Johan Vancoillie

[ATTACH]36442[/ATTACH] zoek-results.log

[ATTACH]36375[/ATTACH] log.txt

De mail staat niet meer in mijn postvak-uit. Ik krijg die zowel binnen op Telenet-Inbox als op Postvak-in van mijn Outlook Express.

De mail die ik verstuurd heb, was naar info@kanokan.be. Dit gebeurde via Telenet webmail. Het antwoord dat ik hierop elke 18 minuten ontvang staat hierboven. Ik verwijder ze telkens maar toch ontvang ik telkens weer de zelfde mail in mijn inbox. Ik versleep hem ook telkens naar mijn spambox, maar hij blijft aankomen in mijn inbox.

Ik heb een mail verzonden. Hij kon niet geleverd worden. Normaliter krijg je dan onderstaande melding, maar nu krijg ik die mail reeds 2 dagen na elkaar, om de 20 minuten. Kan je narekenen hoeveel er dat per dag zijn. Kan ik hier iets aan doen? This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: retry timeout exceeded ------ This is a copy of the message, including all the headers. ------ ------ The body of the message is 167713 characters long; only the first ------ 106496 or so are included here. Return-path: Received: from [195.130.137.75] (helo=winston.telenet-ops.be) by host.groovywebmaster.com with esmtp (Exim 4.63) (envelope-from id 1XbPyt-0004r9-34 for ; Tue, 07 Oct 2014 03:18:51 -0500 Received: from baptiste.telenet-ops.be (baptiste.telenet-ops.be [195.130.132.51]) by winston.telenet-ops.be (Postfix) with ESMTP id CC1161BDABF for <>; Mon, 6 Oct 2014 15:19:18 +0200 (CEST) Received: from zcsnocm59.telenet-ops.be ([213.224.144.93]) by baptiste.telenet-ops.be with bizsmtp id zpEF1o001217UqV01pEF81; Mon, 06 Oct 2014 15:14:16 +0200 Date: Mon, 6 Oct 2014 15:14:14 +0200 (CEST) From: Message-ID: In-Reply-To: References: <F627D739F6BC42E782A9020AE670B5B9@johan91485be8a> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_45619902_1295671445.1412601254702" X-Originating-IP: [::ffff:178.116.101.32] Thread-Topic: The Vanco Brothers Thread-Index: K7QJPM9UGuBPRk3RachN6nAHiAZ6SmgsxPxJ8K/HIXMUKuGwgv5ptgfNPci4mpc= To: undisclosed-recipients:; ------=_Part_45619902_1295671445.1412601254702 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable

Bij mij is enkel de knop "+Reageren op discussie" te zien. De knop ernaast "+Markeer als opgelost" , zoals op de afbeelding is bij mij niet te zien. Ik ben nochtans ingelogd.

Nu is hij inderdaad verdwenen. Van harte bedankt. Moet ik nog acties ondernemen of mag ik markeren als opgelost? Waar vind ik trouwens die knop Markeer als OPGELOST?

Ik heb Windows in veilige modus opgestart maar C:\Windows\system32\PCProtect.dll heb ik niet kunnen verwijderen. (C:\Windows\system32\drivers\pcwatch.sys heb ik wel kunnen verwijderen) Telkens krijg ik de melding: Toegang tot doelmap geweigerd. U bent niet gemachtigd om deze bewerking uit te voeren. Delfix.exe heb ik wel kunnen uitvoeren.

ComboFix 14-03-03.02 - Johan 03/03/2014 23:51:14.4.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.32.1043.18.2039.896 [GMT 1:00] Gestart vanuit: c:\users\Johan\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Johan\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_PCWATCH -------\Service_pcwatch . . (((((((((((((((((((( Bestanden Gemaakt van 2014-02-03 to 2014-03-03 )))))))))))))))))))))))))))))) . . 2014-03-03 23:02 . 2014-03-03 23:05 -------- d-----w- c:\users\Johan\AppData\Local\temp 2014-03-03 23:02 . 2014-03-03 23:02 -------- d-----w- c:\users\mozaiek\AppData\Local\temp 2014-03-03 23:02 . 2014-03-03 23:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-03-03 22:38 . 2014-02-17 00:32 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{99A6B602-29F6-474B-897E-39582FF5CAD4}\mpengine.dll 2014-03-03 13:05 . 2014-03-03 12:37 24064 ----a-w- c:\windows\zoek-delete.exe 2014-03-03 07:59 . 2014-03-03 07:59 -------- d-----w- c:\users\Johan\AppData\Roaming\Simple Star 2014-03-03 07:39 . 2014-03-03 13:01 -------- d-----w- C:\zoek_backup 2014-03-02 20:31 . 2014-03-02 20:31 -------- d-----w- c:\windows\ERUNT 2014-03-02 19:31 . 2014-03-02 19:31 -------- d--h--w- c:\windows\msdownld.tmp 2014-03-02 19:27 . 2014-03-02 19:39 -------- d-----w- C:\AdwCleaner 2014-03-02 18:21 . 2014-02-17 12:30 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3552FCFB-F74F-423A-A4C6-8D492EAE2191}\gapaengine.dll 2014-03-02 18:20 . 2014-02-17 00:32 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-03-02 18:02 . 2014-03-02 18:04 -------- d-----w- c:\program files\Microsoft Security Client 2014-03-02 17:59 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2014-03-01 15:35 . 2014-03-01 15:35 -------- d-----w- c:\users\Johan\AppData\Roaming\Malwarebytes 2014-03-01 15:34 . 2014-03-01 15:34 -------- d-----w- c:\programdata\Malwarebytes 2014-03-01 15:34 . 2014-03-01 15:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2014-03-01 15:34 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-02-28 20:02 . 2014-02-28 20:02 -------- d-----w- c:\users\Johan\AppData\Local\Macromedia 2014-02-28 20:00 . 2014-02-28 20:00 -------- d-----w- c:\users\Johan\AppData\Local\Mozilla 2014-02-28 20:00 . 2014-02-28 20:00 -------- d-----w- c:\program files\Mozilla Maintenance Service 2014-02-28 13:26 . 2014-03-02 21:18 -------- d-----w- c:\program files\trend micro 2014-02-28 13:26 . 2014-02-28 13:28 -------- d-----w- C:\rsit 2014-02-28 07:17 . 2014-02-28 07:17 -------- d-----w- c:\windows\Migration 2014-02-27 15:07 . 2014-02-27 15:07 -------- d-----w- c:\users\Johan\AppData\Local\ApplicationHistory 2014-02-27 12:16 . 2014-02-27 12:16 -------- d-----w- c:\users\Johan\AppData\Roaming\vlc 2014-02-27 12:16 . 2014-02-27 12:16 -------- d-----w- c:\users\Johan\AppData\Roaming\FLV and Media Player 2014-02-27 12:15 . 2014-02-27 12:15 -------- d-----w- c:\programdata\Common Toolkit Suite 2014-02-27 11:54 . 2014-01-08 06:09 19840 ----a-w- c:\windows\system32\drivers\pcwatch.sys 2014-02-27 11:54 . 2014-01-08 06:08 293984 ----a-w- c:\windows\system32\PCProtect.dll 2014-02-13 07:11 . 2013-12-05 02:12 1248768 ----a-w- c:\windows\system32\msxml3.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-03-01 14:58 . 2012-04-16 06:03 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-01 14:58 . 2011-06-08 06:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-02-06 07:08 . 2014-02-28 07:37 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A893665-38D0-456A-84C2-AB21D4C1F6DE}\mpengine.dll 2014-01-19 07:32 . 2009-10-20 07:58 231584 ------w- c:\windows\system32\MpSigStub.exe 2013-12-18 20:10 . 2014-01-21 07:13 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024] "Nero PhotoShow Media Manager"="c:\progra~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe" [2007-04-27 312848] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-13 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-12 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-12 154136] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-12 129560] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440] . c:\users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Spoon.net Sandbox Manager 3.33.lnk - c:\users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe [2014-1-10 4616840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk backup=c:\windows\pss\DVD Check.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mediacontrole Picture Motion Browser.lnk] path=c:\users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk backup=c:\windows\pss\Mediacontrole Picture Motion Browser.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-14 23:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsWnd] 2008-10-17 14:52 1086768 ------w- c:\program files\Brownie\BrStsWnd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2008-10-09 05:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-16 22:11 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] 2007-11-06 14:34 177456 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-09-24 23:11 132496 ----a-w- c:\program files\Java\jre1.6.0_03\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-02-28 20:28 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2014-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 09:28] . 2014-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 09:28] . . ------- Bijkomende Scan ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\zqeqhe5s.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2014-03-04 00:07 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\@* *& ] @Allowed: (Read) (RestrictedCode) "MachineID"=hex:06,5a,9b,71,56,f0,a3,00 . [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\¢0×0ê0±0ü0·0ç0ó0 *¦0£0¶0ü0É0g0ubU0Œ0_0í0ü0«0ë0 *¢0×0ê0±0ü0·0ç0ó0] @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\¢0×0ê0±0ü0·0ç0ó0 *¦0£0¶0ü0É0g0ubU0Œ0_0í0ü0«0ë0 *¢0×0ê0±0ü0·0ç0ó0\ImageDataLightboxSR\ControlState] "008b-06a9"=dword:00000001 "008b-06ab"=dword:00000000 "008b-0514"="ARW 2.0-formaat" "008b-0580"="" "008b-0583"="c:\\Users\\Johan\\Documents\\Image Data Converter SR\\Collections" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe c:\program files\Common Files\Protexis\License Service\PsiService_2.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe c:\windows\system32\conime.exe c:\windows\system32\igfxsrvc.exe c:\program files\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2014-03-04 00:12:41 - machine werd herstart ComboFix-quarantined-files.txt 2014-03-03 23:12 ComboFix2.txt 2014-03-03 21:06 . Pre-Run: 45.135.339.520 bytes beschikbaar Post-Run: 44.813.410.304 bytes beschikbaar . - - End Of File - - FDD152C34526D6A96D06ADBFE775B570 84DAAF92C4695AE60591C148EED5E3F3

ComboFix 14-03-03.02 - Johan 03/03/2014 21:42:48.2.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.32.1043.18.2039.1033 [GMT 1:00] Gestart vanuit: c:\users\Johan\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\X86 . ---- Voorgaande Run ------- . c:\program files\ir.exe c:\programdata\33A33D8C61.sys c:\users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\melondrea_iels c:\users\Johan\Documents\~WRL0009.tmp c:\users\Johan\Documents\~WRL0053.tmp c:\users\Johan\Documents\~WRL0071.tmp c:\users\Johan\Documents\~WRL0094.tmp c:\users\Johan\Documents\~WRL0408.tmp c:\users\Johan\Documents\~WRL0470.tmp c:\users\Johan\Documents\~WRL0474.tmp c:\users\Johan\Documents\~WRL0516.tmp c:\users\Johan\Documents\~WRL0634.tmp c:\users\Johan\Documents\~WRL1040.tmp c:\users\Johan\Documents\~WRL1129.tmp c:\users\Johan\Documents\~WRL1214.tmp c:\users\Johan\Documents\~WRL1580.tmp c:\users\Johan\Documents\~WRL1693.tmp c:\users\Johan\Documents\~WRL2660.tmp c:\users\Johan\Documents\~WRL3084.tmp c:\users\Johan\Documents\~WRL3113.tmp c:\users\Johan\Documents\~WRL3353.tmp c:\users\Johan\Documents\~WRL3478.tmp c:\users\Johan\Documents\~WRL3954.tmp c:\users\mozaiek\AppData\Roaming c:\users\mozaiek\AppData\Roaming\Adobe\Acrobat\8.0\Synchronizer\adobesynchronizersu80 c:\users\mozaiek\AppData\Roaming\Adobe\Acrobat\8.0\Synchronizer\metadata\Synchronizer80 c:\users\mozaiek\AppData\Roaming\Google\Local Search History\google%2Eweb.w c:\users\mozaiek\AppData\Roaming\InterVideo\WinDVD\5.0\Bookmark\Ardennen 2010-573075874_Auto.bmk c:\users\mozaiek\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch c:\users\mozaiek\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2085648268-594906628-2024494315-1006\211d6170acdead96f2b0b3abc11b841a_207aa63c-8ed0-4d95-82e7-567eb3ee1e26 c:\users\mozaiek\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2085648268-594906628-2024494315-1006\2c213f36ee5b58c4e6131a062d6a848d_207aa63c-8ed0-4d95-82e7-567eb3ee1e26 c:\users\mozaiek\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2085648268-594906628-2024494315-1006\3b506bb7ec45930bece63a7501c6d653_207aa63c-8ed0-4d95-82e7-567eb3ee1e26 c:\users\mozaiek\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2085648268-594906628-2024494315-1006\784149cce94ccff820d86ca0df032ca5_207aa63c-8ed0-4d95-82e7-567eb3ee1e26 c:\users\mozaiek\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2085648268-594906628-2024494315-1006\abca89b8a79c2d7092ab2f0549f1eec3_207aa63c-8ed0-4d95-82e7-567eb3ee1e26 c:\users\mozaiek\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2085648268-594906628-2024494315-1006\ceb90913b6a3faba551052fb5e8cc9e3_207aa63c-8ed0-4d95-82e7-567eb3ee1e26 c:\users\mozaiek\AppData\Roaming\Microsoft\Excel\Excel11.xlb c:\users\mozaiek\AppData\Roaming\Microsoft\Forms\RefEdit.exd c:\users\mozaiek\AppData\Roaming\Microsoft\HTML Help\hh.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\3JAVBZJG\pmocntr2[1].xml c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\MSJ21YD1\tba[1].xml c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Excel11.pip c:\users\mozaiek\AppData\Roaming\Microsoft\Office\MSO1036.acl c:\users\mozaiek\AppData\Roaming\Microsoft\Office\MSO1043.acl c:\users\mozaiek\AppData\Roaming\Microsoft\Office\MSO2057.acl c:\users\mozaiek\AppData\Roaming\Microsoft\Office\PowerP11.pip c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Publis11.pip c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\1043.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\17 Megan Positief denken.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\2009-06-10 AJOntwerp Basofiche.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\2009-06-10 AJOntwerp Keuzelijsten.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\2009-06-10 Cover BaSO-zorgfiche.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\2009-06-10 Engagementsverklaring BaSO-project.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\2009-06-10 Handleiding BaSO-zorgfiche3.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\2009-06-10 Visietekst BaSO-project3.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\BASO fiche.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Biblio.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\de beluga walvis febe en sidney.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\EUROTOOL.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Normal.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Proefwerkenlijst december 2008.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Proefwerkenlijst juni 2009.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\QUIKANIM.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Sjablonen.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Tabellen 2008-2009.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\The Coverage - kaartjes 2.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\TRANS-IT (H).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\USB2 (G).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Recent\Verwisselbare schijf (G).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Office\VB11.pip c:\users\mozaiek\AppData\Roaming\Microsoft\Office\Word11.pip c:\users\mozaiek\AppData\Roaming\Microsoft\PowerPoint\PPT11.pcb c:\users\mozaiek\AppData\Roaming\Microsoft\Proof\CUSTOM.DIC c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\CREDHIST c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\0abedd24-9163-48ea-8019-9e861208f818 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\0ea7530e-0b4c-466c-a21d-cfc9ec3ba15c c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\12c1238f-d48f-48ce-88d4-2c001269bc10 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\8b30283c-7b26-4953-a152-b82a7c986a04 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\92857e7d-c7aa-48b7-bb7f-030d55e74f9d c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\aa04f6cf-e8f0-431f-9186-500bc1d69392 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\b8781d7b-3bb6-43de-b09e-15e8e255f3c7 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\c7c745b7-0124-4c63-b405-36e642c60c8e c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\ce3ce2c8-6d45-4a97-bb28-115985ee55d0 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\e620b7a1-1e08-4b2a-aec5-2f3f5570bfe8 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\e8a44249-d4c4-4cb0-9297-44770d3d9b8d c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\f38c087e-66aa-4ba5-9b9e-d461b9519957 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\f443cd7a-4a07-4362-b46d-7348a607f8a4 c:\users\mozaiek\AppData\Roaming\Microsoft\Protect\S-1-5-21-2085648268-594906628-2024494315-1006\Preferred c:\users\mozaiek\AppData\Roaming\Microsoft\Sjablonen\Normal.dot c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\0T467S3R.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\BKPO96QS.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\07BN3B3I.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\0RQRXYF7.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\2ZDWIMOA.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\3CXM5VE9.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\3UK08E92.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\6G46QAYI.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\79CP38JN.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\8LNM0GZU.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\98BAREDT.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\9FTE106T.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\AWJOM4HY.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\B80LWXHW.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA4XJSKW.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\BMRWB0HQ.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\CSMEZXTD.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\F41HE5Z9.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\GBPZ46WX.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\II3Y0V7M.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\JHW89UJT.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\KOK6T0JL.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\LJKFVV1I.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@ad.yieldmanager[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@adlink[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@ads.educationad[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@adsfac[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@adtech[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@amgdgt[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@aol[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@aol[3].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@be.msn[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@bs.serving-sys[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@bt.ilsemedia[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@c.bing[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@c.msn[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@clkads[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@clkads[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@clkads[3].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@cmg1.conduit-widgets[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@content.yieldmanager[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@corel[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@enquisite[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@feedsportal[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@fl01.ct2.comclick[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@google[4].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@google[5].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@hp-comm.be.msn[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@hp-commercial.my.nl.aol[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@ibsrv[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@imageshack[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@jufnele.yurls[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@jufnele[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@live[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@mail.google[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@meesterjohan.yurls[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@metriweb[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@mrpicassohead[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@msnportal.112.2o7[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@nl.aol[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@quantserve[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@rad.microsoft[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@rubiconproject[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@search.hp.my.nl.aol[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@treknature[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@typhonebe.solution.weborama[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@weborama[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@www.adspace[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@www.belstat[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@www.corel[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@www.microsoft[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@yahoo[2].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\mozaiek@youtube[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\OPZSZJCV.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\QH4SGALG.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJGADCC1.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\TPK5ZJTT.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\VZ8LHSAG.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\XODHX96W.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZJQX0RR0.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\MLISFNZT.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\mozaiek@avgtechnologies.112.2o7[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\mozaiek@onlinestores.metaservices.microsoft[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\mozaiek@tonenwilmainohio[1].txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Cookies\Y680CDQ0.txt c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\IECompatCache\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\IECompatCache\Low\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\IETldCache\Low\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\PrivacIE\Low\index.dat c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\17 Megan Positief denken.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\2009-06-10 AJOntwerp Basofiche.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\2009-06-10 AJOntwerp Keuzelijsten.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\2009-06-10 Cover BaSO-zorgfiche.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\2009-06-10 Engagementsverklaring BaSO-project.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\2009-06-10 Handleiding BaSO-zorgfiche3.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\2009-06-10 Visietekst BaSO-project3.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\BASO fiche.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\de beluga walvis febe en sidney.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Kompas doelen week 21-25.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Kompas doelen week 26-32.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Nano (G).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Proefwerkenlijst december 2008.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Proefwerkenlijst juni 2009.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Tabellen 2008-2009.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\The Coverage - kaartjes 2.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\TRANS-IT (H).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\USB2 (G).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\uurrooster_Tamara_Vanneste_2008-2009.xlsx.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\Verwisselbare schijf (G).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Recent\zzweg.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\SendTo\Compressed (zipped) Folder.ZFSendToTarget c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\SendTo\Desktop (create shortcut).DeskLink c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\SendTo\Documenten.mydocs c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\SendTo\Mail Recipient.MAPIMail c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\SendTo\Wizard Bestanden via Bluetooth overzetten.LNK c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk c:\users\mozaiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk c:\users\mozaiek\AppData\Roaming\Nero\Nero8\Nero BackItUp\Cache\NBKeyScan.txt c:\windows\IsUn0413.exe F:\Autorun.inf . . (((((((((((((((((((( Bestanden Gemaakt van 2014-02-03 to 2014-03-03 )))))))))))))))))))))))))))))) . . 2014-03-03 21:01 . 2014-03-03 21:01 -------- d-----w- c:\users\Johan\AppData\Local\temp 2014-03-03 21:01 . 2014-03-03 21:01 -------- d-----w- c:\users\mozaiek\AppData\Local\temp 2014-03-03 21:01 . 2014-03-03 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-03-03 20:01 . 2014-03-03 20:01 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E392B474-C717-4E6E-BD90-64A382D659AB}\MpKslbdfe439c.sys 2014-03-03 19:53 . 2014-02-17 00:32 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E392B474-C717-4E6E-BD90-64A382D659AB}\mpengine.dll 2014-03-03 13:05 . 2014-03-03 12:37 24064 ----a-w- c:\windows\zoek-delete.exe 2014-03-03 07:59 . 2014-03-03 07:59 -------- d-----w- c:\users\Johan\AppData\Roaming\Simple Star 2014-03-03 07:39 . 2014-03-03 13:01 -------- d-----w- C:\zoek_backup 2014-03-02 20:31 . 2014-03-02 20:31 -------- d-----w- c:\windows\ERUNT 2014-03-02 19:31 . 2014-03-02 19:31 -------- d--h--w- c:\windows\msdownld.tmp 2014-03-02 19:27 . 2014-03-02 19:39 -------- d-----w- C:\AdwCleaner 2014-03-02 18:21 . 2014-02-17 12:30 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3552FCFB-F74F-423A-A4C6-8D492EAE2191}\gapaengine.dll 2014-03-02 18:20 . 2014-02-17 00:32 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-03-02 18:02 . 2014-03-02 18:04 -------- d-----w- c:\program files\Microsoft Security Client 2014-03-02 17:59 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2014-03-01 15:35 . 2014-03-01 15:35 -------- d-----w- c:\users\Johan\AppData\Roaming\Malwarebytes 2014-03-01 15:34 . 2014-03-01 15:34 -------- d-----w- c:\programdata\Malwarebytes 2014-03-01 15:34 . 2014-03-01 15:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2014-03-01 15:34 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-02-28 20:02 . 2014-02-28 20:02 -------- d-----w- c:\users\Johan\AppData\Local\Macromedia 2014-02-28 20:00 . 2014-02-28 20:00 -------- d-----w- c:\users\Johan\AppData\Local\Mozilla 2014-02-28 20:00 . 2014-02-28 20:00 -------- d-----w- c:\program files\Mozilla Maintenance Service 2014-02-28 13:26 . 2014-03-02 21:18 -------- d-----w- c:\program files\trend micro 2014-02-28 13:26 . 2014-02-28 13:28 -------- d-----w- C:\rsit 2014-02-28 07:37 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A893665-38D0-456A-84C2-AB21D4C1F6DE}\mpengine.dll 2014-02-28 07:17 . 2014-02-28 07:17 -------- d-----w- c:\windows\Migration 2014-02-27 15:07 . 2014-02-27 15:07 -------- d-----w- c:\users\Johan\AppData\Local\ApplicationHistory 2014-02-27 12:16 . 2014-02-27 12:16 -------- d-----w- c:\users\Johan\AppData\Roaming\vlc 2014-02-27 12:16 . 2014-02-27 12:16 -------- d-----w- c:\users\Johan\AppData\Roaming\FLV and Media Player 2014-02-27 12:15 . 2014-02-27 12:15 -------- d-----w- c:\programdata\Common Toolkit Suite 2014-02-27 11:54 . 2014-01-08 06:09 19840 ----a-w- c:\windows\system32\drivers\pcwatch.sys 2014-02-27 11:54 . 2014-01-08 06:08 293984 ----a-w- c:\windows\system32\PCProtect.dll 2014-02-13 07:11 . 2013-12-05 02:12 1248768 ----a-w- c:\windows\system32\msxml3.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-03-01 14:58 . 2012-04-16 06:03 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-03-01 14:58 . 2011-06-08 06:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-01-19 07:32 . 2009-10-20 07:58 231584 ------w- c:\windows\system32\MpSigStub.exe 2013-12-18 20:10 . 2014-01-21 07:13 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024] "Nero PhotoShow Media Manager"="c:\progra~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe" [2007-04-27 312848] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-13 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-12 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-12 154136] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-12 129560] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 480560] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440] . c:\users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Spoon.net Sandbox Manager 3.33.lnk - c:\users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe [2014-1-10 4616840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk backup=c:\windows\pss\DVD Check.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mediacontrole Picture Motion Browser.lnk] path=c:\users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk backup=c:\windows\pss\Mediacontrole Picture Motion Browser.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-14 23:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsWnd] 2008-10-17 14:52 1086768 ------w- c:\program files\Brownie\BrStsWnd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2008-10-09 05:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-16 22:11 49152 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] 2007-11-06 14:34 177456 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2007-09-24 23:11 132496 ----a-w- c:\program files\Java\jre1.6.0_03\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-02-28 20:28 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2014-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 09:28] . 2014-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 09:28] . . ------- Bijkomende Scan ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\PCProtect.dll TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\zqeqhe5s.default\ . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-19382892-37d0-4849-b4f6-e6a7984e8311 - c:\program files\SelectionTool-soft\Uninstall.exe AddRemove-8461-7759-5462-8226 - c:\program files\Vuze\uninstall.exe AddRemove-Activeris AntiMalware_is1 - c:\program files\Activeris AntiMalware\unins000.exe AddRemove-FLV and Media Player - c:\program files\Applian Technologies\FLV and Media Player\uninstall.exe AddRemove-Het Heelal 2004 - c:\windows\IsUn0413.exe AddRemove-VOPackage - c:\users\Johan\AppData\Roaming\VOPackage\uninstall.exe AddRemove-wp-adk - c:\program files\Web Protect\wp-adk_uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2014-03-03 22:01 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\@* *& ] @Allowed: (Read) (RestrictedCode) "MachineID"=hex:06,5a,9b,71,56,f0,a3,00 . [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\¢0×0ê0±0ü0·0ç0ó0 *¦0£0¶0ü0É0g0ubU0Œ0_0í0ü0«0ë0 *¢0×0ê0±0ü0·0ç0ó0] @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\¢0×0ê0±0ü0·0ç0ó0 *¦0£0¶0ü0É0g0ubU0Œ0_0í0ü0«0ë0 *¢0×0ê0±0ü0·0ç0ó0\ImageDataLightboxSR\ControlState] "008b-06a9"=dword:00000001 "008b-06ab"=dword:00000000 "008b-0514"="ARW 2.0-formaat" "008b-0580"="" "008b-0583"="c:\\Users\\Johan\\Documents\\Image Data Converter SR\\Collections" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2014-03-03 22:06:43 ComboFix-quarantined-files.txt 2014-03-03 21:06 . Pre-Run: 45.248.262.144 bytes beschikbaar Post-Run: 45.180.989.440 bytes beschikbaar . - - End Of File - - 0B1F5846BF141536179A0341110AB3F1 84DAAF92C4695AE60591C148EED5E3F3

Zoek.exe v5.0.0.0 Updated 02-March-2014 Tool run by Johan on ma 03/03/2014 at 13:37:52,10. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Johan\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-03-113507.log 42680 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== Toegang geweigerd. ==== Deleting Files \ Folders ====================== C:\Windows\system32\Tasks\Activeris AntiMalware_startup deleted C:\Windows\system32\config\systemprofile\AppData\Roaming\Fighters deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware deleted C:\Users\Johan\AppData\Local\Systweak deleted "C:\Windows\system32\PCProtect.dll" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [04/09/2009 06:54] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\zqeqhe5s.default A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 9B6A3FF9099A9A87BCB583924C1D34C8 - C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\npMozillaSpoonPlugin.dll - Spoon Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 6A5514D088820307BD97F5A7B24007C0 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome BE9F266D2080FB8E308BC86A5735C000 - C:\Users\Johan\AppData\Local\Spoon\3.32.4.17\npMozillaSpoonPlugin.dll - Spoon Plugin A6F192D530DE04216573A15A0EDB6045 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.4 5FB3472848C15354B95FC523FF80DC2C - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.4 BF74A76F78EBBFD3A2328EC4AD9DA3CB - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.4 8EE2B9B90D024BDC7C6F32649935A137 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.4 3D85D0C5B2B138D596820B3418BC1A18 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.4 2C20711D6825B986342FAB9A5572AF26 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.4 A9CD542376B547E89964D7308E8917BF - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.4 E87E216C7B839EA112FCD317DE642F47 - C:\Users\Johan\AppData\Local\Spoon\3.24.0.6\npMozillaSpoonPlugin.dll - Spoon Plugin AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 8130FF8214221BA5AC764909587E161A - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 625D0A824F513CE1CABB8861E97F2142 - C:\Program Files\Google\Picasa3\npPicasa2.dll - Picasa AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation B18B7242761F8630BD8BC71325C7F16A - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 7D388990149D424EBDB31896C2A4ACC3 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=OIE9MSE&PC=UP09" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=OIE9MSE&PC=UP09" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\mozaiek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mozaiek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Johan\AppData\Local\Mozilla\Firefox\Profiles\zqeqhe5s.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=908 folders=114 310548904 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Johan\AppData\Local\Temp will be emptied at reboot C:\Users\mozaiek\AppData\Local\Temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Johan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\PCProtect.dll" not deleted "C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" deleted ==== EOF on ma 03/03/2014 at 16:49:12,24 ======================

Zoek.exe v5.0.0.0 Updated 02-March-2014 Tool run by Johan on ma 03/03/2014 at 8:40:30,22. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Johan\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 3/03/2014 8:45:37 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\Roxio deleted successfully C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Johan\AppData\Roaming\Sammsoft deleted successfully C:\Users\Johan\AppData\Roaming\SampleView deleted successfully C:\Users\Johan\AppData\Roaming\Simple Star deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\Microsoft\Internet Explorer\SearchScopes\{1E69FDC0-2B83-4E05-8421-50FA49367524} deleted successfully HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\Microsoft\Internet Explorer\SearchScopes\{7EAC1B27-D3F3-4E67-8594-17901E53B1F5} deleted successfully HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\Microsoft\Internet Explorer\SearchScopes\{8FF3AC42-788C-47FD-A32C-DCE63F79CBCC} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\PCProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\PCProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\SafeBoot\Network\PCProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectMonitor deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ProtectMonitor deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ProtectMonitor deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ProtectMonitor deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCProtect] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found "C:\Windows\Installer\1cfc7ef.msi" not found C:\Users\Johan\AppData\Roaming\Activeris deleted C:\ProgramData\Activeris deleted C:\Program Files\Applian Technologies deleted C:\Users\Johan\AppData\Roaming\DVDVideoSoft deleted C:\Users\Public\Desktop\Activeris AntiMalware.lnk deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\Solibo Ltd deleted C:\PROGRA~2\InstallMate deleted C:\Users\Johan\AppData\Local\avgchrome deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\Tasks\SelectionTool Update.job deleted C:\Windows\Tasks\SelectionTool_wd.job deleted C:\Windows\system32\Tasks\SelectionTool Update deleted C:\Windows\system32\Tasks\SelectionTool_wd deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted "C:\Windows\system32\acrisnative32.exe" deleted "C:\Windows\system32\PCProtectOff.ini" deleted "C:\Windows\system32\PCProtect.ini" deleted "C:\Windows\system32\drivers\pcwatch.sys" not deleted "C:\Windows\system32\PCProtect.dll" not deleted "C:\monitorsvc.exe" deleted "C:\monitor.exe" not deleted "C:\Windows\system32\Drivers\pcwatch.sys" not deleted "C:\Program Files\Activeris AntiMalware\acrissys.dll" deleted "C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe" deleted "C:\Program Files\Activeris AntiMalware\Interop.IWshRuntimeLibrary.dll" deleted "C:\Program Files\Activeris AntiMalware\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\Program Files\Activeris AntiMalware\scandll.dll" deleted "C:\Program Files\Activeris AntiMalware\System.Data.SQLite.dll" deleted "C:\Program Files\Activeris AntiMalware\Xceed.Compression.dll" deleted "C:\Program Files\Activeris AntiMalware\Xceed.FileSystem.dll" deleted "C:\Program Files\Activeris AntiMalware\Xceed.Zip.dll" deleted "C:\Program Files\Web Protect\freebl3.dll" not deleted "C:\Program Files\Web Protect\libnspr4.dll" not deleted "C:\Program Files\Web Protect\libplc4.dll" not deleted "C:\Program Files\Web Protect\libplds4.dll" not deleted "C:\Program Files\Web Protect\nss3.dll" not deleted "C:\Program Files\Web Protect\nssckbi.dll" not deleted "C:\Program Files\Web Protect\nssdbm3.dll" not deleted "C:\Program Files\Web Protect\nssutil3.dll" not deleted "C:\Program Files\Web Protect\PCCertInstaller.dll" not deleted "C:\Program Files\Web Protect\PCProtect.exe" not deleted "C:\Program Files\Web Protect\smime3.dll" not deleted "C:\Program Files\Web Protect\softokn3.dll" not deleted "C:\Program Files\Web Protect\sqlite3.dll" not deleted "C:\Program Files\Activeris AntiMalware\acrissys.dll" deleted "C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe" deleted "C:\Program Files\Activeris AntiMalware\Interop.IWshRuntimeLibrary.dll" deleted "C:\Program Files\Activeris AntiMalware\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\Program Files\Activeris AntiMalware\scandll.dll" deleted "C:\Program Files\Activeris AntiMalware\System.Data.SQLite.dll" deleted "C:\Program Files\Activeris AntiMalware\Xceed.Compression.dll" deleted "C:\Program Files\Activeris AntiMalware\Xceed.FileSystem.dll" deleted "C:\Program Files\Activeris AntiMalware\Xceed.Zip.dll" deleted "C:\Program Files\SelectionTool-soft\SelectionTool_wd.exe" deleted "C:\Program Files\SelectionTool-soft\SelectionTool_wd.exe" deleted "C:\Program Files\SelectionTool-soft\SelectionTool_wd.exe" deleted "C:\Program Files\Activeris AntiMalware" deleted "C:\Program Files\Web Protect" not deleted "C:\Program Files\Activeris AntiMalware" deleted "C:\Program Files\SelectionTool-soft" deleted "C:\Program Files\SelectionTool-soft" deleted "C:\Program Files\SelectionTool-soft" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-03-02 18:05:16 2701448229AEE43D266C00042EA3CB52 2154 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\Johan\AppData\Local\Temp ==== 2014-03-02 20:27:32 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-03-02 08:50:11 C6F4C01EB7834DF438CE86EC12855D26 4831488 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\amsetup_activeris_default_tuguu_installer.exe 2014-03-02 08:50:10 9416B10237364F2D80BF2DDFB5E1EA0E 73840 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\Cloud_Backup_Setup.exe 2014-03-02 08:49:56 177579E8B1FB727DAB62841D55DE9BF3 209306 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\VOPackage.exe 2014-03-02 08:49:53 7CBF0F56A71FCBF2D0C9044EB4EEEB1C 6538384 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\feven-pro.exe 2014-03-02 08:49:52 380A164A9602979CFF50CA0AE70EAEA8 1235280 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\Re-markit_2040-2082.exe 2014-02-28 20:27:47 A9C86900D2A61728C8326FE7147617C5 578440 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\npGoogleUpdate3.dll 2014-02-28 20:27:47 3A49D76D0AA3DC5FC0B4EEF3B7E84EF1 166792 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\psmachine.dll 2014-02-28 20:27:47 3703787CB966F9F6C69EF9164D882EE3 166792 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\psuser.dll 2014-02-28 20:27:40 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleUpdateOnDemand.exe 2014-02-28 20:27:40 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleCrashHandler64.exe 2014-02-28 20:27:40 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleCrashHandler.exe 2014-02-28 20:27:40 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleUpdateSetup.exe 2014-02-28 20:27:40 A43B937C580F5DFC43EF63EF72992FE9 847752 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\goopdate.dll 2014-02-28 20:27:40 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleUpdateBroker.exe 2014-02-28 20:27:40 6996AB4F70B3718CC465DE43A75A10C8 26112 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleUpdateHelper.msi 2014-02-28 20:27:40 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Johan\AppData\Local\Temp\{98F181C0-9E2C-4EE8-8AA2-F1F1D854D9E7}\GoogleUpdate.exe 2014-02-28 20:27:00 A9C86900D2A61728C8326FE7147617C5 578440 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\npGoogleUpdate3.dll 2014-02-28 20:27:00 3A49D76D0AA3DC5FC0B4EEF3B7E84EF1 166792 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\psmachine.dll 2014-02-28 20:27:00 3703787CB966F9F6C69EF9164D882EE3 166792 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\psuser.dll 2014-02-28 20:26:58 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleUpdateOnDemand.exe 2014-02-28 20:26:58 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleCrashHandler64.exe 2014-02-28 20:26:58 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleCrashHandler.exe 2014-02-28 20:26:58 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleUpdateSetup.exe 2014-02-28 20:26:58 A43B937C580F5DFC43EF63EF72992FE9 847752 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\goopdate.dll 2014-02-28 20:26:58 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleUpdateBroker.exe 2014-02-28 20:26:58 6996AB4F70B3718CC465DE43A75A10C8 26112 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleUpdateHelper.msi 2014-02-28 20:26:58 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Johan\AppData\Local\Temp\{9C5BB31B-D52E-4327-883C-CE232B19CD87}\GoogleUpdate.exe 2014-02-28 20:12:20 A9C86900D2A61728C8326FE7147617C5 578440 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\npGoogleUpdate3.dll 2014-02-28 20:12:20 3A49D76D0AA3DC5FC0B4EEF3B7E84EF1 166792 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\psmachine.dll 2014-02-28 20:12:20 3703787CB966F9F6C69EF9164D882EE3 166792 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\psuser.dll 2014-02-28 20:12:16 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleUpdateOnDemand.exe 2014-02-28 20:12:16 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleCrashHandler64.exe 2014-02-28 20:12:16 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleCrashHandler.exe 2014-02-28 20:12:16 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleUpdateSetup.exe 2014-02-28 20:12:16 A43B937C580F5DFC43EF63EF72992FE9 847752 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\goopdate.dll 2014-02-28 20:12:16 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleUpdateBroker.exe 2014-02-28 20:12:16 6996AB4F70B3718CC465DE43A75A10C8 26112 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleUpdateHelper.msi 2014-02-28 20:12:16 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Johan\AppData\Local\Temp\{64A3F2A3-F07B-4AE9-9B6D-6EE26740576A}\GoogleUpdate.exe 2014-02-28 12:02:07 4FC2DD7656CF6C466B073283BE23E695 4608 ----a-w- C:\Users\Johan\AppData\Local\Temp\i4jdel0.exe 2014-02-27 11:57:14 F7DE2118FBF18A8817B83DCCBA3738A7 10365728 ----a-w- C:\Users\Johan\AppData\Local\Temp\BackupSetup.exe 2014-02-27 11:54:39 A082E5473B2A9A4D846ED7DDF637AC76 8704 ----a-w- C:\Users\Johan\AppData\Local\Temp\SpOrder.dll 2014-02-27 09:26:32 E6BB491A120A0668A551A8C2ED2FEE4F 6602128 ----a-w- C:\Users\Johan\AppData\Local\Temp\{83EA00F3-C680-4E55-B6B1-16FA25015B34}\setup.exe 2014-02-27 09:26:19 DA4BFBD389F1FD5BB0C7394230BB6641 6967304 ----a-w- C:\Users\Johan\AppData\Local\Temp\n4562\OptimizerPro.exe 2014-02-27 09:26:17 819CF842280DAE24BFBAC0F6CB4EBCC2 6221664 ----a-w- C:\Users\Johan\AppData\Local\Temp\n4562\speedupmypc_EN_1303-b354ca22.exe 2014-02-27 09:25:56 5783C9C37A5A3E87EA4BF77A38A77D2D 233024 ----a-w- C:\Users\Johan\AppData\Local\Temp\n4562\melondrea_0702-81cfb2ef.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-02-27 11:54:33 F03FAEC422B8E51280C6643B95325A36 293984 ----a-w- C:\Windows\System32\PCProtect.dll ====== C:\Windows\system32\drivers ===== 2014-03-02 17:59:31 3546C0B6F2D808D4E6294A9D6B25151B 221568 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-03-01 15:34:40 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-02-27 11:54:47 !HASH: COULD NOT OPEN FILE !!!!! 19840 ----a-w- C:\Windows\System32\drivers\pcwatch.sys ====== C:\Windows\Tasks ====== 2014-03-02 09:04:47 C9F1D6DAB26708324E8671FF9A1DE835 3090 ----a-w- C:\Windows\system32\Tasks\Activeris AntiMalware_startup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-28 20:00:47 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2014-02-28 13:26:41 -------- d-----w- C:\Program Files\trend micro 2014-02-27 11:53:18 -------- d-----w- C:\Program Files\Web Protect ======= C: ===== 2014-02-13 14:12:36 8227D3C44DBC47BC5E279E37AF04261C 487517 ----a-w- C:\monitor.exe ====== C:\Users\Johan\AppData\Roaming ====== 2014-03-03 08:22:32 -------- d-----w- C:\Users\Johan\AppData\Local\Systweak 2014-03-03 07:59:22 -------- d-----w- C:\Users\Johan\AppData\Roaming\Simple Star 2014-02-28 20:00:55 -------- d-----w- C:\Users\Johan\AppData\Local\Mozilla 2014-02-27 15:07:00 DA17530920AE4C5085022FB9723DBB68 93 ----a-w- C:\Users\Johan\AppData\Local\fusioncache.dat 2014-02-27 15:07:00 -------- d-----w- C:\Users\Johan\AppData\Local\ApplicationHistory 2014-02-27 12:16:28 -------- d-----w- C:\Users\Johan\AppData\Roaming\vlc 2014-02-27 12:16:27 -------- d-----w- C:\Users\Johan\AppData\Roaming\FLV and Media Player 2014-02-27 11:56:51 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Fighters ====== C:\Users\Johan ====== 2014-03-03 07:15:32 A7690639D8FC6F297C0406FB8B8D7E21 186880 ----a-w- C:\Users\Johan\Downloads\LSPFix.exe 2014-03-02 20:39:31 C8F069A68D57DA55102D58CFE24C0D72 4765152 ----a-w- C:\Users\Johan\Downloads\C Cleaner.exe 2014-03-02 20:25:23 2075EBB7954277A05193412881EC8FDE 1037734 ----a-w- C:\Users\Johan\Downloads\JRT.exe 2014-03-02 19:28:38 2C6A7CC31F83BAD5A4F1539FB7174CAE 20868936 ----a-w- C:\Users\Johan\Downloads\BOIE9_NLNL_BO0084_VIS.EXE 2014-03-02 18:35:48 A845789676F7D2A542E708EB5CAC12C9 1244192 ----a-w- C:\Users\Johan\Desktop\adwcleaner.exe 2014-03-02 18:25:21 A845789676F7D2A542E708EB5CAC12C9 1244192 ----a-w- C:\Users\Johan\Downloads\adwcleaner.exe 2014-03-02 17:51:42 BFBA3103D1B3539164B50FD8D257BC1D 11154256 ----a-w- C:\Users\Johan\Downloads\mseinstall.exe 2014-03-02 08:51:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware 2014-03-02 08:44:01 541D953F8FE722A74B972407FF82796B 320512 ----a-w- C:\Users\Johan\Downloads\Java.exe 2014-02-28 20:13:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-02-28 20:00:48 -------- d-----w- C:\ProgramData\Mozilla 2014-02-28 13:26:05 DAAB3BCC6FA56354DECC22F4B9104F7F 339991 ----a-w- C:\Users\Johan\Downloads\RSIT-1.06 (1).exe 2014-02-28 13:25:49 DAAB3BCC6FA56354DECC22F4B9104F7F 339991 ----a-w- C:\Users\Johan\Desktop\RSIT-1.06.exe 2014-02-28 07:11:52 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2014-02-27 12:15:42 -------- d-----w- C:\ProgramData\Common Toolkit Suite ====== C: exe-files == 2014-03-03 07:19:41 E9F8C3AE8C2C2CF120F16C59E68301D0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2085648268-594906628-2024494315-1007\$I4M492B.exe 2014-03-02 20:27:32 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-03-02 08:50:11 C6F4C01EB7834DF438CE86EC12855D26 4831488 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\amsetup_activeris_default_tuguu_installer.exe 2014-03-02 08:50:10 9416B10237364F2D80BF2DDFB5E1EA0E 73840 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\Cloud_Backup_Setup.exe 2014-03-02 08:49:56 177579E8B1FB727DAB62841D55DE9BF3 209306 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\VOPackage.exe 2014-03-02 08:49:53 7CBF0F56A71FCBF2D0C9044EB4EEEB1C 6538384 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\feven-pro.exe 2014-03-02 08:49:52 380A164A9602979CFF50CA0AE70EAEA8 1235280 ----a-w- C:\Users\Johan\AppData\Local\Temp\44073108-b091-4817-a627-3300e73bb1cb\software\Re-markit_2040-2082.exe 2014-02-28 20:12:54 261EEC91B8A0FAA76499559265B1A627 36847320 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\33.0.1750.117\33.0.1750.117_chrome_installer.exe 2014-02-28 20:00:50 FC558F42CA98DAB4465263FDE812A5B2 106212 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe 2014-02-28 20:00:47 338037EFA0E8E8699B2667D57B751574 118896 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 2014-02-28 20:00:01 39A5A5E8E6448F6A8481E9CC762E5A4A 25212312 ----a-w- C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67K5JQYA\Firefox Setup 27.0.1.exe 2014-02-28 13:26:41 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Johan.exe 2014-02-28 12:02:07 4FC2DD7656CF6C466B073283BE23E695 4608 ----a-w- C:\Users\Johan\AppData\Local\Temp\i4jdel0.exe 2014-02-27 11:57:38 69964A5CE728889240732A08A589E8EA 18651688 ----a-w- C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67K5JQYA\FLVPlayer[1].exe 2014-02-27 11:57:14 F7DE2118FBF18A8817B83DCCBA3738A7 10365728 ----a-w- C:\Users\Johan\AppData\Local\Temp\BackupSetup.exe 2014-02-27 11:57:13 3D2810BD999225AC121040BA80D24494 98024 ----a-w- C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DS27COL\aff_setup[1].exe 2014-02-27 11:55:58 D7C083E7758FFD2DF5A336C084D24159 2758320 ----a-w- C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MT65LFZJ\FULL-DISKfighterSetup_partner516_1.3.61Web[1].exe 2014-02-27 11:53:16 71B60BBE81A2E6CC809D7B9A11833D90 5758504 ----a-w- C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RHI0HNYL\wp-adk.104i[1].exe === C: other files == 2014-03-03 07:19:41 0FF405B66F13DA25F3D5577DD84EEFAD 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2085648268-594906628-2024494315-1007\$IPJQ4AS.zip 2014-03-03 07:18:25 665EB733A910E451D9EDDE21E0C7D7C7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2085648268-594906628-2024494315-1007\$IH6W90Y.zip 2014-03-02 20:27:21 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\modules.bat 2014-03-02 20:27:21 7178963AEE641F3E47E1CE22416F8A3A 9295 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\runvalues.bat 2014-03-02 20:27:21 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\prelim.bat 2014-03-02 20:27:21 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\searchlnk.bat 2014-03-02 20:27:21 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\TDL4.bat 2014-03-02 20:27:20 F7A2BEBE778DC26187C675948B2CEBAB 16063 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\get.bat 2014-03-02 20:27:20 C9494C05F5248940AEE0D0A8C4EA89D9 152746 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\firefox.bat 2014-03-02 20:27:20 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\chrome.bat 2014-03-02 20:27:20 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\FWPolicy.bat 2014-03-02 20:27:20 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\ask.bat 2014-03-02 20:27:20 B13567DECD03F424239DE6D1ED408C08 10261 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\JRT.bat 2014-03-02 20:27:20 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\ev_clear.bat 2014-03-02 20:27:20 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\iexplore.bat 2014-03-02 20:27:20 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\delorphans.bat 2014-03-02 20:27:20 3ECC13A08D5F7771A8C8ED15C2B2B6D5 154576 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\misc.bat 2014-03-02 20:27:20 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\medfos.bat 2014-03-02 20:27:20 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Johan\AppData\Local\Temp\jrt\delfolders.bat 2014-02-28 12:02:48 66F5451EE4129B88976D30CD31E90690 26237 ----a-w- C:\Users\Johan\AppData\Roaming\Azureus\tmp\AZU5698845600859727706.tmp\plugin\azupdater_1.9.1.zip 2014-02-28 12:02:45 66F5451EE4129B88976D30CD31E90690 26237 ----a-w- C:\Users\Johan\AppData\Local\Temp\azupdater_1.9.1.zip 2014-02-28 12:02:29 CD0E05DBDC8984548DBA144E20D0F35C 9234316 ----a-w- C:\Users\Johan\AppData\Local\Temp\Vuze_5.3.0.0_win32.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" "Nero PhotoShow Media Manager"="C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "MSConfig"="C:\Windows\system32\msconfig.exe /auto" "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" "Nero PhotoShow Media Manager"="C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrStsWnd] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BrStsWnd" "hkey"="HKLM" "command"="C:\\Program Files\\Brownie\\BrstsWnd.exe Autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Health Check Scheduler] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Health Check Scheduler" "hkey"="HKLM" "command"="c:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="c:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Picasa Media Detector] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Picasa Media Detector" "hkey"="HKCU" "command"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QlbCtrl" "hkey"="HKLM" "command"="%ProgramFiles%\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\DVD Check.lnk" "backup"="C:\\Windows\\pss\\DVD Check.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\INTERV~1\\DVDCHE~1\\DVDCheck.exe " "item"="DVD Check" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mediacontrole Picture Motion Browser.lnk] "path"="C:\\Users\\Johan\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Mediacontrole Picture Motion Browser.lnk" "backup"="C:\\Windows\\pss\\Mediacontrole Picture Motion Browser.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\Sony\\SONYPI~1\\VOLUME~1\\SPUVOL~1.EXE /noballoononstart" "item"="Mediacontrole Picture Motion Browser" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\clr_optimization_v2.0.50727_32] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2014-01-10 09:21:41 1892 ----a-w- C:\Users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon.net Sandbox Manager 3.33.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06/10/2010 10:28] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06/10/2010 10:28] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Activeris AntiMalware_startup" [C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HP Health Check" [c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{1D474081-7974-43EA-B098-CBD4DABD0911}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{CC774EB4-0A2D-4662-9EBA-338132CD0D12}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [04/09/2009 06:54] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{a70186fb-3fb6-4577-b8fa-d3fe3c0c76e1}"="C:\Program Files\SelectionTool-soft\155.xpi" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\zqeqhe5s.default A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 9B6A3FF9099A9A87BCB583924C1D34C8 - C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\npMozillaSpoonPlugin.dll - Spoon Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 6A5514D088820307BD97F5A7B24007C0 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome BE9F266D2080FB8E308BC86A5735C000 - C:\Users\Johan\AppData\Local\Spoon\3.32.4.17\npMozillaSpoonPlugin.dll - Spoon Plugin A6F192D530DE04216573A15A0EDB6045 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.4 5FB3472848C15354B95FC523FF80DC2C - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.4 BF74A76F78EBBFD3A2328EC4AD9DA3CB - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.4 8EE2B9B90D024BDC7C6F32649935A137 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.4 3D85D0C5B2B138D596820B3418BC1A18 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.4 2C20711D6825B986342FAB9A5572AF26 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.4 A9CD542376B547E89964D7308E8917BF - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.4 E87E216C7B839EA112FCD317DE642F47 - C:\Users\Johan\AppData\Local\Spoon\3.24.0.6\npMozillaSpoonPlugin.dll - Spoon Plugin AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 8130FF8214221BA5AC764909587E161A - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 625D0A824F513CE1CABB8861E97F2142 - C:\Program Files\Google\Picasa3\npPicasa2.dll - Picasa AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation B18B7242761F8630BD8BC71325C7F16A - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 7D388990149D424EBDB31896C2A4ACC3 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaajpkhjdkhhnkmgfjodbkfpbmibkkk - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=OIE9MSE&PC=UP09" "Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google" "Default_Search_URL"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google" "Default_Page_URL"="http://www.google.com" "Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=google" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{1E69FDC0-2B83-4E05-8421-50FA49367524}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E69FDC0-2B83-4E05-8421-50FA49367524}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://nl.msn.com/?ocid=OIE9MSE&PC=UP09" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2085648268-594906628-2024494315-1007\Software\mozilla\Firefox\Extensions\{a70186fb-3fb6-4577-b8fa-d3fe3c0c76e1} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VMidi deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\059103D1F2AE2884A90A9464776548A2 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mozaiek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\mozaiek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\mozaiek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Johan\AppData\Local\Mozilla\Firefox\Profiles\zqeqhe5s.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=902 folders=107 310537593 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Johan\AppData\Local\Temp will be emptied at reboot C:\Users\mozaiek\AppData\Local\Temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Johan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\drivers\pcwatch.sys" not deleted "C:\Windows\system32\PCProtect.dll" not deleted "C:\monitor.exe" not found "C:\Windows\system32\Drivers\pcwatch.sys" not deleted "C:\Program Files\Web Protect\freebl3.dll" not found "C:\Program Files\Web Protect\libnspr4.dll" not found "C:\Program Files\Web Protect\libplc4.dll" not found "C:\Program Files\Web Protect\libplds4.dll" not found "C:\Program Files\Web Protect\nss3.dll" not found "C:\Program Files\Web Protect\nssckbi.dll" not found "C:\Program Files\Web Protect\nssdbm3.dll" not found "C:\Program Files\Web Protect\nssutil3.dll" not found "C:\Program Files\Web Protect\PCCertInstaller.dll" not found "C:\Program Files\Web Protect\PCProtect.exe" not found "C:\Program Files\Web Protect\smime3.dll" not found "C:\Program Files\Web Protect\softokn3.dll" not found "C:\Program Files\Web Protect\sqlite3.dll" not found "C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Program Files\Web Protect" not found ==== EOF on ma 03/03/2014 at 12:35:07,20 ======================

Logfile of random's system information tool 1.08 (written by random/random) Run by Johan at 2014-03-02 22:18:42 Microsoft® Windows Vista™ Home Basic Service Pack 2 System drive C: has 23 GB (16%) free of 143 GB Total RAM: 2039 MB (42% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:20:51, on 2/03/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16533) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe C:\Windows\system32\taskeng.exe C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe C:\Program Files\SelectionTool-soft\SelectionTool_wd.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe C:\Users\Johan\Desktop\RSIT-1.06.exe C:\Program Files\trend micro\Johan.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Spoon.net Sandbox Manager 3.33.lnk = C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PCProtect - Objectify Media Inc - C:\Program Files\Web Protect\PCProtect.exe O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\monitorsvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9774 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\SelectionTool Update.job C:\Windows\tasks\SelectionTool_wd.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-12 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-12 154136] "Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-12 129560] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392] "MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136] "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136] ""= [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024] "Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe [2007-04-27 312848] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-13 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe [2008-10-17 1086768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-11-06 177456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe [2007-05-23 192512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mediacontrole Picture Motion Browser.lnk] C:\PROGRA~1\Sony\SONYPI~1\VOLUME~1\SPUVOL~1.EXE [2007-04-17 368640] C:\Users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Spoon.net Sandbox Manager 3.33.lnk - C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2007-08-24 204800] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCProtect] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pcwatch.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2014-03-02 21:31:32 ----D---- C:\Windows\ERUNT 2014-03-02 20:31:03 ----HD---- C:\Windows\msdownld.tmp 2014-03-02 20:27:55 ----D---- C:\AdwCleaner 2014-03-02 19:02:33 ----D---- C:\Program Files\Microsoft Security Client 2014-03-02 18:59:31 ----A---- C:\Windows\system32\drivers\netio.sys 2014-03-02 09:51:35 ----D---- C:\Users\Johan\AppData\Roaming\Activeris 2014-03-02 09:50:57 ----D---- C:\ProgramData\Activeris 2014-03-02 09:50:56 ----D---- C:\Program Files\Activeris AntiMalware 2014-03-02 09:50:56 ----A---- C:\Windows\system32\acrisnative32.exe 2014-03-01 16:35:01 ----D---- C:\Users\Johan\AppData\Roaming\Malwarebytes 2014-03-01 16:34:42 ----D---- C:\ProgramData\Malwarebytes 2014-03-01 16:34:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2014-03-01 16:34:40 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-02-28 21:00:48 ----D---- C:\ProgramData\Mozilla 2014-02-28 21:00:47 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-02-28 21:00:43 ----D---- C:\Program Files\Mozilla Firefox 2014-02-28 14:26:41 ----D---- C:\Program Files\trend micro 2014-02-28 14:26:40 ----D---- C:\rsit 2014-02-28 08:17:57 ----D---- C:\Windows\Migration 2014-02-28 08:11:42 ----D---- C:\Program Files\SelectionTool-soft 2014-02-27 13:16:28 ----D---- C:\Users\Johan\AppData\Roaming\vlc 2014-02-27 13:16:27 ----D---- C:\Users\Johan\AppData\Roaming\FLV and Media Player 2014-02-27 13:15:42 ----D---- C:\ProgramData\Common Toolkit Suite 2014-02-27 12:58:10 ----D---- C:\Program Files\Applian Technologies 2014-02-27 12:54:47 ----A---- C:\Windows\system32\PCProtectOff.ini 2014-02-27 12:54:47 ----A---- C:\Windows\system32\PCProtect.ini 2014-02-27 12:54:47 ----A---- C:\Windows\system32\drivers\pcwatch.sys 2014-02-27 12:54:33 ----A---- C:\Windows\system32\PCProtect.dll 2014-02-27 12:53:18 ----D---- C:\Program Files\Web Protect 2014-02-14 08:08:47 ----A---- C:\Windows\system32\mshtmled.dll 2014-02-14 08:08:46 ----A---- C:\Windows\system32\vbscript.dll 2014-02-14 08:08:45 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-14 08:08:45 ----A---- C:\Windows\system32\ieui.dll 2014-02-14 08:08:43 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-14 08:08:43 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-14 08:08:42 ----A---- C:\Windows\system32\wininet.dll 2014-02-14 08:08:41 ----A---- C:\Windows\system32\jscript.dll 2014-02-14 08:08:39 ----A---- C:\Windows\system32\url.dll 2014-02-14 08:08:39 ----A---- C:\Windows\system32\jscript9.dll 2014-02-14 08:08:38 ----A---- C:\Windows\system32\iertutil.dll 2014-02-14 08:08:37 ----A---- C:\Windows\system32\urlmon.dll 2014-02-14 08:08:36 ----A---- C:\Windows\system32\ieframe.dll 2014-02-14 08:08:34 ----A---- C:\Windows\system32\mshtml.dll 2014-02-13 15:12:36 ----A---- C:\monitor.exe 2014-02-13 14:43:24 ----A---- C:\monitorsvc.exe 2014-02-13 08:11:09 ----A---- C:\Windows\system32\msxml3.dll ======List of files/folders modified in the last 1 months====== 2014-03-02 22:18:40 ----D---- C:\Windows\Temp 2014-03-02 21:35:31 ----HD---- C:\ProgramData 2014-03-02 21:31:32 ----D---- C:\Windows 2014-03-02 21:28:32 ----D---- C:\Windows\system32\Tasks 2014-03-02 20:38:39 ----D---- C:\Windows\Tasks 2014-03-02 20:38:38 ----D---- C:\Windows\System32 2014-03-02 20:36:47 ----D---- C:\Program Files\Common Files 2014-03-02 20:36:46 ----RD---- C:\Program Files 2014-03-02 20:31:23 ----D---- C:\Program Files\Internet Explorer 2014-03-02 19:06:16 ----D---- C:\Windows\system32\drivers 2014-03-02 19:04:44 ----SHD---- C:\Windows\Installer 2014-03-02 19:03:34 ----D---- C:\Windows\system32\catroot 2014-03-02 19:03:23 ----SD---- C:\ProgramData\Microsoft 2014-03-02 19:01:36 ----D---- C:\Windows\winsxs 2014-03-02 19:00:36 ----D---- C:\Windows\system32\catroot2 2014-03-02 18:59:12 ----SHD---- C:\System Volume Information 2014-03-02 10:30:46 ----D---- C:\Windows\Microsoft.NET 2014-03-02 09:55:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-03-02 09:55:48 ----D---- C:\Windows\inf 2014-03-02 09:28:13 ----D---- C:\Users\Johan\AppData\Roaming\DVDVideoSoft 2014-03-01 18:04:32 ----D---- C:\Windows\Performance 2014-03-01 15:58:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-02-28 21:12:59 ----D---- C:\Program Files\Google 2014-02-28 21:02:17 ----SD---- C:\Users\Johan\AppData\Roaming\Microsoft 2014-02-28 19:45:23 ----D---- C:\Windows\Prefetch 2014-02-28 15:40:41 ----D---- C:\Windows\Minidump 2014-02-28 14:04:26 ----D---- C:\Users\Johan\AppData\Roaming\Azureus 2014-02-28 08:30:46 ----RSD---- C:\Windows\assembly 2014-02-28 08:22:00 ----A---- C:\Windows\BRWMARK.INI 2014-02-28 08:20:57 ----D---- C:\Windows\system32\en-US 2014-02-28 08:11:40 ----HD---- C:\Windows\system32\GroupPolicy 2014-02-27 13:30:01 ----D---- C:\Windows\system32\WDI 2014-02-27 11:12:47 ----D---- C:\Users\Johan\AppData\Roaming\Nitro PDF 2014-02-24 08:30:36 ----A---- C:\Windows\NeroDigital.ini 2014-02-14 11:03:03 ----D---- C:\Windows\system32\migration 2014-02-14 08:26:18 ----D---- C:\Windows\system32\MRT 2014-02-14 08:18:14 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-07-31 43872] R1 pcwatch;pcwatch service; \??\C:\Windows\system32\Drivers\pcwatch.sys [2014-01-08 19840] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768] R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 188416] R3 E100B;Intel® PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-10-31 165760] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-14 2222080] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-12 181432] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-02-22 159232] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664] S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 BcmSqlStartupSvc;Opstartservice voor SQL Server voor Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2007-12-05 144688] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-03-26 196624] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] R2 SQLBrowser;SQL Server-browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944] R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-06 136176] S2 ProtectMonitor;Protect Monitor; C:\monitorsvc.exe [2014-02-13 34244] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-01 257928] S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-06 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-27 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PCProtect;PCProtect; C:\Program Files\Web Protect\PCProtect.exe [2014-01-08 1265608] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.2 (02.20.2014:1) OS: Windows Vista Home Basic x86 Ran by Johan on zo 02/03/2014 at 21:31:40,53 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2085648268-594906628-2024494315-1007\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{40E3923B-2BF2-49C3-B167-4095773FDDEC} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\fighters" Successfully deleted: [Folder] "C:\Users\Johan\AppData\Roaming\fighters" Successfully deleted: [Folder] "C:\Users\Johan\appdata\local\cre" Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{014DB7A4-E2FB-4A67-AEF3-ADA0F88851D2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0211191B-C5E2-4844-ACCA-B602F25E4010} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{02342B0B-0808-4F20-BE10-29399DEBC9D5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{02FFBC43-C834-4CDA-AD4B-74DC3CB6B06C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0311540E-CA8B-4F08-9BF8-DE4B5FAFD00D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{03373123-2004-4E19-B061-F8A9F7ACB731} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0414CA82-5927-421E-B3D9-E3378AB9A003} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{07BFF8FC-B5CF-427F-8CD9-0820120BEF3B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{09320116-F8D1-4F0B-A2F6-978A11230CC5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{093220FA-F8FE-4166-AE1A-7A0476DA4B01} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{097C0A31-D1B0-4A1B-9582-88E0E70E88EA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0A34A3D5-04CA-4CA9-A85D-40D4A261B2A1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0B5031B9-809D-45F0-AC6A-17E21D01A176} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0BB677DA-42F5-48C0-A408-D9184BFAD448} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0DE19926-6100-4B32-BC56-3A211DC2CDDC} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0E852099-3CFF-4726-9056-4A15F36CF899} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{0EAF4BB6-905F-4B1C-8FEF-5BFE9DABF905} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{103233FA-5C74-4C07-A89E-A5D39C006B0D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{10A5798C-ECD5-45F9-B29C-5E2F0125AD46} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{111A4720-31B6-4BA7-838C-5E22DE9F9275} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1131A5D9-EAED-43D9-AAE9-F7D0AF89D5A9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{11E360F4-2DEA-49C2-9ED5-D8769C552908} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{12337949-349C-4BC8-91C0-9E6D25F859F9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{130C30B1-2CDD-4E38-BA1A-A40AC919F6AB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{134541DD-CE2E-4B2E-B18E-6E3D2A60190B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1435E40E-E94B-44BD-B3E0-2B33B2A9CC6B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{145A13E8-5D74-4481-A6B6-1B677A954ECE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{150065B0-EAF5-4C71-A911-1A8E2E314343} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{151BF3FE-9ADB-4D16-9753-C3E0CF9E9605} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{15A462E1-E440-460E-9E5C-2C034371C74B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{15EA6168-E65B-4AA1-B909-BB8DB48BB116} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{16891FB5-A29E-40EC-B133-7309CBC62D1A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{16D00846-75E4-4461-BFF8-DAF9D044AC7E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{16D24C39-23D5-4887-A8EA-E1BA4769B149} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{183260D3-1AFC-4E84-B9C6-9F16488672A8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1849E0D0-65D9-432A-ADBE-A416EA540C2A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1853DB6F-6FB5-45EB-B16D-4B23FD5C6087} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{187CAFF5-AEDC-4250-83EB-1BC343299BDE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1A31F912-1539-4033-B6CB-D0606DE433A4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1B9D9801-D4F3-4582-8A66-CFCD78FB947D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1BC4AD51-5623-45DE-8828-C429F3051182} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1BDE4C97-9F85-476F-8DFB-ACA6D6946F42} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1C33C156-8E60-49E4-86AE-F5D42E302007} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1C8F56F5-E52A-4130-AD35-410F5E8C8D77} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1E90F814-4F8A-4EE4-9DA5-C910DE4AEC9E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1EEF23EE-923E-4EE5-BBAB-5487632DFD83} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{1F228713-3E18-433B-891D-09402492712B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2061D4C0-BCD1-4592-A378-4CD88F310791} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{22850F4C-4058-4AC9-86C6-556EF2E40A68} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{232CFF61-2CFC-49C5-8377-0518539D4BB8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2557A586-8CE2-4098-917B-CF5A68A19B81} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{25A0FCBD-27C4-4B11-85F9-930277711329} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2632F336-E511-46B5-9721-32D718B248F7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2766412F-CBD8-4F0E-B807-A4B49DD4DA5E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{293C6E97-6B9C-4378-8ADD-6CA51FA5B4FD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2A65CC73-0831-408C-934D-8208E2C5E98D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2ACAF054-1366-48AD-8437-BB76FC8C6E2A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2C6577F9-255E-4754-80B5-8918F8F72FB2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2D3E2D51-A240-489F-B8C4-619E5BFBDC0F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2D4F8200-475D-48D1-8637-82B34AA373E9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2D745888-55A3-477B-AC9B-5227A7E973DB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2D7944AA-A346-4EFF-9D20-F8B3534746A4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2D9890EC-6256-405B-9008-5FEFE6F55ABE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2DE4A91E-3113-4245-86AE-6C3A8D81232E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2DEB9893-45F2-4EBA-8A07-07FA73169537} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2F69E5ED-88B6-411F-A4C0-903BED057124} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{2FDDA7F6-AB08-46F6-8674-CA8CFDE64ECE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{302F9497-5B62-4B5A-86B3-A1409B05D6D7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3059D2A8-CE1F-471C-BF58-656C170217F7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{324866D2-F88C-449D-8C96-9E679D1BB1E0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{33A24978-4493-4076-957A-B6ED240A5D38} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{33DC723C-6734-4A38-A986-FC3A70836836} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{342CEB8A-D623-4F8A-BF1B-C90DA2FE87AB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{34334C70-822C-49F9-BEA0-F03E2AD4F1B3} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{349F9220-669B-4A37-9E49-BA696EFF831F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{35572FE6-4E7B-475D-9022-1A530E4DEE10} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{355B6BA3-E7E6-4AF6-B91C-338FC26DF4D3} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{368DEC6C-2176-4F21-84B4-260C15F0DC07} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{375A2750-69B0-451D-A75D-6FBB69692DD0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{377E7B18-C314-4A71-8595-9B56798AAD63} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{37BC5E37-5E64-4D43-987B-D98E94E92D2D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{38C09079-E266-42C8-BABE-3DD9FD09A30E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{392DBD4E-C310-4FEF-BE81-4077067B87E3} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3A1C2863-5A43-49B0-8987-2338611F4B0A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3AA09194-1F1B-4BD7-BA1C-7387AE968565} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3BA29C53-DD86-4212-B257-1D5DFE47E9B8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3C160FE5-2B72-4180-A01C-1E43B5C7E469} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3C49C077-F9F8-466C-972B-C5FA7B7A77B6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3DDF9541-F17F-495F-AC66-E160D7B3701F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3E2F7DFB-93F7-49D3-89B8-CB8F9C35F353} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3F3347B0-CF9A-4FC2-A809-16E7AC60E6A9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{3FF21758-2B85-4C37-8468-2E96D126ADC1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{406B529B-6628-4B43-BB04-67B9B09FE0C6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{40B10FA5-FD83-4B74-9A3F-0EC6A87A681E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{40B1CC28-16F9-43C1-9723-D03863DCBBB7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4255DB95-C182-4B73-B990-171F3A777C3B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{43492557-30BF-4129-A49E-31D1AF4E94C3} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4371E801-CEA0-49D2-98CB-3DC9A1C06178} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{43E23099-CAE2-4B69-8095-83878766EDC4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{44267FFB-A0E6-4B41-868F-0512102100DF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4530DC2D-60B4-41C7-8535-F0FC9995FCCA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{455689F7-C8B5-48BF-9824-6ACC76DAC4D3} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{464E7643-3FEE-45C1-A055-751CA391EF8C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4697EB22-A461-4C8A-8BDD-B635D191D226} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{46F58F13-9769-4619-AAEB-88234FF3ACFF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{488372F7-6D4C-42F1-90CF-D1C1F04D5F14} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4924F15D-9BB6-4836-BB5A-76F30F33A0DE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{49BBED12-F391-4DF2-9F11-E4A1E880AB84} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4A3B2C84-757B-4C26-B340-18334417B0F2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4A4FBBDB-C319-47CD-8B97-8B15836ACFA6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4AC543FD-ABC6-45E1-8443-1F85AA0C8DB9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4AEB8962-AB37-4538-97B6-52200F87C5CE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4B684110-B86F-4D99-80BC-7EFF0C1E5E28} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4B99C64A-05C2-4B1D-BC79-72D9F1C429A7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4BDCE551-C6DF-46A4-81AB-A9911DF21608} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4BF69B48-DE49-4DC6-B979-D6696EA667AE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4C57B850-5CB2-4B8E-A758-13F9BF63D6A4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4D673684-CA3F-48B3-B95B-5F632BE00CA1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4EB8AF73-B618-4CBC-B049-E043A56F29B0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4F43F6ED-3935-4B73-9689-3726A6619F28} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4F831074-5336-44F4-94F0-F3F0010AEACA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4F9075EB-2205-47B1-B0C7-FBD5AE2E9597} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{4FC3C3EA-F626-4883-A834-0DEF6246975E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{500079F6-F8D6-4147-9D63-D5AEF6DCCAE9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5027F08E-2CBD-4471-BB10-78E43B071CEF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{51399B15-A8A7-4F15-9157-0F68AF601A22} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{517E624D-1139-476E-9754-1A71B76110D1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{51880F42-44A4-4C0A-937B-BE163F028098} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{51BA2735-B4EB-44A0-9195-53D448DE6F7B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{51D9E159-B801-4E0B-A279-CFECB1E31DA9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{524409FA-614A-43CE-8BD3-7C60D502ACAC} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{52A2DB26-399A-44B1-9BE0-39344687F20F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{52B7434E-62DD-41CC-9D0B-3FE991BE68D9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5390D49E-188C-4AD9-BF74-5E9BD802CEBB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{54005A58-9D16-4028-A710-BCCAAA66A53D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{557C2738-EF5F-4159-A560-41ED92EEF275} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{569EBEAF-DBED-44AE-BA53-133539689520} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5716C044-2FA6-48EA-B05F-D4147B864560} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5887DF7E-CDCF-49A4-852B-3AF45459BEBE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{59367384-78B7-43F3-AA68-C94735B12BBB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{598A1E65-057E-4724-9338-4EC9A77CD039} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5AEDC8F6-F653-4F7A-A7DD-164DCC729686} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5BE50345-1FFE-4348-8822-AE9EE1CEC812} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5C180E9D-D249-4543-A1BF-9D158B86FEB5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5CCE1989-1333-4D0F-9E23-B8F04DFA9297} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5CD7BE5F-CBAC-4047-A31A-9ACB93795721} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{5EA5841F-66B1-48CD-9A03-D752E309A8B4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{60635AB5-BAB6-4880-B1FC-E111D89E9D0F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6063B982-3D38-4202-8879-15EE8AE3FA34} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6090D2B9-D025-47F3-9194-8798D9425769} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{61556964-5407-4DD0-8346-3E3E9040B82D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{61F68A7D-B757-4233-A320-872F8760DA7A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{625F731E-5772-4807-BB58-A2CB65F7413E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{62833D79-4103-4AE0-8120-FC98E456BD9A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{62BA6E95-F0D3-48AC-BDEB-7B08CE49E454} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{63F853F7-F7AB-423B-B691-B5F0A8B1DEB5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6476EBB2-BAD7-4AB2-B5C8-8524DD019E37} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{64E7A23D-A590-4017-AB71-55DC456D58C6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{653E1879-BD1D-4566-B6CA-E337AE002020} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6629B041-358B-43A9-975B-755E84DF9690} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{664A566C-147D-4D06-AC83-14B623F023C8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{667DF693-866F-4134-A158-8CDB8F774FF5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{671A16B9-483C-468E-938C-D17D4F2060E9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{68027E9A-9E0A-4997-8C0A-C247CE597904} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6896F2D1-4380-4496-8ADB-A4DFEB013E46} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{68EB2988-13A2-4381-80B9-AF5CAD50C50D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6967A001-5E13-43BF-947F-9689AB4619B1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6A2028CF-B344-43D6-811F-A44303313E36} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6A323802-CFE7-4B77-8536-136E6D960C62} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6B21562C-CE32-44AF-8A25-48763C4B0257} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6BCD1A07-FC65-45BF-BF78-219147C982EE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6BE84867-0B54-4D83-BA07-BEE66F78F1E2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6C608EB5-B3F3-4269-A35C-3A7FA32D9006} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6DE9A371-13A9-4726-9410-6D93AF9399B7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6E606A67-7AD6-40DE-819C-CF89DD31BD09} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6E664ECC-3C99-4D95-AA21-FDFD0CAF0135} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6F12EF45-FC90-41B4-B29A-DF22C252C7CF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6F98AF81-EB07-4FED-9723-34E49699C3C4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6FB9B6E1-EB1F-4216-9B58-65EA985AE883} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{6FEA5782-9119-4625-96B7-9A44319D65FF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{704B361E-A92D-45FA-AC87-5FD9780F3245} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{71783D1A-FE73-4106-A170-F52BF58485BD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7247BE78-9C77-48A7-9634-AF666B5378AB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{73648BEC-672E-4FF3-983D-1FC92163D812} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7393A25B-E7CC-488A-A1ED-4A0F1542D12F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{73AE21D4-728F-4172-88DC-840F0B2819FD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{745C68FF-1F64-4357-A2D5-8B726D6C9F6C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{74B51688-2206-4AD6-814F-292D7A2DB2F6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{754ABA48-0777-4D08-8060-3365A5193E11} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7564AB4A-2A91-40CE-ABDF-AD52ED505A02} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{764CCE08-500B-4F0F-BE52-B7AE9111A44A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{76AA573B-2065-4860-8EDF-31E0A24DE709} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{773D68F4-8AE1-49E8-87BD-D52FFCE906D6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{77D542E1-0B54-471C-A33D-612C40913901} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{780CC3AE-17A3-4DFD-94FE-E4DEE36597CA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{78628A17-136F-4ECE-8797-8C86DC773B45} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{79FADDE7-B682-402D-AB4A-BB272BA4C39E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7B24D8A3-E937-43B9-8FBF-9B60A15BB595} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7B3B3201-75F0-4741-8E51-8545ED711A32} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7CC548B4-C636-4CF2-8F81-7AA17A389AC4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7ECA4009-9083-4DB0-A736-9897E4ABAF3C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7F5206A7-C8AD-4D4C-9AA1-32A3029F6821} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7F70D911-B5EF-463E-B05B-5A0DF9863CF1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{7FF2D41B-DE1A-4397-9739-9286F25362A4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{80B8D156-3878-4527-A304-50815D59CF51} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{80BDB13E-FF49-4890-8F07-10BCB3B0008E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8175F415-5A76-411E-ADD1-5B469698279F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{822CB2AC-5302-4AEB-8457-3551F3B80815} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8296058E-FD44-4E3F-B7E2-E56320A19799} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8434F2E5-4E71-433C-A6D8-092EC85FBE27} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{848E0098-C1E7-4D23-AEF4-D571E04FD67C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{84DE7544-F15C-45EE-89B5-9CA2E07AD546} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{85D614EA-8C51-4EC4-8A5D-62D759452018} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{85E6C012-DCB0-4367-8D3C-2AC0224AEB22} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8686E619-4340-41B5-920C-2DF6FD2B06A9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8753A986-4426-4485-9E3B-AC71D854D67D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{88264664-9255-4744-84A2-E0EE0EF6864A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{89B70835-9F5A-44CF-BB0A-6DEE75DB6449} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{89D5F1E1-94C3-4C0C-85DC-34F416D17F9D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8A0902DB-D1CC-4E5A-BF3F-3AFC793B5EB8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8ACC19DF-7384-4898-AD5D-961B863D456F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8BCBFF62-1BC8-4A07-9A9B-A992BBF159BF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8C151B66-5E5C-4194-B692-2CC0B78B00B5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8C319E96-C798-4E7A-A51E-20B7636F1BE8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8CFC2865-F412-4194-9918-D7903C810FE6} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8DF858E2-1E3D-4E62-B3F7-EFDC36CE958D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8E8230A6-8D95-4B59-B66C-ADAE38D7450C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8ED82368-D2E0-4B9F-A0BF-E610A67611AA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{8F14AC48-A963-45C6-8816-168BC442D89E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{90722BE8-6211-4292-A768-F05080FF5D81} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{90946B71-C1BD-4404-B983-EA2CA7563118} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{90AAB465-7516-486B-93F1-5D8344AF4E53} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{91D28A07-EB70-41A7-834D-9A66E56192CA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{91D9CA65-DE1A-420E-B2DB-F52D1D7A80EB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{950660FE-FA61-472E-942D-95CC74BDF22F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{95BADAD5-E91A-40C9-AFD8-A3599C264A85} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{97B3CEF1-C4F4-4A53-888F-F9340A39BA13} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{97DA6C80-E016-446A-9D8F-39867AAD3CEB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{97DCBDCD-BFD5-42C2-A8AA-698C29AFC24D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{993121E3-ACC8-4043-9D0B-52509831680D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9B6E0FA0-362F-4056-96CA-10FACC212ECD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9D64C7D8-EF41-4EA1-83BC-2E6C0997228F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9DA2DF52-56EC-475B-B882-5515667C6F83} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9E563B78-8E56-4919-BF1B-D5FC86C60FC8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9E6B4908-FE53-4938-BF52-0B9A827DEB3B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9E886BC0-7A73-4BEF-8C43-7419359ECB09} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{9F6A2112-D0E2-4523-9CC6-C4A302C2DE54} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A138F3B8-6DE2-421F-81BD-91415C7C1306} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A1F73766-8266-4AC5-8BCE-1DD58DDA3B8B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A30FEBFB-EF2B-4ECD-A54A-1BFD970F2E92} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A3BB1E88-1167-46DA-AA92-A1973BC97F2A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A3C7778A-6BCD-44BE-B3B6-865C0533997B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A544FF3B-7E34-4435-A1DD-96E53CBE7FE9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A56906A8-2B76-4DB8-A511-6410F3792707} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A6E8048A-8B62-425A-91C0-19D0C53807C1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A82859B2-EBB8-4BB8-BFAE-86A770A70DA4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A870C54B-6465-4C1C-B2C3-F70D0CA6677C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A8FE7C0A-9CE1-4349-A444-21E31A31154D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A9111624-7CEA-4533-B6E1-7FDCE6F4567F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A93FC94C-66EF-4ECA-AAB8-BA714FB96F02} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A94EA70F-6BC9-4234-8E4D-15CCEBE68D68} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{A9DAEDFA-243B-4408-9794-C6B7F1DB9265} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AB95B496-7C8B-4F5F-AA3E-7F37C9691D75} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AC057C9B-5055-4476-9F46-A5A4FF3EADBF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AC71B28E-DCF2-4BB7-8B0A-22F9C20BDB29} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{ACBB6E49-1FD6-4C77-B361-025E0C10CA6B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AD34C4C0-05A9-417D-A15D-6350B337C248} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AD5AFB9D-5CAB-491C-B422-7A80011AEFCB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AD752D7B-344F-4E6B-B1AA-D63108753FBF} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AE4EFAE1-8E77-4710-A101-4F1B5C1E074F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AEF3D2D8-FC9E-4CF4-BB55-881621AA2AE8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{AFAE0C3B-4DCD-4E92-97CE-38E7BA743906} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B004B3D8-A0D8-4560-A4F2-512DF0A262C3} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B0507589-ED08-476E-8D0A-12363B8113E9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B23596E1-0F28-47B8-88A0-249FAD113030} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B253D494-6CB3-4892-BC03-6DC9AD997B7C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B2AD5078-DECD-411D-BDA4-EB5B6C845874} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B35673B8-CFF9-4C99-B5FD-7958E682C2B2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B444F51F-90FF-4E07-BA97-F5E606CBB0AA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B4765B2C-D722-44BC-925D-A70241E2218E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B514BB0B-3D6B-4F87-ADEC-16CE4DCF25C2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B581E1CC-1C3D-4467-BCA7-52858FEABCEE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B5CD1AA4-70ED-4CE6-84E9-DA55AEEBB443} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B5D3E063-42DB-4F22-898D-031544AE0074} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B68D19FF-FF7C-4B2F-B046-982F219B8228} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B7DF7897-53E7-4C7B-94D9-A27ED9146767} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B9112400-E5B7-4FDC-9DC2-56DF870FA90E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{B9E4F1DA-2B28-4FBF-BD7D-05D23550EB0F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BC3F69DC-098A-4704-838A-F02D3EF0A0FA} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BD19D864-4628-4429-8816-FB2F37104808} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BD57C81B-9747-44D4-823F-0CC6B9379489} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BDE9F563-1C1E-463A-BBC5-ADE715B92E28} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BEFED14B-2746-4A4E-A608-5432DC7C0368} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BF763B9B-17C7-48F0-8027-8C7463C68F4A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{BF9C4BDB-3F1C-4D42-838E-5829E7DE322F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C007B7FF-DBF8-4A74-BBDD-A8B6C91E3C3C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C00FBC10-94E9-4E01-A508-D8158C1F2B8D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C0342756-EDA9-4CA9-8C74-6E016F5CFE89} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C19BEC07-4DB9-4DC1-9B6D-4605DCCA899A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C1A87CCD-3546-4C4C-A599-0865F820C8EC} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C220C3E0-CCEC-452B-AB74-462FCBB307A7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C2A0E31D-F92B-4914-807D-59ED145D655E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C302C513-1F9C-4CBA-A8FF-863F85F00392} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C3896E9E-D4B9-40DA-A01E-8D00D0DF653C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C3BD176B-2505-42CB-9FEF-3D79ADDFE267} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C4C1B088-B7A1-4ED9-B4AC-7B542E333C5B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C5A795EA-393F-4AAA-9561-519B27AAC62E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C7868857-AD95-4469-A7F0-6A039BF25D32} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C993EF1C-A8FA-451C-A64E-DBFA18B7C241} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{C9E758B4-0C43-4D4E-9148-1149634AFD47} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CA0FC95C-B126-43A9-BAD4-FBD04081E8E7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CA12BD88-3C81-4F00-ADB9-0ED7AAB9B10E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CB115855-88DE-4C1D-AEAC-95D1177B3FF5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CBADC4D4-2CED-4074-A2B5-FBBD192D4D45} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CBEFFEE7-620A-4B02-A79F-CAE4B6947CF0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CC33D559-C66D-43D0-A7C9-DC2C6A0AB127} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CC41AB38-72F9-4AF3-AB8F-0B73D9E0C413} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CC755F4D-7563-400B-AC06-3321AD48FA3E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CCC40E49-A2FC-47D0-88B2-3DEB93215788} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CCE62615-A14F-4119-82A4-8C323DF6BE2D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CEA50241-9C5A-47A4-873A-EC0585A228C9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CEE41ACE-80F1-42EC-8290-C3750993A7D4} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CF862A1C-C2CD-4388-BDD5-82207973663A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CF981761-5852-4D6B-98B6-F89420DC62DC} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CFA39929-1BD0-4932-BE3F-13848706E59C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{CFC75FD2-E20D-4EDF-B896-89C760F4C4FE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D07EABB2-1A02-486C-BC78-79D01B65F38E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D1732233-E285-4ED8-BADD-2198E0A57B2E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D184F789-1D84-4010-BAD2-1D47623DAAE2} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D1D768A8-7E1B-41C3-A376-228DEE968F7D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D297A1B1-BF9E-42EF-8AA1-959D66E93A1F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D3EE5D3D-4E7C-4314-8CE9-EEADEEC21189} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D435FB9D-98BE-45CD-9A8E-403E5334E1BE} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D48077CD-296C-4C47-A6D5-18D4D4862BCD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D4D6A1AF-D916-42A9-8B2A-1E896D10C116} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D4DCF36C-06CB-46E0-B402-F49DBB334F13} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D51B3CBC-167C-44FE-B18F-8E99C672C3FB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D5A4FE71-A6FC-4762-8952-20A972A1B49E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D64BF9AC-9493-48EA-B0F2-C46BF369B67D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D6B88019-EC24-49F3-B654-D20EAC16C544} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D75F9E0A-F29B-4A91-BBD9-6D66C58F9706} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D7E73B8C-F556-48D3-9A05-13B18509787B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D80F68D6-67C9-4EA5-AD0E-1BD7B02AE9D0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D83824F0-9A96-4382-9C71-3848D601EB4D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D90C182C-0E1F-4EC9-8584-18E9B255323E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{D915B3FD-C8EB-4239-8C8A-AE24B3A3768D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DA0DFFFB-4CF8-4197-AC8D-BBB22203D4DD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DA750129-DD81-4335-A141-A61117C8DC02} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DB050F35-B325-40D2-8010-8BB6696CEBB9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DD105793-D932-4D48-BBEC-C8C31175EAEC} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DD6CA0A1-6252-4303-906B-4DEFBD42B05F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DDD822D0-6248-43CA-8263-F49600C03D01} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{DE9B4379-96CE-4D77-905F-47292E3C7B07} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E0AB1BE0-038F-4B8B-BCC5-918FC671B79A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E18CF8DD-E8B0-4984-8169-63C98E47CB40} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E2D6CD0A-89D0-4281-8ECC-820AA1430817} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E36261DB-113D-4555-9A10-E15B257E42CD} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E3859A5F-C9A0-4B8B-A674-B3CDE9221768} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E3D7EFC7-93E1-41FB-8DB6-18F03863DD72} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E4E5CBCA-AE5B-4F6E-830F-D4B9943FAB6E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E52498BD-141F-46F8-BD7C-337060A75532} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E5F700E4-7CFD-4FBF-8409-5DA6DF6D3A16} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E66B512D-E194-4221-BE13-BEC5649FC138} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E66FA118-4BFB-4510-8099-F262B06C6BF7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E827450B-46E5-455F-A007-A067F618E9A5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E8B94022-9830-4459-B7C9-D86703081FB9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E9865A31-2804-41DE-B4AB-584D449B65B0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{E9E4303E-B81F-4BA6-9490-07357A4AB844} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{EAA2E397-B0B5-4082-9174-1263CCEAB1E1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{EAF1D7C4-7B6D-4986-9597-E147F6DD9721} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{EBD518B5-8EFB-4C2A-9DAB-C78859598EE1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{EEA5E797-72E9-435D-9345-D4549B50D1B8} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{EF019AF5-83D3-414F-8D66-964099707716} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{EFC55785-A441-4052-909E-98067E92DE88} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F0578145-4901-4673-9C65-C216793C14A9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F18C5EAF-5899-4F96-BD9D-D35E7C4E3881} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F1E45BB5-C7A0-465A-9D71-852CD4221A3B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F25331D6-2472-4437-B63B-B6CAAB179C12} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F29B0C29-B5C7-45BD-A162-6705F6360822} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F36D8FBC-51D3-4DC5-8EBA-C1552E5643E5} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F4940405-FEB6-439E-9D60-959C6E2BB0C7} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F5328E4D-FA88-4992-9CE2-6DF9D525135C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F57F55B2-2780-44B1-A4D3-DA1E382B3214} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F6450271-6302-4517-8C72-A932A7441660} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F7235BBF-14C2-4938-A902-782A55CF5520} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F7285E22-E5D2-4B16-94B2-97C558EE3A34} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F80EDF9A-ABDE-4E7E-8960-DD5BED9F735E} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F81BA748-80C0-472C-88E8-C5319E87E92C} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F841F554-0C49-4AE1-B26C-D508A8CA6506} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F87FED8B-8647-4027-B8D8-5B94D5755C50} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F88BFE69-FEBF-47E5-9C49-BA2AE8DD5599} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F8C49FC8-9D45-462E-91F3-4758221D23AB} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F8DBCA39-61AC-432E-93B1-EB427C6925E0} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F8EC51AF-E71B-4A1B-845F-AE57D586C07F} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F91C6EBD-8A54-4784-BBCB-ACECD2FE1C5A} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{F9BA7FC4-CC07-4DC4-9317-371F60CA9925} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FADF4CC0-A9C8-45E0-83D7-A16C103649C9} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FB1EB56F-4AE8-4B4C-881C-AD77294DAF0D} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FB805049-BAC5-4B68-BE64-326F79A71553} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FBD1FF6D-B509-4F71-A05F-4D79434E2F21} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FBE9A55C-0BBA-408B-B5EA-5FD61821256B} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FE197E3C-EB78-42EC-9AE8-0CC4A4526A29} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FE24D6EF-450B-4638-9AB6-01AF691F64C1} Successfully deleted: [Empty Folder] C:\Users\Johan\appdata\local\{FF263258-D8EA-4D90-8321-5CB4ED1EFE2D} ~~~ FireFox Emptied folder: C:\Users\Johan\AppData\Roaming\mozilla\firefox\profiles\zqeqhe5s.default\minidumps [4 files] ~~~ Chrome Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [blacklisted Policy] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on zo 02/03/2014 at 21:53:22,88 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.020 - Report created 02/03/2014 at 20:35:40 # Updated 27/02/2014 by Xplode # Operating System : Windows Vista Home Basic Service Pack 2 (32 bits) # Username : Johan - LPT_26 # Running from : C:\Users\Johan\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : APNMCP Service Deleted : Application Updater Service Deleted : ca82e1a5 Service Deleted : SelectionTool ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apn Folder Deleted : C:\ProgramData\AskPartnerNetwork Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Premium Folder Deleted : C:\ProgramData\SoftSafe Folder Deleted : C:\ProgramData\SweetIM Folder Deleted : C:\ProgramData\Systweak Folder Deleted : C:\Program Files\Application Updater Folder Deleted : C:\Program Files\AskBarDis Folder Deleted : C:\Program Files\AskPartnerNetwork Folder Deleted : C:\Program Files\AskTBar Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\ConduitEngine Folder Deleted : C:\Program Files\Optimizer Pro Folder Deleted : C:\Program Files\predm Folder Deleted : C:\Program Files\RegClean Pro Folder Deleted : C:\Program Files\SweetIM Folder Deleted : C:\Program Files\Vuze_Remote [!] Folder Deleted : C:\Program Files\Web Protect Folder Deleted : C:\Program Files\YouTube Downloader Toolbar Folder Deleted : C:\Program Files\Feven Pro Folder Deleted : C:\Program Files\Vuze Folder Deleted : C:\Program Files\BS_Player Folder Deleted : C:\Program Files\Download-DU Folder Deleted : C:\Program Files\yurls Folder Deleted : C:\Program Files\Common Files\Spigot Folder Deleted : C:\Users\mozaiek\AppData\Local\Temp\apn Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\Conduit Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\Search Settings Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\Vuze_Remote Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\BS_Player Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\Download-DU Folder Deleted : C:\Users\mozaiek\AppData\LocalLow\yurls Folder Deleted : C:\Users\Johan\AppData\Local\Conduit Folder Deleted : C:\Users\Johan\AppData\Local\OpenCandy Folder Deleted : C:\Users\Johan\AppData\Local\SearchProtect Folder Deleted : C:\Users\Johan\AppData\Local\fst_be_25 Folder Deleted : C:\Users\Johan\AppData\Local\Temp\apn Folder Deleted : C:\Users\Johan\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\Johan\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Johan\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Johan\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Johan\AppData\LocalLow\Search Settings Folder Deleted : C:\Users\Johan\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Johan\AppData\LocalLow\Vuze_Remote Folder Deleted : C:\Users\Johan\AppData\LocalLow\BS_Player Folder Deleted : C:\Users\Johan\AppData\LocalLow\Download-DU Folder Deleted : C:\Users\Johan\AppData\LocalLow\yurls Folder Deleted : C:\Users\Johan\AppData\Roaming\BabSolution Folder Deleted : C:\Users\Johan\AppData\Roaming\Babylon Folder Deleted : C:\Users\Johan\AppData\Roaming\NCdownloader Folder Deleted : C:\Users\Johan\AppData\Roaming\Systweak Folder Deleted : C:\Users\Johan\AppData\Roaming\VOPackage Folder Deleted : C:\Users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard Folder Deleted : C:\Users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage Folder Deleted : C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\zqeqhe5s.default\Extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com Folder Deleted : C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb Folder Deleted : C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfohacdfdemjkeejihknkmjkabndgkg [!] Folder Deleted : C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfohacdfdemjkeejihknkmjkabndgkg File Deleted : C:\Windows\system32\conduitEngine.tmp File Deleted : C:\Users\Johan\AppData\Roaming\BabMaint.exe File Deleted : C:\Users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk File Deleted : C:\Users\Johan\Desktop\Optimizer Pro.lnk File Deleted : C:\Windows\System32\Tasks\BitGuard File Deleted : C:\Windows\System32\Tasks\EPUpdater File Deleted : C:\Windows\System32\Tasks\LaunchApp File Deleted : C:\Windows\Tasks\Feven Pro-chromeinstaller.job File Deleted : C:\Windows\System32\Tasks\Feven Pro-chromeinstaller File Deleted : C:\Windows\Tasks\Feven Pro-codedownloader.job File Deleted : C:\Windows\System32\Tasks\Feven Pro-codedownloader File Deleted : C:\Windows\Tasks\Feven Pro-enabler.job File Deleted : C:\Windows\System32\Tasks\Feven Pro-enabler File Deleted : C:\Windows\Tasks\Feven Pro-firefoxinstaller.job File Deleted : C:\Windows\System32\Tasks\Feven Pro-firefoxinstaller File Deleted : C:\Windows\Tasks\Feven Pro-updater.job File Deleted : C:\Windows\System32\Tasks\Feven Pro-updater ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\edfohacdfdemjkeejihknkmjkabndgkg Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\edfohacdfdemjkeejihknkmjkabndgkg [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{850192C1-B830-41BB-B52D-563C984E04B4} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{850192C1-B830-41BB-B52D-563C984E04B4} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A3E980F-00F5-4768-81E9-9E5492423F25} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A3E980F-00F5-4768-81E9-9E5492423F25} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C174CAF-8DC2-4C0F-9486-FFEA3701F340} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C174CAF-8DC2-4C0F-9486-FFEA3701F340} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E15F7159-2F48-41D0-A355-250ED5F69228} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E15F7159-2F48-41D0-A355-250ED5F69228} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C61AA18B-0188-4524-A8D0-6ED365074656} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C61AA18B-0188-4524-A8D0-6ED365074656} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FEB9A0B2-F0A7-44DF-9CDB-DBFA88DDC265} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEB9A0B2-F0A7-44DF-9CDB-DBFA88DDC265} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5A47167-4ABB-412C-BADE-A3C28E498C7F} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5A47167-4ABB-412C-BADE-A3C28E498C7F} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59EAEB47-5465-4C5F-B45E-72ACC79F6098} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59EAEB47-5465-4C5F-B45E-72ACC79F6098} Key Deleted : HKCU\Software\Classes\Applications\lollipop.exe Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchSettings] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_be_25] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051678.BHO Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051678.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051678.Sandbox Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051678.Sandbox.1 Key Deleted : HKCU\Software\5f52d6ddb16dec47 Key Deleted : HKLM\SOFTWARE\5f52d6ddb16dec47 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1607242 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2127187 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CB65201-89C4-402C-BA80-02D8C59F9B1D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CB65206-89C4-402C-BA80-02D8C59F9B1D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE063DB1-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855A01DB-C76C-4551-B7BB-4D5A120C6946} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{46CF08E6-2E94-478C-94FD-8B2140C6FF10} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D560307-B2CC-48E1-8EAC-6A4C3D60B975} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1592276-BB54-4B69-BAD4-5E683D4E1002} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{65CAA9F3-0C20-4814-9B35-890A64EBFAD0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E10A83B-55E6-431F-ADA4-9C9EE3CE6990} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161178} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162278} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165578} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166678} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544164478} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402C-BA80-02D8C59F9B1D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46CF08E6-2E94-478C-94FD-8B2140C6FF10} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65CAA9F3-0C20-4814-9B35-890A64EBFAD0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161178} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46CF08E6-2E94-478C-94FD-8B2140C6FF10} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65CAA9F3-0C20-4814-9B35-890A64EBFAD0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65201-89C4-402C-BA80-02D8C59F9B1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB1-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{46CF08E6-2E94-478C-94FD-8B2140C6FF10} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{65CAA9F3-0C20-4814-9B35-890A64EBFAD0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{855A01DB-C76C-4551-B7BB-4D5A120C6946} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2D560307-B2CC-48E1-8EAC-6A4C3D60B975} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C1592276-BB54-4B69-BAD4-5E683D4E1002} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1E10A83B-55E6-431F-ADA4-9C9EE3CE6990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5a7022c2-8ede-49f1-81f7-689ffedd0a10} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9e0b7ada-c1ef-4cd7-8db7-076bf59ec271} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{728F0AA9-7582-444F-B1D1-AA795ABCF034} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CC4AC5D-5898-4552-B7C9-B1A3F74B0E8B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BB1EE8D-8352-4C37-8EEF-F888B3785F90} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B478FF90-F302-45BE-AD23-D62C17D2B246} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5DA006A-9D51-45FD-815F-36D77F69F12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B315127-7D99-45F6-855D-CDAD32866D8F} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{46CF08E6-2E94-478C-94FD-8B2140C6FF10}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{65CAA9F3-0C20-4814-9B35-890A64EBFAD0}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{46CF08E6-2E94-478C-94FD-8B2140C6FF10}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{65CAA9F3-0C20-4814-9B35-890A64EBFAD0}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9CB65206-89C4-402C-BA80-02D8C59F9B1D}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{46CF08E6-2E94-478C-94FD-8B2140C6FF10}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{65CAA9F3-0C20-4814-9B35-890A64EBFAD0}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{46CF08E6-2E94-478C-94FD-8B2140C6FF10}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{65CAA9F3-0C20-4814-9B35-890A64EBFAD0}] Key Deleted : HKCU\Software\AskPartnerNetwork Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\filescout Key Deleted : HKCU\Software\FreeSoftToday Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\installedbrowserextensions Key Deleted : HKCU\Software\lollipop Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\TutoTag Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\AskBarDis Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\Feven Pro Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player Key Deleted : HKCU\Software\AppDataLow\Software\Download-DU Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote Key Deleted : HKCU\Software\AppDataLow\Software\yurls Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\Software\Application Updater Key Deleted : HKLM\Software\AskPartnerNetwork Key Deleted : HKLM\Software\AskTBar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Search Settings Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\Software\Tutorials Key Deleted : HKLM\Software\Uniblue Key Deleted : HKLM\Software\Feven Pro Key Deleted : HKLM\Software\BS_Player Key Deleted : HKLM\Software\Download-DU Key Deleted : HKLM\Software\Vuze_Remote Key Deleted : HKLM\Software\yurls Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BF67F764-95B6-4360-BB57-B2E5AA6C814B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven Pro Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Download-DU Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yurls Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BF67F764-95B6-4360-BB57-B2E5AA6C814B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lollipop Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Feven Pro Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Download-DU Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\yurls Toolbar Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\optimi~1\optpro~1.dll Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\467F76FB6B590634BB752B5EAAC618B4 Key Deleted : HKLM\Software\Classes\Installer\Features\467F76FB6B590634BB752B5EAAC618B4 Key Deleted : HKLM\Software\Classes\Installer\Products\467F76FB6B590634BB752B5EAAC618B4 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16533 -\\ Mozilla Firefox v27.0.1 (nl) [ File : C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\zqeqhe5s.default\prefs.js ] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.InstallationThankYouPage", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.InstallationTime", 1393750233); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.active", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.addressbar", "NA"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.addressbarenhanced", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.asyncdb.was_copied", "true"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.asyncdb_dbWasSet", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.asyncdb_dbWasSet_FF25_FIX", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.asyncinternaldb.was_copied", "true"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.asyncinternaldb_dbWasSet", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.asyncinternaldb_dbWasSet_FF25_FIX", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.backgroundver", 1); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.certdomaininstaller", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.changeprevious", false); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd))"[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie.InstallationTime.value", "%221393750233%22"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd))")[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001080%22%2C%22sub_id%22%3A%220%22%2C%22uz[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd))"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie._GPL_aoi.value", "%221393750500%22"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd)[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie._GPL_parent_zoneid.value", "%22518537%22"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd))"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.cookie.jw_token.value", "%22b2c47027-a913-2af1-1d65-da7a36b58f56%22"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.description", "Feven Shopping Companion"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.domain", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.enablesearch", false); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.homepage", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.iframe", false); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaar[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22F68DED51BADC416AB37B81EB519AC[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001080%22%2C%22sub_id%22%3A%220%22%2C%[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaar[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001080%22%2C%22sub_id%22%3A%220%2[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance [...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22F68DED51BADC416AB37B[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtij[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_appVer.value", "14"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaa[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_lastVersion.value", "1"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd)[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_meta.value", "%7B%7D"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_nextCheck.expiration", "Mon Mar 03 2014 02:28:05 GMT+0100 (Romance (standaard[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_nextCheck.value", "true"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_queue.value", "%7B%7D"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (st[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaard[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.__defualt_browser__.value", "%22ff%22"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100 (Romance (standaardtijd))"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22F68DED51[...] Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.lastDailyReport", "1393788479655"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.lastUpdate", "1393788485441"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.manifesturl", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.name", "Feven Pro"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.newtab", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.opensearch", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/51678/plugins/093/ff/plugins.json"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.pluginsversion", 10); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.publisher", "Feven"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.searchstatus", 0); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.setnewtab", false); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.thankyou", ""); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.updateinterval", 360); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.51678.ver", 14); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.FilesValidatorDueTime", "1393788521460"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.apps", "51678"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.bic", "14481ffdc2f75c1015f0541f7a9a689e"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.cid", 51678); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.firstrun", false); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.hadappinstalled", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.installationdate", 1393750433); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.modetype", "production"); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.reportInstall", true); Line Deleted : user_pref("extensions.a46bccaaa4500481e89089384802e175a89a8fdd1d80740968025a41093fce600com51678.statsDailyCounter", 2); Line Deleted : user_pref("extensions.crossrider.bic", "14481ffdc2f75c1015f0541f7a9a689e"); -\\ Google Chrome v33.0.1750.117 [ File : C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [51728 octets] - [02/03/2014 20:32:01] AdwCleaner[s0].txt - [50398 octets] - [02/03/2014 20:35:40] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [50459 octets] ##########

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free Anti-Malware Databaseversie: v2014.03.01.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Johan :: LPT_26 [administrator] Bescherming: Ingeschakeld 1/03/2014 16:41:59 mbam-log-2014-03-01 (16-41-59).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 255878 Verstreken tijd: 23 minuut/minuten, 51 seconde(n) Geheugenprocessen gedetecteerd: 6 C:\Program Files\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> 2392 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> 2540 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> 4192 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> 4204 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> 5616 -> Zal worden verwijderd tijdens het herstarten. C:\Users\Johan\AppData\Local\Lollipop\Lollipop.exe (Adware.LolliPop.IT) -> 5776 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 8 C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 43 HKLM\SYSTEM\CurrentControlSet\Services\Update melondrea (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SYSTEM\CurrentControlSet\Services\Util melondrea (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{4ab7647f-75b6-4486-9584-efee06afee68} (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{AE20B22F-60C1-4753-ABAE-459C85D3E303} (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16F059CB-3D3F-4ECC-B426-BAFA47233676} (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{16F059CB-3D3F-4ECC-B426-BAFA47233676} (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\melondrea (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lollipop (Adware.LolliPop.IT) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\melondrea (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\Software\melondrea (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SweetIM (PUP.Optional.SweetIM) -> Data: C:\Program Files\SweetIM\Messenger\SweetIM.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|messenger.exe (Malware.Gen) -> Data: C:\Program Files\Common Files\Microsoft Shared\Web Components\messenger.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Data: 썛愘ᇜ犜ጀ유䞘 -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|lollipop (Adware.LolliPop.IT) -> Data: "c:\users\johan\appdata\local\lollipop\lollipop.exe" lollipop -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:13828 -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {D806C03A-1F29-11E0-BEAF-001EEC7182EA} -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {D806C03A-1F29-11E0-BEAF-001EEC7182EA} -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM.A) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM.A) -> Data: 1 -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM.A) -> Data: 1 -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Slecht: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Goed: () -> Succesvol in quarantaine geplaatst en gerepareerd. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Slecht: (Zoeken) Goed: (Google) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 50 C:\Program Files\melondrea (PUP.Optional.Melondrea.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\melondrea\bin (PUP.Optional.Melondrea.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\melondrea\bin\plugins (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Lollipop (Adware.LolliPop.IT) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\clamunpack (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\Troubleshooter (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\2091225476 (Rogue.Multiple) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.10568 (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10568 (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\BC28BD98E8574800AB8C032262844B3B (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\C3A3636CC47B4AF8B148E2269C0F2325 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\OpenCandy_64FE300CF58747519DF8C310213CC8F4 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\CT1750559 (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\CT1750559\plugins (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 271 C:\Program Files\melondrea\updatemelondrea.exe (PUP.Optional.Melondrea.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\melondrea\bin\utilmelondrea.exe (PUP.Optional.Melondrea.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\Common Files\microsoft shared\Web Components\messenger.exe (Malware.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\melondreaBHO.dll (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\BC28BD98E8574800AB8C032262844B3B\DeltaTB.exe (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\OpenCandy_64FE300CF58747519DF8C310213CC8F4\DLMgr_3_1.6.87.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Desktop\malwarebytes-anti-malware.exe (PUP.Optional.BundleInstaller.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\messenger.exe (Malware.Gen) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\7003.tmp (PUP.Optional.PerformerSoft.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\DE9C.tmp (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\nse2594.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\nsj29AA.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\nsjD84C.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\nstD35B.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\bus42A1\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\bus9369\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\busB376\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\busB451\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\busC1CC\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\busDB41\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Temp\nstAD92\SpSetup.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Documents\malwarebytes-anti-malware.exe (PUP.Optional.BundleInstaller.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\tb_BS_Player_ControlBar (1).exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\Any Audio Converter.exe (PUP.Optional.Firseria) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\Applian FLV and Media Player.exe (PUP.Optional.Solimba) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\bsplayer266.1075.exe (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\tb_BS_Player_ControlBar.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\FLVPlayer_Setup.exe (PUP.Optional.OptimumInstaller.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Downloads\7ZipSetup.exe (PUP.Optional.Somoto.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Local Settings\Temporary Internet Files\Content.IE5\4DS27COL\pack[1].7z (Rogue.InternetSecurityEssentials) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Local Settings\Temporary Internet Files\Content.IE5\4DS27COL\Setup[1].exe (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Local Settings\Temporary Internet Files\Content.IE5\4DS27COL\spstub[1].exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Local Settings\Temporary Internet Files\Content.IE5\67K5JQYA\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\Local Settings\Temporary Internet Files\Content.IE5\MT65LFZJ\sp-downloader[1].exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\1cfc7ef.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\Installer\1cfc7f6.msi (PUP.Optional.SweetIM) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\melondrea.ico (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\7za.exe (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\melondreaUninstall.exe (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\updatemelondrea.InstallState (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\melondrea.BrowserFilter.Helper.dll (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.d00b1d77-0eed-4d7f-9552-3e7a2d0032e0 (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\melondreaBrowserFilter.exe (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\sqlite3.dll (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\utilmelondrea.InstallState (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\plugins\melondrea.BrowserFilterG.dll (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\plugins\melondrea.FFUpdate.dll (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\melondrea\bin\plugins\melondrea.IEUpdate.dll (PUP.Optional.Melondrea.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Lollipop\lollipop.bat (Adware.LolliPop.IT) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Lollipop\logo.ico (Adware.LolliPop.IT) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Lollipop\lollipop.dat (Adware.LolliPop.IT) -> Zal worden verwijderd tijdens het herstarten. C:\Users\Johan\AppData\Local\Lollipop\Lollipop.exe (Adware.LolliPop.IT) -> Zal worden verwijderd tijdens het herstarten. C:\Users\Johan\AppData\Local\Lollipop\lollipop.lpd (Adware.LolliPop.IT) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Lollipop\lollipop_cfg.lpd (Adware.LolliPop.IT) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Lollipop\lollipop_ps.lpd (Adware.LolliPop.IT) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\loading_withWhiteBG.avi (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\unins000.dat (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\unins000.msg (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\clamunpack\readme.txt (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\bprotector web data (PUP.Optional.BProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\2091225476\config.udb (Rogue.Multiple) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\2091225476\init.udb (Rogue.Multiple) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\2091225476\Langs.udb (Rogue.Multiple) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\AddonSafelist (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\log.xslt (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\completedatabase.db (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\Cookies.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\DigSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\FilePaths.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\FileSignature.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\Folders.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\Md5.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\Registry.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\SetupSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\signatures\StrSetupSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1265mupdate.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1266update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1267update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1268update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1269update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1270update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\1271update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\Systweak\Advanced System Protector\updates\914completedatabase.zip (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\Advanced System Protector\Settings.db (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10568\ASPLog.txt (PUP.Optional.AdvancedSystemProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\BC28BD98E8574800AB8C032262844B3B\5655.ico (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\BC28BD98E8574800AB8C032262844B3B\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\BC28BD98E8574800AB8C032262844B3B\OCBrowserHelper_1.0.6.124.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\C3A3636CC47B4AF8B148E2269C0F2325\TuneUpUtilities2013-2200335_nl-NL.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\OpenCandy_64FE300CF58747519DF8C310213CC8F4\Chrome_p2v1wr.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\OpenCandy\OpenCandy_64FE300CF58747519DF8C310213CC8F4\opencandy_08232010_SIGNED.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\version.txt (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Dutch_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Johan\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_03-18-2013.log (PUP.Optional.RegCleanerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Logfile of random's system information tool 1.08 (written by random/random) Run by Johan at 2014-02-28 19:57:38 Microsoft® Windows Vista™ Home Basic Service Pack 2 System drive C: has 26 GB (18%) free of 143 GB Total RAM: 2039 MB (35% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:57:47, on 28/02/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16533) Boot mode: Normal Running processes: C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SelectionTool-soft\SelectionTool_wd.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Johan\AppData\Local\Lollipop\Lollipop.exe C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Johan\Desktop\RSIT-1.06.exe C:\Program Files\trend micro\Johan.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll R3 - URLSearchHook: yurls Toolbar - {65caa9f3-0c20-4814-9b35-890a64ebfad0} - C:\Program Files\yurls\tbyur1.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL R3 - URLSearchHook: Download-DU Toolbar - {46cf08e6-2e94-478c-94fd-8b2140c6ff10} - C:\Program Files\Download-DU\tbDown.dll R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: melondrea - {16f059cb-3d3f-4ecc-b426-bafa47233676} - C:\Program Files\melondrea\melondreabho.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Download-DU Toolbar - {46cf08e6-2e94-478c-94fd-8b2140c6ff10} - C:\Program Files\Download-DU\tbDown.dll O2 - BHO: yurls Toolbar - {65caa9f3-0c20-4814-9b35-890a64ebfad0} - C:\Program Files\yurls\tbyur1.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: yurls Toolbar - {65caa9f3-0c20-4814-9b35-890a64ebfad0} - C:\Program Files\yurls\tbyur1.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Download-DU Toolbar - {46cf08e6-2e94-478c-94fd-8b2140c6ff10} - C:\Program Files\Download-DU\tbDown.dll O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [messenger.exe] C:\Program Files\Common Files\Microsoft Shared\Web Components\messenger.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [lollipop] "c:\users\johan\appdata\local\lollipop\lollipop.exe" lollipop O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Spoon.net Sandbox Manager 3.33.lnk = C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pcprotect.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll c:\progra~1\optimi~1\optpro~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PCProtect - Objectify Media Inc - C:\Program Files\Web Protect\PCProtect.exe O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\monitorsvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: SelectionTool - Unknown owner - C:\Program Files\SelectionTool-soft\SelectionTool155.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Update melondrea - Unknown owner - C:\Program Files\melondrea\updatemelondrea.exe O23 - Service: Util melondrea - Unknown owner - C:\Program Files\melondrea\bin\utilmelondrea.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14268 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\SelectionTool Update.job C:\Windows\tasks\SelectionTool_wd.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676}] melondrea - C:\Program Files\melondrea\melondreabho.dll [2014-02-26 249632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-06 279944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46cf08e6-2e94-478c-94fd-8b2140c6ff10}] Download-DU Toolbar - C:\Program Files\Download-DU\tbDown.dll [2010-09-12 3863136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65caa9f3-0c20-4814-9b35-890a64ebfad0}] yurls Toolbar - C:\Program Files\yurls\tbyur1.dll [2010-10-07 2735200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}] Ask Search Assistant BHO - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL [2011-01-20 57344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuz0.dll [2011-01-17 175912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-10-18 1485112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}] YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll [2011-05-06 734048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}] Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2011-01-20 245760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {65caa9f3-0c20-4814-9b35-890a64ebfad0} - yurls Toolbar - C:\Program Files\yurls\tbyur1.dll [2010-10-07 2735200] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-06 279944] {ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuz0.dll [2011-01-17 175912] {30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912] {EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-10-18 1485112] {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2011-01-20 245760] {46cf08e6-2e94-478c-94fd-8b2140c6ff10} - Download-DU Toolbar - C:\Program Files\Download-DU\tbDown.dll [2010-09-12 3863136] {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912] {F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll [2011-05-06 734048] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-16 194128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-12 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-12 154136] "Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-12 129560] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392] "MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560] "SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-10-13 111928] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136] "NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136] ""= [] "SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-05-06 532320] "ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-21 1758160] "messenger.exe"=C:\Program Files\Common Files\Microsoft Shared\Web Components\messenger.exe [2011-03-03 93395] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "fst_be_25"= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024] "Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe [2007-04-27 312848] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "lollipop"=c:\users\johan\appdata\local\lollipop\lollipop.exe [2014-02-27 2378752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe [2008-10-17 1086768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-11-06 177456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe [2007-05-23 192512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mediacontrole Picture Motion Browser.lnk] C:\PROGRA~1\Sony\SONYPI~1\VOLUME~1\SPUVOL~1.EXE [2007-04-17 368640] C:\Users\Johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Spoon.net Sandbox Manager 3.33.lnk - C:\Users\Johan\AppData\Local\Spoon\3.33.6.199\Spoon-Sandbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll c:\progra~1\optimi~1\optpro~1.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2007-08-24 204800] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCProtect] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pcwatch.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2014-02-28 14:26:41 ----D---- C:\Program Files\trend micro 2014-02-28 14:26:40 ----D---- C:\rsit 2014-02-28 08:17:57 ----D---- C:\Windows\Migration 2014-02-28 08:17:47 ----SHD---- C:\Config.Msi 2014-02-28 08:11:42 ----D---- C:\Program Files\SelectionTool-soft 2014-02-28 08:11:42 ----D---- C:\Program Files\predm 2014-02-27 13:16:28 ----D---- C:\Users\Johan\AppData\Roaming\vlc 2014-02-27 13:16:27 ----D---- C:\Users\Johan\AppData\Roaming\FLV and Media Player 2014-02-27 13:15:42 ----D---- C:\ProgramData\Common Toolkit Suite 2014-02-27 12:58:10 ----D---- C:\Program Files\Applian Technologies 2014-02-27 12:56:14 ----D---- C:\Users\Johan\AppData\Roaming\Fighters 2014-02-27 12:56:07 ----D---- C:\ProgramData\Fighters 2014-02-27 12:55:27 ----D---- C:\Program Files\SearchProtect 2014-02-27 12:54:47 ----A---- C:\Windows\system32\PCProtectOff.ini 2014-02-27 12:54:47 ----A---- C:\Windows\system32\PCProtect.ini 2014-02-27 12:54:47 ----A---- C:\Windows\system32\drivers\pcwatch.sys 2014-02-27 12:54:33 ----A---- C:\Windows\system32\PCProtect.dll 2014-02-27 12:53:18 ----D---- C:\Program Files\Web Protect 2014-02-27 10:26:39 ----D---- C:\Program Files\Optimizer Pro 2014-02-27 10:26:10 ----D---- C:\Program Files\melondrea 2014-02-14 08:08:47 ----A---- C:\Windows\system32\mshtmled.dll 2014-02-14 08:08:46 ----A---- C:\Windows\system32\vbscript.dll 2014-02-14 08:08:45 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-14 08:08:45 ----A---- C:\Windows\system32\ieui.dll 2014-02-14 08:08:43 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-14 08:08:43 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-14 08:08:42 ----A---- C:\Windows\system32\wininet.dll 2014-02-14 08:08:41 ----A---- C:\Windows\system32\jscript.dll 2014-02-14 08:08:39 ----A---- C:\Windows\system32\url.dll 2014-02-14 08:08:39 ----A---- C:\Windows\system32\jscript9.dll 2014-02-14 08:08:38 ----A---- C:\Windows\system32\iertutil.dll 2014-02-14 08:08:37 ----A---- C:\Windows\system32\urlmon.dll 2014-02-14 08:08:36 ----A---- C:\Windows\system32\ieframe.dll 2014-02-14 08:08:34 ----A---- C:\Windows\system32\mshtml.dll 2014-02-13 15:12:36 ----A---- C:\monitor.exe 2014-02-13 14:43:24 ----A---- C:\monitorsvc.exe 2014-02-13 08:11:09 ----A---- C:\Windows\system32\msxml3.dll ======List of files/folders modified in the last 1 months====== 2014-02-28 19:57:31 ----D---- C:\Windows\Temp 2014-02-28 19:45:23 ----D---- C:\Windows\Prefetch 2014-02-28 15:40:41 ----D---- C:\Windows\Minidump 2014-02-28 15:40:35 ----D---- C:\Windows 2014-02-28 15:38:35 ----D---- C:\Windows\System32 2014-02-28 15:38:35 ----D---- C:\Windows\inf 2014-02-28 15:38:35 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-28 14:26:41 ----RD---- C:\Program Files 2014-02-28 14:04:26 ----D---- C:\Users\Johan\AppData\Roaming\Azureus 2014-02-28 13:02:19 ----D---- C:\Program Files\Vuze 2014-02-28 08:49:18 ----D---- C:\Windows\Microsoft.NET 2014-02-28 08:34:23 ----SHD---- C:\Windows\Installer 2014-02-28 08:30:46 ----RSD---- C:\Windows\assembly 2014-02-28 08:22:00 ----A---- C:\Windows\BRWMARK.INI 2014-02-28 08:20:57 ----D---- C:\Windows\system32\en-US 2014-02-28 08:17:57 ----SD---- C:\ProgramData\Microsoft 2014-02-28 08:15:20 ----D---- C:\Program Files\Common Files 2014-02-28 08:12:04 ----D---- C:\Windows\Tasks 2014-02-28 08:12:04 ----D---- C:\Windows\system32\Tasks 2014-02-28 08:11:52 ----HD---- C:\ProgramData 2014-02-28 08:11:40 ----HD---- C:\Windows\system32\GroupPolicy 2014-02-28 08:06:51 ----SHD---- C:\System Volume Information 2014-02-27 13:30:01 ----D---- C:\Windows\system32\WDI 2014-02-27 12:54:47 ----D---- C:\Windows\system32\drivers 2014-02-27 11:12:47 ----D---- C:\Users\Johan\AppData\Roaming\Nitro PDF 2014-02-24 08:30:36 ----A---- C:\Windows\NeroDigital.ini 2014-02-14 11:03:03 ----D---- C:\Windows\system32\migration 2014-02-14 11:03:02 ----D---- C:\Program Files\Internet Explorer 2014-02-14 08:32:39 ----D---- C:\Windows\winsxs 2014-02-14 08:26:18 ----D---- C:\Windows\system32\MRT 2014-02-14 08:18:14 ----A---- C:\Windows\system32\mrt.exe 2014-02-14 08:11:40 ----D---- C:\Windows\system32\catroot2 2014-02-14 08:11:40 ----D---- C:\Windows\system32\catroot ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-07-31 43872] R1 pcwatch;pcwatch service; \??\C:\Windows\system32\Drivers\pcwatch.sys [2014-01-08 19840] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 188416] R3 E100B;Intel® PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-10-31 165760] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008] R3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-14 2222080] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-12 181432] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-02-22 159232] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664] S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 APNMCP;Ask-updateservice; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-21 166352] R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-05-06 393112] R2 BcmSqlStartupSvc;Opstartservice voor SQL Server voor Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 ca82e1a5;Optimizer Pro Crash Monitor; c:\progra~1\optimi~1\OptProCrashSvc.dll [2014-02-27 186496] R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-02-24 2363168] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2007-12-05 144688] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-03-26 196624] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] R2 SelectionTool;SelectionTool; C:\Program Files\SelectionTool-soft\SelectionTool155.exe [2014-02-28 193536] R2 SQLBrowser;SQL Server-browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944] R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880] R2 Update melondrea;Update melondrea; C:\Program Files\melondrea\updatemelondrea.exe [2014-02-26 111904] R2 Util melondrea;Util melondrea; C:\Program Files\melondrea\bin\utilmelondrea.exe [2014-02-27 111904] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248] R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-06 136176] S2 ProtectMonitor;Protect Monitor; C:\monitorsvc.exe [2014-02-13 34244] S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-06 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-27 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PCProtect;PCProtect; C:\Program Files\Web Protect\PCProtect.exe [2014-01-08 1265608] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------

Laptop, Windows 8 Ik wenste een geluidsopname te maken met een externe microfoon. Het geluid werd telkens opgenomen via de ingebouwde microfoon. Daarom heb ik die proberen uit te schakelen op volgende manier. Configuratiescherm --> Hardware en geluiden --> Geluid audioapparaten beheren --> Opnemen --> Eigenschappen --> Gebruik van dit apparaat: Ik heb aangeklikt: Dit apparaat niet gebruiken (uitschakelen) Via de input externe microfoon sloot ik de microfoon aan. De opname lukte niet. Vervolgens wilde ik de ingebouwde opnieuw inschakelen, maar nu lukt het niet meer om de ingebouwde microfoon opnieuw te activeren. De computer meldt: Er zijn geen audioapparaten geïnstalleerd. De knop “Eigenschappen” kan niet meer geactiveerd worden, zodat ik “Dit apparaat gebruiken (inschakelen)” zou kunnen aanklikken.

Inderdaad, dank u wel, ik heb eens vlug gesurfd en ik denk van die vervelende rommel af te zijn. Wat er echter nu bij het opstarten verschijnt zijn volgende meldingen. Nuance Paper Port 12 De functie die u wilt gebruiken, bevindt zich op een cd-rom of ander verwisselbare schijf die niet beschikbaar is. Plaats schijf Nuance PaperPort 12 in het station en klik op OK. vervolgens Nuance Paper Port 12 Een ogenblik geduld. Windows is bezig met het configureren van Nuance PaperPort 12. vervolgens Nuance Paper Port 12 Fout 1706. Kan geen geldige bron vinden voor product Nuance PaperPort 12. Het installatieprogramma van Windows kan niet doorgaan. Ik heb echter nog nooit van dit programma gehoord.

Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by Johan VC on wo 30/10/2013 at 12:09:15,30. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Johan VC\Desktop\zoek.scr [script inserted] ==== System Restore Info ====================== 30/10/2013 12:22:16 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Program Files\Symantec deleted successfully C:\ProgramData\\Browser Manager deleted successfully C:\ProgramData\\BrowserProtect deleted successfully C:\ProgramData\\Guitar Pro 6 deleted successfully C:\Users\Johan VC\AppData\Roaming\Guitar Pro 6 deleted successfully C:\Users\Johan VC\AppData\Local\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411168} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411411168} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411158} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411411158} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A836234-186C-41A0-9863-40BECDEDED9F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411411168} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411168} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411411158} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411158} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SafetyNutManager deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default user.js not found ---- Lines Lyric removed from prefs.js ---- user_pref("extensions.a2f86d47111224c15901ad7fd67316cd9ca42b8d20eb647be84a26d95abe186e8com44168.44168.description", "A2ZLyrics will find any lyrics on user_pref("extensions.a2f86d47111224c15901ad7fd67316cd9ca42b8d20eb647be84a26d95abe186e8com44168.44168.name", "a2zLyrics-16"); user_pref("extensions.af7926b918f4c40c2919d101d71251081b6001269bdb741fdac74ffc0e92f20b9com44158.44158.description", "LyricsSay will find any lyrics on user_pref("extensions.af7926b918f4c40c2919d101d71251081b6001269bdb741fdac74ffc0e92f20b9com44158.44158.name", "LyricsSay-16"); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "141f61f4891e8cfbf168a8edd54245de"); ---- Lines SpeedAnalysis modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{F04D2D30-776C-4d02-8627-8E4385ECA58D}\":{\"descriptor\":\"C:\\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20133010_1230_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\MyPC Backup deleted C:\PROGRA~2\Conduit deleted C:\PROGRA~2\ConduitEngine deleted C:\Users\Johan VC\AppData\Roaming\speedanalysis.ico deleted C:\Users\Johan VC\AppData\Roaming\zulagames deleted C:\Users\Johan VC\AppData\Roaming\SpeedAnalysis3 deleted C:\Users\Johan VC\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Johan VC\AppData\Roaming\OpenCandy deleted C:\ProgramData\\Wincert deleted C:\ProgramData\\SafetyNut deleted C:\ProgramData\\IBUpdaterService deleted C:\Users\Johan VC\AppData\Local\somotomoviestoolbar1 deleted C:\Users\Johan VC\AppData\Local\Bundled software uninstaller deleted C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk deleted C:\Users\Johan VC\Downloads\SoftonicDownloader_voor_bs-player.exe deleted C:\Users\Johan VC\Downloads\SoftonicDownloader_voor_k-lite-codec-pack.exe deleted C:\Users\Johan VC\Downloads\SoftonicDownloader_voor_vuze.exe deleted C:\Users\Johan VC\AppData\LocalLow\searchresultstb deleted C:\Users\Johan VC\AppData\LocalLow\somotomoviestoolbar1 deleted C:\Users\Johan VC\AppData\LocalLow\Conduit deleted C:\Users\Johan VC\AppData\LocalLow\ConduitEngine deleted C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default\somotomoviestoolbar1 deleted C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default\extensions\speedanalysis03@SpeedAnalysis.com deleted "C:\PROGRA~2\glindorus\updateglindorus.exe" deleted "C:\PROGRA~2\Movies Toolbar\SafetyNut\safetynut.exe" deleted "C:\PROGRA~2\glindorus\bin\sqlite3.dll" deleted "C:\PROGRA~2\glindorus\bin\utilglindorus.exe" deleted "C:\PROGRA~2\Movies Toolbar" not deleted "C:\PROGRA~2\glindorus" not deleted "C:\PROGRA~2\Movies Toolbar\SafetyNut" not deleted "C:\PROGRA~2\glindorus\bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-10-29 18:52:50 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-10-29 18:52:50 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-10-29 18:52:50 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-10-29 18:52:50 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-10-29 18:52:50 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-10-27 14:20:43 829D2C78370244F343A9CDEDB2097926 319 ----a-w- C:\Windows\ULEAD32.INI 2013-10-27 14:20:33 7C369388F132EA204D1B66DE1FF4101A 40960 ----a-w- C:\Windows\photo express 3.scr 2013-10-27 14:19:05 7035D051546A0C1948E52D75D4BFC8FF 28252 ------w- C:\Windows\corelpf.lrs 2013-10-27 14:18:23 03D54E06DDB7848E713D1E7BC22DBD24 39095 ------w- C:\Windows\iccsigs.dat 2013-10-27 14:17:36 E2D4BA3248CB1DCB51383267868715E5 69632 ------w- C:\Windows\twunk_32.exe 2013-10-27 14:17:36 74B8802CE5CD6F4E7AC83152E0E17D25 48560 ------w- C:\Windows\twunk_16.exe 2013-10-27 14:17:36 4B463A5B942EA7DF397B0019A3B1C868 87392 ------w- C:\Windows\twain.dll 2013-10-27 14:07:24 19F9070899D45CF4E02DF93B35C42E0C 392 ----a-w- C:\Windows\ODBC.INI 2013-10-27 08:58:22 B9231BD775B2A3DC696B870D0C78DC48 39 ----a-w- C:\Windows\Irremote.ini 2013-10-26 20:17:26 A75A03E2FE261297C3CBB128C32BE3D8 796672 ----a-w- C:\Windows\GPInstall.exe 2013-10-26 20:17:26 72DAF5A993CFE902DBA55C928C85D875 8520 ----a-w- C:\Windows\Dutch.gpl 2013-10-26 15:50:45 D03A1335E2F6615528F892245D7CAA73 66 ----a-w- C:\Windows\BBW_INFO.INI 2013-10-18 15:52:12 A5828E3F9E8C0B249C5FC1CCD389D144 260 ----a-w- C:\Windows\Brpfx04a.ini 2013-10-18 15:52:12 6252728BE03B3134B402032072985DCF 64 ----a-w- C:\Windows\brpcfx.ini 2013-10-18 15:50:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\BRPARAM.INI 2013-10-18 15:47:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\brdfxspd.dat 2013-10-18 15:47:26 7D6E128FDC85D9EC2130ECAEC7FB7C76 66 ----a-w- C:\Windows\Brfaxrx.ini 2013-10-18 06:11:25 0E8E6463F81C80AFBED533E0F1F8895D 2391280 ----a-w- C:\Windows\explorer.exe ====== C:\Users\JOHANV~1\AppData\Local\Temp ==== 2013-10-30 11:07:26 F6AABDF85821A9C61C61DEC9408F40CC 266240 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IScrCnv.dll 2013-10-30 11:07:26 DB28CA3BA3C2045AA7B6E59AA9831C68 409600 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\ISRT.dll 2013-10-30 11:07:26 AFDFEC6679CE99596261FF182AFBE9E6 180224 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\iGdiCnv.dll 2013-10-30 11:07:26 ABA70B81A5811E7B140271595D66F06F 32768 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\objpscnv.dll 2013-10-30 11:07:26 A9D3658C5BE72816812A5A32E4560BA3 761856 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver2.exe 2013-10-30 11:07:26 A9D3658C5BE72816812A5A32E4560BA3 761856 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe 2013-10-30 11:07:26 A9D3658C5BE72816812A5A32E4560BA3 761856 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.exe 2013-10-30 11:07:26 1C1332BF83F505CB60E06C76FE111CDD 540772 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\_ISRES1033.dll 2013-10-30 11:07:26 197C2CE7CF2A98AE895ECE98D88B8245 172032 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IUserCnv.dll 2013-10-30 09:20:20 BF38660A9125935658CFA3E53FDC7D65 773968 ------w- C:\Users\Johan VC\AppData\Local\Temp\~rnsetup\GEMSETUP\msvcr100.dll 2013-10-30 09:20:18 5FE302CA2A6FD7F0F7ACA4744E33F59D 15872 ------w- C:\Users\Johan VC\AppData\Local\Temp\~rnsetup\GEMSETUP\pnrs3260.dll 2013-10-30 09:19:58 7EC6C8E88BECD3C40AE35AAD1DF6EB0A 90624 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\stubhelper.dll 2013-10-30 09:19:58 3539206D4F6DCDB9E5BEB9D8D3BDE90A 120400 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\lowproc.exe 2013-10-29 21:43:52 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\i4jdel0.exe ====== C:\Windows\SysWOW64 ===== 2013-10-27 14:21:51 9D1864AE5F6FF8BBDE86A3F5A448110D 368912 ----a-r- C:\Windows\SysWOW64\VBAR332.DLL 2013-10-27 14:21:49 E8A31571E9B0F79BC30AD7B8AFA75C08 1039360 ----a-r- C:\Windows\SysWOW64\MSJET35.DLL 2013-10-27 14:21:12 493A6F64E4BC3713B780143F6BCB5DC1 607744 ------w- C:\Windows\SysWOW64\Decslib.dll 2013-10-27 14:20:39 C4F80ED6BBEE4009F06D50587F41B856 384512 ----a-w- C:\Windows\SysWOW64\MFCO40.DLL 2013-10-27 14:20:39 A0BD2CE673967DA13B05FDC3A4045DF3 151040 ----a-w- C:\Windows\SysWOW64\MFCO30.DLL 2013-10-27 14:20:38 989341BDAD0A2B5B864E0FCEF66AF05F 358400 ----a-w- C:\Windows\SysWOW64\MFC30.DLL 2013-10-27 14:20:38 1DC4FB334FD942791B2157AEB48271BE 27632 ----a-w- C:\Windows\SysWOW64\CTL3DV2.DLL 2013-10-27 14:18:22 497FD4A8F5C4FCDAAAC1F761A92A366A 565760 ------w- C:\Windows\SysWOW64\msvcp50.dll 2013-10-27 14:18:21 1D96F88FF5F8979409F15EB3D1624B4A 112688 ------w- C:\Windows\SysWOW64\shw32.dll 2013-10-27 14:18:15 D646EBC16645976AE5784F5D2D4E4492 211456 ------w- C:\Windows\SysWOW64\qd3d_ir2.q3x 2013-10-27 14:18:14 E261C04175410391D6A9933E99374B7E 70656 ------w- C:\Windows\SysWOW64\3dviewer.dll 2013-10-27 14:18:14 7A3152BA9FF11612719694708E6F30D2 553984 ------w- C:\Windows\SysWOW64\rave.dll 2013-10-27 14:18:13 703AC059AB8457E7A2150FF0748AFBB8 909312 ------w- C:\Windows\SysWOW64\qd3d.dll 2013-10-27 14:17:59 CCA940CE62641B6C422E938EDB29639C 168448 ------w- C:\Windows\SysWOW64\Awrtl30.dll 2013-10-27 14:17:59 BB8ECD56D80E64EC475306F469214D08 100864 ------w- C:\Windows\SysWOW64\awpe.dll 2013-10-27 14:17:42 837E3142029D95F66FD3B2075B225501 245760 ------w- C:\Windows\SysWOW64\Sccomp91.dll 2013-10-27 14:17:41 589EE5A7C2A3E05F9A93D5F381B07144 225280 ------w- C:\Windows\SysWOW64\Scint91.dll 2013-10-27 14:17:41 2AE44BC1603CBDC218EBBF8FAFA96938 110592 ------w- C:\Windows\SysWOW64\Sccres91.dll 2013-10-27 12:01:43 4885B8A0C48E81D950995893643F8777 217176 ----a-w- C:\Windows\SysWOW64\unrar.dll 2013-10-27 08:54:02 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\SysWOW64\d3dx9_30.dll 2013-10-27 08:54:01 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\SysWOW64\d3dx9_28.dll 2013-10-26 17:12:08 595E4ADEB1B94C69C57EDA411E0809B8 53248 ----a-w- C:\Windows\SysWOW64\SONYHCY.DLL 2013-10-26 17:12:01 F3F99A772EC3D9435B93D220E40436AE 72440 ----a-w- C:\Windows\SysWOW64\pxhpinst.exe 2013-10-26 17:12:01 C1E66615103CC72472906BEF5DF3275A 64760 ----a-w- C:\Windows\SysWOW64\PxInsA64.exe 2013-10-26 17:12:01 9DFD7CA53B06658DECAA35E7A76D2C98 118520 ----a-w- C:\Windows\SysWOW64\PxInsI64.exe 2013-10-26 17:12:01 671FC8F54993088940F4A621222F8EE6 115960 ----a-w- C:\Windows\SysWOW64\PxCpyI64.exe 2013-10-26 17:12:01 454CB3FCA343B5612E808ABA75311273 39672 ----a-w- C:\Windows\SysWOW64\vxblock.dll 2013-10-26 17:12:01 285D6295E0A8E38E79391362BA36A8EE 64248 ----a-w- C:\Windows\SysWOW64\PxCpyA64.exe 2013-10-26 15:50:00 DD41B6E63EA49827E98D3B364E2A75DE 59004 ----a-w- C:\Windows\SysWOW64\Pgtextj_.ttf 2013-10-26 15:50:00 BD978BA73E90E8C777744DBEF4ADC951 153064 ----a-w- C:\Windows\SysWOW64\Pgchords.ttf 2013-10-26 15:50:00 ABE444AA0ED3B66CCEBB62ED04C3796D 51864 ----a-w- C:\Windows\SysWOW64\Pgtextje.ttf 2013-10-26 15:50:00 938F9F98E0CB4B72F409157C2E4604A6 47252 ----a-w- C:\Windows\SysWOW64\pgmus.ttf 2013-10-26 15:50:00 6D807C1CB5A73DDD8CFDF4A27EF32310 48072 ----a-w- C:\Windows\SysWOW64\Pgjazz__.ttf 2013-10-26 15:50:00 5BBD29CCA1757FF9A5D3F89B779BFB7B 49896 ----a-w- C:\Windows\SysWOW64\Pgtext.ttf 2013-10-18 15:47:13 954388D98B5CBFA1D32C5D43D5FA5275 45056 ----a-w- C:\Windows\SysWOW64\BRTCPCON.DLL 2013-10-18 15:47:10 232231DAB87A37CC4A948D67AE2DF55B 103792 ----a-w- C:\Windows\SysWOW64\BRRBI100.EXE 2013-10-18 15:47:10 001B7F3C626938C77807E16C0C526008 50176 ----a-w- C:\Windows\SysWOW64\BRPRTINK.DLL 2013-10-18 15:47:08 C0497C30E6976143CB46C016E8333707 114 ----a-w- C:\Windows\SysWOW64\BRLMW03A.INI 2013-10-18 15:47:08 822B31A9FC679366560BC4D416BBBB0E 77824 ----a-w- C:\Windows\SysWOW64\BRLMW03A.DLL 2013-10-18 15:47:08 38E5E24BEDE6F59AFC648CB7EF897D69 180224 ----a-w- C:\Windows\SysWOW64\BROSNMP.DLL 2013-10-18 15:47:08 114E9DE7781BEE1FF4738658C12C013A 25299 ----a-w- C:\Windows\SysWOW64\BRLM03A.DLL 2013-10-18 15:47:04 D09AE23186E3AE51D8EDB49AF4E6B018 245760 ------w- C:\Windows\SysWOW64\NSSearch.dll 2013-10-18 15:47:04 BE1EAFB5EC2AC86065C39372FF1A8F99 5120 ------w- C:\Windows\SysWOW64\BrDctF2L.dll 2013-10-18 15:47:04 B1DEE09C901FB884BA8AA62A5DFDB6D2 5120 ------w- C:\Windows\SysWOW64\BrDctF2S.dll 2013-10-18 15:47:04 5790DD6C789EFD358CB8E904E22E5105 73728 ------w- C:\Windows\SysWOW64\BrDctF2.dll 2013-10-18 10:37:03 594C715F554206032FE8C8AC9FF8F440 17561088 ----a-w- C:\Windows\SysWOW64\shell32.dll 2013-10-18 10:37:02 D8FED3E93970890FC25C5D378E6A5BD6 893952 ----a-w- C:\Windows\SysWOW64\msctf.dll 2013-10-18 10:37:02 5363A9B4FA7DB5E3B1025411CBF9977F 8858112 ----a-w- C:\Windows\SysWOW64\twinui.dll 2013-10-18 10:37:00 7D98A4A02FEA4C24A2EA9D8978E6CAB5 2035712 ----a-w- C:\Windows\SysWOW64\authui.dll 2013-10-18 10:36:59 E2C9A11BC849BC39384A8C430F17B63C 158208 ----a-w- C:\Windows\SysWOW64\mbsmsapi.dll 2013-10-18 10:36:59 7DD1611953A4CB01F9E3287E86629172 356352 ----a-w- C:\Windows\SysWOW64\SettingSync.dll 2013-10-18 10:36:59 42946DF60DA82E1350AB6D636AE19B3D 199168 ----a-w- C:\Windows\SysWOW64\shdocvw.dll 2013-10-18 10:36:34 20DEAA3798E24F2568D13E59854B86BA 10799104 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-10-18 10:36:32 E5022C5E268209367A186DF3F8705AEA 914432 ----a-w- C:\Windows\SysWOW64\UIAutomationCore.dll 2013-10-18 10:36:31 10C3BE99D42B256C73A4982E9680B81C 628736 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2013-10-18 10:36:30 ABB989EF246D554A6D166B9D2C8AB36C 656896 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2013-10-18 10:36:30 98AC5B3A987A7698B070D39AC88B7ED7 485376 ----a-w- C:\Windows\SysWOW64\WSDApi.dll 2013-10-18 10:36:30 94AE186C279DD59E8D9F4E735CB81525 247296 ----a-w- C:\Windows\SysWOW64\ubpm.dll 2013-10-18 10:36:29 FE5AD5F1E79B411F0B9E7027F2AD496A 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2013-10-18 10:36:29 4D85933D2F0819320DD1FF0B8CF191AC 84992 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2013-10-18 10:36:29 17752E897BC17C13E5CAEA71D376C96A 126976 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2013-10-18 10:36:07 BB9B1E4AD29328FAFCA5A9AD05BC9554 1245696 ----a-w- C:\Windows\SysWOW64\wdc.dll 2013-10-18 10:36:07 831EB87A22B5011908334B8481289948 437248 ----a-w- C:\Windows\SysWOW64\wvc.dll 2013-10-18 10:36:07 2A4C4B4921AD0DE90D4DFCD6E4CF8B84 399360 ----a-w- C:\Windows\SysWOW64\sysmon.ocx 2013-10-18 06:11:25 EAFE46B0292D2BD2467835E2ACF717CC 2106176 ----a-w- C:\Windows\SysWOW64\explorer.exe 2013-10-18 06:11:25 88D741154D5E6385ADC5040D59088916 1842176 ----a-w- C:\Windows\SysWOW64\dwmcore.dll 2013-10-18 06:11:23 B43191C7BC4F12D08E65E0DAAFF20DF2 1453568 ----a-w- C:\Windows\SysWOW64\mfcore.dll 2013-10-18 06:11:21 F95E431A10B9D970B63601195863F6EC 493056 ----a-w- C:\Windows\SysWOW64\mscms.dll 2013-10-18 06:11:21 A88F4E3916CFD0E0B861289F5AB5E38A 364544 ----a-w- C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-10-18 06:11:20 CF24AFB3021F7E759222FDC1313787FD 850944 ----a-w- C:\Windows\SysWOW64\mfasfsrcsnk.dll 2013-10-18 06:11:18 10FAE4240EB37E32B3E027CAB5101FA8 67584 ----a-w- C:\Windows\SysWOW64\samlib.dll 2013-10-18 06:05:49 0AC4D04D2D127CAE2BE09FBA48D19639 2273792 ----a-w- C:\Windows\SysWOW64\msftedit.dll 2013-10-18 06:05:47 4F2214EB1269A6B906E2402883E0A658 551424 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2013-10-18 06:05:46 DF790AE26A476DAA05210BA571B45AAC 160256 ----a-w- C:\Windows\SysWOW64\winmmbase.dll 2013-10-18 06:05:46 3631AE3089DE4FAA50D3BD62E370299E 385768 ----a-w- C:\Windows\SysWOW64\WerFault.exe 2013-10-18 06:05:46 0E38A984BE8C1F4A095B4A4E8BA1EB23 125440 ----a-w- C:\Windows\SysWOW64\winmm.dll 2013-10-18 06:05:45 34076BB22B3975BDA4D98E1A0F03F199 268800 ----a-w- C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-10-18 06:05:44 DB51E3BB92AAE9608CB4AC08A9E263B1 1022464 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2013-10-18 06:05:43 A179B0FB8241BC7FEF62E0AA5F315F9B 702464 ----a-w- C:\Windows\SysWOW64\nshwfp.dll 2013-10-18 06:05:43 68451FE440B77BD6447E8AF1D21FD62B 245760 ----a-w- C:\Windows\SysWOW64\LocationApi.dll 2013-10-18 06:05:43 499403FAB514EF7C468F1E9157F8F7BA 67072 ----a-w- C:\Windows\SysWOW64\openfiles.exe 2013-10-18 06:05:43 1C51CD68DB8C774E4C69CD628CFC4C80 245248 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-10-18 06:05:42 1342E8DE249F4049536F38F8D473CE26 154112 ----a-w- C:\Windows\SysWOW64\WinSCard.dll 2013-10-17 03:21:28 B790CA1B51C253F3588F9F51BEA1FBAD 694232 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-17 03:21:28 4F55EC8410135B3D300DB5414B82E19C 78296 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-17 01:27:16 06C5E22E47C68A204CAA7206ECD6E58B 11878912 ----a-w- C:\Windows\SysWOW64\wmp.dll 2013-10-17 01:27:15 18152CAB34DF83B2B16A7FC0BFE80AAB 2767360 ----a-w- C:\Windows\SysWOW64\tquery.dll 2013-10-17 01:27:14 4B6BCFDA47A2E55C326494F12452D36B 1593344 ----a-w- C:\Windows\SysWOW64\mssrch.dll 2013-10-17 01:27:10 9398353A04C00C3B9B7A9A45DF3C13A9 1113600 ----a-w- C:\Windows\SysWOW64\MSAudDecMFT.dll 2013-10-17 01:27:09 49CDF50EDBC11418B1A33959A99961EA 403968 ----a-w- C:\Windows\SysWOW64\mssph.dll 2013-10-17 01:27:08 5B2CA9D6F7E49EE443453D93472918CA 324096 ----a-w- C:\Windows\SysWOW64\schannel.dll 2013-10-17 01:27:08 4DD38C9F28B9A0D8B1635580E8DF7D86 302592 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe 2013-10-17 01:27:07 FCCEDE04F10EC0B72321333FF928E5AF 1408896 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-10-17 01:27:07 58ABD60925CE849CEAEBAC105E74BE5A 426024 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2013-10-17 01:27:06 434D27871C24D123038BCE8507010276 252928 ----a-w- C:\Windows\SysWOW64\rsaenh.dll 2013-10-17 01:27:06 1F2C7F52F7A53751ED38287EF90942C8 324368 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2013-10-17 01:27:06 031397F2F9B2445CD901C8694E4012FD 670208 ----a-w- C:\Windows\SysWOW64\SearchIndexer.exe 2013-10-17 01:27:03 D54A923CB6EEA45576380C197A480142 411136 ----a-w- C:\Windows\SysWOW64\Windows.Networking.dll 2013-10-17 01:27:03 98AE6E68249F47584EB5353D2E371AF4 361984 ----a-w- C:\Windows\SysWOW64\MFMediaEngine.dll 2013-10-17 01:27:03 701B9B1100E251A9125BD72307ABACFF 659456 ----a-w- C:\Windows\SysWOW64\mssvp.dll 2013-10-17 01:27:02 973490D8FA14A14C6307BC4F672178DB 123880 ----a-w- C:\Windows\SysWOW64\wscapi.dll 2013-10-17 01:27:01 BB208BC1082B114AFBBE6CCBE42AA6CA 171008 ----a-w- C:\Windows\SysWOW64\SearchFilterHost.exe 2013-10-17 01:27:00 C043356858B65CEC5B751CE74F013125 106496 ----a-w- C:\Windows\SysWOW64\Robocopy.exe 2013-10-17 01:27:00 450DBA20B14DA7F827C71F880483B859 155648 ----a-w- C:\Windows\SysWOW64\dmvdsitf.dll 2013-10-17 01:26:59 CE3EE84318F36CEFFE8B35F97BFA2804 214528 ----a-w- C:\Windows\SysWOW64\mfreadwrite.dll 2013-10-17 01:26:57 EE6CD55E45FB9022B90C12B760A32876 186880 ----a-w- C:\Windows\SysWOW64\mssphtb.dll 2013-10-17 01:26:56 492EDFADEFB48CCAE6D848BC484E9630 41984 ----a-w- C:\Windows\SysWOW64\fmifs.dll 2013-10-17 01:26:54 CF3FE167858C4DC3E853AFCC43AB4B7F 35328 ----a-w- C:\Windows\SysWOW64\mssprxy.dll 2013-10-17 01:26:54 48C690A3F2106A23B261442E08992E08 10752 ----a-w- C:\Windows\SysWOW64\msshooks.dll 2013-10-17 01:23:55 5F27960598F19E9509289DCAA6F6BA84 309760 ----a-w- C:\Windows\SysWOW64\BCP47Langs.dll 2013-10-17 01:23:54 A5189CC0316DDCD935F360E26904ECA9 14848 ----a-w- C:\Windows\SysWOW64\rars.rs 2013-10-17 01:23:51 D273CCF1F17F43A7E26DEEDC4C329287 151040 ----a-w- C:\Windows\SysWOW64\netplwiz.dll 2013-10-17 01:23:51 82E03C39A0CA7B3803C46DB54BA30F88 303616 ----a-w- C:\Windows\SysWOW64\stobject.dll 2013-10-17 01:23:49 4811BEA676D8355C158246D1F9B7A4F2 115712 ----a-w- C:\Windows\SysWOW64\netprofm.dll 2013-10-17 01:23:49 10B7F2AFB7E77E5AF276B1E2CE51A13B 449536 ----a-w- C:\Windows\SysWOW64\DevicePairing.dll 2013-10-17 01:23:49 0A52F0EF8C82A1FB42894B3EB88823E9 758784 ----a-w- C:\Windows\SysWOW64\Magnify.exe 2013-10-17 01:23:48 E2A0A49905CC14690B3433F7019BCBDC 389632 ----a-w- C:\Windows\SysWOW64\intl.cpl 2013-10-17 01:23:48 D83276FC6EA62F04E57E3EFC48017167 92160 ----a-w- C:\Windows\SysWOW64\biwinrt.dll 2013-10-17 01:23:47 EBD3510794753FC266A556EF6ECBFBFD 411136 ----a-w- C:\Windows\SysWOW64\mfmp4srcsnk.dll 2013-10-17 01:23:45 E404E1649DC1CCDEEAD46C4B5F2E07DA 14336 ----a-w- C:\Windows\SysWOW64\muifontsetup.dll 2013-10-17 01:23:45 3A57A288F098188E92C6B0309CBC50B2 18432 ----a-w- C:\Windows\SysWOW64\npmproxy.dll 2013-10-17 01:23:03 7B7C5753CB4B555C9BC4ADCEE344B811 482816 ----a-w- C:\Windows\SysWOW64\untfs.dll 2013-10-17 01:23:03 61ADD65C9D1E2EAF8BB080A4D6AAB055 793088 ----a-w- C:\Windows\SysWOW64\autochk.exe 2013-10-17 01:23:02 941B22338052E8A0ADA7944B827E3E2A 974848 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2013-10-17 01:22:40 E5AA5FCA529FB3FD88D2C3EB38BBD899 1338880 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2013-10-17 01:22:34 2072CE914C627A37E8CC8592E68A8851 357888 ----a-w- C:\Windows\SysWOW64\netcfgx.dll 2013-10-17 01:22:34 1A242673EFA49EC8C16AA691DC027E6F 5091840 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2013-10-17 01:22:33 9DEE93BEA6D719FCA849B7ABFCCE5621 601088 ----a-w- C:\Windows\SysWOW64\Windows.Globalization.dll 2013-10-17 01:22:33 9C4CD6ADB8FB30BAA1B642FFFD04E194 893952 ----a-w- C:\Windows\SysWOW64\winmde.dll 2013-10-17 01:22:32 0BF4D74962263306006C82DFBB114554 550912 ----a-w- C:\Windows\SysWOW64\drvstore.dll 2013-10-17 01:22:28 67A05BE41C37A3BF140377C0CEFFC309 145408 ----a-w- C:\Windows\SysWOW64\powercfg.cpl 2013-10-17 01:22:27 7F8D446C49D3052CD364C01477BCE5ED 100864 ----a-w- C:\Windows\SysWOW64\SettingSyncInfo.dll 2013-10-17 01:22:22 73DC5278EE0A0F01750A0DEF17FE7EFD 36352 ----a-w- C:\Windows\SysWOW64\DevDispItemProvider.dll 2013-10-17 01:20:12 B4CB5AE28AD921DBB2BB5D0A6D1FDD9D 694272 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2013-10-17 01:19:57 1136EC767D7915D0F945E38BBC64024C 541696 ----a-w- C:\Windows\SysWOW64\comctl32.dll 2013-10-17 01:19:56 3213F234B8FC8D0869D50B98884EB5F4 1421312 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2013-10-17 01:19:05 A2476B7D165AFB10A8FA4E335DEC9E88 2620928 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL 2013-10-17 01:18:53 80E99EF897E98BFF0C1579FC9024F724 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-17 01:18:40 A50E9F5111BFB5451750F1A66DFC088B 109056 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2013-10-17 01:18:40 6498FE5EEE819307EDE2FE17CE849994 1013248 ----a-w- C:\Windows\SysWOW64\certutil.exe 2013-10-17 01:18:23 115DAE15480BA4FA00D11096EDA01A26 132608 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2013-10-17 01:18:04 3C3C36189700311E49376358046D562F 496640 ----a-w- C:\Windows\SysWOW64\qedit.dll 2013-10-17 01:17:53 A7221924181C8EB92B64C5A2D888BEA5 14335488 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-10-17 01:17:44 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-10-17 01:17:43 122B216B091D06F672CC8D331128FB06 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-10-17 01:17:42 5A847E98EAF032928E67EE52DE08952D 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-10-17 01:17:41 E4FEB264B47360B7296AEA4E052F88D8 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-10-17 01:17:40 E02C01EB0ED522327AFF3BE5CBCF6017 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-10-17 01:17:40 61DC3F2BE3093FE22CD717260946D7AD 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-10-17 01:17:40 2CD665EF1353721341B789B78E25B3AC 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll 2013-10-17 01:17:39 A7CFDA703AF9AD409DAA521487E0CB53 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-10-17 01:17:38 883C0D3A22CE87A3203CD5518EBB5758 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-10-17 01:17:38 87B775A458A73BB7381E5B67B5652496 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-10-17 01:17:37 FA15B8EC5D74FCBEAD5D400D95DD67B3 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll 2013-10-17 01:17:37 BFDD0C5F3E435596F197F003609989C4 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-10-17 01:17:37 3FA7F736B877B46EDF1EE6BE6051848D 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-10-17 01:17:36 ADE7AE4478D5B2095FDE6FAB86B300E6 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-10-17 01:17:21 DA150FBA450DB268C3DD1D389DF261EB 562688 ----a-w- C:\Windows\SysWOW64\WSShared.dll 2013-10-17 01:17:21 4A4A793059187D8C85797F0FB8D9E48C 91648 ----a-w- C:\Windows\SysWOW64\sppc.dll 2013-10-17 01:17:20 810B2358688A62CD67F0FBC699628D48 159232 ----a-w- C:\Windows\SysWOW64\WSSync.dll 2013-10-17 01:17:20 68309D440373633C54CCD61FFAB4948C 143872 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-10-17 01:17:19 EC598115895C5E2BFCC3EC6D1DD5E1E2 167424 ----a-w- C:\Windows\SysWOW64\WSClient.dll 2013-10-17 01:17:18 B607284B548E9749B7DFE21F0B0EE376 20992 ----a-w- C:\Windows\SysWOW64\wups.dll 2013-10-17 01:17:16 B7267F83DE710AF993A15380C1F33239 83968 ----a-w- C:\Windows\SysWOW64\OEMLicense.dll 2013-10-17 01:17:16 62FB9CC2F6E0EF8015EA06ECFD746154 76800 ----a-w- C:\Windows\SysWOW64\setupcln.dll 2013-10-17 01:16:29 F7A43B51E2C1D7C332FB17D0A804AF60 261120 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2013-10-17 01:16:29 3674D14E4B7D4700BFF7D06DC608334E 87040 ----a-w- C:\Windows\SysWOW64\apprepapi.dll 2013-10-17 01:16:29 186EF39B997ACB482C5092AD0079B5A3 1568256 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-10-17 01:16:28 AA4D1D67CFC5C9BC17163FA619A070FA 74240 ----a-w- C:\Windows\SysWOW64\apprepsync.dll 2013-10-17 01:16:13 27E18DC09423730863241E3F207A36C4 300032 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2013-10-17 01:16:12 57F794FDACC45FABCEFE7C941EF8413F 35328 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2013-10-17 01:15:03 6C034D54DA0E13EEE5AE1A014964C209 25088 ----a-w- C:\Windows\SysWOW64\cryptdlg.dll 2013-10-17 01:14:17 E1337CBF81DBABF9CC5C6E286BC0CEEA 24064 ----a-w- C:\Windows\SysWOW64\ReAgentc.exe 2013-10-17 01:12:58 BB494AA9267EBD12DEC13025C2CE9359 375808 ----a-w- C:\Windows\SysWOW64\ReAgent.dll 2013-10-17 01:12:57 77A8C35CA0804AF869180CA598F8D26D 2382336 ----a-w- C:\Windows\SysWOW64\esent.dll ====== C:\Windows\SysWOW64\drivers ===== 2013-10-26 17:12:08 E78CD3BB53A208DFAB8FC826384307E0 6097 ----a-w- C:\Windows\SysWOW64\drivers\sonyhcb.sys 2013-10-26 17:12:08 DFADFC2C86662F40759BF02ADD27D569 102220 ----a-w- C:\Windows\SysWOW64\drivers\sonypvs1.sys 2013-10-26 17:12:08 BDA6C0EFD8EA4BBE738175FEA5C06660 3654 ----a-w- C:\Windows\SysWOW64\drivers\Sonyhcp.dll 2013-10-26 17:12:08 610F515FCD95D37F3252E1C250EF8C61 299923 ----a-w- C:\Windows\SysWOW64\drivers\sonyhcs.sys 2013-10-26 17:12:08 55E48017295F26BA266F935DA49C59A4 38739 ----a-w- C:\Windows\SysWOW64\drivers\sonyhcc.sys 2013-10-26 17:12:01 BF79E659C506674C0497CC9C61F1A165 2432 ----a-w- C:\Windows\SysWOW64\drivers\cdr4_xp.sys 2013-10-26 17:12:01 BF79E659C506674C0497CC9C61F1A165 2432 ----a-w- C:\Windows\SysWOW64\drivers\cdr4_2k.sys 2013-10-26 17:12:01 2C41CD49D82D5FD85C72D57B6CA25471 2560 ----a-w- C:\Windows\SysWOW64\drivers\cdralw2k.sys 2013-10-26 17:12:01 1962166E0CEB740704F30FA55AD3D509 36624 ----a-w- C:\Windows\SysWOW64\drivers\pxhelp20.sys ====== C:\Windows\Sysnative ===== 2013-10-27 12:01:43 8A2C6F0E343400A2507B999B2726646B 256088 ----a-w- C:\Windows\Sysnative\unrar64.dll 2013-10-18 15:47:26 1C7072A3FC2C6397087D2673465E4717 290304 ------w- C:\Windows\Sysnative\BrfxDA5c.dll 2013-10-18 15:47:25 FF12B810090F878AF63D4C7346A7245C 58880 ------r- C:\Windows\Sysnative\BrWiaNCp.dll 2013-10-18 15:47:25 E3370E3143ED1FB77D356F688F2EBB2A 143360 ------r- C:\Windows\Sysnative\BrSNMP64.dll 2013-10-18 15:47:25 92879D280F390ABEF95CD6ECE6657789 84480 ------r- C:\Windows\Sysnative\BrNetSti.dll 2013-10-18 15:47:25 64E6C72A63949CC292E2D677DCD17956 51712 ------r- C:\Windows\Sysnative\Brnsplg.dll 2013-10-18 15:47:25 4B29B05E10C5FFE3E35C67CAC3146E54 316928 ------r- C:\Windows\Sysnative\NSSRH64.dll 2013-10-18 15:47:23 937378268A203D474D0246F844EA2DAB 1439744 ----a-w- C:\Windows\Sysnative\BrWi209d.dll 2013-10-18 15:47:22 F459D8DB60C8B64B6DAB219DBF0C02E1 278528 ----a-w- C:\Windows\Sysnative\BrJDec.dll 2013-10-18 11:31:44 42833D44D0FC562D12CF7D636BC6B5EC 503752 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2013-10-18 10:37:05 4416D7F0F05098711EA45C9D95610A6E 19758080 ----a-w- C:\Windows\Sysnative\shell32.dll 2013-10-18 10:37:04 09B07DFC6792D49516073FEF024315C9 10116608 ----a-w- C:\Windows\Sysnative\twinui.dll 2013-10-18 10:37:02 F85D33830D2655FB2916667579D45725 1125888 ----a-w- C:\Windows\Sysnative\msctf.dll 2013-10-18 10:37:00 DFB8703836AF863A25FC55BF88176591 222208 ----a-w- C:\Windows\Sysnative\shdocvw.dll 2013-10-18 10:37:00 7D5FEB67505A6D983F5D8AE0B474581D 2304512 ----a-w- C:\Windows\Sysnative\authui.dll 2013-10-18 10:37:00 5690B3793FD93716EF4C5CE71D9FF156 448512 ----a-w- C:\Windows\Sysnative\SettingSync.dll 2013-10-18 10:36:59 60CF5B27BBEF38F11729B847541E33A3 225280 ----a-w- C:\Windows\Sysnative\mbsmsapi.dll 2013-10-18 10:36:58 755059FD6A758EA4413B58A1B423E7D1 128512 ----a-w- C:\Windows\Sysnative\SettingSyncInfo.dll 2013-10-18 10:36:57 6A4B9FBC1E88C400AD671A50DADFA84D 386923 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2013-10-18 10:36:34 B37AF4CB7C5BBE8ABF0CD7E796AB1EB3 13661696 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2013-10-18 10:36:33 5EE919B9C3056B399E488A9B253E258A 3279360 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2013-10-18 10:36:32 58FE249FBABBA09A98EBAF28B0E0C382 1173504 ----a-w- C:\Windows\Sysnative\UIAutomationCore.dll 2013-10-18 10:36:32 11F1BA1F5D9D63DA9332FB48E316CF20 773120 ----a-w- C:\Windows\Sysnative\wuapi.dll 2013-10-18 10:36:31 510A64BC84EA509337AAA67A888F101C 817152 ----a-w- C:\Windows\Sysnative\kerberos.dll 2013-10-18 10:36:31 4AF9E996881DD382EF34C094FFF26670 1622016 ----a-w- C:\Windows\Sysnative\wucltux.dll 2013-10-18 10:36:31 16C7029B1FBD1F80B2337933E66BF793 328192 ----a-w- C:\Windows\Sysnative\ubpm.dll 2013-10-18 10:36:30 DA041324BA6417672F464BCCD7B4028F 59416 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2013-10-18 10:36:30 96486A251B78FFBD9C559C78054BAD59 599040 ----a-w- C:\Windows\Sysnative\WSDApi.dll 2013-10-18 10:36:30 7F77886AC6F915075DC0C37264B02713 142848 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2013-10-18 10:36:30 05238CE241F616ECFE061C3363FFD8F7 252928 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2013-10-18 10:36:29 71966AEA65DCCE5A749B27D07DFA524E 99328 ----a-w- C:\Windows\Sysnative\wudriver.dll 2013-10-18 10:36:29 59A3F0EE45069600241CEF1A3A165000 175104 ----a-w- C:\Windows\Sysnative\storewuauth.dll 2013-10-18 10:36:28 C85F997D1BC04C5D0C8193183C70D6E4 40448 ----a-w- C:\Windows\Sysnative\wuapp.exe 2013-10-18 10:36:08 CA45D615BA0102CEDE9C25F4C6EE0983 1374208 ----a-w- C:\Windows\Sysnative\wdc.dll 2013-10-18 10:36:07 EEB55974CFE4DB0B4FC840E6101090B8 462336 ----a-w- C:\Windows\Sysnative\sysmon.ocx 2013-10-18 10:36:07 20E76634DE7792397261A8AC442B9ACB 566784 ----a-w- C:\Windows\Sysnative\wvc.dll 2013-10-18 06:11:26 5170FF8948D9FBFA5386E7AC915B7A66 2219520 ----a-w- C:\Windows\Sysnative\dwmcore.dll 2013-10-18 06:11:25 CA89380719E6F142366E1D5A74FAC928 6987008 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-10-18 06:11:24 F51618F0CBA3D733560D816AF43AEE29 729600 ----a-w- C:\Windows\Sysnative\samsrv.dll 2013-10-18 06:11:24 1B00B3C7FB636953B1059705290B502A 1527808 ----a-w- C:\Windows\Sysnative\mfcore.dll 2013-10-18 06:11:23 565F8845C182F3F6F885F66FAC3B1CFA 1403296 ----a-w- C:\Windows\Sysnative\winload.efi 2013-10-18 06:11:23 1392E73041AA8521F276428236C9FD1A 1271584 ----a-w- C:\Windows\Sysnative\winload.exe 2013-10-18 06:11:22 D16B3878E6401BE9720B6BF2515B8A69 1217352 ----a-w- C:\Windows\Sysnative\winresume.efi 2013-10-18 06:11:22 24F001EA87D6C0FF69922B7FB468B13C 523264 ----a-w- C:\Windows\Sysnative\XpsGdiConverter.dll 2013-10-18 06:11:22 1B4488988E5E7512E6C5CD1255E9E973 680960 ----a-w- C:\Windows\Sysnative\vds.exe 2013-10-18 06:11:22 167A972F34BA572E34BB5225EE01B9BF 1093904 ----a-w- C:\Windows\Sysnative\winresume.exe 2013-10-18 06:11:21 75BC56C8BDCDE2B22F8141F1ED8D9B63 1048576 ----a-w- C:\Windows\Sysnative\mfasfsrcsnk.dll 2013-10-18 06:11:21 599B3F685A263A114FFAF3BE29C49C75 785408 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2013-10-18 06:11:21 270030FDFF0E4020ADBCB67146FD154C 583168 ----a-w- C:\Windows\Sysnative\mscms.dll 2013-10-18 06:11:21 246612D5622F7BA13E87BA08D2F7489A 106496 ----a-w- C:\Windows\Sysnative\samlib.dll 2013-10-18 06:11:20 F87F4AAAF6664906248D11D5E579A53B 207872 ----a-w- C:\Windows\Sysnative\DeviceSetupManager.dll 2013-10-18 06:11:20 C52F0F33CCED69FC4C3F921198084F24 80896 ----a-w- C:\Windows\Sysnative\MbaeParserTask.exe 2013-10-18 06:11:19 DF3E9EE1B400FA42839B80D9EF991C12 190976 ----a-w- C:\Windows\Sysnative\vdsutil.dll 2013-10-18 06:05:48 814F4A0774F08F580D71FA7E880CD454 1025024 ----a-w- C:\Windows\Sysnative\localspl.dll 2013-10-18 06:05:48 560A9357766AB0CDF38143EA3A66DA64 2839552 ----a-w- C:\Windows\Sysnative\msftedit.dll 2013-10-18 06:05:48 3884117CE4FEC35E4A1A7A62918B1F34 1156096 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL 2013-10-18 06:05:47 7A102E79DD8F1032BCB76064E2E50C4A 778752 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2013-10-18 06:05:47 73133A0C0CA63817BFF2CB9DE65B64E7 723968 ----a-w- C:\Windows\Sysnative\BFE.DLL 2013-10-18 06:05:47 58B7BEACEB8B19A9698FE85B76C88ED9 381952 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL 2013-10-18 06:05:47 45A2DE308D27355F0F0D13499C8207DA 1300480 ----a-w- C:\Windows\Sysnative\gdi32.dll 2013-10-18 06:05:47 12DE753B04FE08427BC4BA3133BFB1DB 414208 ----a-w- C:\Windows\Sysnative\wwanconn.dll 2013-10-18 06:05:46 C89FAB42CD5FD672506031D941529A74 439488 ----a-w- C:\Windows\Sysnative\WerFault.exe 2013-10-18 06:05:46 AF1349386D4C6786EF4E34FACEF15042 263680 ----a-w- C:\Windows\Sysnative\wcmsvc.dll 2013-10-18 06:05:46 8E5271A1AC463276023B39BC846F299C 230912 ----a-w- C:\Windows\Sysnative\WinSCard.dll 2013-10-18 06:05:46 827AE73CD7CB3A8292A50EF39169071F 115712 ----a-w- C:\Windows\Sysnative\winmm.dll 2013-10-18 06:05:46 6D9E07436B6646EC8F7EFFD39B6BA288 447488 ----a-w- C:\Windows\Sysnative\wwansvc.dll 2013-10-18 06:05:46 0ABF97013CA7400213DCBDC7B499AF85 183808 ----a-w- C:\Windows\Sysnative\winmmbase.dll 2013-10-18 06:05:44 FF2E7B5DEF4C46870E8D00B80BBDB1DC 370688 ----a-w- C:\Windows\Sysnative\Wwanadvui.dll 2013-10-18 06:05:44 9A218BB2D3EC7CAAC84351D59204013A 77312 ----a-w- C:\Windows\Sysnative\openfiles.exe 2013-10-18 06:05:44 97D3B79F36CBD8B70F0D9BA6939D2462 391168 ----a-w- C:\Windows\Sysnative\Windows.Networking.BackgroundTransfer.dll 2013-10-18 06:05:44 93BBEFF2825AFD81651EA2D938AAFCCA 543744 ----a-w- C:\Windows\Sysnative\wwanmm.dll 2013-10-18 06:05:44 8C7D71CE2F03E8CD6F1045D9275E6E1D 74240 ----a-w- C:\Windows\Sysnative\wcmcsp.dll 2013-10-18 06:05:43 B8BF7450DC17F940DD3B1A853F62724F 888832 ----a-w- C:\Windows\Sysnative\nshwfp.dll 2013-10-18 06:05:42 DB5C9AD31E50EDC86C6072EDE1E89692 312832 ----a-w- C:\Windows\Sysnative\LocationApi.dll 2013-10-17 02:35:56 C53BA50404665A17707D9D4FD78699CB 80541720 ----a-w- C:\Windows\Sysnative\MRT.exe 2013-10-17 01:27:18 64C3C2FCFECC783279FBC51769673144 3552768 ----a-w- C:\Windows\Sysnative\tquery.dll 2013-10-17 01:27:18 57EF2DC36D34092F79CD9F7F016359F3 14267904 ----a-w- C:\Windows\Sysnative\wmp.dll 2013-10-17 01:27:16 13FC1A4A3463E9DE1EF1881E8525EB56 2107904 ----a-w- C:\Windows\Sysnative\mssrch.dll 2013-10-17 01:27:13 A05BA2FE3B3FFE1920F383E3E321D9A2 1829408 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-10-17 01:27:11 092115A536C478921DA3D24E29C06E3E 1444864 ----a-w- C:\Windows\Sysnative\MSAudDecMFT.dll 2013-10-17 01:27:10 ED40ED9A65F3E79A8C43DD50C5FDADBF 1285632 ----a-w- C:\Windows\Sysnative\schedsvc.dll 2013-10-17 01:27:10 A7FA87716A1F39BECB5CDED4F03C73F7 306952 ----a-w- C:\Windows\Sysnative\kd_02_10ec.dll 2013-10-17 01:27:09 C82794F9B5AF314F7CACA6AF758C44A0 422400 ----a-w- C:\Windows\Sysnative\schannel.dll 2013-10-17 01:27:09 9FDAA6957F04A6D1917463B7CBBEF88A 816128 ----a-w- C:\Windows\Sysnative\SearchIndexer.exe 2013-10-17 01:27:08 78DF3884149D09A3E703DDCA91BFFD84 446792 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2013-10-17 01:27:08 77DAB73F2AF988D07D72FD2DA0DC91FC 298456 ----a-w- C:\Windows\Sysnative\rsaenh.dll 2013-10-17 01:27:08 480FB2259449C49C630D4AC3EC1EB426 373760 ----a-w- C:\Windows\Sysnative\SearchProtocolHost.exe 2013-10-17 01:27:07 A6D52417607B399790678AFB2B44CDF3 172544 ----a-w- C:\Windows\Sysnative\dwmredir.dll 2013-10-17 01:27:07 7018F9EEEC3B5427046E6D761715BC54 595456 ----a-w- C:\Windows\Sysnative\Windows.Networking.dll 2013-10-17 01:27:07 6B8EDB9EC94DC2D1370C57564E853051 489576 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2013-10-17 01:27:07 58C0CA86362B32ABC87E39A99013C75A 367616 ----a-w- C:\Windows\Sysnative\conhost.exe 2013-10-17 01:27:07 38069D6F774EB0B83A9301E5698B52CA 435200 ----a-w- C:\Windows\Sysnative\mssph.dll 2013-10-17 01:27:06 AB279D4734BC508911C004F8D1011973 456704 ----a-w- C:\Windows\Sysnative\wpncore.dll 2013-10-17 01:27:06 205162CCEBA17B54C6A7788C31726E95 804352 ----a-w- C:\Windows\Sysnative\RecoveryDrive.exe 2013-10-17 01:27:06 09B2F3A41C6A8BFA22640826F70E9810 253544 ----a-w- C:\Windows\Sysnative\audiodg.exe 2013-10-17 01:27:05 F2027911CBDC096576F0F1F81C790C1B 468992 ----a-w- C:\Windows\Sysnative\MFMediaEngine.dll 2013-10-17 01:27:03 F0CFE7AA1100CDEF41ABA210C5610E85 196096 ----a-w- C:\Windows\Sysnative\dmvdsitf.dll 2013-10-17 01:27:03 5EE6D3195E6470DB22F480CCF5F5FF4A 2146304 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2013-10-17 01:27:03 365C6C6BC10201CC1080EB97A559BFC1 503080 ----a-w- C:\Windows\Sysnative\ci.dll 2013-10-17 01:27:03 0B43D0E9E00CB4F98FC62AB2FA5D96F3 231936 ----a-w- C:\Windows\Sysnative\fhengine.dll 2013-10-17 01:27:02 BCD7A47EF587DC00DD61D12D9C2D1E44 169472 ----a-w- C:\Windows\Sysnative\AudioEndpointBuilder.dll 2013-10-17 01:27:02 4C1C6E9BB02654EB38CD6DF4ACE6664B 281088 ----a-w- C:\Windows\Sysnative\mfreadwrite.dll 2013-10-17 01:27:01 61A9A710077526C9A7F068741540D96E 77960 ----a-w- C:\Windows\Sysnative\kdvm.dll 2013-10-17 01:27:01 5EAC1240B4699EC313C69FCADC5F457A 126464 ----a-w- C:\Windows\Sysnative\Robocopy.exe 2013-10-17 01:27:01 3EA778FE9D9B56E67C0783A63C4B142E 197120 ----a-w- C:\Windows\Sysnative\SearchFilterHost.exe 2013-10-17 01:27:00 5D072A59331A34C9BE621C7A55578562 210432 ----a-w- C:\Windows\Sysnative\iuilp.dll 2013-10-17 01:26:59 E8801AF63EE3DEACA29F1F5526C35F53 86280 ----a-w- C:\Windows\Sysnative\kdnet.dll 2013-10-17 01:26:59 012CFE7F0F95266F554EE3B91EE2128A 99840 ----a-w- C:\Windows\Sysnative\wscsvc.dll 2013-10-17 01:26:58 31CAB21D19D8794854E037DEAABB499C 745984 ----a-w- C:\Windows\Sysnative\mssvp.dll 2013-10-17 01:26:57 D2EFA32998014927140E40054645CA4E 414720 ----a-w- C:\Windows\Sysnative\GenuineCenter.dll 2013-10-17 01:26:57 8383D48F0A55703A613C339EF586C6AA 50176 ----a-w- C:\Windows\Sysnative\fmifs.dll 2013-10-17 01:26:55 E55A2C4497247F8CA09F1B2AAFAEDD3C 13824 ----a-w- C:\Windows\Sysnative\msshooks.dll 2013-10-17 01:26:54 3C77496ED7DB0D802427689F7E613777 96256 ----a-w- C:\Windows\Sysnative\mssprxy.dll 2013-10-17 01:26:54 0E2D8CE7A7A459256CBD5698F90D100A 65024 ----a-w- C:\Windows\Sysnative\msscntrs.dll 2013-10-17 01:24:00 D4F14AF64DC2DB6FB3FA23DA49B6050E 1131520 ----a-w- C:\Windows\Sysnative\AppXDeploymentServer.dll 2013-10-17 01:23:57 A06CB9269D29EE3D0F3F5630ABB660B8 1332736 ----a-w- C:\Windows\Sysnative\sysmain.dll 2013-10-17 01:23:56 D0C69E44BC1E1D4AD290FD84104623D8 1483776 ----a-w- C:\Windows\Sysnative\VSSVC.exe 2013-10-17 01:23:56 7ACA8A8C9180334B88C402F8FB5FC517 389120 ----a-w- C:\Windows\Sysnative\BCP47Langs.dll 2013-10-17 01:23:55 79FA9393C67EBBF92A56923592CF7A7C 470528 ----a-w- C:\Windows\Sysnative\netprofmsvc.dll 2013-10-17 01:23:53 E482BED932FFF4CA65099ED19A760574 330240 ----a-w- C:\Windows\Sysnative\stobject.dll 2013-10-17 01:23:53 BAC4C6E060303F461212DEEAD56C2B62 14848 ----a-w- C:\Windows\Sysnative\rars.rs 2013-10-17 01:23:53 43B20FC33366C5F867C9F05D03DA651F 151552 ----a-w- C:\Windows\Sysnative\netprofm.dll 2013-10-17 01:23:52 D69E38C31AE78522BCC92212863C0193 560640 ----a-w- C:\Windows\Sysnative\mfmp4srcsnk.dll 2013-10-17 01:23:52 B02E9E96AC9C0F23818FA4B1FDE914BE 708096 ----a-w- C:\Windows\Sysnative\AppXDeploymentExtensions.dll 2013-10-17 01:23:52 956F4E14D161D068F9C42AF1FD286181 169984 ----a-w- C:\Windows\Sysnative\netplwiz.dll 2013-10-17 01:23:52 8018DC4AA69B7B2159B4EBEC9833C67E 93696 ----a-w- C:\Windows\Sysnative\psmsrv.dll 2013-10-17 01:23:52 7D727992D410C8387C45D3148468B28C 812544 ----a-w- C:\Windows\Sysnative\Magnify.exe 2013-10-17 01:23:51 969A5D1871D5CCBC2D90E7A9F509F962 501760 ----a-w- C:\Windows\Sysnative\DevicePairing.dll 2013-10-17 01:23:51 3426BE7D0ED8888ACFE04BA6BB9AF83B 77824 ----a-w- C:\Windows\Sysnative\taskhost.exe 2013-10-17 01:23:50 D566F980C5932F34D226A5476C9BDE5E 419840 ----a-w- C:\Windows\Sysnative\intl.cpl 2013-10-17 01:23:50 3123FDC79AC340B60618B03D3EBE6DD3 120736 ----a-w- C:\Windows\Sysnative\AuthHost.exe 2013-10-17 01:23:49 BCB4D840095140EC137CD2C57C23615C 122368 ----a-w- C:\Windows\Sysnative\biwinrt.dll 2013-10-17 01:23:47 0899BF12B2142213630D49E645B8A507 72192 ----a-w- C:\Windows\Sysnative\taskhostex.exe 2013-10-17 01:23:47 038FA1B55531E7020DB705B42FCCE373 179712 ----a-w- C:\Windows\Sysnative\bisrv.dll 2013-10-17 01:23:45 E2D62B60E6E8C3A1902C1F312CB70C53 17408 ----a-w- C:\Windows\Sysnative\muifontsetup.dll 2013-10-17 01:23:04 E47235E8DF26CA48DA189ACFD756329C 888320 ----a-w- C:\Windows\Sysnative\autochk.exe 2013-10-17 01:23:04 46CC344A94F7C6AAE35724A5CFCB8609 542208 ----a-w- C:\Windows\Sysnative\untfs.dll 2013-10-17 01:23:02 E1FF9D65E6B86F7EBB531AE36C5AF635 1257472 ----a-w- C:\Windows\Sysnative\kernel32.dll 2013-10-17 01:22:40 6587EB86E32C49AC726817220390CFFE 1627648 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2013-10-17 01:22:37 01344DD46C95BC2A478B52AF07336F4A 5978624 ----a-w- C:\Windows\Sysnative\mstscax.dll 2013-10-17 01:22:36 110B70302AC6EC29FE013C5BB99BA559 1101824 ----a-w- C:\Windows\Sysnative\wmpmde.dll 2013-10-17 01:22:35 D608E0955BF3623B54CFA1A90FCA59FD 1149952 ----a-w- C:\Windows\Sysnative\winmde.dll 2013-10-17 01:22:35 76E6465F3153FCA20F07928BBA62D7B8 951808 ----a-w- C:\Windows\Sysnative\Windows.Globalization.dll 2013-10-17 01:22:34 6FB88606C4A71E1BFAF97D63A676C673 180224 ----a-w- C:\Windows\Sysnative\SystemEventsBrokerServer.dll 2013-10-17 01:22:34 4515B9E4140F04FB3907692DF89FCA87 171008 ----a-w- C:\Windows\Sysnative\TimeBrokerServer.dll 2013-10-17 01:22:32 D3CD3034E2292DBECCD3161DC29D8E07 455168 ----a-w- C:\Windows\Sysnative\netcfgx.dll 2013-10-17 01:22:32 BE611E28DD9AF75A6B904B55F5D6E6C3 245248 ----a-w- C:\Windows\Sysnative\usbmon.dll 2013-10-17 01:22:32 3013658A4D327854BEEC4A08D9655194 103936 ----a-w- C:\Windows\Sysnative\wpdbusenum.dll 2013-10-17 01:22:31 A6B742C6B8CF9A37E0EF470DF890F74B 703488 ----a-w- C:\Windows\Sysnative\drvstore.dll 2013-10-17 01:22:30 821D79C4602C5BF6C8183630D301638A 150016 ----a-w- C:\Windows\Sysnative\discan.dll 2013-10-17 01:22:28 F5BB165DD4C8B784E06E3F0324150E0F 156160 ----a-w- C:\Windows\Sysnative\powercfg.cpl 2013-10-17 01:22:28 25FD6AB608C7CFDEAAC24BA882AC4052 117248 ----a-w- C:\Windows\Sysnative\NdisImPlatform.dll 2013-10-17 01:22:27 50361572A98348A6E780FFE231B55D49 49152 ----a-w- C:\Windows\Sysnative\DevDispItemProvider.dll 2013-10-17 01:22:27 3A014B98C45AA8C0E4ABF2AB764F9AAC 71168 ----a-w- C:\Windows\Sysnative\WSDPrintProxy.DLL 2013-10-17 01:22:27 1F11A9A178E063B2A04C2903C4346B7F 240640 ----a-w- C:\Windows\Sysnative\fsquirt.exe 2013-10-17 01:20:13 6BDCC68E85A386414E4E028DEB768350 1314816 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2013-10-17 01:19:57 8A8DB47DDF6B2118DF4D1561CEA586B3 652288 ----a-w- C:\Windows\Sysnative\comctl32.dll 2013-10-17 01:19:56 3E57DE8477F6F851B43904B50B1816C5 1838080 ----a-w- C:\Windows\Sysnative\DWrite.dll 2013-10-17 01:19:05 67AB74C4493C123D1E32F013222DA107 2842112 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2013-10-17 01:18:53 20E0FC5F724B85CA09C82D2776E84C5E 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2013-10-17 01:18:40 8D454387D12D4DB13805F4128DE8F117 141312 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-10-17 01:18:40 3C300826241468F59D7C0244B4D8B867 1255936 ----a-w- C:\Windows\Sysnative\certutil.exe 2013-10-17 01:18:29 AFB0FFB0E349B72EB335BDE6FDFD164B 144896 ----a-w- C:\Windows\Sysnative\tssdisai.dll 2013-10-17 01:18:27 6C164DB26B40E4EC1B60AAF87C8BCA63 122880 ----a-w- C:\Windows\Sysnative\VmHostAI.dll 2013-10-17 01:18:27 6BA877DC84A42BB6EFCDD300D32DE230 126976 ----a-w- C:\Windows\Sysnative\RDWebAI.dll 2013-10-17 01:18:27 19D7C8C2186B5D0230361D7BDBA3558D 135680 ----a-w- C:\Windows\Sysnative\appserverai.dll 2013-10-17 01:18:24 13D62F90D06CDE48A5A68686F524940A 148480 ----a-w- C:\Windows\Sysnative\poqexec.exe 2013-10-17 01:18:14 86665E9EBE033CCF6A6041A025F56E6B 4040192 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-10-17 01:18:04 3E70676B18292EF37017E8895EBF9AC3 595968 ----a-w- C:\Windows\Sysnative\qedit.dll 2013-10-17 01:18:00 F026C6F104758D0EB215B017016FAE27 19252224 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-10-17 01:17:46 CCDB8FDC289AA9AFA5F8827A2ADB21AD 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-10-17 01:17:45 D383602755758FA81166B0FD8AFE6D40 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-10-17 01:17:43 199BD40B1890E1EEFF7438B59787534F 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-10-17 01:17:41 D28B35DE88D27EFB27DF4B1E8319E3C0 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-10-17 01:17:41 901D4A3CB11BE92DE65FE52C6258B5FA 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll 2013-10-17 01:17:41 882AC0DD997CFC90FBB468D698BD55C6 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-10-17 01:17:40 7B4E06047031B2AAA4AE10F00C59BFC7 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-10-17 01:17:39 214E39F0A8E382F1889B26B46DE0AF81 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-10-17 01:17:37 C4DDAC3F3062739C4C2BB759B36E005D 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-10-17 01:17:37 AD00E5D3B748150CF1A53A1ABB52E320 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll 2013-10-17 01:17:37 38BEBBC4CF9FE6566262F0037DF843BF 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-10-17 01:17:37 194125E7839D4902F2490A70049E8F78 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-10-17 01:17:36 F827BD7A09F9FCDF76AB2C3E27650E71 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-10-17 01:17:23 4DD390AE1E1AD7EE02EFBB40FFBFE353 209200 ----a-w- C:\Windows\Sysnative\NotificationUI.exe 2013-10-17 01:17:23 061A977C920FBE4BF71FF47C966DDDCA 4917760 ----a-w- C:\Windows\Sysnative\sppsvc.exe 2013-10-17 01:17:22 D4D04839F3DFAF09D94BAB1016F7A297 2371728 ----a-w- C:\Windows\Sysnative\WSService.dll 2013-10-17 01:17:22 C80BE09E09CBD2D85D95C96CD9EA839B 1164288 ----a-w- C:\Windows\Sysnative\sppobjs.dll 2013-10-17 01:17:21 C34DDB3F1082D40B9795AB7013C6E8B3 688640 ----a-w- C:\Windows\Sysnative\WSShared.dll 2013-10-17 01:17:21 C121D6818C4FD2B8572F3409D4FF556F 120320 ----a-w- C:\Windows\Sysnative\sppc.dll 2013-10-17 01:17:21 20FAFBD28EC1128955308E7ABA5E765A 368640 ----a-w- C:\Windows\Sysnative\sppwinob.dll 2013-10-17 01:17:21 0F33B2A36E50793A08C86A0DBFFD60D5 105984 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2013-10-17 01:17:20 DD9730BDD6515CE314F2EAAADFE54951 183808 ----a-w- C:\Windows\Sysnative\WSSync.dll 2013-10-17 01:17:20 A0C07056756C94FA19B231BBE58C33DF 49664 ----a-w- C:\Windows\Sysnative\wups.dll 2013-10-17 01:17:19 AA3BF5E865917912239E52E2217556CA 204800 ----a-w- C:\Windows\Sysnative\WSClient.dll 2013-10-17 01:17:19 633B9891D7C18B992CE9C6AF08DF4D05 49152 ----a-w- C:\Windows\Sysnative\wups2.dll 2013-10-17 01:17:19 00DC7D597DAA2740100B18BDD8CA8B7E 198656 ----a-w- C:\Windows\Sysnative\Windows.ApplicationModel.Store.dll 2013-10-17 01:17:17 5C1442CC4FD8628839852297C05D6EF2 81408 ----a-w- C:\Windows\Sysnative\setupcln.dll 2013-10-17 01:16:30 B6FCC2BB7D1044EA0FC4B573951BE8DC 1889280 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-10-17 01:16:29 F68F697F5B4E74217159C38FFFD37964 124416 ----a-w- C:\Windows\Sysnative\apprepapi.dll 2013-10-17 01:16:29 74466D77EE8588C04B95AE9DBC693EF8 337408 ----a-w- C:\Windows\Sysnative\wintrust.dll 2013-10-17 01:16:29 5CE2742F063731EC10C1B2EE386A2C08 68096 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-10-17 01:16:28 E4E889A9CA3E8CCEE6FB5D1B4F94296F 98304 ----a-w- C:\Windows\Sysnative\apprepsync.dll 2013-10-17 01:16:13 FD16BDF463EF68ADD48026ACCEA100B8 362496 ----a-w- C:\Windows\Sysnative\atmfd.dll 2013-10-17 01:16:13 469A5DCF1E51DC9AF03CE1B3B4360DEE 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2013-10-17 01:15:54 93CF42531671EA4E24DA842B124FA269 733184 ----a-w- C:\Windows\Sysnative\win32spl.dll 2013-10-17 01:15:03 4ECE7A1D8C2AE082CE7EF1A6C96BAE83 30720 ----a-w- C:\Windows\Sysnative\cryptdlg.dll 2013-10-17 01:14:44 5544F876B3932D3D6ED67656B28228CF 112872 ----a-w- C:\Windows\Sysnative\consent.exe 2013-10-17 01:14:44 4F750B7EFCB6520AE01E01D082D7D476 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll 2013-10-17 01:14:17 614FF3D0734222C7FCDD6BC77C2A992B 26624 ----a-w- C:\Windows\Sysnative\ReAgentc.exe 2013-10-17 01:12:58 79CAB096514C381152F4306BC87A7B29 1011200 ----a-w- C:\Windows\Sysnative\reseteng.dll 2013-10-17 01:12:57 56DA495DE9758984ADF855D4EA30D4A9 2851840 ----a-w- C:\Windows\Sysnative\esent.dll ====== C:\Windows\Sysnative\drivers ===== 2013-10-29 18:47:41 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-10-24 16:02:04 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-10-18 10:37:01 37D85E873C9531A2F88DD9C63D3F8A9E 2233688 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-18 10:36:31 E94F7A7B48C7638D1F3F8089344C97B7 151896 ----a-w- C:\Windows\Sysnative\drivers\tpm.sys 2013-10-18 10:36:31 C1646A95EAC515F60CDB2A7A8A013C1E 465240 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys 2013-10-18 10:36:30 07C872F13ACC81A5F10DEC6CF37BF9A8 61784 ----a-w- C:\Windows\Sysnative\drivers\crashdmp.sys 2013-10-18 06:11:23 78A5BBA3819FFFC62FFEC3E2220D102D 327936 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2013-10-18 06:11:18 6695200F455E251F0BCC9CE4D0978D59 37632 ----a-w- C:\Windows\Sysnative\drivers\BthAvrcpTg.sys 2013-10-18 06:11:07 A10E176F3B2BF83EDE7B5C4658C93B66 997632 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2013-10-18 06:05:46 09039F3D5A23483010AA6F5FE388F3C4 327512 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2013-10-18 06:05:45 FC2B8B06BDBD3B6457F5A3DA9AD2410E 120144 ----a-w- C:\Windows\Sysnative\drivers\msgpioclx.sys 2013-10-18 06:05:45 F58B030A0664385C707B8C1C63682041 195416 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2013-10-18 06:05:45 DD7B107B2BB3EE845F57315EF4ECAC9A 125784 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2013-10-18 06:05:45 630555943E5A3FE21010CE91EC7FC84F 341504 ----a-w- C:\Windows\Sysnative\drivers\HdAudio.sys 2013-10-18 06:05:44 BFC7FE4AAEB61317A921871B4085EF4B 119040 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2013-10-18 06:05:44 3F1F31883EAC9DDDF836ACC6D1DAC36C 96512 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys 2013-10-18 06:05:43 25C50F4EDF70D0A831E0566BD181CCF2 321536 ----a-w- C:\Windows\Sysnative\drivers\udfs.sys 2013-10-17 20:37:34 F19E5E37ED8134B9E5F6287F2D3A75D7 177312 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2013-10-17 20:37:34 9D9C047446821A064AE1A5C4AED636FA 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2013-10-17 20:37:34 3DA43F1C05B62945A33EC3153327EE77 7631 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2013-10-17 03:33:21 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-10-17 01:27:09 56218A571ECF8D55E0CDFF8DF2546CF1 623104 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2013-10-17 01:27:08 61FE70659CD43E07F94DA4DC31DEC493 805376 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2013-10-17 01:27:06 14FC338B80CFF7E04215133B568D15C4 247808 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2013-10-17 01:26:59 61F6972FF9AC9A8D0B4D62076DC30051 83456 ----a-w- C:\Windows\Sysnative\drivers\wanarp.sys 2013-10-17 01:26:59 085F150D002B7F0153D3C06DDF33A143 95744 ----a-w- C:\Windows\Sysnative\drivers\hidbth.sys 2013-10-17 01:26:59 0698DEDEAD6A00AD0D468C687D830FBF 69864 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys 2013-10-17 01:26:57 3730942D7DB2F8BB5F84542B7FF6F650 60416 ----a-w- C:\Windows\Sysnative\drivers\ndproxy.sys 2013-10-17 01:23:56 CA03D642ACE58E1BA54E4B383F91CD69 427520 ----a-w- C:\Windows\Sysnative\drivers\rdbss.sys 2013-10-17 01:23:52 FD3AF5575B99871BADB94E7699DBCE08 284416 ----a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2013-10-17 01:22:33 091607B272C5E7BE2DCEF2D5463A407B 332520 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2013-10-17 01:22:32 13795CAA34239D97A7211E7F9D96E012 1175040 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys 2013-10-17 01:22:31 500BE6B2E49883720D0AE8BB859ED7A3 495336 ----a-w- C:\Windows\Sysnative\drivers\vhdmp.sys 2013-10-17 01:22:30 CCBFCABDFE2BC22F0645CEAADDB36004 156672 ----a-w- C:\Windows\Sysnative\drivers\rfcomm.sys 2013-10-17 01:22:28 B240874B2CA0CD02E8CD11E140B14C57 77544 ----a-w- C:\Windows\Sysnative\drivers\storahci.sys 2013-10-17 01:22:26 C0ADEBED913295803B579ED288936CBB 26112 ----a-w- C:\Windows\Sysnative\drivers\mouhid.sys 2013-10-17 01:22:21 EA8EAD3F5B762F889CC7F3966625B48B 30720 ----a-w- C:\Windows\Sysnative\drivers\monitor.sys 2013-10-17 01:20:39 B1E910DDC08A8536116214326124903C 447320 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2013-10-17 01:20:39 8DC398D7B8E02C929A2096E74A170970 337752 ----a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2013-10-17 01:20:39 061BA3EE0D2BE17944990544008CF190 213336 ----a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS 2013-10-17 01:20:38 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-17 01:20:38 11876881E87BACEBBCEE41A037614D48 54488 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys 2013-10-17 01:20:37 F8C2A832DF9403F5EA8080CBDBDA95FB 623448 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-10-17 01:20:37 B24FDEB1B18496F1B463782235AA3AF1 79192 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-10-17 01:20:37 9F83642C3709D1A4DD49EEE9F48F839D 21848 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-10-17 01:20:37 7CB7E04259F323D051A10515B8863564 498008 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-10-17 01:20:37 1ABF657259DB57F7E5558E4DF1357C0C 32256 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-10-17 01:20:36 C976C4306F9AE133D6BBD47FDFC3BF92 120832 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-10-17 01:20:25 5F425D842DD6ADE9F95A51A0616AFAD7 247216 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2013-10-17 01:20:24 FD47DF026B32969B8A68721A0243E8EE 36288 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2013-10-17 01:20:14 9EF7C01D3ACCBC243B5CB1A95865B2FF 210560 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys 2013-10-17 01:20:14 427B6DB8C05A5A977E8C3525370A2595 99328 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-17 01:19:43 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 1455368 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2013-10-17 01:19:04 2C2A9A4D53DC90A5195BB51F0A4B1E21 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-17 01:19:03 9FDBA6982582A6F2354144980F641E7B 25600 ----a-w- C:\Windows\Sysnative\drivers\usbprint.sys 2013-10-17 01:19:03 346DEF1A9DB0B4133CE0FA38AAF565C0 32768 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-17 01:19:03 012C354B4AB48E9A7A657DF39E3A2073 27648 ----a-w- C:\Windows\Sysnative\drivers\hidusb.sys 2013-10-17 01:18:13 36E2B5A5AC7688FFB3270F57103507D2 411880 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2013-10-17 01:17:19 FAEF4C245BE832DB41B15DAAC336AFB7 58200 ----a-w- C:\Windows\Sysnative\drivers\dam.sys 2013-10-17 01:15:55 93179D48066918323628CB016D8C94DC 370688 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2013-10-17 01:15:55 5C7DD2E5759FFCCD2C7341C1B90F2B26 215552 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2013-10-17 01:15:25 F4A91D985EB9D1D2717D538F3424603C 861184 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2013-10-09 07:52:16 894D982CEAB8CD45A56AE2C9988E86C0 20280 ----a-w- C:\Windows\Sysnative\drivers\AsHIDSwitch64.sys ====== C:\Windows\Tasks ====== 2013-10-30 09:22:32 1828040C8FA86FB4A5A508444C98BF8A 3340 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1581949785-2961269141-1088673991-1002 2013-10-30 09:04:35 74A0DAE8B1AE138C2B31CE1C36E419DD 3828 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2013-10-30 09:04:35 3A2C338287D8B5A90780FE844A6E505B 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-24 17:40:50 7DE5D7203BAE6F800E0A6620BCF451A2 3808 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2013-10-24 17:40:50 3C0E1895B4C74B84A6959CABF95B1053 1072 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-24 17:40:50 0C4186A6AB0A41A6A8E7FFAB744B0625 4044 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2013-10-24 17:40:49 A4CD5AD0B12625778D074A5D77C423C3 1068 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-18 16:10:09 5E245177CDCF2228F78F485E1FEC0B14 3600 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1581949785-2961269141-1088673991-1002 2013-10-17 03:28:37 053EFD8F84D5946DF36F0E263526CBA5 3550 ----a-w- C:\Windows\Sysnative\Tasks\CreateChoiceProcessTask 2013-10-17 00:04:26 -------- d-----w- C:\Windows\Sysnative\Tasks\WPD ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-29 21:28:12 -------- d-----w- C:\Program Files\trend micro 2013-10-27 15:09:56 -------- d-----w- C:\Program Files\Microsoft Office 2013-10-27 11:29:01 -------- d-----w- C:\Program Files\Vuze 2013-10-18 15:43:57 -------- d-----w- C:\Program Files\Nuance ======= C:\PROGRA~2 ===== 2013-10-30 10:40:37 -------- d-----w- C:\PROGRA~2\TomTom HOME 2 2013-10-30 09:31:08 -------- d-----w- C:\PROGRA~2\TomTom International B.V 2013-10-30 09:31:06 -------- d-----w- C:\PROGRA~2\MyDrive Connect 2013-10-30 09:20:32 -------- d-----w- C:\PROGRA~2\Real 2013-10-30 09:18:00 -------- d-----w- C:\PROGRA~2\PeaZip 2013-10-29 18:45:59 -------- d-----w- C:\PROGRA~2\Trend Micro 2013-10-27 15:11:55 -------- d-----w- C:\PROGRA~2\Microsoft Works 2013-10-27 15:11:28 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 2013-10-27 15:11:28 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2013-10-27 15:09:51 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 8 2013-10-27 15:01:40 -------- d-----w- C:\PROGRA~2\Audacity 2013-10-27 14:35:20 -------- d-----w- C:\PROGRA~2\Movie Maker 2.6 2013-10-27 14:20:04 -------- d-----w- C:\PROGRA~2\Ulead Systems 2013-10-27 14:17:34 -------- d-----w- C:\PROGRA~2\Corel 2013-10-27 12:01:41 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack 2013-10-27 10:39:59 -------- d-----w- C:\PROGRA~2\DVDVideoSoft 2013-10-27 10:39:59 -------- d-----w- C:\PROGRA~2\COMMON~1\DVDVideoSoft 2013-10-27 09:18:03 -------- d-----w- C:\PROGRA~2\COMMON~1\Nero 2013-10-27 08:55:02 -------- d-----w- C:\PROGRA~2\Nero 2013-10-27 08:37:51 -------- d-----w- C:\PROGRA~2\AnvSoft 2013-10-27 08:37:03 -------- d-----w- C:\PROGRA~2\glindorus 2013-10-27 08:33:19 -------- d-----w- C:\PROGRA~2\Musette 2013-10-27 08:05:50 -------- d-----w- C:\PROGRA~2\Anvil Studio 2013 2013-10-26 20:58:54 -------- d-----w- C:\PROGRA~2\MuseScore 2013-10-26 20:56:46 -------- d-----w- C:\PROGRA~2\vanBasco's Karaoke Player 2013-10-26 20:54:02 -------- d-----w- C:\PROGRA~2\Power Tab Software 2013-10-26 20:53:27 -------- d-----w- C:\PROGRA~2\Anvil Studio 2013-10-26 20:33:11 -------- d-----w- C:\PROGRA~2\Free Zip 2013-10-26 20:26:59 -------- d-----w- C:\PROGRA~2\BS_Player 2013-10-26 20:26:54 -------- d-----w- C:\PROGRA~2\Webteh 2013-10-26 20:17:42 -------- d-----w- C:\PROGRA~2\D'Accord Music Software 2013-10-26 20:13:04 -------- d-----w- C:\PROGRA~2\EasyChord 2013-10-26 19:57:48 -------- d-----w- C:\PROGRA~2\Guitar Pro 5 2013-10-26 18:58:48 -------- d-----w- C:\PROGRA~2\Speed Analysis 3 2013-10-26 17:49:40 -------- d-----w- C:\PROGRA~2\VideoDownloadConverter 2013-10-26 17:49:34 -------- d-----w- C:\PROGRA~2\VideoDownloadConverter_4z Chrome Extension 2013-10-26 17:38:44 -------- d-----w- C:\PROGRA~2\Movies Toolbar 2013-10-26 17:10:19 -------- d-----w- C:\PROGRA~2\Sony 2013-10-26 15:50:13 -------- d-----w- C:\PROGRA~2\PowerTracks DirectX Plugins 2013-10-24 19:31:33 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2013-10-24 18:06:11 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2013-10-24 17:40:48 -------- d-----w- C:\PROGRA~2\Google 2013-10-18 15:47:30 -------- d-----w- C:\PROGRA~2\Browny02 2013-10-18 15:47:26 -------- d-----w- C:\PROGRA~2\ControlCenter4 2013-10-18 15:47:04 -------- d-----w- C:\PROGRA~2\Brother 2013-10-18 15:42:37 -------- d-----w- C:\PROGRA~2\COMMON~1\ScanSoft Shared 2013-10-18 15:42:36 -------- d-----w- C:\PROGRA~2\Nuance 2013-10-18 15:41:18 -------- d-----w- C:\PROGRA~2\MSXML 4.0 2013-09-30 15:53:12 8046 ----a-w- C:\PROGRA~2\COMMON~1\setupBanner.jpg 2013-09-30 15:53:10 37607 ----a-w- C:\PROGRA~2\COMMON~1\license.rtf ======= C: ===== ====== C:\Users\Johan VC\AppData\Roaming ====== 2013-10-30 10:41:27 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\TomTom 2013-10-30 10:39:28 -------- d-----w- C:\Users\Johan VC\AppData\Local\Downloaded Installations 2013-10-30 09:31:10 -------- d-----w- C:\Users\Johan VC\AppData\Local\TomTom 2013-10-30 09:20:16 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Real 2013-10-30 09:19:21 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\AVG 2013-10-30 09:18:34 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\PeaZip 2013-10-29 19:57:16 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Media Player Classic 2013-10-29 19:08:11 -------- d-----w- C:\Users\Johan VC\AppData\Local\ElevatedDiagnostics 2013-10-29 19:02:21 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2013-10-29 19:02:21 -------- d-----w- C:\Users\Public\AppData\Local\temp 2013-10-29 19:02:21 -------- d-----w- C:\Users\Default\AppData\Local\temp 2013-10-29 19:02:21 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2013-10-27 15:19:15 87C8545A016EDF0B8A194CD1EBE0ED99 141280 ----a-w- C:\Users\Johan VC\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-27 15:11:58 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2013-10-27 15:11:58 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2013-10-27 15:09:32 -------- d-----w- C:\Users\Johan VC\AppData\Local\Microsoft Help 2013-10-27 14:32:17 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\CyberLink 2013-10-27 14:23:51 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Corel 2013-10-27 13:40:16 -------- d-----w- C:\Users\Johan VC\AppData\Local\Windows Live 2013-10-27 11:29:04 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Azureus 2013-10-27 10:39:59 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\DVDVideoSoft 2013-10-27 09:35:56 -------- d-----w- C:\Users\Johan VC\AppData\Local\Nero 2013-10-27 09:03:33 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Nero 2013-10-27 09:00:04 -------- d-----w- C:\Users\Johan VC\AppData\Local\Ahead 2013-10-27 08:38:09 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\AnvSoft 2013-10-27 08:37:15 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2013-10-27 08:37:04 -------- d-----w- C:\Users\Johan VC\AppData\Local\Programs 2013-10-27 08:06:21 -------- d-----w- C:\Users\Johan VC\AppData\Local\Anvil Studio 2013-10-27 08:04:29 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Anvil Studio 2013-10-26 20:59:00 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\MusE 2013-10-26 20:58:59 -------- d-----w- C:\Users\Johan VC\AppData\Local\MusE 2013-10-26 20:56:46 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player 2013-10-26 20:54:02 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software 2013-10-26 20:27:11 -------- d-----w- C:\Users\Johan VC\AppData\Locallow\BS_Player 2013-10-26 20:26:59 -------- d-----w- C:\Users\Johan VC\AppData\Locallow\Temp 2013-10-26 20:26:54 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\BSplayer Pro 2013-10-26 20:26:54 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\BSplayer 2013-10-26 20:13:04 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EasyChord 2013-10-26 17:29:02 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Sony Corporation 2013-10-26 17:20:04 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Identities 2013-10-25 16:50:20 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\WildTangent 2013-10-24 19:31:40 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Mozilla 2013-10-24 19:31:40 -------- d-----w- C:\Users\Johan VC\AppData\Local\Mozilla 2013-10-24 19:23:04 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Zeon 2013-10-24 17:46:00 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google 2013-10-24 17:40:36 -------- d-----w- C:\Users\Johan VC\AppData\Local\Google 2013-10-24 17:40:23 -------- d-----w- C:\Users\Johan VC\AppData\Local\Apps 2013-10-24 17:40:22 -------- d-----w- C:\Users\Johan VC\AppData\Local\Deployment 2013-10-24 16:08:48 -------- d-----w- C:\Users\Johan VC\AppData\Locallow\Adobe 2013-10-24 16:08:48 -------- d-----w- C:\Users\Johan VC\AppData\Local\Adobe 2013-10-18 15:55:42 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\ControlCenter4 2013-10-18 15:55:35 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\FLEXnet 2013-10-18 15:44:13 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\InstallShield 2013-10-18 15:43:16 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Nuance 2013-10-17 00:56:10 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2013-10-17 00:07:29 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2013-10-17 00:06:28 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2013-10-17 00:04:42 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\ASUS WebStorage 2013-10-17 00:04:17 -------- d-----r- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-17 00:04:17 -------- d-----r- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-10-17 00:03:32 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Adobe 2013-10-17 00:03:11 0E2EFF2A12E9B12FF9F1D9B71C7A85AD 62 ----a-w- C:\Users\Johan VC\AppData\Roaming\sp_data.sys 2013-10-17 00:02:34 -------- d-----w- C:\Users\Johan VC\AppData\Local\VirtualStore 2013-10-17 00:02:30 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages 2013-10-17 00:02:19 -------- d-s---w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2013-10-17 00:02:18 -------- d-s---w- C:\Users\Johan VC\AppData\Locallow\Microsoft 2013-10-17 00:02:18 -------- d-----w- C:\Users\Johan VC\AppData\Local\Packages 2013-10-17 00:02:17 -------- d-----w- C:\Users\Johan VC\AppData\Local\ASUS 2013-10-17 00:02:13 -------- d-s---w- C:\Users\Johan VC\AppData\Roaming\Microsoft 2013-10-17 00:02:13 -------- d-----w- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-17 00:02:13 -------- d-----w- C:\Users\Johan VC\AppData\Local\Temp 2013-10-17 00:02:13 -------- d-----w- C:\Users\Johan VC\AppData\Local\Microsoft 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility ====== C:\Users\Johan VC ====== 2013-10-30 09:31:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2013-10-30 09:30:34 D4CA0A3F316DB3FC5FD99FA0FA25F362 30992256 ----a-w- C:\Users\Johan VC\Downloads\TomTomHOME2winlatest.exe 2013-10-30 09:29:17 3026EAB538DB55EC4285A5D8D4D403CC 7923696 ----a-w- C:\Users\Johan VC\Downloads\InstallMyDriveConnect.exe 2013-10-30 09:19:55 -------- d-----w- C:\ProgramData\Real 2013-10-30 09:18:18 -------- d-----w- C:\ProgramData\AVG 2013-10-30 09:18:16 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2013-10-30 09:18:16 -------- d--h--w- C:\ProgramData\Common Files 2013-10-30 09:18:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip 2013-10-30 09:15:45 F1CACFF896E8C73BEB1D8B5CFCD751AF 5334897 ----a-w- C:\Users\Johan VC\Downloads\peazip-4.9.WINDOWS.exe 2013-10-29 21:26:01 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Johan VC\Downloads\RSITx64.exe 2013-10-29 19:02:21 -------- d-----w- C:\Users\Public\AppData 2013-10-29 18:46:25 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Johan VC\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-29 18:43:43 ED07701741D2C6FA1A747705C51B5F0E 1253744 ----a-w- C:\Users\Johan VC\Downloads\jZipSetup-r231-n-bf.exe 2013-10-29 18:35:33 76B1717148C114D3A47147B1A5CCFFEA 4379048 ----a-w- C:\Users\Johan VC\Downloads\ccsetup407 (1).exe 2013-10-29 18:35:15 76B1717148C114D3A47147B1A5CCFFEA 4379048 ----a-w- C:\Users\Johan VC\Downloads\ccsetup407.exe 2013-10-27 15:12:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013-10-27 15:09:32 -------- d-----w- C:\ProgramData\Microsoft Help 2013-10-27 14:32:47 -------- d-----w- C:\Users\Public\CyberLink 2013-10-27 14:32:17 -------- d-----w- C:\ProgramData\CyberLink 2013-10-27 14:21:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW 9 2013-10-27 14:20:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Photo Express 3.0 SE 2013-10-27 12:01:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2013-10-27 11:59:29 ACD7883B75AAEC7E868020395F1E0442 26348089 ----a-w- C:\Users\Johan VC\Desktop\K-Lite_Codec_Pack_1000_Full.exe 2013-10-27 11:29:29 -------- d-----w- C:\Users\Johan VC\.swt 2013-10-27 10:40:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2013-10-27 10:37:57 11A4EE30DA794F9C3FA8FF207E148991 30607224 ----a-w- C:\Users\Johan VC\Downloads\FreeYouTubeDownload_v3.2.14.1022.exe 2013-10-27 10:25:55 E5AA31726D70CC4065E80C3A5F3E92F6 35631456 ----a-w- C:\Users\Johan VC\Downloads\avc-free.exe 2013-10-27 09:19:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8 2013-10-27 09:18:44 B4546C97A1042A643C16D13E73BAF555 1024 ----a-w- C:\Users\Johan VC\.rnd 2013-10-27 08:55:02 -------- d-----w- C:\ProgramData\Nero 2013-10-27 08:37:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft 2013-10-27 08:05:39 5AF8DFC94CD1A086506A7DA30B35CC15 439360 ----a-w- C:\Users\Johan VC\Downloads\setup.exe 2013-10-27 08:05:21 4445E93E3470A69C7A6C196504D55C36 3029096 ----a-w- C:\Users\Johan VC\Downloads\astU.exe 2013-10-27 07:50:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2013-10-27 07:49:26 5A43DA95B74563AE57884ED5C4543885 10511384 ----a-w- C:\Users\Johan VC\Downloads\bsplayer_installer.exe 2013-10-27 07:42:36 AA79971EECBC0FEBCCF78C4B58584E18 1110104 ----a-w- C:\Users\Johan VC\Downloads\bsplayer266.1075.exe 2013-10-26 20:33:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Zip 2013-10-26 20:31:59 50000F04ED636C7E09FED652D3522D5E 166544 ----a-w- C:\Users\Johan VC\Downloads\FreeZipSetup.exe 2013-10-26 20:17:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D'Accord Dictionary 2013-10-26 20:13:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyChord 2013-10-26 19:57:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5 2013-10-26 19:43:14 011035BD25758D2D7E6C8A20ED25ABD0 616960 ----a-w- C:\Users\Johan VC\Desktop\sgcfinder.exe 2013-10-26 18:58:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-26 17:10:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Picture Utility 2013-10-26 17:09:25 -------- d-----w- C:\ProgramData\Sony Corporation 2013-10-26 15:50:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Band-in-a-Box 2013-10-24 19:31:33 -------- d-----w- C:\ProgramData\Mozilla 2013-10-24 17:41:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-10-18 15:52:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2013-10-18 15:47:30 -------- d-----w- C:\ProgramData\ControlCenter4 2013-10-18 15:43:35 -------- d-----w- C:\ProgramData\zeon 2013-10-18 15:43:12 -------- d-----w- C:\ProgramData\ScanSoft 2013-10-18 15:43:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12 2013-10-18 15:42:36 -------- d-----w- C:\ProgramData\Nuance 2013-10-18 15:42:36 -------- d-----w- C:\ProgramData\FLEXnet 2013-10-18 15:41:05 -------- d-----w- C:\ProgramData\Brother 2013-10-17 00:04:17 -------- d-----r- C:\Users\Johan VC\Searches 2013-10-17 00:04:17 -------- d-----r- C:\Users\Johan VC\Contacts 2013-10-17 00:02:13 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Johan VC\ntuser.ini 2013-10-17 00:02:13 -------- d--h--w- C:\Users\Johan VC\AppData 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Videos 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Saved Games 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Pictures 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Music 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Links 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Favorites 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Downloads 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Documents 2013-10-17 00:02:13 -------- d-----r- C:\Users\Johan VC\Desktop 2013-10-16 23:57:28 -------- d--h--r- C:\Users\Public\AccountPictures ====== C: exe-files == 2013-10-30 09:18:00 FFA637ABD482B5E7D3FB75182F43F080 293888 ----a-w- C:\Program Files (x86)\PeaZip\res\upx\upx.exe 2013-10-30 09:18:00 FC71CDDB52376EC27758B425F3618EC2 55296 ----a-w- C:\Program Files (x86)\PeaZip\res\paq\paq8o.exe 2013-10-30 09:18:00 FB54AEEDCC7F2FF15751E341B578B7F3 29184 ----a-w- C:\Program Files (x86)\PeaZip\res\lpaq\lpaq8.exe 2013-10-30 09:18:00 EDF923A3F1BEA813598E4B829A07865F 3523584 ----a-w- C:\Program Files (x86)\PeaZip\res\arc\Arc.exe 2013-10-30 09:18:00 DC6D393717DA2F4E509B8F9C247B5BE8 745246 ----a-w- C:\Program Files (x86)\PeaZip\unins000.exe 2013-10-30 09:18:00 C3A0A8F0A0DE45647E8CED973B7D9A9C 131584 ----a-w- C:\Program Files (x86)\PeaZip\res\upx\strip.exe 2013-10-30 09:18:00 BD05CB663F216906876C3DD0761BE8F3 2398720 ----a-w- C:\Program Files (x86)\PeaZip\res\pealauncher.exe 2013-10-30 09:18:00 A1EFCEDC97C76B356F7FFA7CF909D733 168448 ----a-w- C:\Program Files (x86)\PeaZip\res\7z\7z.exe 2013-10-30 09:18:00 8B46F3EE336568AEF842B99F8DBD0C0A 366703 ----a-w- C:\Program Files (x86)\PeaZip\res\peazip-configuration.exe 2013-10-30 09:18:00 89AA8384BE6BAA3C3FC8F292897C0E6B 5387776 ----a-w- C:\Program Files (x86)\PeaZip\peazip.exe 2013-10-30 09:18:00 55EAF3411DA397E0237F8B2C741FF75E 65536 ----a-w- C:\Program Files (x86)\PeaZip\res\quad\quad.exe 2013-10-30 09:18:00 349DA8809D1DA989E3EC370B6DA4BF64 86016 ----a-w- C:\Program Files (x86)\PeaZip\res\quad\balz.exe 2013-10-30 09:18:00 2844E5F5C038F6E142F49A69670FB35F 123904 ----a-w- C:\Program Files (x86)\PeaZip\res\zpaq\zpaq.exe 2013-10-30 09:18:00 0B89C75EA212318B2BC0AE35AEDD4AF5 2539008 ----a-w- C:\Program Files (x86)\PeaZip\res\pea.exe 2013-10-29 21:28:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Johan VC.exe 2013-10-27 15:01:40 96B79209AE30521D82B753BA554D67E8 674074 ----a-w- C:\Program Files (x86)\Audacity\unins000.exe 2013-10-27 15:01:40 7D821FF8789BF6F5CB1ED8755E647770 5296128 ----a-w- C:\Program Files (x86)\Audacity\audacity.exe 2013-10-27 14:21:29 36F380015D3A9819688177AE5D49A458 516096 ------w- C:\Program Files (x86)\Corel\Graphics9\Programs\printwiz.exe 2013-10-27 14:21:20 9E501F07C0CA088E7C47EB9BB190160E 6324224 ------w- C:\Program Files (x86)\Corel\Graphics9\Programs\trace.exe 2013-10-27 14:21:10 24CC546732FFF87024797B5D17885FA3 1536000 ------w- C:\Program Files (x86)\Corel\Graphics9\Programs\capture.exe 2013-10-27 14:20:39 126644B9B50A32A66B26870CCAD6EA63 57344 ----a-w- C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\olreg.exe 2013-10-27 14:20:36 59285B51F5D5D330E612BEBE830260B6 10072064 ------w- C:\Program Files (x86)\Corel\Graphics9\Programs\photopnt.exe 2013-10-27 14:20:33 8E18463950275ABB7185E022B6971D22 61440 ----a-w- C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\calcheck.exe 2013-10-27 14:20:31 D011DB647083CEA5B72F4FB0395EA48B 4528 ----a-w- C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\SETBROWS.EXE 2013-10-27 14:20:31 3F423E9C3CC9544AC680DFB52B141293 28672 ----a-w- C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\AutoLoad.exe 2013-10-27 14:20:19 CEBA82CB556D4F4460B16E4EABECAC59 32768 ----a-w- C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\pepack.exe 2013-10-27 14:20:12 C9EF48E583076496091FEADF422C968A 2932736 ----a-w- C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\ipe30.exe 2013-10-27 14:19:14 986ED08F0A1E47F34EA3D908361E8E55 8933376 ------w- C:\Program Files (x86)\Corel\Graphics9\Filters\CdrConv.exe 2013-10-27 14:18:51 A5CF2ED8CE140D521BA49AB99B2E5B9E 13819904 ------w- C:\Program Files (x86)\Corel\Graphics9\Programs\coreldrw.exe 2013-10-27 14:18:38 37EE6CF926BCB441BFA81D022B71C507 67584 ------w- C:\Program Files (x86)\Corel\Graphics9\Register\Remind32.exe 2013-10-27 14:18:37 5FCAA73D1CDF238228DF8EA8EA2D5271 155136 ------w- C:\Program Files (x86)\Corel\Graphics9\Register\Itp32.exe 2013-10-27 14:18:33 C20392EE4B21A864920F94E2FF0951A2 155648 ------w- C:\Program Files (x86)\Corel\Shared\Writing Tools\9.0\wt9sptlNL.exe 2013-10-27 14:18:19 8AC4EEA786BD82E068AB38ABA05D3068 143360 ------w- C:\Program Files (x86)\Corel\Graphics9\Programs\WebWlc.exe 2013-10-27 12:01:44 84551CD8625713FEEDFEBC769562A67D 443392 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x64.exe 2013-10-27 12:01:44 567BEFCC4CAF8EE4C1F68DED96562727 301056 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x86.exe 2013-10-27 12:01:43 AD937F57725167E2D5D7BE534FEED706 1048576 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe 2013-10-27 12:01:43 91B71F9EE2C31BF790983ADE4FCF7959 3856896 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe 2013-10-27 12:01:43 906DE000663DE560CC4DA1A02F70F3AF 5083648 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe 2013-10-27 12:01:43 18EB6EA1863F9F55E423DA4CAAD390AE 2668920 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Filters\madVR\madHcCtrl.exe 2013-10-27 12:01:41 8EB5CB60390C1FEAD4EE674D466BBDAD 1324115 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe 2013-10-27 12:01:41 29CD1D8A7ABBC8EEB424758E357450C0 1163776 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe 2013-10-27 12:01:41 12782AF8AF1B72007033F9AEAD33510D 4333568 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe 2013-10-27 11:29:11 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files\Vuze\.install4j\user\mism.exe 2013-10-27 11:29:11 4928BE2B3316CADB3ADA19200A690D49 252448 ----a-w- C:\Program Files\Vuze\uninstall.exe 2013-10-27 11:29:11 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Program Files\Vuze\.install4j\i4jdel.exe 2013-10-27 11:29:05 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files\Vuze\VuzeFW.exe 2013-10-27 11:29:04 EFBDC1AA81E76C1D7A81904921D81A9C 346568 ----a-w- C:\Program Files\Vuze\AzureusUpdater.exe 2013-10-27 11:29:03 A6DBD8280B1421C60089552C76635653 346568 ----a-w- C:\Program Files\Vuze\Azureus.exe 2013-10-27 11:29:01 F6F00D2AD33751FEF0FD7BB90814D977 39344 ----a-w- C:\Program Files\Vuze\jre\bin\java-rmi.exe 2013-10-27 11:29:01 EA254039F236A5BDB1FCB7C89C4D8F7E 40368 ----a-w- C:\Program Files\Vuze\jre\bin\rmid.exe 2013-10-27 11:29:01 E23B433EF6EAB7E82E92671A0B9554BB 40368 ----a-w- C:\Program Files\Vuze\jre\bin\tnameserv.exe 2013-10-27 11:29:01 E0B4D5D91C08C020016585168CBE72D1 40368 ----a-w- C:\Program Files\Vuze\jre\bin\orbd.exe 2013-10-27 11:29:01 D949E5B2BA55956A461CD672BE6DC145 40368 ----a-w- C:\Program Files\Vuze\jre\bin\pack200.exe 2013-10-27 11:29:01 B40593EE6FDF73556E7A18B25916DDCB 40368 ----a-w- C:\Program Files\Vuze\jre\bin\kinit.exe 2013-10-27 11:29:01 AD9F9869C22CF83C44C040C684537F09 156080 ----a-w- C:\Program Files\Vuze\jre\bin\unpack200.exe 2013-10-27 11:29:01 A7113F5DC40D207BFD2992FA4C1A8C39 51632 ----a-w- C:\Program Files\Vuze\jre\bin\javacpl.exe 2013-10-27 11:29:01 A4C5400593FA41421AB6FB1C856E5D21 40368 ----a-w- C:\Program Files\Vuze\jre\bin\rmiregistry.exe 2013-10-27 11:29:01 9E976839FE2094478C8407B9F7A02420 40368 ----a-w- C:\Program Files\Vuze\jre\bin\policytool.exe 2013-10-27 11:29:01 83E53E7544A332A40479A823C67998DB 172976 ----a-w- C:\Program Files\Vuze\jre\bin\javaw.exe 2013-10-27 11:29:01 80E30B66F3794DEBD47337CAF27E35A6 40368 ----a-w- C:\Program Files\Vuze\jre\bin\keytool.exe 2013-10-27 11:29:01 8054701B105FC555AB1C7B34491697D0 40368 ----a-w- C:\Program Files\Vuze\jre\bin\klist.exe 2013-10-27 11:29:01 7D21A2CD24E24BB9164F8CA236F0B0F3 40368 ----a-w- C:\Program Files\Vuze\jre\bin\ktab.exe 2013-10-27 11:29:01 380CD35D85E580FD88C0D1A999BE13E7 172976 ----a-w- C:\Program Files\Vuze\jre\bin\java.exe 2013-10-27 11:29:01 376AB85D04FB1EB8C66EF545637F77C6 22960 ----a-w- C:\Program Files\Vuze\jre\bin\jp2launcher.exe 2013-10-27 11:29:01 1E2378C754E71C078D824EB1BE94C86E 40368 ----a-w- C:\Program Files\Vuze\jre\bin\servertool.exe 2013-10-27 11:29:01 1D648D0A1D64682BE5F99087CF704C31 22448 ----a-w- C:\Program Files\Vuze\jre\bin\ssvagent.exe 2013-10-27 11:29:01 098F9A1F89BD6D6E342531630FA80221 93104 ----a-w- C:\Program Files\Vuze\jre\bin\jbroker.exe 2013-10-27 10:40:07 DD65B5174A3951EB975B41AE58A1A333 83000 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\ytgroovlc.exe 2013-10-27 10:40:07 92BF3F242033D6AAE172119DA3BB8852 2599992 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe 2013-10-27 10:40:06 FE2816BADDB3851F59568A831CF7540D 6468376 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 2013-10-27 10:40:05 F330AEEF34F027B875352BC48D5BD187 285240 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe 2013-10-27 10:40:04 E7CA82FC1BB6A935E1CC1F7AE7A72083 243256 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dvsservice.exe 2013-10-27 10:40:00 E93015536118B268ADC534739F4284C4 305320 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe 2013-10-27 10:39:59 11E8B615D016F8DDC24107D0BDA998CA 1176240 ----a-w- C:\Program Files (x86)\DVDVideoSoft\unins000.exe 2013-10-27 10:26:57 7C9FD421D420ECA27D43237F0569BAC4 777137 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\genisoimage\genisoimage.exe 2013-10-27 10:26:55 E00DDE221088882CB62102036E785A3E 247175 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\mpeg2enc.exe 2013-10-27 10:26:55 A701286880A6803A5EAC49DCA852DD6F 226816 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\tsMuxeR.exe 2013-10-27 10:26:55 A1B2F19F552160C0A32C18A5B91C31BE 255437 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\mplex.exe 2013-10-27 10:26:55 97AEC949402587183485ACA07E562A9E 19505678 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\avc\mplayer.exe 2013-10-27 10:26:55 9174800DAA19F6D7DD35D3E0EC467D0E 32148 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\qt-faststart.exe 2013-10-27 10:26:55 8DDDA00BF809C2EE574EBA59CD98212E 488744 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\mp4creator.exe 2013-10-27 10:26:55 61F324A54B7407E2563FCC03AB3A402B 89088 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\spumux.exe 2013-10-27 10:26:55 43A13E3A323ED8B95E2FED789BB26C18 13824 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\mpeg2desc.exe 2013-10-27 10:26:55 24690476ED56CC7DEFEB4C7808D12A0E 20480 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\spuunmux.exe 2013-10-27 10:26:55 02ED66B5B82700E2A610A9107E97B52F 166400 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\MP4Box.exe 2013-10-27 10:26:54 BB7695B2D559CABD02E15FA4C8631B5D 1255184 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe 2013-10-27 10:26:54 5FD9B90318F2765E31796C086088AB8D 12724736 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\ffmpeg.exe 2013-10-27 10:26:54 0B3D2BA6A8414373A36FCBB843820A3F 113664 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\gnu\dvdauthor.exe 2013-10-27 10:26:54 0A30A6D25C297B9ED67E9E6253A8C54B 1186128 ----a-w- C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe 2013-10-27 08:37:52 E00DDE221088882CB62102036E785A3E 247175 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\mpeg2enc.exe 2013-10-27 08:37:52 A701286880A6803A5EAC49DCA852DD6F 226816 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\tsMuxeR.exe 2013-10-27 08:37:52 A1B2F19F552160C0A32C18A5B91C31BE 255437 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\mplex.exe 2013-10-27 08:37:52 9174800DAA19F6D7DD35D3E0EC467D0E 32148 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\qt-faststart.exe 2013-10-27 08:37:52 8DDDA00BF809C2EE574EBA59CD98212E 488744 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\mp4creator.exe 2013-10-27 08:37:52 7C9FD421D420ECA27D43237F0569BAC4 777137 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\genisoimage\genisoimage.exe 2013-10-27 08:37:52 61F324A54B7407E2563FCC03AB3A402B 89088 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\spumux.exe 2013-10-27 08:37:52 43A13E3A323ED8B95E2FED789BB26C18 13824 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\mpeg2desc.exe 2013-10-27 08:37:52 24690476ED56CC7DEFEB4C7808D12A0E 20480 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\spuunmux.exe 2013-10-27 08:37:52 02ED66B5B82700E2A610A9107E97B52F 166400 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\MP4Box.exe 2013-10-27 08:37:51 862C2B75B223E3E8AAFEB20FE882A602 162816 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\adb.exe 2013-10-27 08:37:51 412CA3C69A5AB89FA4823B91F5E13F7B 824832 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\aapt.exe 2013-10-27 08:37:51 3E28038EC6C7CAAA09CA85DCA4998972 1187664 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\unins000.exe 2013-10-27 08:37:51 299A3486FCE74C5C28E7000617173554 655120 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\AAConverter.exe 2013-10-27 08:37:51 0B3D2BA6A8414373A36FCBB843820A3F 113664 ----a-w- C:\Program Files (x86)\AnvSoft\Any Audio Converter\gnu\dvdauthor.exe 2013-10-27 08:33:19 D200CD15B32E67A5BD90F12EBF17CE10 695578 ----a-w- C:\Program Files (x86)\Musette\unins000.exe 2013-10-27 08:33:19 35588CE9FCDB5CC913F2D1531A9AF849 914944 ----a-w- C:\Program Files (x86)\Musette\musette.exe 2013-10-26 20:58:54 57F62E5D5D1C525B2C3F5FEF671C6959 97979 ----a-w- C:\Program Files (x86)\MuseScore\Uninstall.exe 2013-10-26 20:33:12 B6A40AC93155EC0A6FFDFCF39607CF78 58785 ----a-w- C:\Program Files (x86)\Free Zip\Uninstall.exe 2013-10-26 20:26:59 A320DF2B47CFCAF98D06EB59CD72084C 38496 ----a-w- C:\Program Files (x86)\BS_Player\BS_PlayerToolbarHelper.exe 2013-10-26 20:26:59 973567B98CDFC147DF4E60471D9DF072 153088 ----a-w- C:\Program Files (x86)\BS_Player\UNWISE.EXE 2013-10-26 20:17:42 1D0B144BA2364C4F82552A49D2E30C46 1592832 ----a-w- C:\Program Files (x86)\D'Accord Music Software\D'Accord Dictionary\Dictionary.exe 2013-10-26 20:13:04 089C7B1948C9E1F3399791D865FB995E 51687 ----a-w- C:\Program Files (x86)\EasyChord\Uninstall.exe 2013-10-26 19:57:48 6831E53C1F7AAA8F5F0104E0E0CD6A9E 669002 ----a-w- C:\Program Files (x86)\Guitar Pro 5\unins000.exe 2013-10-26 19:57:48 5D562FD51A360035964BFA5895B2E3C5 6223360 ----a-w- C:\Program Files (x86)\Guitar Pro 5\GP5.exe 2013-10-26 19:57:48 4CE44AD8F45E073196F2AC2171579762 465408 ----a-w- C:\Program Files (x86)\Guitar Pro 5\GPOnline.exe 2013-10-26 18:58:52 7C3E81658E4F5E977FC8864A53A5D2D6 110368 ----a-w- C:\Program Files (x86)\Speed Analysis 3\uninst.exe 2013-10-26 18:58:48 33F8AF39349B92E41815BC8C9CD6CD51 83653 ----a-w- C:\Program Files (x86)\Speed Analysis 3\uninstall.exe 2013-10-26 17:12:12 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe 2013-10-26 17:12:08 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe 2013-10-26 17:12:01 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe 2013-10-26 17:11:53 6478B3C405797AB946A98153ACC0B77E 491520 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Shared2\SPUContentPreview.exe 2013-10-26 17:11:50 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe 2013-10-26 17:11:43 BA5AFD81084231B8C844EEB2BA004295 184320 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\DVDAuthor\SPUMPThumb.exe 2013-10-26 17:11:42 433C3653781CB655E154BF00546F0B88 1085440 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\DVDAuthor\SPUDVDAuthor.exe 2013-10-26 17:11:35 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{9225EABF-4457-403B-A82B-91614C9DDDF7}\setup.exe 2013-10-26 17:11:27 9AF67AF0079C1A5BE9CC0A2AB4EAE01D 786432 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Importer\Disc\SPUDiscImporterLauncher.exe 2013-10-26 17:11:26 6BC6E16B23D5B758E0F2B9008F06139E 970752 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Importer\Disc\SPUDiscImporter.exe 2013-10-26 17:11:25 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{E9CCEA28-3608-4078-8A07-997646E1A357}\setup.exe 2013-10-26 17:11:17 AD9C2D7E8475C0ED63F4518974F8EB82 1032192 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\VideoDiscCopier\SPUVideoDiscCopier.exe 2013-10-26 17:11:17 3E6A3A89B152F5BFF0236978F1C3686E 184320 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\VideoDiscCopier\SPUMPThumb.exe 2013-10-26 17:11:12 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{FD7FF74D-0AB5-48D6-929C-7E93A5162521}\setup.exe 2013-10-26 17:11:05 3583EDC783170FE23E93E0B5DC9665A8 626688 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\VideoTrimming\SPUVideoTrimming.exe 2013-10-26 17:11:04 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}\setup.exe 2013-10-26 17:10:59 55A13C0450F6D72FFAAA9C7FD650FE75 561152 ------w- C:\Program Files (x86)\Sony\Sony Picture Utility\Mapview\SPUMapview.exe 2013-10-26 17:10:57 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe 2013-10-26 17:10:51 AB47C234CC07AEFDC23ED3884B8A060E 270336 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Announce\SPUAnnounce.exe 2013-10-26 17:10:50 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe 2013-10-26 17:10:43 BA5AFD81084231B8C844EEB2BA004295 184320 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Importer\DCF\SPUMPThumb.exe 2013-10-26 17:10:43 46AE2B44B185268BF53FB470DE957CBE 622592 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Importer\DCF\SPUDCFImporter.exe 2013-10-26 17:10:42 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe 2013-10-26 17:10:36 A0ED14672272DBA17523FBC455255F7C 262144 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\InitTool\SPULocaleSetting.exe 2013-10-26 17:10:36 5E40C66E9F8A91D8B6DA927142962C86 143360 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\InitTool\SPUInit.exe 2013-10-26 17:10:35 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe 2013-10-26 17:10:29 C719CF278A8349FD06C17BA6C33E1C5E 344064 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe 2013-10-26 17:10:29 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe 2013-10-26 17:10:21 BA5AFD81084231B8C844EEB2BA004295 184320 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Browser\SPUMPThumb.exe 2013-10-26 17:10:20 43AC0849A1D6B99E459031A6310EB6C0 3801088 ----a-w- C:\Program Files (x86)\Sony\Sony Picture Utility\Browser\SPUBrowser.exe 2013-10-26 17:10:19 0F30B7AC2B0505ADC1E9325916365DF0 117200 ----a-r- C:\Program Files (x86)\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe 2013-10-26 17:05:43 E903505E79CED3178B296FC59C4E43D3 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe 2013-10-26 16:37:22 141C12EBC23A358F98FC746A1EE95949 685338 ----a-w- C:\bb\unins005.exe 2013-10-26 16:33:24 141C12EBC23A358F98FC746A1EE95949 685338 ----a-w- C:\bb\unins004.exe 2013-10-26 16:29:16 141C12EBC23A358F98FC746A1EE95949 685338 ----a-w- C:\bb\unins003.exe 2013-10-26 16:04:23 67F8CE29DC22F27A6AA1FC3CF95268CE 522752 ----a-w- C:\bb\Drums\Decompress.exe 2013-10-26 16:04:01 141C12EBC23A358F98FC746A1EE95949 685338 ----a-w- C:\bb\unins002.exe 2013-10-26 15:55:15 E79CAD450845D071EBB20FC000279EFA 683504 ----a-w- C:\bb\unins001.exe 2013-10-26 15:55:15 8C93182588DCCD3D16FFA2438C2902DB 8510464 ----a-w- C:\bb\bb2007_backup\17-55-15 26-10-13_bbw.exe 2013-10-26 15:49:58 4C0FB9E8947A790BA48AC898D6F5E175 1703506 ----a-w- C:\bb\bb2007_dx_plug_1_3_4_u.exe 2013-10-26 15:49:57 E41DA9E19FDF91A2E0453DA0EC039C8D 46080 ----a-w- C:\bb\vsc\VSC_Installs\vscdxi_data\Setup.exe 2013-10-26 15:49:57 3AAFEAFB35AA81BB1BEC362830244684 44928 ----a-w- C:\bb\vsc\VSC_Installs\vsc3_data\VSC55\SETUP.EXE 2013-10-26 15:49:56 1E013F8D89F59CE39C7FA9BC8BD3A166 71680 ----a-w- C:\bb\vsc\VSC_Installs\vsc3_data\Setup.exe 2013-10-26 15:49:55 858EA64CBA780424F6C6E0C49AF09E59 294400 ----a-w- C:\bb\vsc\VSC_Installs\VSC3_Setup.exe 2013-10-26 15:49:55 858EA64CBA780424F6C6E0C49AF09E59 294400 ----a-w- C:\bb\vsc\VSC_Installs\VSC-DXi_Setup.exe 2013-10-26 15:49:55 46CF8E477AC0379E8672D469D923E184 332808 ----a-w- C:\bb\vsc\VSC_Installs\vsc3_data\COM32UPD.EXE 2013-10-26 15:49:50 74E6C20A2BD07A4C5B2B67C3137D3841 2256384 ----a-w- C:\bb\Ear Training\Pitch Invasion\PitchInvasion.exe 2013-10-26 15:49:43 D8B2FD81640167C508EC095357DD1910 763392 ----a-w- C:\bb\tuner^.exe 2013-10-26 15:49:43 CA276528DF7919AB671FE8130B2FC663 399872 ----a-w- C:\bb\TitleGen.exe 2013-10-26 15:49:43 93478BB01143EB6EE62656B2EE304C2B 614400 ----a-w- C:\bb\STOMBBx.exe 2013-10-26 15:49:43 8BA8D1E72EA59F66BAE7CEA8206E3561 355584 ----a-w- C:\bb\XBMPCONV.EXE 2013-10-26 15:49:43 7A83C9097A5D2AD1E62A90156E4E988D 871936 ----a-w- C:\bb\AudioChordWizard\AudioChordWizard_BB.exe 2013-10-26 15:49:43 58E9CF7CB16BEB855A1FBAD924221577 578560 ----a-w- C:\bb\STOMBBOldx.exe 2013-10-26 15:49:43 2BCA921C1760C7FF66181F332E603C96 2472448 ----a-w- C:\bb\Ear Training\Music Replay\MusicReplay.exe 2013-10-26 15:49:42 E90C8BC6BFB65BA5FB8FF5736860085C 615936 ----a-w- C:\bb\miniburn.exe 2013-10-26 15:49:42 B4D32DAD30804A143414AD105A6CC931 36864 ----a-w- C:\bb\opsndvol.exe 2013-10-26 15:49:42 52263A7E33A9C9DEDB52EE8D604A0A8A 600576 ----a-w- C:\bb\Plugs2x.exe 2013-10-26 15:49:42 34BB696F837EAF017689E128F91CD8F9 468992 ----a-w- C:\bb\MIDIConv.exe 2013-10-26 15:49:41 EC3694051D68995B243F9D895C470405 499200 ----a-w- C:\bb\Cmpx.exe 2013-10-26 15:49:41 E04EFB82F5619297F2476D1688F49061 717824 ----a-w- C:\bb\f32.exe 2013-10-26 15:49:41 DE87937350D8B1B8552920D859D02847 729600 ----a-w- C:\bb\g32.exe 2013-10-26 15:49:41 B9394C6F7643DA664C51A5D705D2CB34 576000 ----a-w- C:\bb\Dlyx.exe 2013-10-26 15:49:41 A59F66B1DC4692B52A8355B46D291FAA 766976 ----a-w- C:\bb\DXPlugx.exe 2013-10-26 15:49:41 46E90C06DBD77814AA3EE22C561CA08B 568832 ----a-w- C:\bb\EQx.exe 2013-10-26 15:49:41 0818EEECB37ADBBC2FCAF80D4E39EFBB 457216 ----a-w- C:\bb\Gainx.exe 2013-10-26 15:49:40 8C93182588DCCD3D16FFA2438C2902DB 8510464 ----a-w- C:\bb\bbw.exe 2013-10-26 15:49:39 A1981DD79A9C99914615A88309842B04 2128722 ----a-w- C:\bb\bb2007_dx_plug_1_3_4.exe 2013-10-26 15:49:38 F8978396D4F137B22C69FF7848632960 2241024 ----a-w- C:\bb\$drums^.exe 2013-10-26 15:49:38 E79CAD450845D071EBB20FC000279EFA 683504 ----a-w- C:\bb\unins000.exe 2013-10-26 15:49:38 545E68829EFB0BF631CB52F2EFA8E729 621568 ----a-w- C:\bb\$midimon^.exe 2013-10-26 15:49:38 4EDA639AC6F9F5B9A6AE99BF18FD5B44 462080 ----a-w- C:\bb\$Aweedit.exe 2013-10-25 06:28:12 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe 2013-10-25 06:27:28 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\MSOCache\All Users\{90120000-006E-0413-0000-0000000FF1CE}-C\dwtrig20.exe 2013-10-25 06:27:27 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\MSOCache\All Users\{90120000-006E-0413-0000-0000000FF1CE}-C\DW20.EXE 2013-10-25 06:26:54 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe 2013-10-24 19:31:33 AEFBD718AF1AABE7820053650C2E2F08 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2013-10-24 19:31:33 0329A45C849C9D77901094B8FFE8BBB9 118680 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2013-10-24 17:46:00 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-24 17:46:00 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-24 17:46:00 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-24 17:46:00 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-24 17:46:00 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-24 17:46:00 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-24 17:45:59 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe 2013-10-24 17:41:03 1DB5B92E54BA5E4976995B6BE4B0BB81 34615136 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\30.0.1599.101\30.0.1599.101_chrome_installer.exe 2013-10-24 17:40:49 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe === C: other files == 2013-10-30 09:18:00 D6A2FEEAE052FB876C7C00293F4CA5AA 26 ----a-w- C:\Program Files (x86)\PeaZip\res\reset-peazip.bat 2013-10-29 19:58:31 DBFD867A512C3F9FA2C241EE3B566D46 1304128 ----a-w- C:\Users\Johan VC\AppData\Roaming\Azureus\plugins\azlocprov\azlocprov_0.1.6.3.zip 2013-10-29 19:57:52 DBFD867A512C3F9FA2C241EE3B566D46 1304128 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\azlocprov_0.1.6.3.zip 2013-10-29 19:57:47 BDA00C279F0BA25D6DAC428006620819 402763 ----a-w- C:\Users\Johan VC\AppData\Roaming\Azureus\plugins\mlab\mlab_0.1.9.zip 2013-10-29 19:57:28 BDA00C279F0BA25D6DAC428006620819 402763 ----a-w- C:\Users\Johan VC\AppData\Local\Temp\mlab-win32_0.1.9.zip 2013-10-29 18:53:07 DDBE07CD36992AF84AF1E75118E7B3FA 6232 ----a-w- C:\Qoobox\BackEnv\SetPath.bat 2013-10-29 18:47:41 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\Drivers\mbam.sys 2013-10-29 13:43:27 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Johan VC\Downloads\pchelpforum.zip 2013-10-27 14:30:57 D321F2D765E0BAED981F1BF9FD13DE34 4773468 ----a-w- C:\Users\Johan VC\Downloads\DOWNLOAD FILES 2\Portable_Movie_Maker_by_devrexster.zip 2013-10-27 11:29:44 9C0F0BDCAA73A9A4CC4B7DCAD98B618F 1294543 ----a-w- C:\Users\Johan VC\AppData\Roaming\Azureus\plugins\azlocprov\azlocprov_0.1.6.2.zip 2013-10-27 11:29:01 587B33F35B7B82F76153C1FF07790609 18242 ----a-w- C:\Program Files\Vuze\jre\lib\deploy\ffjcext.zip 2013-10-27 10:40:06 41F07D972CBAB32BF0D64393EFAAF012 454634 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx 2013-10-27 07:38:09 0E2F7F126877DE882C8A352DA9B99930 2817212 ----a-w- C:\Users\Johan VC\Downloads\bsplayer132820.zip 2013-10-26 17:12:08 E78CD3BB53A208DFAB8FC826384307E0 6097 ----a-w- C:\Windows\SysWOW64\drivers\sonyhcb.sys 2013-10-26 17:12:08 E78CD3BB53A208DFAB8FC826384307E0 6097 ----a-w- C:\Drivers\SonyUSB\sonyhcb.sys 2013-10-26 17:12:08 DFADFC2C86662F40759BF02ADD27D569 102220 ----a-w- C:\Windows\SysWOW64\drivers\sonypvs1.sys 2013-10-26 17:12:08 610F515FCD95D37F3252E1C250EF8C61 299923 ----a-w- C:\Windows\SysWOW64\drivers\sonyhcs.sys 2013-10-26 17:12:08 610F515FCD95D37F3252E1C250EF8C61 299923 ----a-w- C:\Drivers\SonyUSB\sonyhcs.sys 2013-10-26 17:12:08 55E48017295F26BA266F935DA49C59A4 38739 ----a-w- C:\Windows\SysWOW64\drivers\sonyhcc.sys 2013-10-26 17:12:08 55E48017295F26BA266F935DA49C59A4 38739 ----a-w- C:\Drivers\SonyUSB\sonyhcc.sys 2013-10-26 17:12:01 BF79E659C506674C0497CC9C61F1A165 2432 ----a-w- C:\Windows\SysWOW64\drivers\cdr4_xp.sys 2013-10-26 17:12:01 BF79E659C506674C0497CC9C61F1A165 2432 ----a-w- C:\Windows\SysWOW64\drivers\cdr4_2k.sys 2013-10-26 17:12:01 2C41CD49D82D5FD85C72D57B6CA25471 2560 ----a-w- C:\Windows\SysWOW64\drivers\cdralw2k.sys 2013-10-26 17:12:01 1962166E0CEB740704F30FA55AD3D509 36624 ----a-w- C:\Windows\SysWOW64\drivers\pxhelp20.sys 2013-10-25 15:38:57 56685951208AC81CF923B9B08BEDF3B7 169048 ----a-w- C:\Windows\System32\Drivers\NSTx64\7DD04000.00A\ccsetx64.sys 2013-10-25 06:24:49 FD12EDB629516EB36B6BD21170FD7ADD 38238413 ----a-w- C:\Users\Johan VC\Downloads\Opnamestudio\Cool Edt Pro\Cool Edit Pro 2.1 - Full working and registered\Cool Edit Pro 2.1 - Full working and registered.zip 2013-10-24 16:34:57 248C952C82DF1E23775432774CBB20F1 168096 ----a-w- C:\Windows\System32\Drivers\NSTx64\7DD03030.013\ccsetx64.sys 2013-10-24 16:09:23 80C4C1659E95296066CD0902007B6272 34532 ----a-w- C:\Users\Johan VC\AppData\LocalLow\Adobe\Acrobat\10.0\rdrmessage.zip ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [27/10/2013 11:40] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default - DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff - Zula Games - %ProfilePath%\extensions\zulagames@ZulaGames.com - Movies Toolbar Dist. by Somoto Ltd. - %ProfilePath%\extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} - BS Player ControlBar Community Toolbar - %ProfilePath%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - glindorus - %ProfilePath%\extensions\firefox@glindorus.net.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash ==== Deleted Firefox Extensions ====================== C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default\extensions\firefox@glindorus.net.xpi deleted C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default\extensions\zulagames@ZulaGames.com deleted C:\Users\Johan VC\AppData\Roaming\Mozilla\Firefox\Profiles\0y4mcfz9.default\extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaimdcedbpbcjjbbnfcbbjcngmomic - C:\Users\Johan VC\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx[] adldappccjhelkmbkpiibilgnnjakieg - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1[26/10/2013 18:49] ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files (x86)\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[] gflandjopdloblmlcoiidmncpinmmacn - C:\Users\Johan VC\AppData\Roaming\zulagames\zulagames.crx[] mbmpjbkgemhgalmeiigcdljkccfcafoj - C:\Users\Johan VC\AppData\Roaming\SpeedAnalysis3\SpeedAnalysis03.crx[] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\Exts\Chrome.crx[18/10/2012 19:57] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[21/10/2013 11:25] Movies Toolbar - Johan VC - Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic VideoDownloadConverter - Johan VC - Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg glindorus - Johan VC - Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe Google Docs - Johan VC - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Johan VC - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Johan VC - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Johan VC - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Zula Games - Johan VC - Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn Speed Analysis 3 - Johan VC - Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj DVDVideoSoft - Johan VC - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Chrome In-App Payments service - Johan VC - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Norton Identity Protection - Johan VC - Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob Gmail - Johan VC - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ammjbfijeglcdlnlnhlkdhgjnlgmpehe_0.localstorage deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ammjbfijeglcdlnlnhlkdhgjnlgmpehe_0.localstorage-journal deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT1750559" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9598E82A-7E09-4438-B425-B9E9718C3C73} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-1581949785-2961269141-1088673991-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9598E82A-7E09-4438-B425-B9E9718C3C73} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598E82A-7E09-4438-B425-B9E9718C3C73} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FAF861A6-B280-4426-8AD4-A77F677E6686} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan VC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan VC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Johan VC\AppData\Local\Mozilla\Firefox\Profiles\0y4mcfz9.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Johan VC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JOHANV~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Movies Toolbar" not found "C:\PROGRA~2\glindorus" not found ==== EOF on wo 30/10/2013 at 12:43:47,58 ======================

info.txt logfile of random's system information tool 1.09 2013-10-29 22:28:26 ======Uninstall list====== -->"C:\Program Files (x86)\VideoDownloadConverter\uninstall.exe" /u:"C:\Program Files (x86)\VideoDownloadConverter\uninstall\uninstall.xml" -->"C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\Uninstall.exe" -->C:\Program Files (x86)\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Program Files (x86)\Zula Games\uninst.exe -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x13 /cont -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9225EABF-4457-403B-A82B-91614C9DDDF7}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E9CCEA28-3608-4078-8A07-997646E1A357}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x13 -removeonly -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FD7FF74D-0AB5-48D6-929C-7E93A5162521}\setup.exe" -l0x13 -removeonly a2zLyrics-16-->C:\Program Files (x86)\a2zLyrics-16\Uninstall.exe /fromcontrolpanel=1 Adobe Reader XI - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Anvil Studio-->C:\Windows\system32\AsUninst.exe Anvil Studio-->MsiExec.exe /I{97C475F0-FAE1-4DAA-B0D7-016B7379A04A} Any Audio Converter 4.0.2-->"C:\Program Files (x86)\AnvSoft\Any Audio Converter\unins000.exe" Any Video Converter 5.0.9-->"C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe" ASUS InstantOn-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91} ASUS LifeFrame3-->MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158} ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA} ASUS Screen Saver-->MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2} ASUS Smart Gesture-->MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D} ASUS Splendid Video Enhancement Technology-->MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D} ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF} ASUS WebStorage Sync Agent-->C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} Audacity 1.2.6-->"C:\Program Files (x86)\Audacity\unins000.exe" Azteca-->"C:\Program Files (x86)\WildGames\Azteca\uninstall\uninstaller.exe" Band-in-a-Box 2007 PlusPAK-->"c:\bb\unins001.exe" Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe" Brother MFL-Pro Suite MFC-J6510DW-->"C:\Program Files (x86)\InstallShield Installation Information\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}\Setup.exe" -runfromtemp -l0x0013 UNINSTALL Reg=BHM11 -removeonly BS Player Toolbar-->C:\PROGRA~2\BS_PLA~1\UNWISE.EXE /U C:\PROGRA~2\BS_PLA~1\INSTALL.LOG BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSplayer\uninstall.exe" Bundled software uninstaller-->"C:\Users\Johan VC\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" /affid uninstall /id uninstall /name "Bundled software uninstaller" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Conduit Engine-->C:\PROGRA~2\CONDUI~1\ConduitEngineUninstall.exe Corel Applications-->C:\Windows\Corel\Uninst32.exe Cut the Rope-->"C:\Program Files (x86)\WildGames\Cut the Rope\uninstall\uninstaller.exe" D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} D'Accord Dictionary-->C:\Windows\GPInstall.exe "/UNINST=C:\Program Files (x86)\D'Accord Music Software\D'Accord Dictionary\\UnInst.log" "/APPNAME=D'Accord Dictionary" Fotogalerie-->MsiExec.exe /X{3CBD94C1-BA15-488C-888B-D8DD296CC6DC} Free YouTube Download version 3.2.14.1022-->C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe Free Zip 9.20-->"C:\Program Files (x86)\Free Zip\Uninstall.exe" Galerie de photos-->MsiExec.exe /X{446CC8CE-0E90-44F7-ADD0-774B243EF090} glindorus 1.0.0-->C:\Program Files (x86)\glindorus\glindorusuninstall.exe Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Guitar Pro 5.2-->"C:\Program Files (x86)\Guitar Pro 5\unins000.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall Intel® SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} K-Lite Codec Pack 10.0.0 Full-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" LyricsSay-16-->C:\Program Files (x86)\LyricsSay-16\Uninstall.exe /fromcontrolpanel=1 Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Office-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Movie Maker-->MsiExec.exe /X{03CC9D58-B132-4CC0-A521-4F3660AA43C7} Movie Maker-->MsiExec.exe /X{701FE1BC-834A-4857-AF62-6EBA50CFBC78} Movie Maker-->MsiExec.exe /X{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB} Movie Maker-->MsiExec.exe /X{A17946CA-18E5-4CF0-8D55-A56D804718F8} Movie Maker-->MsiExec.exe /X{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76} Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535} Movies Toolbar for Chrome (Dist. by Somoto Ltd.)-->C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\GC\uninstall.exe /UN=CR /PID=^AG1 Movies Toolbar for Firefox (Dist. by Somoto Ltd.)-->C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\FF\uninstall.exe /UN=FF /PID=^AG1 Movies Toolbar for Internet Explorer (Dist. by Somoto Ltd.)-->C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\uninstall.exe /UN=IE /PID=^AG1 Mozilla Firefox 24.0 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77} MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E} MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94} MuseScore 1.3-->C:\Program Files (x86)\MuseScore\Uninstall.exe Musette version 2.9.9-->"C:\Program Files (x86)\Musette\unins000.exe" MyBitCast 2.0-->C:\Program Files (x86)\ASUS\MyBitCast\uninst.exe Nero 8-->MsiExec.exe /X{9A5B876D-A900-4AAB-B557-DE827BE46E6C} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Norton AntiVirus-->C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\20.4.0.40\InstStub.exe /X /ARP Norton Identity Safe-->C:\Program Files (x86)\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\2013.2.0.18\InstStub.exe /X /ARP Nuance PaperPort 12-->MsiExec.exe /I{6C0A559F-8583-4B5A-8B50-20BEE15D8E64} Nuance PDF Viewer Plus-->MsiExec.exe /X{28656860-4728-433C-8AD4-D1A930437BC8} NVIDIA Grafisch stuurprogramma 311.44-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{FCB11884-31B3-42E6-BF52-55916C3DCF7B}\NVI2.DLL",UninstallPackage Display.Driver NVIDIA HD Audio Driver 1.3.18.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B007EF75-B66B-46C5-9D10-AA51465A275B}\NVI2.DLL",UninstallPackage HDAudio.Driver NVIDIA PhysX System Software 9.12.1031-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B007EF75-B66B-46C5-9D10-AA51465A275B}\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} NVIDIA Update 1.11.3-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B007EF75-B66B-46C5-9D10-AA51465A275B}\NVI2.DLL",UninstallPackage Display.Update PaperPort Image Printer 64-bit-->MsiExec.exe /X{715CAACC-579B-4831-A5F4-A83A8DE3EFE2} Peggle-->"C:\Program Files (x86)\WildGames\Peggle\uninstall\uninstaller.exe" Penguins!-->"C:\Program Files (x86)\WildGames\Penguins!\uninstall\uninstaller.exe" PG Music DirectX Plugins 1.3.4.1-->"C:\Program Files (x86)\PowerTracks DirectX Plugins\unins000.exe" Photo Common-->MsiExec.exe /X{49110532-D289-4BFF-807C-45B782E66A7C} Photo Common-->MsiExec.exe /X{4AF53C99-315D-4536-873F-029D2D274AE2} Photo Common-->MsiExec.exe /X{743FD554-A73F-4FE8-BE7B-C283D16297F9} Photo Common-->MsiExec.exe /X{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB} Photo Common-->MsiExec.exe /X{F54030F3-14B6-432D-9361-78DCB1473920} Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243} Photo Gallery-->MsiExec.exe /X{63824BC0-B747-43F3-9863-1066D64AD919} Photo Gallery-->MsiExec.exe /X{F67CA22C-C11F-4573-8406-57F75BA06B51} Power Tab Editor 1.7-->MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3} Qualcomm Atheros Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly Raccolta foto-->MsiExec.exe /X{D04EBB49-C985-4A38-8695-62000861293A} RealDrums Set 1-->"C:\bb\unins005.exe" Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0409 -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C} Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E949D8B9-24FD-4AB7-B427-FC42AA8BB2D9} Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F} Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7} Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5} Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0} Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697} Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D} Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {81352C19-97CF-4365-8EAE-205BCC9A2DC8} Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A0E1177-574A-4F26-AD24-B003699C35FA} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70} Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2C57A81A-7534-4DEE-A450-7FBE86F3200D} Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054} Sony Picture Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x13 /removeonly uninstall -removeonly Sony USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x13 UNINSTALL -removeonly Speed Analysis 3-->C:\Program Files (x86)\Speed Analysis 3\uninst.exe Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe" Ulead Photo Express 3.0 SE-->C:\Windows\IsUn0413.exe -f"C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\Uninst.isu" -c"C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\IS32Inst.dll" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2} Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656} Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {11C9B057-27FF-4BC1-82F6-DC4B15E70A2E} Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} vanBasco's Karaoke Player-->C:\Program Files (x86)\vanBasco's Karaoke Player\uninst.exe VideoDownloadConverter Toolbar Chrome Extension-->C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvertCrxSetup.A614F23C-3B66-415A-8BC3-BC93DAE5D993.exe /u mindsparktoolbarkey="VideoDownloadConverter_4z Chrome Extension" Vuze-->C:\Program Files\Vuze\uninstall.exe WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\asus\Uninstall.exe" WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe" Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170)-->C:\PROGRA~1\DIFX\0AA3FA46B9607C6D\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_536dba63d5fddbba\asustp.inf Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{690F5BA3-5DEB-42CD-962B-F687EE59FAA7} Windows Live Essentials-->MsiExec.exe /I{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C} Windows Live Essentials-->MsiExec.exe /I{B096A0E4-26A1-4E9F-8548-577964B9434B} Windows Live Essentials-->MsiExec.exe /I{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4} Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC} Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72} Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6} Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214} Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552} Windows Live UX Platform Language Pack-->MsiExec.exe /I{4AA2A466-8031-403A-8236-5301B4E391FB} Windows Live UX Platform Language Pack-->MsiExec.exe /I{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0} Windows Live UX Platform Language Pack-->MsiExec.exe /I{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3} Windows Live UX Platform Language Pack-->MsiExec.exe /I{CE542E0D-E056-4426-9F98-084C13E18641} Windows Live UX Platform Language Pack-->MsiExec.exe /I{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E} Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315} Windows Live-->MsiExec.exe /I{8D813AFF-D91D-4EE0-821F-B901FC2E89FA} Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088} WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} ======System event log====== Computer Name: WIN-NB1BNOP7BMQ Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van disabled in auto start. Record Number: 1056 Source Name: Service Control Manager Time Written: 20130708144039.692724-000 Event Type: Informatie User: Johan\Administrator Computer Name: WIN-NB1BNOP7BMQ Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van auto start in disabled. Record Number: 1055 Source Name: Service Control Manager Time Written: 20130708144038.630177-000 Event Type: Informatie User: Johan\Administrator Computer Name: WIN-NB1BNOP7BMQ Event Code: 104 Message: Logboekbestand Setup is gewist. Record Number: 1054 Source Name: Microsoft-Windows-Eventlog Time Written: 20130708144033.067431-000 Event Type: Informatie User: Johan\Administrator Computer Name: WIN-NB1BNOP7BMQ Event Code: 104 Message: Logboekbestand Application is gewist. Record Number: 1053 Source Name: Microsoft-Windows-Eventlog Time Written: 20130708144032.973676-000 Event Type: Informatie User: Johan\Administrator Computer Name: WIN-NB1BNOP7BMQ Event Code: 104 Message: Logboekbestand System is gewist. Record Number: 1052 Source Name: Microsoft-Windows-Eventlog Time Written: 20130708144032.911176-000 Event Type: Informatie User: Johan\Administrator =====Application event log===== Computer Name: WIN-NB1BNOP7BMQ Event Code: 5001 Message: Record Number: 729 Source Name: AVLogEvent Time Written: 20130708144041.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: WIN-NB1BNOP7BMQ Event Code: 6000 Message: De kennisgevingssubscriber van winlogon <SessionEnv> was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken. Record Number: 728 Source Name: Microsoft-Windows-Winlogon Time Written: 20130708144041.000000-000 Event Type: Informatie User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 1003 Message: De Windows Search-service is gestart. Record Number: 727 Source Name: Microsoft-Windows-Search Time Written: 20130708144039.000000-000 Event Type: Informatie User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 1013 Message: De Windows Search-service is normaal gestopt. Record Number: 726 Source Name: Microsoft-Windows-Search Time Written: 20130708144039.000000-000 Event Type: Informatie User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 103 Message: SearchIndexer (3708) Windows: De database-engine heeft de sessie (0) stopgezet. Dirty Shutdown: 0 Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.031, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.016, [10] 0.000, [11] 0.015, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000. Record Number: 725 Source Name: ESENT Time Written: 20130708144038.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: WIN-NB1BNOP7BMQ Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3E7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 1289 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130708144034.442478-000 Event Type: Controle geslaagd User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-NB1BNOP7BMQ$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Aanmeldingstype: 5 Imitatieniveau: Imitatie Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3E7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x2c4 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met authenticatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 1288 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130708144034.442478-000 Event Type: Controle geslaagd User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3E7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 1287 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130708144034.301845-000 Event Type: Controle geslaagd User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-NB1BNOP7BMQ$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Aanmeldingstype: 5 Imitatieniveau: Imitatie Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3E7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x2c4 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met authenticatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 1286 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130708144034.301845-000 Event Type: Controle geslaagd User: Computer Name: WIN-NB1BNOP7BMQ Event Code: 1102 Message: Het controlelogboek is gewist. Onderwerp: Beveiligings-id: S-1-5-21-1581949785-2961269141-1088673991-500 Accountnaam: Administrator Domeinnaam: WIN-NB1BNOP7BMQ Aanmeldings-id: 0x21DAE Record Number: 1285 Source Name: Microsoft-Windows-Eventlog Time Written: 20130708144033.036173-000 Event Type: Controle geslaagd User: ======Environment variables====== "FP_NO_HOST_CHECK"=NO "USERNAME"=SYSTEM "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64 "ComSpec"=%SystemRoot%\system32\cmd.exe "TMP"=%SystemRoot%\TEMP "OS"=Windows_NT "windir"=%SystemRoot% "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=3a09 "configsetroot"=%SystemRoot%\ConfigSetRoot -----------------EOF-----------------

Telkens ik op internet ga verschijnen ongevraagd andere pagina's en dergelijke op mijn scherm die me vanalles beloven of aanraden om te kopen. Hoe kan ik dit verhelpen?