Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Gebruiker on wo 26-03-2014 at 19:07:37,95. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Norman\Npm\Bin\elogsvc.exe C:\Program Files\Norman\Npm\Bin\Nvoy.exe C:\Program Files\Norman\Ngs\Bin\Nnf.exe C:\Program Files\Norman\npf\bin\npfsvc32.exe C:\Program Files\Norman\Ngs\Bin\Nprosec.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\Norman\Npm\Bin\Zanda.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Mobogenie\MgAssist.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\Microsoft\System Update kb77500\WindowsUpdater.exe C:\Program Files (x86)\Mobogenie\DaemonProcess.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Norman\Npm\Bin\scheduler.exe C:\Program Files\Norman\Npm\Bin\Njeeves.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\WindowsMobile\wmdcBase.exe C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Norman\Nse\Bin\NSESVC.EXE C:\Program Files\Norman\Nvc\bin\nhs.exe C:\Users\Gebruiker\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\MSR\Privoxy\privoxy.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== System Restore Info ====================== 26-3-2014 19:12:42 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Panda Security deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\Media Get LLC deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Pinnacle Studio Plus deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411891180} deleted successfully HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6673938-a52b-4dc6-af05-783e7e2c8b65} deleted successfully HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c6673938-a52b-4dc6-af05-783e7e2c8b65} deleted successfully HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted successfully HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Internet Explorer\SearchScopes\{696740E3-F7A6-41EA-8314-6E947EF1F95B} deleted successfully HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF3B67CD-05A2-45CB-84B7-E454A6E98037} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411891180} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411891180} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411891180} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411891180} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c6673938-a52b-4dc6-af05-783e7e2c8b65} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully ==== Installed Programs ====================== ęTorrent Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 12 Plugin Adobe Reader X (10.1.9) - Nederlands Adobe Shockwave Player 12.0 ASUS nVidia Driver AutoUpdate Brother MFL-Pro Suite DCP-J315W Citrix Authentication Manager Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) Citrix XenApp Web Plugin Cross Racing Championship 2005 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DiscAPI (Studio 10) DivX DP1819 Dropbox Efteling Tycoon Empire Earth II Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper HTC BMP USB Driver HTC Driver Installer HTC Sync Intel(R) Management Engine Components Java 7 Update 51 Java Auto Updater Java(TM) 6 Update 25 (64-bit) Java(TM) 6 Update 35 M-Downloader version 1.0.0.109 McAfee Security Scan Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Age of Empires Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Miel Monteur - Huis Op Stelten Miel Monteur verkent de Ruimte Mobogenie Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.) Mozilla Firefox 27.0.1 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) Norman Security Suite Norton Security Scan NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 266.33 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Grafisch stuurprogramma 311.06 NVIDIA HD Audio-stuurprogramma 1.1.13.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.10.0514 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components Online Plug-in PC Tools Registry Mechanic 11.1 PHOTOfunSTUDIO 8.0 SE Pinnacle Studio 15 Pinnacle videodriver QuickTime RAPID (Studio 10) Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Roblox for Gebruiker RollerCoaster Tycoon 3 Search-Results Toolbar Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Self-service Plug-in Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SmartSound Quicktracks Plugin Software Version Updater SpongeBob SquarePants - Licht uit, camera aan Studio 10 Surftastic swMSM System Update kb77500 Unity Web Player Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition V1.0 VirtualDJ Home FREE Zoo Tycoon: Complete Collection ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MgAssistService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MgAssistService deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default ---- Lines Torntv modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program ---- FireFox user.js and prefs.js backups ---- user_26-03-2014_1924_.backup prefs_26-03-2014_1924_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411891180}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "M-Downloader"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411891180}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Surftastic deleted C:\Users\Gebruiker\.android deleted C:\extensions deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\PROGRA~3\Datamngr deleted C:\Users\Gebruiker\AppData\Local\CRE deleted C:\Users\Gebruiker\AppData\Local\Mobogenie deleted C:\Users\Gebruiker\AppData\Local\cache deleted C:\Users\Gebruiker\AppData\Local\SwvUpdater deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Windows\SysNative\sasnative64.exe deleted C:\Users\Gebruiker\AppData\LocalLow\ilividtoolbargaw deleted C:\Users\Gebruiker\AppData\LocalLow\DataMngr deleted C:\windows\SysNative\tasks\AmiUpdXp deleted C:\Users\Gebruiker\Documents\Mobogenie deleted C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\ilividtoolbargaw deleted C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\jetpack deleted C:\Users\Gebruiker\Desktop\Mobogenie.lnk deleted C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\741a7541-93f4-48e9-b47a-819eb9b71948@056eeb3e-b4ad-4111-975e-4d615058413d.com deleted "C:\Windows\tasks\DP1819-codedownloader.job" deleted "C:\Windows\tasks\DP1819-enabler.job" deleted "C:\Windows\tasks\DP1819-firefoxinstaller.job" deleted "C:\Windows\tasks\DP1819-updater.job" deleted "C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\torntv@torntv.com.xpi" deleted "C:\Users\Gebruiker\daemonprocess.txt" deleted "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" deleted "C:\Program Files (x86)\Mobogenie\DCR.dll" deleted "C:\Program Files (x86)\Mobogenie\Device.dll" deleted "C:\Program Files (x86)\Mobogenie\libeay32.dll" deleted "C:\Program Files (x86)\Mobogenie\msvcp100.dll" deleted "C:\Program Files (x86)\Mobogenie\msvcr100.dll" deleted "C:\Program Files (x86)\Mobogenie\QtCore4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtGui4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtNetwork4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtSql4.dll" deleted "C:\Program Files (x86)\Mobogenie\QtWebKit4.dll" deleted "C:\Program Files (x86)\Mobogenie\ssleay32.dll" deleted "C:\PROGRA~2\Mobogenie\DaemonProcess.exe" deleted "C:\PROGRA~2\Mobogenie\DCR.dll" deleted "C:\PROGRA~2\Mobogenie\Device.dll" deleted "C:\PROGRA~2\Mobogenie\libeay32.dll" deleted "C:\PROGRA~2\Mobogenie\msvcp100.dll" deleted "C:\PROGRA~2\Mobogenie\msvcr100.dll" deleted "C:\PROGRA~2\Mobogenie\QtCore4.dll" deleted "C:\PROGRA~2\Mobogenie\QtGui4.dll" deleted "C:\PROGRA~2\Mobogenie\QtNetwork4.dll" deleted "C:\PROGRA~2\Mobogenie\QtSql4.dll" deleted "C:\PROGRA~2\Mobogenie\QtWebKit4.dll" deleted "C:\PROGRA~2\Mobogenie\ssleay32.dll" deleted "C:\Program Files (x86)\Mobogenie" deleted "C:\PROGRA~2\Mobogenie" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8175 MB CPU Info: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz CPU Speed: 2796,9 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 440 | NVIDIA GeForce GT 440 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH22NS40 Ports: COM1 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 1397,2GB Hard Disks - Free: C: 1176,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/07/11 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI H61M-E33 (MS-7680) Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norman Security Suite On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norman Security Suite disabled (Outdated) Firewall: Norman Security Suite disabled Default Browser: Firefox 27.0.1 Internet Explorer Version: 11.0.9600.16521 Mozilla Firefox version: 27.0.1 (x86 nl) Google Chrome version: 33.0.1750.154 Adobe Reader version: 10.1.9.22 Sun Java version: 1.7.0_51 (32-bit) Sun Java version: 1.6.0_25 (64-bit) Flash Player version: 12.0.0.77 Shockwave Player version: 12.0.4r144 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-03-16 10:43:14 17BDDADCA7044CC7B8406F1CA45210DF 284672 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\tmp2014114312\7za.dll 2014-03-16 10:43:13 EC9D9325A8FD786A1147DB9431572A42 1660928 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\tmp2014114312\setup.exe 2014-03-13 18:06:06 A84FCD6D4366B0EE3A96A486EF878158 2244608 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\1buwo3w3.gbu.exe 2014-03-13 18:05:45 76FAEAE562FC74152FE58E7D3A0D4FE5 354720 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\lzb1hlvu.rgl.exe 2014-03-13 18:05:36 3382EA67CFD0D218914B7D25C95D1AA4 712528 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\zavya0qg.a0v.exe 2014-03-12 21:16:21 3382EA67CFD0D218914B7D25C95D1AA4 712528 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\lqn5fhhy.cds.exe 2014-03-12 21:07:01 6AA8C9ED5CFEB285A96782B82DB916BE 5045259 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\gwa1xn5o.ryn.exe 2014-03-12 21:06:59 A84FCD6D4366B0EE3A96A486EF878158 2244608 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\3bk00epz.mz4.exe 2014-03-12 21:06:50 3382EA67CFD0D218914B7D25C95D1AA4 712528 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\s0tpgxl0.pwk.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-03-24 19:47:19 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-03-26 17:56:24 7D9CEDC15D0F93EF7C02A60C780C2A79 3144 ----a-w- C:\Windows\Sysnative\Tasks\{502004E1-9A45-488B-B348-98F60C7C470D} 2014-03-04 20:47:00 1A4DA28F4156E6ECDCE6916AE9992305 372 ----a-w- C:\Windows\Tasks\AmiUpdXp.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-24 21:11:12 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-03-13 18:06:35 -------- d-----w- C:\PROGRA~2\MSR 2014-03-12 21:07:20 -------- d-----w- C:\PROGRA~2\DP1819 2014-03-04 20:47:30 -------- d-----w- C:\PROGRA~2\M-Downloader ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-03-25 14:30:10 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-03-23 16:40:03 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Unity 2014-03-12 21:06:42 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Wise 2014-03-04 20:48:55 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\MDownloader 2014-03-04 20:47:34 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\M-Downloader ====== C:\Users\Gebruiker ====== 2014-03-24 21:09:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-03-24 19:44:48 1AF9E2AA8264B023404A76D3FB6751FE 29141928 ----a-w- C:\Users\Gebruiker\Downloads\jre-7u51-windows-i586.exe 2014-03-04 20:47:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Downloader ====== C: exe-files == 2014-03-26 17:20:43 E093151047BBFFC0CD78D52F36490206 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe 2014-03-26 17:20:43 398F40FAE5ADA9521544393F1F67A17E 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe 2014-03-26 17:20:42 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe 2014-03-26 17:20:37 7E6B107120108B3A15BFECE0DE3201DB 228744 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe 2014-03-26 17:20:37 6EFC5F64258FE0D9DA3CCFA7FF4D84BD 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe 2014-03-26 17:20:37 0D5CE0E5AEC3ACC7930AB955334B8533 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe 2014-03-26 17:20:36 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe 2014-03-26 17:20:33 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe 2014-03-24 21:11:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-03-24 21:09:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-03-24 19:47:15 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-03-24 19:47:15 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-03-24 19:47:15 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-03-24 19:47:15 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-03-24 19:47:15 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-03-24 19:47:15 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-03-24 19:47:15 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-03-24 19:47:15 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-03-24 19:47:15 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-03-24 19:47:15 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-03-24 19:47:15 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-03-24 19:47:15 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-03-24 19:47:15 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-03-24 19:47:15 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-03-24 19:47:15 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-03-24 19:47:15 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-03-24 19:47:15 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-03-24 19:47:15 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-03-24 19:47:15 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-03-24 19:47:15 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-03-24 19:47:15 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-03-24 19:44:48 1AF9E2AA8264B023404A76D3FB6751FE 29141928 ----a-w- C:\Users\Gebruiker\Downloads\jre-7u51-windows-i586.exe 2014-03-23 16:38:43 57FD01A0DC56FB1ACC1B1F9EBA024755 581192 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\UnityWebPlayerUpdate.exe 2014-03-23 16:38:43 490F1084B74452DB89832BA4D77DE420 740936 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\UnityBugReporter.exe 2014-03-23 15:54:09 D44E7F25EEC64B506FE2AD4157EA9E20 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$ILFI293.exe 2014-03-23 15:53:59 A26DB58EB23BEAF030EC8B9D617B39CE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$IN0CX9O.exe 2014-03-23 15:53:36 130E38E8A237D7C7CC0899BD524EE1DA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$I2172QK.exe 2014-03-23 15:53:33 381FDC60DA41ED8094FD49095331D426 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$IPHOGDQ.exe 2014-03-23 15:53:30 436468E833F27BA234BE02676DF42308 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$IRZMUK4.exe 2014-03-23 15:53:25 BBD4B088CF72F2CA5F01C79FCA147216 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$I647UXZ.exe 2014-03-23 15:52:48 915C1103B873D109F30756EB00B84E14 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3407540201-4267568511-3557624643-1000\$I1E8NJN.exe === C: other files == 2014-03-24 19:47:16 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1005\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3407540201-4267568511-3557624643-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Norman ZANDA"="C:\Program Files\Norman\Npm\Bin\ZLH.EXE /LOAD /SPLASH" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" ,c:\\progra~2\\citrix\\icacli~1\\rshook.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Windows Mobile-based device management"="%WINDIR%\WindowsMobile\wmdcBase.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConnectionCenter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HTC Sync Loader] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HTC Sync Loader" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\HTC\\HTC Sync 3.0\\htcUPCTLoader.exe\" -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MediaGet2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MediaGet2" "hkey"="HKCU" "command"="C:\\Users\\Gebruiker\\AppData\\Local\\MediaGet2\\mediaget.exe --minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSDMonitor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SSDMonitor" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\PC Tools\\sMonitor\\SSDMonitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super-Charger] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Super-Charger" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\MSI\\Super-Charger\\StartSuperCharger.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TBHostSupport] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TBHostSupport" "hkey"="HKCU" "command"="\"C:\\Windows\\SysWOW64\\Rundll32.exe\" \"C:\\Users\\Gebruiker\\AppData\\Local\\TBHostSupport\\TBHostSupport_0.dll\",DLLRunTBHostSupportPlugin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USBToolTip] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="USBToolTip" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Pinnacle\\Shared Files\\Programs\\USBTip\\USBTip.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 8.0 SE.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\PHOTOfunSTUDIO 8.0 SE.lnk" "backup"="C:\\Windows\\pss\\PHOTOfunSTUDIO 8.0 SE.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\COMMON~1\\PANASO~1\\PHOTOF~1\\AUTOST~1.EXE -e \"C:\\Program Files (x86)\\Panasonic\\PHOTOfunSTUDIO 8.0 SE\\PHOTOfunSTUDIO.exe\"" "item"="PHOTOfunSTUDIO 8.0 SE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\GEBRUI~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PassThru Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PCToolsSSDMonitorSvc] ==== Startup Folders ====================== 2013-12-23 07:04:14 1057 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-03-21 17:06:38 1931 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\AmiUpdXp.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\Norton Security Scan for Gebruiker.job --ah----- C:-C:\PROGRA2\NORTON2\Engine\4031.24\Nss.exe [] C:\Windows\tasks\RMAutoUpdate.job --a------ [Undetermined Task] C:\Windows\tasks\RMSchedule.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe] "C:\Windows\SysNative\tasks\Norton Security Scan for Gebruiker" [C:\PROGRA~2\NORTON~2\Engine\403~1.24\Nss.exe] "C:\Windows\SysNative\tasks\RMAutoUpdate" [C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe] "C:\Windows\SysNative\tasks\RMSchedule" [C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{C99C5120-030F-4698-945E-70FA2A23BCC4}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default - Ask New Tabs - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\{07FF1E21-D805-1061-FF4D-77A7BBC4EB60} - Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\741a7541-93f4-48e9-b47a-819eb9b71948@056eeb3e-b4ad-4111-975e-4d615058413d.com - Ask New Tabs - %ProfilePath%\extensions\{07FF1E21-D805-1061-FF4D-77A7BBC4EB60} - CoupoonIty - %ProfilePath%\extensions\v-zad@iiyeaoi-.edu.xpi - Surftastic - %ProfilePath%\extensions\{01531192-f7ef-415f-a549-cfdb11836731}.xpi - New Tab - %ProfilePath%\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi - DealPly - %ProfilePath%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default F6D12679B9112358AC705A1308156F59 - C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner + 0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director 86D3E659AB2D17B12482BC221F742867 - C:\Users\Gebruiker\AppData\Local\Roblox\Versions\version-fb3436d54f9e4598\NPRobloxProxy.dll - Roblox Launcher Plugin 9ED8AA7D69B73EFF77A6D18A2ACFB954 - C:\Users\Gebruiker\AppData\Roaming\Mozilla\plugins\npicaN.dll - Citrix ICA Client ==== Deleted Firefox Extensions ====================== C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.xpi deleted C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\gtdyvlcn.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Gebruiker\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx[] bopakagnckmlgajfccecajhnimjiiedh - No path found[] gkcbebbklfkjeocpmoamnopdllfekind - C:\Users\Gebruiker\AppData\Roaming\M-Downloader\Extensions\gdchrome.crx[] pcidejejpblipcjpnkfkddlkmgndblch - C:\Users\Gebruiker\AppData\Roaming\M-Downloader\Extensions\GenCrawler.crx[] MSS+ Extension - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:8118;https=127.0.0.1:8118" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gkcbebbklfkjeocpmoamnopdllfekind deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pcidejejpblipcjpnkfkddlkmgndblch deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaGC deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3407540201-4267568511-3557624643-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3407540201-4267568511-3557624643-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: ,c:\progra~2\citrix\icacli~1\rshook.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\elogsvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman Safeground AS - C:\Program Files\Norman\npf\bin\npfsvc32.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: System Update kb77500 - Unknown owner - C:\Windows\Microsoft\System Update kb77500\WindowsUpdater.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\gtdyvlcn.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4394 folders=372 233065357 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\nseswap.def.d43b00ca854d3f65.tmp" not deleted "C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\nse_tmp{875703F42F8324B4}.tmp" not found "C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\nse_tmp{AC17396CACB223A7}.tmp" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\26CK8V7L\games2.spele.nl" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\casino.com" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\include.classistatic.com" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\kaptcha.com" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\soccerschool.s15383757.onlinehome-server.info" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\spele.nl" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\syndication.vmma.be" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z8PPRC6Q\www.3fm.nl" not found ==== EOF on wo 26-03-2014 at 19:40:55,37 ======================