D---- C:\Program Files (x86)\Windows Media Player

2013-12-14 11:53:47 ----D---- C:\Program Files (x86)\Internet Explorer

2013-12-14 11:53:44 ----D---- C:\Windows\SysWOW64\nl-NL

2013-12-14 11:53:29 ----D---- C:\Windows\SysWOW64\drivers

2013-12-13 11:20:58 ----D---- C:\ProgramData\Microsoft Help

2013-12-12 11:07:46 ----D---- C:\Program Files (x86)\Common Files\Steam

2013-12-11 17:44:04 ----D---- C:\Users\Sander\AppData\Roaming\SkypEmoticons

2013-12-11 14:35:37 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-12-09 11:04:08 ----D---- C:\Program Files (x86)\Common Files\AVG Secure Search

2013-12-09 11:03:50 ----D---- C:\ProgramData\AVG Secure Search

2013-12-09 11:03:48 ----D---- C:\Program Files (x86)\AVG Secure Search

2013-12-04 16:01:02 ----D---- C:\Windows\rescache

2013-12-04 14:11:00 ----D---- C:\Windows\SysWOW64\migration

2013-12-04 14:10:55 ----D---- C:\Windows\PolicyDefinitions

2013-12-02 18:06:47 ----D---- C:\ProgramData\Skype

2013-12-02 18:06:41 ----RD---- C:\Program Files (x86)\Skype

2013-11-30 10:54:18 ----D---- C:\Program Files (x86)\Common Files\Umbrella

2013-11-30 00:42:44 ----D---- C:\Users\Sander\AppData\Roaming\SoftGrid Client

2013-11-28 19:12:17 ----D---- C:\ProgramData\InstallMate

2013-11-28 19:12:16 ----D---- C:\ProgramData\504c2cf8db11ac3b

2013-11-28 19:12:15 ----D---- C:\Program Files (x86)\SearchNewTab

2013-11-28 19:11:44 ----D---- C:\Program Files (x86)\ss helper

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys []

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys []

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys []

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []

R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys []

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys []

R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys []

R3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys []

R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []

R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []

R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []

R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys []

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys []

R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\drivers\iwdbus.sys []

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys []

R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys []

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys []

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirwin7.sys []

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys []

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys []

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys []

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys []

S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]

R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-29 166352]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2009-12-18 104968]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-13 70952]

R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-13 312616]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-09-15 107520]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-03-29 626960]

R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-08-21 8704]

R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-10-13 156672]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]

R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe []

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-03-15 162648]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-03-15 276824]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-09-22 75136]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-03-29 148752]

R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 SProtection;SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2013-11-21 2905408]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-03-15 362840]

R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-09 1771544]

R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 desksvc;Desk 365 service; C:\Program Files (x86)\Desk 365\deskSvc.exe [2013-12-15 424016]

S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-06-06 100864]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 136176]

S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 136176]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-03-29 273168]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2011-04-05 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2011-04-05 4925184]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Sinds vanmorgen blokkeerde het geluid op de laptop van mijn zoon en worden er in bepaalde webpagina's ongevraagde pop-ups aangeboden.

In deze webpagina's worden bepaalde woorden groen en (dubbel) onderstreept opgelicht.

Als je daar dan met de muis voer gaat, krijg je melding zodals "U kan een Ipad winnen"...

Ik heb al een log via RSIT aangemaakt:

Logfile of random's system information tool 1.08 (written by random/random)

Run by Sander at 2013-12-15 14:09:02

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 444 GB (67%) free of 663 GB

Total RAM: 3991 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:09:11, on 15/12/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe

C:\Program Files (x86)\GoforFiles\GFFUpdater.exe

C:\Program Files (x86)\ExpressFiles\EFUpdater.exe

C:\Users\Sander\AppData\Roaming\Desk 365\update\desk365_update_v1.14.20.exe

C:\Users\Sander\AppData\Local\Temp\Desk365\eUpgrade\eUpgrade.exe

C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Clownfish\Clownfish.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe

C:\Program Files (x86)\Desk 365\desk365.exe

C:\Windows\SysWOW64\jmdp\stij.exe

C:\Users\Sander\AppData\Local\Softonic\Softonic.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\Iminent\Iminent.exe

C:\Program Files (x86)\Iminent\Iminent.Messengers.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Users\Sander\AppData\Local\VNT\vntldr.exe

C:\Program Files (x86)\PHotkey\HCSynApi.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sander\Downloads\RSIT-1.06.exe

C:\Program Files (x86)\trend micro\Sander.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PortalDoSites

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=9f2a002c-94f7-42b6-85bc-48816f4b11a8&searchtype=ds&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: YoutubeAdblocker - {2292F6A8-EC3A-B1B1-2146-1990AF038892} - C:\Program Files (x86)\YoutubeAdblocker\bPc1amRJuy.dll

O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)

O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll

O2 - BHO: SearchNewTab - {638B2114-1E7C-FA36-C994-F2D90AD5BEF9} - C:\Program Files (x86)\SearchNewTab\g5I.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: ssurF anDo keep - {82D57C9F-8346-CA45-F63A-AB06421BB4A2} - C:\Program Files (x86)\ssurF anDo keep\uVXkN.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll

O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll

O2 - BHO: SearchNewTab - {AD80073C-5C93-88E2-3D79-29E2EB555770} - C:\Program Files (x86)\SearchNewTab\WWvYo.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: DownlOAD keeper - {B11E0F7A-2051-EF8D-4077-88E517717704} - C:\Program Files (x86)\DownlOAD keeper\ZFw41g2t.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)

O3 - Toolbar: VirtualDJ Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll

O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"

O4 - HKLM\..\Run: [iminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [ONAIR] C:\Program Files\ONAIR\ONAIR.exe

O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"

O4 - HKCU\..\Run: [C32B1C3B921A67FAB6F28E040698993296D706C3._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\Sander\AppData\Local\Smartbar\Application\SnapDo.exe startup

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe"

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe

O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe

O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\Sander\AppData\Local\Softonic\Softonic.exe" -minimize

O4 - HKCU\..\Run: [se] C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized

O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Sander\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin

O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized

O4 - HKCU\..\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [7F40E4A695C918917DEEAF2190EC6E5DA33B0F9B._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service (User 'Default user')

O4 - Startup: Facebook Messenger.lnk = Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files (x86)\Desk 365\deskSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater17.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 23404 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1000UA.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3072491271-985545072-1069970057-1002UA.job

C:\Windows\tasks\FindLyrics Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\RMAutoUpdate.job

C:\Windows\tasks\RMSchedule.job

C:\Windows\tasks\ROC_REG_JAN_DELETE.job

C:\Windows\tasks\spmonitor.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2292F6A8-EC3A-B1B1-2146-1990AF038892}]

YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\bPc1amRJuy.dll [2013-11-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]

Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}]

mixidj Helper Object - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll [2013-04-26 307608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{638B2114-1E7C-FA36-C994-F2D90AD5BEF9}]

SearchNewTab - C:\Program Files (x86)\SearchNewTab\g5I.dll [2013-11-01 371712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]

Funmoods Helper Object - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll [2013-04-10 243664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-12-14 471160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82D57C9F-8346-CA45-F63A-AB06421BB4A2}]

ssurF anDo keep - C:\Program Files (x86)\ssurF anDo keep\uVXkN.dll [2012-11-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}]

Related Searches - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-14 398968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]

IMinent WebBooster (BHO) - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll [2013-11-07 299600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD80073C-5C93-88E2-3D79-29E2EB555770}]

SearchNewTab - C:\Program Files (x86)\SearchNewTab\WWvYo.dll [2013-11-28 425984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B11E0F7A-2051-EF8D-4077-88E517717704}]

DownlOAD keeper - C:\Program Files (x86)\DownlOAD keeper\ZFw41g2t.dll [2012-11-01 371712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

VirtualDJ Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-11-17 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-10-24 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 297808]

{D4027C7F-154A-4066-A1AD-4243D8127440} - VirtualDJ Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-11-17 1515688]

{95B7759C-8C7F-4BF1-B163-73684A933233}

{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - MixiDJ Toolbar - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll [2013-04-26 300952]

{96A25A24-2E87-4374-8A50-CC6F943FCE4D} - Related Searches - C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-14 398968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]

"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-21 507744]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-03 107816]

"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2011-03-30 87336]

"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-03-21 103896]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-11-07 4956176]

""= []

"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-11-17 901800]

"Iminent"=C:\Program Files (x86)\Iminent\Iminent.exe [2013-04-02 1074736]

"IminentMessenger"=C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [2013-04-02 884784]

"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]

"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-12-09 2471448]

"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-29 1707472]

"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2013-10-29 202192]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

"msnmsgr"=~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []

"Facebook Update"=C:\Users\Sander\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-30 138096]

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]

"ONAIR"=C:\Program Files\ONAIR\ONAIR.exe [2012-10-21 3410944]

"Clownfish"=C:\Program Files (x86)\Clownfish\Clownfish.exe [2013-08-21 1277688]

"C32B1C3B921A67FAB6F28E040698993296D706C3._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-12-04 863184]

"Browser Infrastructure Helper"=C:\Users\Sander\AppData\Local\Smartbar\Application\SnapDo.exe startup []

"GoogleChromeAutoLaunch_A004FB8DD7882703A7DF346DFAB7630E"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-12-04 863184]

"Yontoo Desktop"=C:\Users\Sander\AppData\Roaming\Yontoo\YontooDesktop.exe [2013-01-31 42784]

"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-02-27 3093624]

"PC Speed Maximizer"=C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [2012-12-11 82304]

"Smart Driver Updater"=C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe [2012-09-20 338576]

"Softonic for Windows"=C:\Users\Sander\AppData\Local\Softonic\Softonic.exe [2013-12-04 4124144]

"se"=C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized []

"TBHostSupport"=C:\Users\Sander\AppData\Local\TBHostSupport\TBHostSupport.dll [2013-11-06 458016]

"ooVoo.exe"=C:\Program Files (x86)\ooVoo\oovoo.exe /minimized []

"Desk 365"=C:\Program Files (x86)\Desk 365\desk365.exe [2013-12-15 1011792]

C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Facebook Messenger.lnk - C:\Users\Sander\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"LogonHoursAction"=2

"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2013-12-15 14:09:03 ----D---- C:\Program Files (x86)\trend micro

2013-12-15 14:09:02 ----D---- C:\rsit

2013-12-15 14:05:36 ----D---- C:\ProgramData\Oracle

2013-12-15 14:05:32 ----D---- C:\Program Files (x86)\Common Files\Java

2013-12-15 14:05:13 ----A---- C:\Windows\SysWOW64\javaws.exe

2013-12-15 14:05:04 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-12-15 14:05:04 ----A---- C:\Windows\SysWOW64\javaw.exe

2013-12-15 14:05:04 ----A---- C:\Windows\SysWOW64\java.exe

2013-12-15 13:50:53 ----D---- C:\Users\Sander\AppData\Roaming\AVG2014

2013-12-15 13:45:29 ----D---- C:\ProgramData\AVG2014

2013-12-15 12:07:25 ----D---- C:\8a870a588ac4d255b30c46

2013-12-15 10:58:22 ----SHD---- C:\found.003

2013-12-15 10:45:34 ----D---- C:\Users\Sander\AppData\Roaming\Iminent

2013-12-15 10:44:01 ----D---- C:\Users\Sander\AppData\Roaming\ViberPC

2013-12-15 10:43:30 ----D---- C:\Windows\SysWOW64\jmdp

2013-12-14 19:46:29 ----D---- C:\21f376cb655f3e86bba5

2013-12-14 13:42:56 ----D---- C:\Users\Sander\AppData\Roaming\ooVoo Details

2013-12-13 11:22:04 ----A---- C:\Windows\SysWOW64\wmploc.DLL

2013-12-13 11:22:03 ----A---- C:\Windows\SysWOW64\wmp.dll

2013-12-13 11:16:12 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2013-12-13 11:16:12 ----A---- C:\Windows\SysWOW64\ieui.dll

2013-12-13 11:16:08 ----A---- C:\Windows\SysWOW64\jscript9diag.dll

2013-12-13 11:16:06 ----A---- C:\Windows\SysWOW64\ieapfltr.dll

2013-12-13 11:16:04 ----A---- C:\Windows\SysWOW64\wininet.dll

2013-12-13 11:16:04 ----A---- C:\Windows\SysWOW64\urlmon.dll

2013-12-13 11:16:04 ----A---- C:\Windows\SysWOW64\iertutil.dll

2013-12-13 11:16:00 ----A---- C:\Windows\SysWOW64\ieframe.dll

2013-12-13 11:15:58 ----A---- C:\Windows\SysWOW64\mshtml.dll

2013-12-13 11:15:57 ----A---- C:\Windows\SysWOW64\jscript9.dll

2013-12-12 11:16:47 ----A---- C:\Windows\SysWOW64\msieftp.dll

2013-12-12 11:16:44 ----A---- C:\Windows\SysWOW64\WMPhoto.dll

2013-12-12 11:16:43 ----A---- C:\Windows\SysWOW64\imagehlp.dll

2013-12-12 11:16:40 ----A---- C:\Windows\SysWOW64\tzres.dll

2013-12-12 11:16:35 ----A---- C:\Windows\SysWOW64\wscript.exe

2013-12-12 11:16:34 ----A---- C:\Windows\SysWOW64\scrrun.dll

2013-12-12 11:16:34 ----A---- C:\Windows\SysWOW64\cscript.exe

2013-12-05 13:10:24 ----SHD---- C:\found.002

2013-12-04 13:18:26 ----A---- C:\Windows\SysWOW64\elshyph.dll

2013-12-04 13:18:18 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-12-04 13:18:18 ----A---- C:\Windows\SysWOW64\msls31.dll

2013-12-04 13:18:18 ----A---- C:\Windows\SysWOW64\jsIntl.dll

2013-12-04 13:18:17 ----A---- C:\Windows\SysWOW64\msrating.dll

2013-12-04 13:18:16 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\url.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\dxtrans.dll

2013-12-04 13:18:15 ----A---- C:\Windows\SysWOW64\dxtmsft.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\licmgr10.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\inseng.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\iesetup.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\iernonce.dll

2013-12-04 13:18:14 ----A---- C:\Windows\SysWOW64\icardie.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\wextract.exe

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\webcheck.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\mshtmled.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\msfeeds.dll

2013-12-04 13:18:13 ----A---- C:\Windows\SysWOW64\iexpress.exe

2013-12-04 13:18:12 ----A---- C:\Windows\SysWOW64\vbscript.dll

2013-12-04 13:18:12 ----A---- C:\Windows\SysWOW64\pngfilt.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\occache.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\mshta.exe

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\jscript.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\imgutil.dll

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\ieUnatt.exe

2013-12-04 13:18:11 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\mshtmler.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\msfeedssync.exe

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\iesysprep.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\iepeers.dll

2013-12-04 13:18:10 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll

2013-12-03 17:33:32 ----SHD---- C:\found.001

2013-11-28 19:12:17 ----D---- C:\ProgramData\QuickSet

2013-11-28 19:11:28 ----D---- C:\ProgramData\YoutubeBookmark

2013-11-28 19:11:21 ----D---- C:\ProgramData\YoutubeAdblocker

2013-11-28 19:11:20 ----D---- C:\Program Files (x86)\YoutubeAdblocker

2013-11-28 19:10:57 ----D---- C:\ProgramData\ssurF anDo keep

2013-11-28 19:10:55 ----D---- C:\Program Files (x86)\ssurF anDo keep

2013-11-17 19:37:21 ----A---- C:\Windows\SysWOW64\sho89A2.tmp

2013-11-13 15:54:03 ----A---- C:\Windows\SysWOW64\nshwfp.dll

2013-11-13 15:54:03 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-11-13 15:52:46 ----A---- C:\Windows\SysWOW64\crypt32.dll

2013-11-13 15:52:34 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2013-11-13 15:52:34 ----A---- C:\Windows\SysWOW64\credui.dll

2013-11-13 15:52:34 ----A---- C:\Windows\SysWOW64\authui.dll

2013-11-13 15:52:27 ----A---- C:\Windows\SysWOW64\sspicli.dll

2013-11-13 15:52:27 ----A---- C:\Windows\SysWOW64\schannel.dll

2013-11-13 15:52:27 ----A---- C:\Windows\SysWOW64\ncrypt.dll

2013-11-13 15:52:26 ----A---- C:\Windows\SysWOW64\secur32.dll

2013-11-13 15:52:17 ----A---- C:\Windows\SysWOW64\gdi32.dll

2013-11-07 01:52:56 ----A---- C:\Windows\SysWOW64\IntelCpHeciSvc.exe

2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxexps32.dll

2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxdv32.dll

2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxcmrt32.dll

2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfxcmjit32.dll

2013-11-07 01:52:50 ----A---- C:\Windows\SysWOW64\igfx11cmrt32.dll

2013-11-07 01:52:42 ----A---- C:\Windows\SysWOW64\igdde32.dll

2013-11-07 01:52:40 ----A---- C:\Windows\SysWOW64\igd10umd32.dll

2013-11-07 01:52:36 ----A---- C:\Windows\SysWOW64\ig4icd32.dll

2013-11-06 17:58:39 ----D---- C:\ProgramData\VirtualizedApplications

2013-11-06 15:08:39 ----D---- C:\Program Files (x86)\MSECache

2013-11-06 14:22:52 ----D---- C:\Users\Sander\AppData\Roaming\SoftGrid Client

2013-11-06 14:21:42 ----D---- C:\Program Files (x86)\Common Files\DESIGNER

2013-11-06 14:21:41 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client

2013-11-06 13:39:03 ----A---- C:\Windows\SysWOW64\wksprtPS.dll

2013-11-06 13:39:03 ----A---- C:\Windows\SysWOW64\tsgqec.dll

2013-11-06 13:39:03 ----A---- C:\Windows\SysWOW64\rdpendp_winip.dll

2013-11-06 13:39:03 ----A---- C:\Windows\SysWOW64\MsRdpWebAccess.dll

2013-11-06 13:39:03 ----A---- C:\Windows\SysWOW64\aaclient.dll

2013-11-06 13:39:02 ----A---- C:\Windows\SysWOW64\mstsc.exe

2013-11-06 13:39:01 ----A---- C:\Windows\SysWOW64\mstscax.dll

2013-11-06 13:35:52 ----A---- C:\Windows\SysWOW64\qdvd.dll

2013-11-01 12:00:32 ----D---- C:\ProgramData\WinterSoft

2013-11-01 12:00:30 ----D---- C:\Users\Sander\AppData\Roaming\SkypEmoticons

2013-11-01 12:00:18 ----D---- C:\ProgramData\SearchNewTab

2013-11-01 12:00:18 ----D---- C:\Program Files (x86)\SearchNewTab

2013-11-01 11:59:38 ----D---- C:\Program Files (x86)\ss helper

2013-11-01 11:59:25 ----D---- C:\ProgramData\DownlOAD keeper

2013-11-01 11:59:25 ----D---- C:\ProgramData\504c2cf8db11ac3b

2013-11-01 11:59:21 ----D---- C:\Program Files (x86)\DownlOAD keeper

2013-11-01 11:58:46 ----D---- C:\ProgramData\InstallMate

2013-11-01 11:32:58 ----D---- C:\Program Files (x86)\VNT

2013-10-09 18:25:14 ----A---- C:\Windows\SysWOW64\comctl32.dll

2013-10-09 18:25:11 ----A---- C:\Windows\SysWOW64\lpk.dll

2013-10-09 18:25:11 ----A---- C:\Windows\SysWOW64\fontsub.dll

2013-10-09 18:25:11 ----A---- C:\Windows\SysWOW64\dciman32.dll

2013-10-09 18:25:11 ----A---- C:\Windows\SysWOW64\atmlib.dll

2013-10-09 18:25:11 ----A---- C:\Windows\SysWOW64\atmfd.dll

2013-10-09 18:25:07 ----A---- C:\Windows\SysWOW64\WebClnt.dll

2013-10-09 18:25:07 ----A---- C:\Windows\SysWOW64\davclnt.dll

2013-10-09 18:25:04 ----A---- C:\Windows\SysWOW64\mswsock.dll

2013-10-09 18:24:57 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-09 18:24:56 ----A---- C:\Windows\SysWOW64\tdh.dll

2013-10-09 18:24:56 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-09 18:24:55 ----A---- C:\Windows\SysWOW64\ntdll.dll

2013-10-09 18:24:55 ----A---- C:\Windows\SysWOW64\advapi32.dll

2013-10-09 18:24:52 ----A---- C:\Windows\SysWOW64\ntvdm64.dll

2013-10-09 18:24:50 ----A---- C:\Windows\SysWOW64\wow32.dll

2013-10-09 18:24:48 ----A---- C:\Windows\SysWOW64\setup16.exe

2013-10-09 18:24:48 ----A---- C:\Windows\SysWOW64\instnm.exe

2013-10-09 18:24:46 ----A---- C:\Windows\SysWOW64\user.exe

2013-10-09 18:24:40 ----A---- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-07 17:54:08 ----D---- C:\Program Files (x86)\GameSpy Arcade

2013-09-18 12:18:13 ----SHD---- C:\found.000

======List of files/folders modified in the last 3 months======

2013-12-15 14:09:03 ----RD---- C:\Program Files (x86)

2013-12-15 14:05:36 ----HD---- C:\ProgramData

2013-12-15 14:05:33 ----SHD---- C:\Windows\Installer

2013-12-15 14:05:33 ----D---- C:\Config.Msi

2013-12-15 14:05:32 ----D---- C:\Program Files (x86)\Common Files

2013-12-15 14:05:13 ----D---- C:\Windows\SysWOW64

2013-12-15 14:05:03 ----D---- C:\Program Files (x86)\Java

2013-12-15 14:04:45 ----D---- C:\Windows\Tasks

2013-12-15 14:04:44 ----D---- C:\Users\Sander\AppData\Roaming\Systweak

2013-12-15 14:03:12 ----SHD---- C:\System Volume Information

2013-12-15 14:03:12 ----D---- C:\Windows\System32

2013-12-15 14:03:12 ----D---- C:\Windows\inf

2013-12-15 14:01:28 ----D---- C:\Program Files (x86)\PC Speed Up

2013-12-15 14:00:05 ----D---- C:\Windows\Temp

2013-12-15 14:00:00 ----D---- C:\Users\Sander\AppData\Roaming\Desk 365

2013-12-15 14:00:00 ----A---- C:\Windows\SysWOW64\log.txt

2013-12-15 13:59:01 ----D---- C:\ProgramData\MFAData

2013-12-15 13:56:40 ----D---- C:\Users\Sander\AppData\Roaming\Yontoo

2013-12-15 13:56:21 ----D---- C:\Users\Sander\AppData\Roaming\Skype

2013-12-15 13:55:53 ----D---- C:\Program Files (x86)\Desk 365

2013-12-15 13:54:50 ----AD---- C:\ProgramData\Temp

2013-12-15 13:54:36 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic

2013-12-15 13:51:25 ----D---- C:\Program Files (x86)\AVG

2013-12-15 13:50:30 ----HD---- C:\$AVG

2013-12-15 13:49:40 ----D---- C:\ProgramData\AVG2013

2013-12-15 13:43:43 ----RD---- C:\Program Files

2013-12-15 13:39:46 ----D---- C:\ProgramData\Norton

2013-12-15 13:17:22 ----D---- C:\Program Files (x86)\Steam

2013-12-15 13:12:22 ----D---- C:\Program Files (x86)\Babylon

2013-12-15 12:55:07 ----D---- C:\Windows

2013-12-15 12:18:56 ----SD---- C:\ProgramData\Microsoft

2013-12-15 12:18:03 ----D---- C:\Windows\SysWOW64\en-US

2013-12-15 12:17:22 ----D---- C:\Windows\Microsoft.NET

2013-12-15 12:04:53 ----D---- C:\ProgramData\eSafe

2013-12-15 11:26:53 ----D---- C:\Windows\registration

2013-12-15 10:43:00 ----RD---- C:\Users

2013-12-15 10:17:21 ----D---- C:\Windows\Panther

2013-12-15 10:17:21 ----D---- C:\Windows\Logs

2013-12-15 10:17:21 ----D---- C:\Windows\debug

2013-12-15 08:26:53 ----RSD---- C:\Windows\assembly

2013-12-15 08:18:58 ----D---- C:\Windows\Prefetch

2013-12-14 19:51:44 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2013-12-14 11:58:59 ----D---- C:\Windows\winsxs

2013-12-14 11:53:49 ----D---- C:\Program Files (x86)\Windows Media Player

2013-12-14 11:53:47 ----D---- C:\Program Files (x86)\Internet Explorer

2013-12-14 11:53:44 ----D---- C:\Windows\SysWOW64\nl-NL

2013-12-14 11:53:29 ----D---- C:\Windows\SysWOW64\drivers

2013-12-13 11:20:58 ----D---- C:\ProgramData\Microsoft Help

2013-12-12 11:07:46 ----D---- C:\Program Files (x86)\Common Files\Steam

2013-12-11 14:35:37 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-12-09 11:04:08 ----D---- C:\Program Files (x86)\Common Files\AVG Secure Search

2013-12-09 11:03:50 ----D---- C:\ProgramData\AVG Secure Search

2013-12-09 11:03:48 ----D---- C:\Program Files (x86)\AVG Secure Search

2013-12-04 16:01:02 ----D---- C:\Windows\rescache

2013-12-04 14:11:00 ----D---- C:\Windows\SysWOW64\migration

2013-12-04 14:10:55 ----D---- C:\Windows\PolicyDefinitions

2013-12-02 18:06:47 ----D---- C:\ProgramData\Skype

2013-12-02 18:06:41 ----RD---- C:\Program Files (x86)\Skype

2013-11-30 10:54:18 ----D---- C:\Program Files (x86)\Common Files\Umbrella

2013-11-28 17:28:06 ----D---- C:\Program Files (x86)\GoforFiles

2013-11-09 11:19:21 ----D---- C:\ProgramData\CyberLink

2013-11-08 17:21:19 ----D---- C:\Program Files (x86)\Iminent

2013-11-07 01:52:48 ----A---- C:\Windows\SysWOW64\igdumd32.dll

2013-11-06 15:08:42 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2013-11-06 15:08:41 ----D---- C:\Program Files (x86)\Microsoft Office

2013-11-06 14:28:37 ----SD---- C:\Users\Sander\AppData\Roaming\Microsoft

2013-11-06 14:23:08 ----D---- C:\Users\Sander\AppData\Roaming\TP

2013-11-06 13:42:41 ----D---- C:\Windows\SysWOW64\wbem

2013-11-06 13:38:32 ----D---- C:\Program Files (x86)\Intel

2013-10-22 16:12:59 ----D---- C:\Windows\SysWOW64\WNLT

2013-10-21 16:59:32 ----D---- C:\Windows\SysWOW64\ARFC

2013-10-11 16:23:47 ----D---- C:\Program Files (x86)\Skype Recorder

2013-10-10 16:01:13 ----D---- C:\Windows\AppPatch

2013-10-10 15:59:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-09 18:26:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2013-10-07 17:53:49 ----D---- C:\Program Files (x86)\EA Games

2013-09-25 11:56:12 ----D---- C:\Program Files (x86)\DefaultTab

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys []

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys []

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys []

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []

R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys []

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys []

R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys []

R3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys []

R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []

R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys []

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []

R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys []

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []

R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys []

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys []

R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\drivers\iwdbus.sys []

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys []

R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys []

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys []

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirwin7.sys []

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys []

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys []

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys []

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys []

S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]

R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-29 166352]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2009-12-18 104968]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-13 70952]

R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-13 312616]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Sander\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-09-15 107520]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-03-29 626960]

R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-08-21 8704]

R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-10-13 156672]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]

R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe []

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-03-15 162648]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-03-15 276824]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-09-22 75136]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-03-29 148752]

R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 SProtection;SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2013-11-21 2905408]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-03-15 362840]

R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-09 1771544]

R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 desksvc;Desk 365 service; C:\Program Files (x86)\Desk 365\deskSvc.exe [2013-12-15 424016]

S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-06-06 100864]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 136176]

S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 136176]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-03-29 273168]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2011-04-05 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2011-04-05 4925184]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

De pop-ups blijken verdwenen te zijn. Bedankt voor jullie hulp!

Vorige versie van ZOEK.EXE niet als administrator gedraaid, daarom nogmaals uitgevoerd nu als administrator:

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by Dirk Wuyten on za 30/11/2013 at 21:13:05,93.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Dirk Wuyten\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-30-133413.log 80697 bytes

C:\zoek-results2013-11-30-181753.log 8802 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\ProgramData\347ede71620b9bf not found

C:\Program Files (x86)\Movie Subtitles Searcher not found

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} not found

"C:\Users\Dirk Wuyten\Downloads\MovieSubtitlesSearcher.exe" not found

"C:\Users\Public\Desktop\sample_20133011_1420.zip" not found

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [05/09/2013 19:06]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

E93F2072D4DCDD9135549B630F528724 - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator

865A33DBB80D0464E92DA7DA6B8B0F03 - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer

A1CCCE19A73366ECEED664AF9C60B2ED - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin

D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director

D8A3FDE47CBDC2D6DFAC14243050526B - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.4

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23/09/2012 18:43]

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 14:24]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

apdfllckaahabafndbhieahigkjlhalf - C:\Users\DIRKWU~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[09/05/2013 10:26]

Free Live Score - Dirk Wuyten - Default\Extensions\dhaeooajljgjiffkhgfejoacehiahfac

RealDownloader - Dirk Wuyten - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

Pocket Website - Dirk Wuyten - Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap

Pocket (formerly Read It Later) - Dirk Wuyten - Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{1B6AA62D-A139-4486-B0E9-3F1B41632C7C} Bing Url="http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{BD1373C5-5DB1-4E2E-82D0-73FA39ACEF12} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_nlBE466"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dirk Wuyten\AppData\Local\Mozilla\Firefox\Profiles\u93t4wa1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\DIRKWU~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 30/11/2013 at 21:27:45,13 ======================

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by Dirk Wuyten on za 30/11/2013 at 19:01:28,35.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Dirk Wuyten\Desktop\zoek.scr [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-30-133413.log 80697 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

---- Lines babylon removed from prefs.js ----

user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

---- FireFox user.js and prefs.js backups ----

user_20133011_1911_.backup

prefs_20133011_1911_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\347ede71620b9bf deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} deleted

"C:\Users\Dirk Wuyten\Downloads\MovieSubtitlesSearcher.exe" deleted

"C:\Users\Public\Desktop\sample_20133011_1420.zip" deleted

"C:\Program Files (x86)\Movie Subtitles Searcher\Application Files\Opensubtitles-1.0_1_0_0_0\ShellMenu.exe" deleted

"C:\Program Files (x86)\Movie Subtitles Searcher" not deleted

"C:\Program Files (x86)\Movie Subtitles Searcher\Application Files" not deleted

"C:\Program Files (x86)\Movie Subtitles Searcher\Application Files\Opensubtitles-1.0_1_0_0_0" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [05/09/2013 19:06]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

E93F2072D4DCDD9135549B630F528724 - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator

865A33DBB80D0464E92DA7DA6B8B0F03 - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer

A1CCCE19A73366ECEED664AF9C60B2ED - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin

D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director

D8A3FDE47CBDC2D6DFAC14243050526B - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.4

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23/09/2012 18:43]

ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[10/09/2012 16:55]

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 14:24]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

apdfllckaahabafndbhieahigkjlhalf - C:\Users\DIRKWU~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[09/05/2013 10:26]

Free Live Score - Dirk Wuyten - Default\Extensions\dhaeooajljgjiffkhgfejoacehiahfac

Freemake Video Downloader - Dirk Wuyten - Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh

RealDownloader - Dirk Wuyten - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

Pocket Website - Dirk Wuyten - Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap

Pocket (formerly Read It Later) - Dirk Wuyten - Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

==== Chrome Fix ======================

C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx deleted successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{1B6AA62D-A139-4486-B0E9-3F1B41632C7C} Bing Url="http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{BD1373C5-5DB1-4E2E-82D0-73FA39ACEF12} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_nlBE466"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dirk Wuyten\AppData\Local\Mozilla\Firefox\Profiles\u93t4wa1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\DIRKWU~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

Resultaat van de nieuwe ZOEK.EXE :

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\Movie Subtitles Searcher" not found

==== EOF on za 30/11/2013 at 19:17:53,10 ======================

Dit is het resultaat van de ZOEK.EXE :

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by Dirk Wuyten on za 30/11/2013 at 14:10:35,72.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\DIRKWU~1\AppData\Local\Temp\BNZ.5299e3bc1997eb\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

30/11/2013 14:12:58 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AVS4YOU deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\OApps deleted successfully

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully

C:\Program Files\Google deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\continuetosave deleted successfully

C:\ProgramData\regid.1986-12.com.adobe deleted successfully

C:\Users\Dirk Wuyten\AppData\Roaming\Lite deleted successfully

C:\Users\Dirk Wuyten\AppData\Roaming\WinRAR deleted successfully

==== Creating Sample_20133011_1420.zip ======================

Process chrome.exe killed

Copied file C:\Users\Dirk Wuyten\FileZilla_3.6.0_win32-setup.exe to sample\FileZilla_3.6.0_win32-setup.exe

Copied file C:\Users\Dirk Wuyten\SE-S204N_TS01.exe to sample\SE-S204N_TS01.exe

Copied file C:\Users\Dirk Wuyten\SE-S204N_TS02.exe to sample\SE-S204N_TS02.exe

sample\FileZilla_3.6.0_win32-setup.exe renamed to A0E65E9D2ADE830DCB2DA493F8F3CF1B

sample\SE-S204N_TS01.exe renamed to A865974FEAFB0B9EC5681E86B1F1B19C

sample\SE-S204N_TS02.exe renamed to 362D7B9841BDE72B0774783FCF0759F6

C:\Users\Public\Desktop\sample_20133011_1420.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9D56A56F-902E-4CED-B46C-06812D231CC5} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{539F76FD-084E-4858-86D5-62F02F54AE86} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCake Desktop Updater deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.bigseekpro.com/freefox/{5DFA8E74-F3DB-FE4B-4F2C-CC65EFD3E837}");

user_pref("browser.search.defaulturl", "http://www.bigseekpro.com/search/toolbar/freefox/{5DFA8E74-F3DB-FE4B-4F2C-CC65EFD3E837}?q={searchTerms}");

user_pref("browser.search.defaultenginename", "Search");

user_pref("browser.search.selectedEngine", "Search");

user_pref("browser.search.order.1", "Search");

user_pref("keyword.URL", "http://www.bigseekpro.com/search/toolbar/freefox/{5DFA8E74-F3DB-FE4B-4F2C-CC65EFD3E837}?q=");

user_pref("sweetim.toolbar.previous.keyword.URL", "");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819");

user_pref("extensions.BabylonToolbar_i.hardId", "f22c6095000000000000ac7289a8dab4");

user_pref("extensions.BabylonToolbar_i.id", "f22c6095000000000000ac7289a8dab4");

user_pref("extensions.BabylonToolbar_i.instlDay", "15487");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

user_pref("extensions.BabylonToolbar_i.newTab", true);

user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=110819&babsrc=NT_ss&mntrId=f22c6095000000000000ac7289a8dab4");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:35:55");

---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.id", "f22c6095000000000000ac7289a8dab4");

user_pref("extensions.BabylonToolbar_i.hardId", "f22c6095000000000000ac7289a8dab4");

user_pref("extensions.BabylonToolbar_i.instlDay", "15487");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1713:35:55");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

---- Lines delta removed from prefs.js ----

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.dfltLng", "en");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.id", "f22c6095000000000000ac7289a8dab4");

user_pref("extensions.delta.instlDay", "15829");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.newTab", false);

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.vrsn", "1.8.16.16");

user_pref("extensions.delta.vrsni", "1.8.16.16");

user_pref("extensions.delta.vrsnTs", "1.8.16.167:41:34");

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "f22c6095000000000000ac7289a8dab4");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15829");

user_pref("extensions.delta.vrsn", "1.8.16.16");

user_pref("extensions.delta.vrsni", "1.8.16.16");

user_pref("extensions.delta.vrsnTs", "1.8.16.167:41:34");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "en");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines mixidj removed from prefs.js ----

user_pref("extensions.mixidj.admin", false);

user_pref("extensions.mixidj.aflt", "babsst");

user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}");

user_pref("extensions.mixidj.autoRvrt", "false");

user_pref("extensions.mixidj.dfltLng", "en");

user_pref("extensions.mixidj.excTlbr", false);

user_pref("extensions.mixidj.ffxUnstlRst", false);

user_pref("extensions.mixidj.id", "f22c6095000000000000ac7289a8dab7");

user_pref("extensions.mixidj.instlDay", "15873");

user_pref("extensions.mixidj.instlRef", "sst");

user_pref("extensions.mixidj.newTab", false);

user_pref("extensions.mixidj.prdct", "mixidj");

user_pref("extensions.mixidj.prtnrId", "mixidj");

user_pref("extensions.mixidj.rvrt", "false");

user_pref("extensions.mixidj.smplGrp", "none");

user_pref("extensions.mixidj.tlbrId", "baseyh");

user_pref("extensions.mixidj.tlbrSrchUrl", "");

user_pref("extensions.mixidj.vrsn", "1.8.18.8");

user_pref("extensions.mixidj.vrsni", "1.8.18.8");

user_pref("extensions.mixidj.vrsnTs", "1.8.18.823:19:20");

---- Lines mixidj removed from user.js ----

user_pref("extensions.mixidj.tlbrSrchUrl", "");

user_pref("extensions.mixidj.id", "f22c6095000000000000ac7289a8dab7");

user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}");

user_pref("extensions.mixidj.instlDay", "15873");

user_pref("extensions.mixidj.vrsn", "1.8.18.8");

user_pref("extensions.mixidj.vrsni", "1.8.18.8");

user_pref("extensions.mixidj.vrsnTs", "1.8.18.823:19:20");

user_pref("extensions.mixidj.prtnrId", "mixidj");

user_pref("extensions.mixidj.prdct", "mixidj");

user_pref("extensions.mixidj.aflt", "babsst");

user_pref("extensions.mixidj.smplGrp", "none");

user_pref("extensions.mixidj.tlbrId", "baseyh");

user_pref("extensions.mixidj.instlRef", "sst");

user_pref("extensions.mixidj.dfltLng", "en");

user_pref("extensions.mixidj.excTlbr", false);

user_pref("extensions.mixidj.ffxUnstlRst", false);

user_pref("extensions.mixidj.admin", false);

user_pref("extensions.mixidj.autoRvrt", "false");

user_pref("extensions.mixidj.rvrt", "false");

user_pref("extensions.mixidj.newTab", false);

---- Lines CT2849859 removed from prefs.js ----

user_pref("CT2849859.1000234.TWC_location", "Oudenaarde, Belgium");

user_pref("CT2849859.1000234.TWC_locId", "BEXX0345");

user_pref("CT2849859.1000234.TWC_region", "OT");

user_pref("CT2849859.1000234.TWC_temp_dis", "c");

user_pref("CT2849859.1000234.TWC_TMP_city", "OUDENAARDE");

user_pref("CT2849859.1000234.TWC_TMP_country", "BE");

user_pref("CT2849859.1000234.TWC_wind_dis", "kmh");

user_pref("CT2849859.1000234.weatherData", "{\"icon\":\"11.png\",\"temperature\":\"10°C\",\"temperatureClear\":\"10°C\",\"highTemperature\":\"10°C\

user_pref("CT2849859.addressBarTakeOverEnabledInHidden", "true");

user_pref("CT2849859.autoDisableScopes", -1);

user_pref("CT2849859.cb_experience_000.enc", "MjI=");

user_pref("CT2849859.cb_firstuse0100.enc", "MQ==");

user_pref("CT2849859.cb_user_id_000.enc", "Q0I2NzUwNzc0ODM3NzNfMTM1Njk1MzQ3NDk0Ml9GaXJlZm94");

user_pref("CT2849859.cbcountry_001.enc", "QkU=");

user_pref("CT2849859.cbfirsttime.enc", "TW9uIERlYyAzMSAyMDEyIDEyOjMwOjU5IEdNVCswMTAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk=");

user_pref("CT2849859.CBOpenMAMSettings.enc", "MA==");

user_pref("CT2849859.defaultSearch", "false");

user_pref("CT2849859.embeddedsData", "[{\"appId\":\"129349798533094661\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"get

user_pref("CT2849859.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2849859.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2849859.enableAlerts", "always");

user_pref("CT2849859.enableSearchFromAddressBar", "false");

user_pref("CT2849859.FirstTime", "true");

user_pref("CT2849859.firstTimeDialogOpened", "true");

user_pref("CT2849859.FirstTimeFF3", "true");

user_pref("CT2849859.fixPageNotFoundError", "true");

user_pref("CT2849859.fixPageNotFoundErrorInHidden", "true");

user_pref("CT2849859.fixUrls", true);

user_pref("CT2849859.http___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRp

user_pref("CT2849859.installType", "xpe");

user_pref("CT2849859.isCheckedStartAsHidden", true);

user_pref("CT2849859.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2849859.isFirstTimeToolbarLoading", "false");

user_pref("CT2849859.isNewTabEnabled", false);

user_pref("CT2849859.isPerformedSmartBarTransition", "true");

user_pref("CT2849859.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

user_pref("CT2849859.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT2849859.LoginRevertSettingsEnabled", true);

user_pref("CT2849859.migrateAppsAndComponents", true);

user_pref("CT2849859.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fa.jimdo.com%2Fapp%2Fauth%2Fsignin%2F\",\"EB_MAIN_FRAME_TITLE\":\"I

user_pref("CT2849859.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT2849859.openThankYouPage", "true");

user_pref("CT2849859.openUninstallPage", "false");

user_pref("CT2849859.revertSettingsEnabled", "false");

user_pref("CT2849859.RevertSettingsEnabled", true);

user_pref("CT2849859.search.searchAppId", "129349798533094661");

user_pref("CT2849859.search.searchCount", "0");

user_pref("CT2849859.searchInNewTabEnabled", "false");

user_pref("CT2849859.searchInNewTabEnabledInHidden", "true");

user_pref("CT2849859.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2849859.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT2849859.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");

user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2849859\"}");

user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://BittorrentBarNL.OurToolbar.c

user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BittorrentBar_NL\"}");

user_pref("CT2849859.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2849859.serviceLayer_services_appsMetadata_lastUpdate", "1379432101633");

user_pref("CT2849859.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1379432101814");

user_pref("CT2849859.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1379432101816");

user_pref("CT2849859.serviceLayer_services_login_10.13.40.15_lastUpdate", "1356953455342");

user_pref("CT2849859.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1379432101840");

user_pref("CT2849859.serviceLayer_services_searchAPI_lastUpdate", "1379432101652");

user_pref("CT2849859.serviceLayer_services_serviceMap_lastUpdate", "1379432101508");

user_pref("CT2849859.serviceLayer_services_toolbarContextMenu_lastUpdate", "1379432101786");

user_pref("CT2849859.serviceLayer_services_toolbarSettings_lastUpdate", "1379432101640");

user_pref("CT2849859.serviceLayer_services_translation_lastUpdate", "1379432101868");

user_pref("CT2849859.settingsINI", true);

user_pref("CT2849859.shouldFirstTimeDialog", "false");

user_pref("CT2849859.smartbar.CTID", "CT2849859");

user_pref("CT2849859.smartbar.toolbarName", "BittorrentBar_NL ");

user_pref("CT2849859.smartbar.Uninstall", "0");

user_pref("CT2849859.startPage", "false");

user_pref("CT2849859.toolbarBornServerTime", "31-12-2012");

user_pref("CT2849859.toolbarCurrentServerTime", "31-12-2012");

user_pref("CT2849859.url_history0001.enc", "c3RhcnQ6OjpjbGlja2hhbmRsZXI6OjoxMzc5NDMyMDAyNTg1LCwsc3RhcnQ6OjpjbGlja2hhbmRsZXI6OjoxMzc5NDMyMDAyNTg5LCwsc3

user_pref("CT2849859.UserID", "UN03901333348930136");

user_pref("CT2849859_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1379431980362,\"isWithState\":\"\",\"timeFromStar

---- Lines CT2504091 removed from prefs.js ----

user_pref("CT2504091.1000082.isPlayDisplay", "true");

user_pref("CT2504091.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"http://feedlive.n

user_pref("CT2504091.1000234.TWC_location", "Antwerpen, Belgium");

user_pref("CT2504091.1000234.TWC_locId", "BEXX0539");

user_pref("CT2504091.1000234.TWC_region", "OT");

user_pref("CT2504091.1000234.TWC_temp_dis", "c");

user_pref("CT2504091.1000234.TWC_TMP_city", "ANTWERPEN");

user_pref("CT2504091.1000234.TWC_TMP_country", "BE");

user_pref("CT2504091.1000234.TWC_wind_dis", "kmh");

user_pref("CT2504091.1000234.weatherData", "{\"icon\":\"27.png\",\"temperature\":\"10°C\",\"temperatureClear\":\"10°C\",\"highTemperature\":\"10°C\

user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true");

user_pref("CT2504091.autoDisableScopes", -1);

user_pref("CT2504091.cbcountry_001", "BE");

user_pref("CT2504091.cbfirsttime", "Thu Oct 25 2012 20:04:34 GMT+0200 (Romance (zomertijd))");

user_pref("CT2504091.defaultSearch", "false");

user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"get

user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");

user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.enableAlerts", "false");

user_pref("CT2504091.enableSearchFromAddressBar", "true");

user_pref("CT2504091.Facebook_Mode", "2");

user_pref("CT2504091.Facebook_User_Locale", "fr");

user_pref("CT2504091.FirstTime", "true");

user_pref("CT2504091.firstTimeDialogOpened", "true");

user_pref("CT2504091.FirstTimeFF3", "true");

user_pref("CT2504091.fixPageNotFoundError", "true");

user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true");

user_pref("CT2504091.fixUrls", true);

user_pref("CT2504091.http___facebook_conduitapps_com.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscroll=0,titlebar=1,closebutton=1,saveresizedsize=0,op

user_pref("CT2504091.installId", "ConduitNSISIntegration");

user_pref("CT2504091.installType", "ConduitNSISIntegration");

user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.isNewTabEnabled", true);

user_pref("CT2504091.isPerformedSmartBarTransition", "true");

user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fa.jimdo.com%2Fapp%2Fauth%2Fsignin%2F\",\"E

user_pref("CT2504091.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT2504091.openThankYouPage", "false");

user_pref("CT2504091.openUninstallPage", "false");

user_pref("CT2504091.search.searchAppId", "129079840422026594");

user_pref("CT2504091.search.searchCount", "2");

user_pref("CT2504091.searchInNewTabEnabledInHidden", "true");

user_pref("CT2504091.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");

user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}");

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://VuzeRemote.OurToolbar.com//x

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote\"}");

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");

user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1351200549792");

user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1351188269994");

user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1351188271478");

user_pref("CT2504091.serviceLayer_services_login_10.10.12.5_lastUpdate", "1351290023637");

user_pref("CT2504091.serviceLayer_services_login_10.10.27.6_lastUpdate", "1379432105164");

user_pref("CT2504091.serviceLayer_services_optimizer_lastUpdate", "1351200551087");

user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1351188272107");

user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1351188268776");

user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1379432105116");

user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1351188272044");

user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1379432105154");

user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1379432105266");

user_pref("CT2504091.settingsINI", true);

user_pref("CT2504091.shouldFirstTimeDialog", "false");

user_pref("CT2504091.smartbar.CTID", "CT2504091");

user_pref("CT2504091.smartbar.isHidden", true);

user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");

user_pref("CT2504091.smartbar.Uninstall", "0");

user_pref("CT2504091.startPage", "false");

user_pref("CT2504091.toolbarBornServerTime", "25-10-2012");

user_pref("CT2504091.toolbarCurrentServerTime", "17-9-2013");

user_pref("CT2504091.url_history0001", "http://www.ehow.com/how_6523342_remove-about_-blank.html:::clickhandler:::1351198530196,,,eHow | How to Videos, Articles & More - Discover the expert in you.

user_pref("CT2504091.UserID", "UN61333783898095139");

---- Lines Search removed from prefs.js ----

user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SE

---- Lines ask.com removed from prefs.js ----

user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.swee

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ----

user_pref("extensions.enabledAddons", "{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33,fmdownloader@gmail.com:1.0.0,ytfmdownloader@gmail.com:1.0.0,{EEE6

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"fmdownloader@gmail.com\":{\"descriptor\":\"C:\\\\Program Files (x

---- Lines Sweet removed from prefs.js ----

user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");

user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");

user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");

user_pref("sweetim.toolbar.dialogs.0.enable", "true");

user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");

user_pref("sweetim.toolbar.dialogs.0.height", "335");

user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");

user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");

user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=

user_pref("sweetim.toolbar.dialogs.0.width", "761");

user_pref("sweetim.toolbar.dialogs.1.enable", "true");

user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");

user_pref("sweetim.toolbar.dialogs.1.height", "300");

user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");

user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");

user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");

user_pref("sweetim.toolbar.dialogs.1.width", "500");

user_pref("sweetim.toolbar.dialogs.2.enable", "true");

user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");

user_pref("sweetim.toolbar.dialogs.2.height", "150");

user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");

user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");

user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp");

user_pref("sweetim.toolbar.dialogs.2.width", "530");

user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.

user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");

user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

user_pref("sweetim.toolbar.mode.debug", "false");

user_pref("sweetim.toolbar.newtab.created", "false");

user_pref("sweetim.toolbar.newtab.enable", "true");

user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");

user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");

user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");

user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");

user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*");

user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");

user_pref("sweetim.toolbar.scripts.0.enable", "false");

user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");

user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js");

user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");

user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");

user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*");

user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");

user_pref("sweetim.toolbar.scripts.1.enable", "false");

user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS");

user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js");

user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");

user_pref("sweetim.toolbar.scripts.2.callback", "");

user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");

user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");

user_pref("sweetim.toolbar.scripts.2.enable", "false");

user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");

user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");

user_pref("sweetim.toolbar.search.history.capacity", "10");

user_pref("sweetim.toolbar.searchguard.enable", "false");

user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");

user_pref("sweetim.toolbar.simapp_id", "{33DA683B-5038-11E2-968A-00262DC9FEB8}");

user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");

user_pref("sweetim.toolbar.version", "1.7.0.3");

user_pref("sweetim.toolbar.Visibility.enable", "true");

user_pref("sweetim.toolbar.Visibility.intervaldays", "7");

user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");

---- Lines extensions.50e8b18f2cdd6 removed from prefs.js ----

user_pref("extensions.50e8b18f2cdd6.epoch", "1379518328");

user_pref("extensions.50e8b18f2cdd6.url", "http://getsync.info/sync/?ext=ctos&pid=538&country=BE&regd=130105230447&lsd=130917152913&ver=2&ind=0&ssd=0&

---- Lines {2d8d9acc-f6d7-4362-8876-a275ca929591} modified from prefs.js ----

user_pref("extensions.enabledAddons", "{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33,fmdownloader@gmail.com:1.0.0,ytfmdownloader@gmail.com:1.0.0,{disa

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"fmdownloader@gmail.com\":{\"descriptor\":\"C:\\\\Program Files (x

---- FireFox user.js and prefs.js backups ----

user_20133011_1421_.backup

prefs_20133011_1421_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WebCake Desktop"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Minibar deleted

C:\Program Files (x86)\WebCake deleted

C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml deleted

C:\ProgramData\InstallMate deleted

C:\PROGRA~2\ContinueToSave deleted

C:\PROGRA~2\Vuze_Remote deleted

C:\PROGRA~2\Yontoo deleted

C:\PROGRA~2\MyPC Backup deleted

C:\PROGRA~2\Red Sky deleted

C:\PROGRA~2\Conduit deleted

C:\Users\Dirk Wuyten\AppData\Roaming\ExpressFiles deleted

C:\Users\Dirk Wuyten\AppData\Roaming\WebCake deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Web Cake deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Babylon deleted

C:\Users\Dirk Wuyten\AppData\Roaming\File Scout deleted

C:\Users\Dirk Wuyten\AppData\Roaming\OpenCandy deleted

C:\ProgramData\Partner deleted

C:\ProgramData\QuickSet deleted

C:\ProgramData\WoW Worldwide Software LTD deleted

C:\ProgramData\Tarma Installer deleted

C:\ProgramData\YTD Video Downloader deleted

C:\Users\Dirk Wuyten\AppData\Local\CRE deleted

C:\Users\Dirk Wuyten\AppData\Local\Minibar deleted

C:\Users\Dirk Wuyten\AppData\Local\DownTango deleted

C:\Users\Dirk Wuyten\AppData\Local\Conduit deleted

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\AVG Security Toolbar deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\Minibar deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\Vuze_Remote deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\BabylonToolbar deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\Delta deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\PriceGong deleted

C:\Users\Dirk Wuyten\AppData\LocalLow\Conduit deleted

C:\windows\SysNative\Tasks\Express FilesUpdate deleted

C:\windows\SysNative\tasks\ContinueToSaveUpdaterTask{06AF08DA-F610-4327-A398-B96F1ADB1523} deleted

C:\Windows\tasks\ContinueToSaveUpdaterTask{06AF08DA-F610-4327-A398-B96F1ADB1523}.job deleted

C:\user.js deleted

C:\end deleted

C:\Windows\SysWow64\searchplugins deleted

C:\Windows\SysWow64\Extensions deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\BrowserProtect.xml deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\babylon.xml deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\search.xml deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\WebSearch.xml deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\Invalidprefs.js deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\SweetPacksToolbarData deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\staged deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\CT2504091 deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\CT2849859 deleted

C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted

C:\Users\Dirk Wuyten\FileZilla_3.6.0_win32-setup.exe deleted

C:\Users\Dirk Wuyten\SE-S204N_TS01.exe deleted

C:\Users\Dirk Wuyten\SE-S204N_TS02.exe deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\50e8b18f2cd29@50e8b18f2cd62.com deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\smartbar deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\WebCakeDesktop.exe" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\delta.xml" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\mixidj.xml" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\sweetim.xml" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\delta.xml" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\mixidj.xml" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\sweetim.xml" deleted

"C:\PROGRA~2\ExpressFiles\EFUpdater.exe" deleted

"C:\PROGRA~2\ExpressFiles\htmlayout.dll" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\WebCakeDesktop.exe" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\dat\Desktop.OS.dll" deleted

"C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe" deleted

"C:\PROGRA~2\ExpressFiles" deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Betcat" deleted

"C:\ProgramData\Premium" not deleted

"C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\dat" deleted

"C:\ProgramData\Premium\ContinueToSave" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\DIRKWU~1\AppData\Local\Temp ====

2013-11-27 18:20:00 2BC8BF19009E87A134DE020FA5781328 713840 ----a-w- C:\Users\Dirk Wuyten\AppData\Local\Temp\{DC5825CA-CC6A-4292-A079-844807BB073C}\Addons\vaudix_extension.exe

2013-11-27 18:19:16 E8D86C771D7E23B080921B9803F1654C 75264 --s---r- C:\Users\Dirk Wuyten\AppData\Local\Temp\{DC5825CA-CC6A-4292-A079-844807BB073C}\Custom.dll

2013-11-27 18:19:16 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s---r- C:\Users\Dirk Wuyten\AppData\Local\Temp\{DC5825CA-CC6A-4292-A079-844807BB073C}\Setup.exe

2013-11-27 18:19:16 262CC5A5E5A007AE182C45E41AC35ADF 171008 --s---r- C:\Users\Dirk Wuyten\AppData\Local\Temp\{DC5825CA-CC6A-4292-A079-844807BB073C}\_Setup.dll

2013-11-27 18:19:15 AF7CE801C8471C5CD19B366333C153C4 275552 --s---r- C:\Users\Dirk Wuyten\AppData\Local\Temp\TsuFA891DB9.dll

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2013-11-28 05:47:19 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll

2013-11-28 05:47:11 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll

2013-11-28 05:47:10 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-28 05:47:10 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-11-28 05:47:10 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec

2013-11-28 05:47:10 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll

2013-11-28 05:47:10 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2013-11-28 05:47:10 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-28 05:47:10 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat

2013-11-28 05:47:10 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-11-28 05:47:10 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-11-28 05:47:10 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll

2013-11-28 05:47:10 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx

2013-11-28 05:47:10 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-11-28 05:47:10 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2013-11-28 05:47:10 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-11-28 05:47:10 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll

2013-11-28 05:47:10 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-11-28 05:47:10 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2013-11-28 05:47:10 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2013-11-28 05:47:10 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-11-28 05:47:10 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll

2013-11-28 05:47:10 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-11-28 05:47:10 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2013-11-28 05:47:09 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-11-28 05:47:09 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-11-28 05:47:09 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf

2013-11-28 05:47:09 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll

2013-11-28 05:47:09 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-11-28 05:47:09 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-11-28 05:47:09 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe

2013-11-28 05:47:09 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-11-28 05:47:09 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe

2013-11-28 05:47:09 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-11-28 05:47:09 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-11-28 05:47:09 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll

2013-11-28 05:47:09 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-28 05:47:09 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll

2013-11-28 05:47:09 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll

2013-11-28 05:47:08 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-28 05:47:08 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll

2013-11-28 05:47:08 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-11-28 05:47:08 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe

2013-11-28 05:47:08 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-28 05:47:08 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-11-28 05:47:08 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2013-11-28 05:47:08 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-11-28 05:47:08 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll

2013-11-28 05:47:08 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-28 05:47:08 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-28 05:47:08 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2013-11-28 05:47:08 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-28 05:47:08 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-11-28 05:50:18 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE

2013-11-28 05:47:19 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2013-11-28 05:47:11 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll

2013-11-28 05:47:08 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll

2013-11-28 05:47:07 FB9459892AF2AD60BDA98F820C1A28C3 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2013-11-28 05:47:07 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf

2013-11-28 05:47:07 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2013-11-28 05:47:07 E6CB36B85BE59095337427E853A5B65A 2332160 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-11-28 05:47:07 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe

2013-11-28 05:47:07 E36FDC470352C8F351F31959619CADD8 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-11-28 05:47:07 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2013-11-28 05:47:07 D36A88D22B843C3812B501434E5A67A0 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2013-11-28 05:47:07 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll

2013-11-28 05:47:07 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx

2013-11-28 05:47:07 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll

2013-11-28 05:47:07 C70F72684CDCF9BB142F50F98BB1DD9C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-11-28 05:47:07 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2013-11-28 05:47:07 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat

2013-11-28 05:47:07 B99C7CC6ED6917E3035A12171F40D240 5765120 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-11-28 05:47:07 95951E6A277F78FA13A85F2F408F4C0B 12995584 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-11-28 05:47:07 5FAC15F872026BBC31C11D3A32B84624 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-11-28 05:47:07 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2013-11-28 05:47:07 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe

2013-11-28 05:47:07 43D9CE875F8FC8370C6BA2F74D50D01C 1394176 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-11-28 05:47:07 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-11-28 05:47:07 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec

2013-11-28 05:47:07 3168FA85740503BAE77DB821CB3EE4FB 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-11-28 05:47:07 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll

2013-11-28 05:47:07 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll

2013-11-28 05:47:07 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-11-28 05:47:07 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll

2013-11-28 05:47:07 092F3E7D054FDF779054E29A0A0D4267 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-11-28 05:47:07 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-11-28 05:47:07 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll

2013-11-28 05:47:07 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2013-11-28 05:47:06 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll

2013-11-28 05:47:06 F34C20D099CF94A606A2B5B0C668B570 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2013-11-28 05:47:06 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll

2013-11-28 05:47:06 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-11-28 05:47:06 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll

2013-11-28 05:47:06 D233E1A32CE6AF918C9DE1BC44AFEB2A 23212032 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-11-28 05:47:06 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-11-28 05:47:06 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-11-28 05:47:06 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll

2013-11-28 05:47:06 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-11-28 05:47:06 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2013-11-28 05:47:06 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll

2013-11-28 05:47:06 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe

2013-11-28 05:47:06 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2013-11-28 05:47:06 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-11-28 05:47:06 612DC699EBF0AA1AAA065898D33B553A 1993728 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-11-28 05:47:06 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll

2013-11-28 05:47:06 5A54ED24D5D42102A64904809215E0DC 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-11-28 05:47:06 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe

2013-11-28 05:47:06 45152BA21450811F4619C9C1790E7353 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2013-11-28 05:47:06 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2013-11-28 05:47:06 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll

2013-11-28 05:47:06 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe

====== C:\Windows\Sysnative\drivers =====

2013-11-30 11:55:45 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-11-26 16:42:21 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2013-11-26 16:42:21 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2013-11-26 16:42:21 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2013-11-26 16:42:21 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2013-11-26 16:42:21 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2013-11-26 16:42:21 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2013-11-26 16:42:21 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2013-11-13 21:49:10 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-11-13 21:48:20 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

2013-11-13 21:48:19 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys

2013-11-13 21:48:19 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

====== C:\Windows\Tasks ======

2013-11-30 12:46:03 34A39DA616311B62C51225022C90D706 3358 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1836305183-848894975-1166310881-1001

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-30 12:10:30 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2013-11-27 18:59:11 -------- d-----w- C:\PROGRA~2\Movie Subtitles Searcher

======= C: =====

====== C:\Users\Dirk Wuyten\AppData\Roaming ======

2013-11-30 11:55:27 -------- d-----w- C:\Users\Dirk Wuyten\AppData\Local\Programs

2013-11-27 18:09:11 -------- d-----w- C:\Users\Dirk Wuyten\AppData\Local\Downloaded Installations

====== C:\Users\Dirk Wuyten ======

2013-11-30 12:09:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Dirk Wuyten\Downloads\RSITx64.exe

2013-11-30 11:54:25 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Dirk Wuyten\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-29 06:12:27 8BD8FCBBD91E826457F1E7F0A310DDB1 5933128 ----a-w- C:\Users\Dirk Wuyten\Downloads\Almost.Human.S01E02.Skin.1080p.WEB-DL.DD5.1.H_downloader_be_98828.exe

2013-11-27 18:58:19 D3AB19F7CC41B87725136AC871811658 1361944 ----a-w- C:\Users\Dirk Wuyten\Downloads\MovieSubtitlesSearcher.exe

2013-11-27 18:20:29 -------- d-----w- C:\ProgramData\347ede71620b9bf

====== C: exe-files ==

2013-11-30 12:10:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Dirk Wuyten.exe

2013-11-30 12:09:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Dirk Wuyten\Downloads\RSITx64.exe

2013-11-30 11:54:25 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Dirk Wuyten\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-29 06:12:27 8BD8FCBBD91E826457F1E7F0A310DDB1 5933128 ----a-w- C:\Users\Dirk Wuyten\Downloads\Almost.Human.S01E02.Skin.1080p.WEB-DL.DD5.1.H_downloader_be_98828.exe

2013-11-28 05:50:18 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\System32\IEUDINIT.EXE

2013-11-28 05:47:19 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2013-11-28 05:47:11 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-11-28 05:47:10 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2013-11-28 05:47:10 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2013-11-28 05:47:10 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-28 05:47:09 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-11-28 05:47:09 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe

2013-11-28 05:47:09 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe

2013-11-28 05:47:08 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe

2013-11-28 05:47:08 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-28 05:47:08 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe

2013-11-28 05:47:08 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2013-11-28 05:47:07 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\System32\msfeedssync.exe

2013-11-28 05:47:07 D68007F924B9F387AA7C76F48D0A260A 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2013-11-28 05:47:07 70D721CC971A9EFFCF7845CEFBB02704 480256 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2013-11-28 05:47:07 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe

2013-11-28 05:47:07 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-11-28 05:47:07 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe

2013-11-28 05:47:07 0685765C0CBE095BA0C6C8790BAE21EF 804560 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-11-28 05:47:07 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-11-28 05:47:06 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-28 05:47:06 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\System32\mshta.exe

2013-11-28 05:47:06 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\System32\iexpress.exe

2013-11-28 05:47:06 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2013-11-28 05:47:06 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\System32\wextract.exe

2013-11-27 18:59:11 F33C902184AEB56DB27C4573B1F65FE0 143360 ----a-w- C:\Program Files (x86)\Movie Subtitles Searcher\Application Files\Opensubtitles-1.0_1_0_0_0\ShellMenu.exe

2013-11-27 18:59:11 71BA459F18F097ACCB0E0106DFA5F271 735070 ----a-w- C:\Program Files (x86)\Movie Subtitles Searcher\unins000.exe

2013-11-27 18:59:11 3BF922E5C990081303394AAE8EFA988E 16384 ----a-w- C:\Program Files (x86)\Movie Subtitles Searcher\Application Files\Opensubtitles-1.0_1_0_0_0\Opensubtitles-1.0.exe

2013-11-27 18:58:19 D3AB19F7CC41B87725136AC871811658 1361944 ----a-w- C:\Users\Dirk Wuyten\Downloads\MovieSubtitlesSearcher.exe

2013-11-27 18:41:01 D1F5F159D643D3C470B12CD15E5E9CF1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$I3URSOM.exe

2013-11-27 18:41:01 AF90D31035470AE2503F95B5569D5E69 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$ITRNPSU.exe

2013-11-27 18:41:01 A08D110F8C67FA7C67353A539F059544 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$I1KIQ2I.exe

2013-11-27 18:41:01 76394B755EA58232B7BE603D475408A5 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$ILDTKAO.exe

2013-11-27 18:25:34 9BDE3FE993CADA6A94ABD101AAF45BE9 310960 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$R3URSOM.exe

2013-11-27 18:20:00 2BC8BF19009E87A134DE020FA5781328 713840 ----a-w- C:\Users\Dirk Wuyten\AppData\Local\Temp\{DC5825CA-CC6A-4292-A079-844807BB073C}\Addons\vaudix_extension.exe

2013-11-27 18:20:00 2BC8BF19009E87A134DE020FA5781328 713840 ----a-w- C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SANSX7TI\W_tp1t9o[1].exe

2013-11-27 18:19:44 237B7D9362B1F8E7597C02D161F9F284 312040 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$RLDTKAO.exe

2013-11-27 18:19:16 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s---r- C:\Users\Dirk Wuyten\AppData\Local\Temp\{DC5825CA-CC6A-4292-A079-844807BB073C}\Setup.exe

2013-11-27 18:19:09 237B7D9362B1F8E7597C02D161F9F284 312040 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$RTRNPSU.exe

2013-11-27 18:08:36 1E52D8F1ADF58037463F6B8724D02283 1827736 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$R1KIQ2I.exe

=== C: other files ==

2013-11-30 13:20:53 EF6A2838FAA781F08088319790F9082C 7063493 ----a-w- C:\Users\Public\Desktop\sample_20133011_1420.zip

2013-11-30 11:55:45 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-11-29 09:48:09 6007663E52EB7A2996A77DD9E39CA075 22958 ----a-w- C:\Users\Dirk Wuyten\Downloads\ripper-street-second-season_english-824906.zip

2013-11-28 20:01:17 35BD2FB9A014F526981B330EC554E0BD 20960 ----a-w- C:\Users\Dirk Wuyten\Downloads\agents.of.s.h.i.e.l.d.repairs.(2013).dut.1cd.(5339364).zip

2013-11-28 17:51:56 7E79E7F0CFFA59E92C168806772C936A 19473 ----a-w- C:\Users\Dirk Wuyten\Downloads\agents.of.s.h.i.e.l.d.the.well.(2013).dut.1cd.(5339232).zip

2013-11-28 10:00:23 F5B61190DCF079901623E83377ED11A5 18508 ----a-w- C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\plugins@getwebcake.com.xpi

2013-11-27 20:19:44 69B8D5D7C1A82867B2CD7999D3E0C79C 28356 ----a-w- C:\Users\Dirk Wuyten\Downloads\the.river.magus.(2012).dut.1cd.(4768892).zip

2013-11-27 19:12:07 5A843F40F4C0E7FE07661EF97B157B2F 18072 ----a-w- C:\Users\Dirk Wuyten\Downloads\serangoon.road.reach.out.(2013).dut.1cd.(5322448).zip

2013-11-27 18:50:00 1FFF3EE6BAD47EFA2D198594D54EAB73 20178 ----a-w- C:\Users\Dirk Wuyten\Downloads\agents.of.s.h.i.e.l.d.the.well.(2013).dut.1cd.(5317400).zip

2013-11-27 18:37:23 338F3ADB00B770D631F1F33FE448F85E 17400 ----a-w- C:\Users\Dirk Wuyten\Downloads\the.blacklist.general.ludd.(2013).dut.1cd.(5332067).zip

2013-11-27 18:32:40 B5253F0CBECFCD5544AED96D75DE338F 22830 ----a-w- C:\Users\Dirk Wuyten\Downloads\reign.hearts.and.minds.(2013).dut.1cd.(5336503).zip

2013-11-27 18:32:04 9199AE6B77689790D8FD2BBFC21C3AE6 20623 ----a-w- C:\Users\Dirk Wuyten\Downloads\reign.kissed.(2013).dut.1cd.(5336504).zip

2013-11-27 18:25:36 DF040A8C5CE249DD20C755E8DB07791B 17927 ----a-w- C:\Users\Dirk Wuyten\Downloads\homeland.horse.and.wagon.(2013).dut.1cd.(5335338).zip

2013-11-27 17:57:21 2B56DFD569048C235D23E3492F01EC68 23752 ----a-w- C:\Users\Dirk Wuyten\Downloads\ripper-street-second-season_english-820935.zip

2013-11-26 16:42:21 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-11-26 16:42:21 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-11-26 16:42:21 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-11-26 16:42:21 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-11-26 16:42:21 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-11-26 16:42:21 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-11-26 16:42:21 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Google Update"="C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"avg_spchecker"="C:\Program Files (x86)\AVG\AVG9\Notification\SPChecker1.exe /start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"LMgrVolOSD"="C:\Program Files (x86)\Launch Manager\OSD.exe"

"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"YouCam Mirage"="C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

"YouCam Tray"="C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe /s"

"Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Google Update"="C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelPROSet"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PROSet/Wireless"

"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"

"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"TkBellExe"="\"c:\\program files (x86)\\real\\realplayer\\Update\\realsched.exe\" -osboot"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AnyDVD]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AnyDVD"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\SlySoft\\AnyDVD\\AnyDVDtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GoogleDriveSync"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

"path"="C:\\Users\\Dirk Wuyten\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"

"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\Users\\DIRKWU~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"

"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk]

"path"="C:\\Users\\Dirk Wuyten\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2010 Schermopname en Snel starten.lnk"

"backup"="C:\\Windows\\pss\\OneNote 2010 Schermopname en Snel starten.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~2\\MICROS~2\\Office14\\ONENOTEM.EXE /tsr"

"item"="OneNote 2010 Schermopname en Snel starten"

==== Startup Folders ======================

2013-11-02 14:38:43 1062 ----a-w- C:\Users\Dirk Wuyten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2013-02-03 12:14:20 2073 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Polar WebSync.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/01/2012 11:51]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/01/2012 11:51]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001Core.job --a------ C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe [02/05/2013 19:01]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001UA.job --a------ C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe [02/05/2013 19:01]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001Core" [C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001UA" [C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Real Player-online actualiseringsprogramma" [c:\program files (x86)\real\realplayer\Update\realsched.exe]

"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1836305183-848894975-1166310881-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1836305183-848894975-1166310881-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-1836305183-848894975-1166310881-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-1836305183-848894975-1166310881-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [05/09/2013 19:06]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

- DB Toolbar - %ProfilePath%\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}

- WebCake - %ProfilePath%\extensions\plugins@getwebcake.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

E93F2072D4DCDD9135549B630F528724 - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator

865A33DBB80D0464E92DA7DA6B8B0F03 - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer

A1CCCE19A73366ECEED664AF9C60B2ED - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin

D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director

D8A3FDE47CBDC2D6DFAC14243050526B - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.4

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleted Firefox Extensions ======================

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\plugins@getwebcake.com.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[30/05/2012 14:56]

efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23/09/2012 18:43]

ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[10/09/2012 16:55]

fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\WebCake\WebCakeLayers.crx[]

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 14:24]

jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Dirk Wuyten\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

apdfllckaahabafndbhieahigkjlhalf - C:\Users\DIRKWU~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[09/05/2013 10:26]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Dirk Wuyten\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

Google Drive - Dirk Wuyten - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Freemake Video Downloader - Dirk Wuyten - Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Free Live Score - Dirk Wuyten - Default\Extensions\dhaeooajljgjiffkhgfejoacehiahfac

Adobe Acrobat - Create PDF - Dirk Wuyten - Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj

Wunderlist - To-do Task List - Dirk Wuyten - Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc

Cycling the Alps - Dirk Wuyten - Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh

Pocket Website - Dirk Wuyten - Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap

Watch Live TV Online For Free - Dirk Wuyten - Default\Extensions\mpbdccmngjfckmmodapeadjlooilodfi

Pocket (formerly Read It Later) - Dirk Wuyten - Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

==== Chrome Fix ======================

C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx deleted successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_suby.nl.softonic.com_0.localstorage deleted successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_suby.nl.softonic.com_0.localstorage-journal deleted successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://mixidj.delta-search.com/?affID=121136&babsrc=HP_ss&mntrId=F22CAC7289A8DAB7"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{1B6AA62D-A139-4486-B0E9-3F1B41632C7C} Bing Url="http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{BD1373C5-5DB1-4E2E-82D0-73FA39ACEF12} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_nlBE466"

==== Reset Google Chrome ======================

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} deleted successfully

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1836305183-848894975-1166310881-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{288F0F16-0087-4F09-ADE2-48A5F36C2DE0} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B5403D98-522A-5A10-855F-32F51EDA1B9A} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN94Q2Y6 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Dirk Wuyten\AppData\Local\Mozilla\Firefox\Profiles\u93t4wa1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\DIRKWU~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\Premium" not found

"C:\Users\Dirk Wuyten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MN94Q2Y6" not found

==== EOF on za 30/11/2013 at 14:34:13,97 ======================

Sinds vanmorgen krijg ik in bepaalde webpagina's ongevraagde pop-ups aangeboden, allen te maken met AWARDHOTSPOT.COM.

In deze webpagina's worden bepaalde woorden groen en dubbel onderstreept opgelicht. Als je daar dan met de muis over gaat, krijg je melding zoals "U kan een IPad winnen" ...

Voorbeeld :

Ik heb al een log via RSIT aangemaakt:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Dirk Wuyten at 2013-11-30 13:10:27

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 541 GB (61%) free of 881 GB

Total RAM: 8098 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:10:36, on 30/11/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\WebCakeDesktop.exe

C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Launch Manager\OSD.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Dirk Wuyten\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Dirk Wuyten.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mixi Dj Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)

R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Minibar.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll

O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O3 - Toolbar: Minibar - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - C:\Program Files (x86)\Minibar\Minibar.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Google Update] "C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WebCake Desktop] C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\WebCakeDesktop.exe

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: Dropbox.lnk = Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: Polar WebSync.lnk = C:\Program Files (x86)\Polar\WebSync\WebSync.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{BD8AA823-9479-43A4-B500-8B7F6D59BC48}: NameServer = 0.0.0.0

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WebCake Desktop Updater - Unknown owner - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe (file missing)

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--

End of file - 18203 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=60225454-7678-4900-93aa-7e474d286445 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\c70fd45e-887b-4e41-b43f-371ccd9f7a12-1c4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

C:\Windows\system32\WLANExt.exe 31409424

"C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe"

\??\C:\Windows\system32\conhost.exe "-4812678521415923752-170163995217843584851747739120602979571-17033539582039177154

taskeng.exe {0CA9F52E-D42E-4596-A7B7-181061016532}

C:\Windows\System32\spoolsv.exe

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"

C:\Windows\system32\svchost.exe -k bthsvcs

"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

"taskhost.exe"

C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe /schedule /profilepath "C:\ProgramData\Premium\ContinueToSave\profile.ini"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=17292647-e90f-4079-9562-793cd4a88875 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\53eecb3a-3032-4d3f-aa3f-443970864e29-a54-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray

"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4

"C:\Windows\WindowsMobile\wmdc.exe"

"C:\Windows\System32\igfxtray.exe"

C:\Windows\system32\igfxsrvc.exe -Embedding

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\WebCakeDesktop.exe"

"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

"C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\Launch Manager\OSD.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

"C:\Program Files (x86)\Polar\Daemon\polard.exe"

"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"

"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"

WLIDSvcM.exe 4772

C:\Windows\system32\svchost.exe -k WindowsMobile

"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6476.0.1409026332\454907250" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.3.135716736\1197224588" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.4.523486840\210288527" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.6.1209167002\276055913" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.7.940722752\106797169" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.8.164134407\829975354" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.9.148720159\942035659" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.10.1496478583\1572793247" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.11.853681417\1515820228" /prefetch:673131151

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.13.1128652749\1036657116" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.14.452888126\1523700260" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.18.1044586610\1827810119" /prefetch:673131151

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0\plugin/npWCChromeExtnStub.dll" --lang=nl --channel="6476.19.709174563\183181245" /prefetch:-390060480

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dirk Wuyten\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll" --lang=nl --channel="6476.20.914480974\1946017771" /prefetch:-390060480

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.21.2073096800\1425684589" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6476.22.1781217415\1905762030" --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" --lang=nl --channel="6476.23.1430435376\521255279" /prefetch:-390060480

"C:\Users\Dirk Wuyten\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=bc488c2e-14f9-4138-b3ea-a045b7d9f341 /coreSdkOptions=4096 /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" /dataPath="C:\ProgramData\AVG2013\" /userDataPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=d05d6704-afe9-467f-bf85-b8466f041213 /coreSdkOptions=4096 /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Users\Dirk Wuyten\AppData\Local\Avg2013\temp" /dataPath="C:\ProgramData\AVG2013\" /userDataPath="C:\Users\Dirk Wuyten\AppData\Local\Avg2013" /logPath="C:\Users\Dirk Wuyten\AppData\Local\Avg2013\log"

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.90.1148460203\1615140903" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.91.812598712\458561174" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.93.1844968918\792107994" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_02/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="6476.94.35924397\29296372" /prefetch:673131151

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\Dirk Wuyten\Downloads\RSITx64.exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\ContinueToSaveUpdaterTask{06AF08DA-F610-4327-A398-B96F1ADB1523}.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1836305183-848894975-1166310881-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.bigseekpro.com/freefox/{5DFA8E74-F3DB-FE4B-4F2C-CC65EFD3E837}"

prefs.js - "keyword.URL" - "http://www.bigseekpro.com/search/toolbar/freefox/{5DFA8E74-F3DB-FE4B-4F2C-CC65EFD3E837}?q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.168 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/wpi,version=1.4]

"Description"=

"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]

"Description"=RealPlayer LiveConnect-Enabled Plug-In

"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]

"Description"=RealNetworks RealDownloader Chrome Background Extension Plug-In

"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]

"Description"=RealNetworks RealDownloader HTML5VideoShim Plug-In

"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]

"Description"=RealNetworks RealDownloader Peppe rFlash Video Shim Plug-In

"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]

"Description"=RealPlayer Download Plugin

"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]

"Description"=RealDownloader Plugin

"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]

"Description"=

"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.168 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.4]

"Description"=

"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]

"Description"=

"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\

np-mswmp.dll

nppdf32.dll

nppdf32.JPN

nppdf32.NLD

nppl3260.dll

nppl3260.xpt

nprpplugin.dll

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

babylon.xml

bing.xml

bolcom-nl.xml

google.xml

marktplaats-nl.xml

wikipedia-nl.xml

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\extensions\

50e8b18f2cd29@50e8b18f2cd62.com

staged

{2d8d9acc-f6d7-4362-8876-a275ca929591}

{97A78363-B868-4B48-AC91-A783A31215AF}

{ba14329e-9550-4989-b3f2-9732e92d17cc}

C:\Users\Dirk Wuyten\AppData\Roaming\Mozilla\Firefox\Profiles\u93t4wa1.default\searchplugins\

babylon.xml

BrowserProtect.xml

delta.xml

mixidj.xml

search.xml

sweetim.xml

WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-27 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]

WebCake - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll [2013-05-24 197912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-25 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]

MinibarBHO - C:\Program Files (x86)\Minibar\Minibar.dll [2012-10-24 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-25 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

{60EACC1A-33FA-443D-9846-17B28E2C9BDB} - Minibar - C:\Program Files (x86)\Minibar\Minibar.dll [2012-10-24 331264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-09-16 1935120]

"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-09-16 1935120]

"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-03 2294568]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-26 12681320]

"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]

"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-03 167704]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-03 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-03 416024]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

"Google Update"=C:\Users\Dirk Wuyten\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02 116648]

"WebCake Desktop"=C:\Users\Dirk Wuyten\AppData\Roaming\Betcat\WebCakeDesktop.exe [2013-08-10 52504]

"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]

C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [2013-02-11 6869080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]

C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-04-16 19662744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

C:\Users\DIRKWU~1\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-05-25 27776968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dirk Wuyten^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk]

C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]

"LMgrVolOSD"=C:\Program Files (x86)\Launch Manager\OSD.exe [2011-08-06 348960]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-03 107816]

"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2011-03-30 87336]

"YouCam Mirage"=C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-04-15 136488]

"YouCam Tray"=C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-04-15 228448]

"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-02-03 506712]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

""= []

"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-09-23 4411952]

"TkBellExe"=c:\program files (x86)\real\realplayer\Update\realsched.exe [2013-09-05 295512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Polar WebSync.lnk - C:\Program Files (x86)\Polar\WebSync\WebSync.exe

C:\Users\Dirk Wuyten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-30 13:10:30 ----D---- C:\Program Files\trend micro

2013-11-30 13:10:27 ----D---- C:\rsit

2013-11-30 12:55:45 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-30 12:55:45 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-11-28 06:50:18 ----A---- C:\Windows\system32\IEUDINIT.EXE

2013-11-28 06:47:19 ----A---- C:\Windows\SYSWOW64\elshyph.dll

2013-11-28 06:47:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-28 06:47:11 ----A---- C:\Windows\SYSWOW64\jsIntl.dll

2013-11-28 06:47:11 ----A---- C:\Windows\system32\elshyph.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\url.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\msrating.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\msls31.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\licmgr10.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\icardie.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2013-11-28 06:47:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\wextract.exe

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\pngfilt.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\occache.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\inseng.dll

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2013-11-28 06:47:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\mshta.exe

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\imgutil.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2013-11-28 06:47:08 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll

2013-11-28 06:47:08 ----A---- C:\Windows\system32\jsIntl.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\wininet.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\urlmon.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\url.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2013-11-28 06:47:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-28 06:47:07 ----A---- C:\Windows\system32\msrating.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\msls31.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\mshtmlmedia.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\mshtmler.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\msfeedssync.exe

2013-11-28 06:47:07 ----A---- C:\Windows\system32\msfeedsbs.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\jsproxy.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\jscript9diag.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\jscript9.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\ieui.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\iesysprep.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\iesetup.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\iertutil.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\iernonce.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\ieframe.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\ieapfltr.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\ieapfltr.dat

2013-11-28 06:47:07 ----A---- C:\Windows\system32\IEAdvpack.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\ie4uinit.exe

2013-11-28 06:47:07 ----A---- C:\Windows\system32\icardie.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\dxtrans.dll

2013-11-28 06:47:07 ----A---- C:\Windows\system32\dxtmsft.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\wextract.exe

2013-11-28 06:47:06 ----A---- C:\Windows\system32\webcheck.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\vbscript.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\pngfilt.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\occache.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\mshtmled.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\MshtmlDac.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\mshtml.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\mshta.exe

2013-11-28 06:47:06 ----A---- C:\Windows\system32\msfeeds.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\licmgr10.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\jscript.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\inseng.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\imgutil.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\iexpress.exe

2013-11-28 06:47:06 ----A---- C:\Windows\system32\ieUnatt.exe

2013-11-28 06:47:06 ----A---- C:\Windows\system32\iepeers.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\ieetwproxystub.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2013-11-28 06:47:06 ----A---- C:\Windows\system32\ieetwcollector.exe

2013-11-28 06:47:06 ----A---- C:\Windows\system32\iedkcs32.dll

2013-11-27 19:59:11 ----D---- C:\Program Files (x86)\Movie Subtitles Searcher

2013-11-27 19:20:46 ----D---- C:\ProgramData\QuickSet

2013-11-27 19:20:29 ----D---- C:\ProgramData\347ede71620b9bf

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-11-26 17:42:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-11-13 22:49:58 ----A---- C:\Windows\system32\crypt32.dll

2013-11-13 22:49:56 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-11-13 22:49:10 ----A---- C:\Windows\system32\drivers\afd.sys

2013-11-13 22:48:52 ----A---- C:\Windows\system32\authui.dll

2013-11-13 22:48:50 ----A---- C:\Windows\SYSWOW64\authui.dll

2013-11-13 22:48:49 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-13 22:48:48 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll

2013-11-13 22:48:48 ----A---- C:\Windows\SYSWOW64\credui.dll

2013-11-13 22:48:48 ----A---- C:\Windows\system32\credui.dll

2013-11-13 22:48:21 ----A---- C:\Windows\system32\schannel.dll

2013-11-13 22:48:20 ----A---- C:\Windows\SYSWOW64\schannel.dll

2013-11-13 22:48:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2013-11-13 22:48:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2013-11-13 22:48:19 ----A---- C:\Windows\system32\drivers\cng.sys

2013-11-13 22:48:17 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2013-11-13 22:48:17 ----A---- C:\Windows\system32\sspicli.dll

2013-11-13 22:48:17 ----A---- C:\Windows\system32\ncrypt.dll

2013-11-13 22:48:17 ----A---- C:\Windows\system32\lsass.exe

2013-11-13 22:48:17 ----A---- C:\Windows\system32\lsasrv.dll

2013-11-13 22:48:16 ----A---- C:\Windows\SYSWOW64\secur32.dll

2013-11-13 22:48:16 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2013-11-13 22:48:16 ----A---- C:\Windows\system32\sspisrv.dll

2013-11-13 22:48:16 ----A---- C:\Windows\system32\secur32.dll

2013-11-13 22:48:13 ----A---- C:\Windows\SYSWOW64\gdi32.dll

2013-11-13 22:48:13 ----A---- C:\Windows\system32\gdi32.dll

2013-11-13 22:48:10 ----A---- C:\Windows\system32\IKEEXT.DLL

2013-11-13 22:48:09 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2013-11-13 22:48:08 ----A---- C:\Windows\SYSWOW64\nshwfp.dll

2013-11-13 22:48:08 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL

2013-11-13 22:48:08 ----A---- C:\Windows\system32\nshwfp.dll

======List of files/folders modified in the last 1 month======

2013-11-30 13:10:37 ----D---- C:\Windows\Temp

2013-11-30 13:10:36 ----D---- C:\Windows\Prefetch

2013-11-30 13:10:30 ----RD---- C:\Program Files

2013-11-30 12:55:51 ----D---- C:\Windows\system32\drivers

2013-11-30 12:55:45 ----RD---- C:\Program Files (x86)

2013-11-30 12:51:29 ----HD---- C:\Windows\system32\WLANProfiles

2013-11-30 12:33:57 ----SHD---- C:\Windows\Installer

2013-11-30 12:33:17 ----SHD---- C:\System Volume Information

2013-11-30 12:26:05 ----D---- C:\Windows\system32\config

2013-11-30 12:12:27 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox

2013-11-30 12:12:23 ----A---- C:\Windows\SYSWOW64\log.txt

2013-11-30 12:11:44 ----D---- C:\ProgramData\MFAData

2013-11-30 12:10:07 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Betcat

2013-11-30 12:06:55 ----D---- C:\ProgramData\NVIDIA

2013-11-29 20:11:25 ----D---- C:\Windows\system32\Tasks

2013-11-29 19:34:09 ----D---- C:\Windows\System32

2013-11-29 19:34:09 ----D---- C:\Windows\inf

2013-11-29 19:34:09 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-29 15:08:12 ----D---- C:\G

2013-11-29 07:06:26 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\vlc

2013-11-28 23:32:57 ----D---- C:\Windows\rescache

2013-11-28 06:58:13 ----D---- C:\Windows\winsxs

2013-11-28 06:50:28 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-11-28 06:50:28 ----D---- C:\Windows\system32\nl-NL

2013-11-28 06:50:28 ----D---- C:\Program Files (x86)\Internet Explorer

2013-11-28 06:50:27 ----D---- C:\Program Files\Internet Explorer

2013-11-28 06:50:26 ----D---- C:\Windows\SYSWOW64\migration

2013-11-28 06:50:26 ----D---- C:\Windows\SYSWOW64\en-US

2013-11-28 06:50:26 ----D---- C:\Windows\SysWOW64

2013-11-28 06:50:24 ----D---- C:\Windows\system32\migration

2013-11-28 06:50:24 ----D---- C:\Windows\system32\en-US

2013-11-28 06:50:24 ----D---- C:\Windows\PolicyDefinitions

2013-11-28 06:50:21 ----D---- C:\Windows\SYSWOW64\drivers

2013-11-28 06:50:21 ----D---- C:\Windows\system32\DriverStore

2013-11-28 06:50:18 ----D---- C:\Windows\Logs

2013-11-28 06:50:04 ----D---- C:\Windows\system32\catroot

2013-11-28 06:48:57 ----D---- C:\Windows\system32\catroot2

2013-11-28 06:33:42 ----D---- C:\Windows

2013-11-27 19:20:46 ----HD---- C:\ProgramData

2013-11-27 19:20:46 ----D---- C:\ProgramData\InstallMate

2013-11-20 20:29:31 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\File Scout

2013-11-16 13:22:53 ----D---- C:\Dirk

2013-11-14 00:17:50 ----D---- C:\ProgramData\Microsoft Help

2013-11-14 00:13:05 ----D---- C:\Windows\system32\MRT

2013-11-14 00:06:07 ----A---- C:\Windows\system32\MRT.exe

2013-11-11 22:50:40 ----D---- C:\Users\Dirk Wuyten\AppData\Roaming\Azureus

2013-11-11 12:18:00 ----D---- C:\Program Files (x86)\Launch Manager

2013-11-10 22:44:32 ----D---- C:\Vuze

2013-11-10 15:37:34 ----D---- C:\Muziek RIP

2013-11-08 08:14:11 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-05-20 557848]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-10-17 28992]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]

R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008]

R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2012-08-26 138400]

R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]

R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]

R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-15 31088]

R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-30 3069032]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]

R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\drivers\iwdbus.sys [2011-09-09 25496]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-12-28 56344]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-09-18 8604672]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-03-15 311400]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2010-09-03 1392688]

R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-09-08 136000]

R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-09-08 409408]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S0 DiagnosticScan;DiagnosticScan Driver; C:\Windows\system32\drivers\DiagnosticScan.sys []

S1 Start1Driver;Adware Away Driver; C:\Windows\system32\drivers\Start1Driver.sys []

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-09-15 299008]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2011-03-08 46592]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576]

S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-09-09 34200]

S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-10-27 158464]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 SMA_USBBUS;SMA USB Serial Converter; C:\Windows\system32\drivers\ftdibus.sys [2012-01-14 69320]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 WINUSB;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUSB.SYS [2010-11-21 41984]

S4 RsFx0151;RsFx0151 Driver; C:\Windows\system32\DRIVERS\RsFx0151.sys [2011-06-17 313696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-15 1166848]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]

R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-13 70952]

R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-13 312616]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-09-16 1518352]

R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-09-07 8704]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-12-28 325656]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-17 1640768]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-17 2253120]

R2 Polar Daemon;Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [2012-08-17 413184]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-09-16 844560]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-12-14 244904]

R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-17 381248]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-28 2656280]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-09-07 100864]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176]

S2 MsDepSvc;Web Deployment Agent Service; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400]

S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2011-06-17 62111072]

S2 WebCake Desktop Updater;WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe C:\Users\Dirk Wuyten\AppData\Roaming\WebCake\WebCakeDesktop.exe []

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-28 111616]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-09 1255736]

S3 WisLMSvc;WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [2011-08-06 118560]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 431456]

S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]

-----------------EOF-----------------

Nieuwe log van Malwarebytes

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000

Malwarebytes : Free anti-malware download

Databaseversie: v2012.10.26.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Dirk Wuyten :: DIRK-LAPTOP [administrator]

Realtime bescherming: Ingeschakeld

27/10/2012 0:24:52

mbam-log-2012-10-27 (00-24-52).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 227739

Verstreken tijd: 6 minuut/minuten, 25 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 2

C:\Users\Dirk Wuyten\Downloads\IconArt.exe (PUP.Adbundler) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Dirk Wuyten\Downloads\oi_webbuilder8zip.exe (PUP.BundleInstaller.OI) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Ik heb Google Chrome terug opgestart en de eerste keer kreeg ik terug een doorverwijzing naar about:blank.

Ik heb het nadien nog eens terug opgestart en nu blijkt Google Chrome (voorlopig?) terug normaal te werken.

Alvast bedankt voor de hulp!

Log MBAM

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000

Malwarebytes : Free anti-malware download

Databaseversie: v2012.10.26.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Dirk Wuyten :: DIRK-LAPTOP [administrator]

Realtime bescherming: Ingeschakeld

26/10/2012 19:09:31

mbam-log-2012-10-26 (19-15-58).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 227919

Verstreken tijd: 6 minuut/minuten, 14 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 3

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Geen actie ondernomen.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Geen actie ondernomen.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adware Away 4.1.0_is1 (Rogue.AdwareAway) -> Geen actie ondernomen.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 12

C:\$RECYCLE.BIN\S-1-5-21-1836305183-848894975-1166310881-1001\$RJ2E16L.exe (Adware.Dropper) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\AdwareAway.exe (Rogue.AdwareAway) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\AdwareAway40l_f.exe (Rogue.AdwareAway) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\DownloadSetup (1).exe (Affiliate.Downloader) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\DownloadSetup (2).exe (Affiliate.Downloader) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\DownloadSetup (3).exe (Affiliate.Downloader) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\DownloadSetup (4).exe (Affiliate.Downloader) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\IconArt.exe (PUP.Adbundler) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\MediaPlayerSetup (1).exe (Adware.Agent) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\MediaPlayerSetup.exe (Adware.Agent) -> Geen actie ondernomen.

C:\Users\Dirk Wuyten\Downloads\oi_webbuilder8zip.exe (PUP.BundleInstaller.OI) -> Geen actie ondernomen.

(einde)

LOG HIJACK

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:27:03, on 26/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Launch Manager\HotkeyApp.exe

C:\Program Files (x86)\Launch Manager\OSD.exe

C:\Program Files (x86)\Launch Manager\WButton.exe

C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\PROGRA~2\Raptr\raptr.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\PROGRA~2\Raptr\raptr_im.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Users\Dirk Wuyten\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files (x86)\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup

O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1836305183-848894975-1166310881-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: Dropbox.lnk = Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{BD8AA823-9479-43A4-B500-8B7F6D59BC48}: NameServer = 0.0.0.0

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe

O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--

End of file - 18391 bytes

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 7:48:15, on 26/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Users\Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Launch Manager\HotkeyApp.exe

C:\Program Files (x86)\Launch Manager\OSD.exe

C:\Program Files (x86)\Launch Manager\WButton.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\PROGRA~2\Raptr\raptr_im.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Users\Dirk Wuyten\Downloads\HijackThis.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (file missing)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (file missing)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files (x86)\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files (x86)\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup

O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - Startup: Dropbox.lnk = Dirk Wuyten\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)

O9 - Extra button: @C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)

O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{BD8AA823-9479-43A4-B500-8B7F6D59BC48}: NameServer = 0.0.0.0

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe

O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--

End of file - 19030 bytes