Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Rudi on di 29/04/2014 at 17:30:54,50. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: E:\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-07-28-200151.log 38144 bytes C:\zoek-results2013-10-20-100730.log 694 bytes C:\zoek-results2013-10-20-140532.log 559 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\SearchProtect deleted successfully C:\Program Files\Symantec deleted successfully C:\Users\Rudi\AppData\Roaming\Ashampoo Slideshow Studio HD 2 deleted successfully C:\Users\Rudi\AppData\Local\HP Quick Start deleted successfully C:\Users\Rudi\AppData\Local\MediaShow deleted successfully C:\Users\Rudi\AppData\Local\PackageStaging deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3711994559-1187540807-2206362420-1001\Software\Microsoft\Internet Explorer\SearchScopes\{838FE449-912C-4C6D-B0C2-6D52AABE75FB} deleted successfully HKEY_USERS\S-1-5-21-3711994559-1187540807-2206362420-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B70DAA8A-AB91-43BE-A0A4-EFE08294DD76} deleted successfully HKEY_USERS\S-1-5-21-3711994559-1187540807-2206362420-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FC29F7AC-6207-4CE2-97E9-7810489E44D3} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\vdhmp4s9.default ---- Lines conduit removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Conduit Search"); ---- Lines Torntv removed from prefs.js ---- user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22http%3A//extclickm user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0"); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "14559fdcc121d9ccd0d18e2c01340faa"); ---- Lines a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 removed from prefs.js ---- user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.active", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.addressbar", "NA"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.addressbarenhanced", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb.was_copied", "true"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb_dbWasSet", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncdb_dbWasSet_FF25_FIX", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb.was_copied", "true"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb_dbWasSet", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.asyncinternaldb_dbWasSet_FF25_FIX", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.backgroundver", 4); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.certdomaininstaller", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.changeprevious", false); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.au.value", "%222014-4-29%22"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:0 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.cnt.value", "%22BE%22"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.first_run.expiration", "Fri Feb 01 2030 0 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.first_run.value", "%221%22"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.install.expiration", "Fri Feb 01 2030 00: user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.install.value", "%222014-4-13%22"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallationTime.expiration", "Fri Feb 01 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallationTime.value", "%221397374064%2 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallerParams.expiration", "Fri Feb 01 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.InstallerParams.value", "%7B%22source_id% user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.expiration", "Fri Feb 01 2030 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.description", "The must-have App extensions for user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.domain", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.enablesearch", false); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.homepage", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.iframe", false); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.InstallationThankYouPage", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.InstallationTime", 1397374064); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.__defualt_browser__.expiration", "Fri user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.__defualt_browser__.value", "%22ff%22 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.installer.expiration", "Fri Feb 01 20 user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.installer.value", "%7B%22InstallerIde user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerIdentifiers.expiration", "Fr user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerIdentifiers.value", "%7B%22i user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParams.expiration", "Fri Feb user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParams.value", "%7B%22source user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParamsCache.expiration", "Fr user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerParamsCache.value", "%7B%22s user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerUserIdentifiersCache.expirat user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.InstallerUserIdentifiersCache.value", user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin__disable_bi_pixel user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin__disable_bi_pixel user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.expir user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledUrls.value user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledWithHash.e user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_bundledWithHash.v user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_last_executable_r user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_notBundledArr_.ex user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.monetization_plugin_notBundledArr_.va user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_appVer.expiration", "Fri Fe user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_appVer.value", "45"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_lastVersion.expiration", "F user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_lastVersion.value", "2"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_meta.expiration", "Fri Feb user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_nextCheck.expiration", "Tue user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_queue.expiration", "Fri Feb user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_remote_resources.expiration user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.internaldb.Resources_remote_resources.value", "% user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.lastDailyReport", "1398785256704"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.lastUpdate", "1398785256595"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.manifesturl", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.newtab", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.opensearch", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.pluginsurl", "http://js.clientdemostack.com/plug user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.pluginsversion", 40); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.publisher", "installdaddy"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.searchstatus", 0); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.setnewtab", false); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.thankyou", ""); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.updateinterval", 360); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.ver", 45); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.apps", "51390"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.bic", "14559fdcc121d9ccd0d18e2c01340faa"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.cid", 51390); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.FilesValidatorDueTime", "1398785315782"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.firstrun", false); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.hadappinstalled", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.installationdate", 1397374176); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.modetype", "production"); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.reportInstall", true); user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.statsDailyCounter", 31); ---- FireFox user.js and prefs.js backups ---- user_20142904_1737_.backup prefs_20142904_1737_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\SearchProtect not found C:\PROGRA~2\MyFree Codec deleted C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~3\SoundResearch deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\WINDOWS\wininit.ini deleted C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\vdhmp4s9.default\searchplugins\conduit-search.xml deleted C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\vdhmp4s9.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-04-09 15:09:12 81394C91B7B5A7C799E249AE82491F13 2373784 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Rudi\AppData\Local\Temp ==== 2014-04-29 15:25:47 CC40FDD59A832E27F146A62A67FDE75E 41984 ----a-w- C:\Users\Rudi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvxu9ce.dll 2014-04-23 16:36:51 4C553808EE9BB336A8D1BAC7E2A3D4CB 10920744 ----a-w- C:\Users\Rudi\AppData\Local\Temp\ainet12112FFD\update_1218_9.4.3.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-04-18 14:14:48 ED6A11F4562F89F559243AC87B01DBF4 54776 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2014-04-18 14:14:48 C89F2486735F7360D6D7B7B14E4B07C9 1705984 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2014-04-18 14:14:48 779FB2F26E4339A4DD3EEF57E4E593FA 3408896 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2014-04-18 14:14:48 04FFE8E9A0B4621A56773065AA41D575 190976 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2014-04-18 14:14:47 48C4FAB482665748D3598D96AD3461D9 381952 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-04-09 15:11:22 3595FBDF25F8BA6256072D103937D7D6 311640 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-04-09 15:11:11 F21B77B4D74092A543807D3CEB711A88 1118552 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-04-09 15:11:10 9539F7917B4B6D92C90F0FAA6B86C605 539992 -c--a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2014-04-09 15:11:08 B2BD017231836DA9F63F41E3A075D73E 590168 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2014-04-09 15:11:06 A26AEC49F318FEE141DDDB2C5F99B3E6 249688 ----a-w- C:\WINDOWS\Sysnative\drivers\rdyboost.sys 2014-04-09 15:11:05 233A4C961703D6B3EBA4EC1A3E85AACE 298496 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-04-09 15:11:04 87765EF43C33BE342F4ACB0E3FBF89A6 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-04-09 15:11:04 8685379B82AC81187813225905531D1E 272896 -c--a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2014-04-09 15:11:04 275AFE3FA35E8D78BE97695DF49817C6 280920 -c--a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2014-04-09 15:11:03 EA23453240137F6773174E0D93F61A69 148824 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2014-04-09 15:11:03 46D1DF775FFF14585218BBE16E5B2C9A 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2014-04-09 15:11:01 8F39AFEB255487932DFF14D9E0E0FC24 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2014-04-09 15:11:01 52E483A3701A5A61A75A06993720347D 551256 -c--a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2014-04-09 15:10:59 FDEC5799BA499D18AFA3A540538866E7 236888 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2014-04-09 15:10:59 DDEE191AB32DFC22C6465002ECDF5EE4 124416 ----a-w- C:\WINDOWS\Sysnative\drivers\luafv.sys 2014-04-09 15:10:59 48430B0313FC1CFE3D2400553F1A93CD 325464 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2014-04-09 15:10:59 0ECEE590F2E2EF969FB74A6FC583A1E6 663040 ----a-w- C:\WINDOWS\Sysnative\drivers\PEAuth.sys 2014-04-09 15:10:58 02836172141D3AFA35B07679E253E503 151384 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2014-04-09 15:10:57 EF3AE7773394DF49CE74AF78A1C8D23D 146776 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys 2014-04-09 15:10:57 E515A287C8FAE901EB8FB42F168E14F2 924504 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2014-04-09 15:10:57 BCFD8B149B3ADF92D0DB1E909CAF0265 79192 ----a-w- C:\WINDOWS\Sysnative\drivers\fileinfo.sys 2014-04-09 15:10:57 38A82F4EE8C416A6744B6D30381ED768 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\BasicRender.sys 2014-04-09 15:10:57 0B1E929D11A8E358106955603FAC65E8 79192 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2014-04-09 15:10:56 C1F564F324685C088ECAB1933576CF91 54816 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2014-04-09 15:10:56 61A1C2641321A6B89A2B41C5D481EF48 71888 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpfve.sys 2014-04-09 15:10:55 B034A41891A36457B994307DFA772293 189784 -c--a-w- C:\WINDOWS\Sysnative\drivers\UCX01000.SYS 2014-04-09 15:10:55 9DDCA7F18983C5410DEFF79F819DF93C 994136 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2014-04-09 15:10:53 9CC0003FB8ED3763B977B43F1012FF63 54272 ----a-w- C:\WINDOWS\Sysnative\drivers\watchdog.sys 2014-04-09 15:09:12 FEEFE783D87C9063CDAC6DBDCF95F533 2519384 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-04-09 15:09:12 C7D252742946DD395670649742FBD73D 1557848 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-04-09 15:09:11 1C80517BE6836A812F6A9B99B8321351 2013016 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-04-09 15:09:10 E62EAEF0BAC9DD61BF22D4A7F2F18571 679424 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-04-09 15:09:10 C997E6A37BA8915224B3FB5024A34F69 402944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-04-09 15:09:10 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\WINDOWS\Sysnative\drivers\wof.sys 2014-04-09 15:09:10 4627C1FBF2802425A408A2D2AF28CF85 565536 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2014-04-09 15:09:10 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-04-09 15:09:09 F88CC88F4A6D8476F1664E805CA18CC2 180056 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2014-04-09 15:09:09 CFC52C49BEFE4D70D87FFA900EAB9777 467800 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-04-09 15:09:09 C48CDFD48A43E4AEC8170E1E50A3FACD 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-04-09 15:09:09 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2014-04-09 15:09:09 AC408FA243471C25CDE435C3B83536A9 337752 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-04-09 15:09:09 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2014-04-09 15:09:09 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidusb.sys 2014-04-09 15:09:09 647C7652FA19F98CADF2BFDA2164BFEC 443392 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-04-09 15:09:09 466BDC0006103F2547D308DD3CD64398 245760 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-04-09 15:09:09 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2014-04-09 15:09:08 FD9C9E9E3F0ED51502C7E8C066BE26B9 79360 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-04-09 15:09:08 ABB7341766902F5AAB45E15F34D19E15 111616 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2014-04-09 15:09:08 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpipreg.sys 2014-04-09 15:09:08 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2014-04-09 15:09:08 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-04-28 16:22:13 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Rudi\AppData\Roaming ====== 2014-04-28 19:26:30 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-04-26 20:07:10 -------- d-----w- C:\Users\Rudi\AppData\Roaming\CyberLink 2014-04-17 16:53:53 0AE5F98CF2BAC3D1A00B4DBA1E0DC9DD 3391 ----a-w- C:\Users\Rudi\AppData\Local\recently-used.xbel 2014-04-13 10:35:55 -------- d-----w- C:\Users\Rudi\AppData\Local\gtk-2.0 2014-04-13 10:34:23 -------- d-----w- C:\Users\Rudi\AppData\Local\fontconfig 2014-04-13 10:34:22 -------- d-----w- C:\Users\Rudi\AppData\Local\gegl-0.2 ====== C:\Users\Rudi ====== 2014-04-22 19:08:47 BC389C52CF2762D9E0368B49A463CAA2 3729920 ----a-w- C:\Users\dub_cm_auto\Application Data\NPE.exe 2014-04-22 19:08:47 -------- d-----w- C:\Users\dub_cm_auto\Application Data 2014-04-13 10:35:54 -------- d-----w- C:\Users\Rudi\.thumbnails 2014-04-13 10:34:22 -------- d-----w- C:\Users\Rudi\.gimp-2.8 ====== C: exe-files == 2014-04-28 16:22:14 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Rudi.exe 2014-04-23 16:41:05 59AA5408FBD08B65DB2859FB9198B14D 116032 ----a-w- C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 9\updateMediator.exe 2014-04-23 16:41:04 F34D1186484EF22ABE937C5BE36870B1 34144 ----a-w- C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 9\CancelAutoplay.exe 2014-04-23 16:41:04 A48C40E56C3DD6598A4F0CF51E800470 4562784 ----a-w- C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 9\apc.exe 2014-04-23 16:41:04 1588D524033CE762DF3EEA50709B40B3 581632 ----a-w- C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 9\ashDriverSetup.exe 2014-04-23 16:40:52 C3FF0DBC8EA366AADD6EAD703ABA364B 800144 ----a-w- C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 9\unins000.exe 2014-04-23 16:36:51 4C553808EE9BB336A8D1BAC7E2A3D4CB 10920744 ----a-w- C:\Users\Rudi\AppData\Local\Temp\ainet12112FFD\update_1218_9.4.3.exe 2014-04-22 19:08:47 BC389C52CF2762D9E0368B49A463CAA2 3729920 ----a-w- C:\Users\dub_cm_auto\Application Data\NPE.exe === C: other files == 2014-04-28 19:15:22 8852967240D368AFC256B37FF6F120A1 4493282 ----a-w- C:\Users\Rudi\AppData\Local\Temp\bsTempPath\authoringeditor\53903\authed727F9C13tmp.zip 2014-04-28 16:50:45 9194FE348AD1D39DAB1CDAA7B14E0695 977437 ----a-w- C:\Users\Rudi\AppData\Local\Temp\bsTempPath\authoringeditor\51777\authed70FFF8BBtmp.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3711994559-1187540807-2206362420-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN39S2R2N905X4:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "Sync2"="C:\Program Files (x86)\4Team Corporation\Sync2\Sync2.exe /background" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "Allway Sync"="C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe -m" "Spybot-S&D Cleaning"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BtTray"="C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN39S2R2N905X4:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "Sync2"="C:\Program Files (x86)\4Team Corporation\Sync2\Sync2.exe /background" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "Allway Sync"="C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe -m" "Spybot-S&D Cleaning"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-01-11 14:44:10 1102 ----a-w- C:\Users\Rudi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-02-05 17:43:08 1600 ----a-w- C:\Users\Rudi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\syncappw - Snelkoppeling.lnk 2013-11-15 03:20:43 1125 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [28/04/2014 18:53] C:\WINDOWS\tasks\Allway Sync_{40C410C354347EF9B041594AD0E50092}.job --a-------- C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [21/03/2014 13:27] C:\WINDOWS\tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job --a-------- C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [21/03/2014 13:27] C:\WINDOWS\tasks\HPCeeScheduleForRudi.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForRudi" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP ENVY 4500 series" ["C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN39S2R2N9" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] "C:\WINDOWS\SysNative\tasks\Western Digital\SmartWare\____Volume_ba9981f6_7aa6_11e3_be6d_00027215fb89__dropbox_47742237_860c_466e_baea_aa6cee32c5c0_dropbox_" [C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe] "C:\WINDOWS\SysNative\tasks\Western Digital\SmartWare\____Volume_ba9981f6_7aa6_11e3_be6d_00027215fb89______Volume_fb118ce1_8763_11e3_be85_78e3b5c7dec4__" [C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF" [02/03/2014 10:09] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\vdhmp4s9.default - BitComet - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - TinEye Reverse Image Search - %ProfilePath%\extensions\tineye@ideeinc.com.xpi - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Belgium eID - %AppDir%\extensions\belgiumeid.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\vdhmp4s9.default 9FD6A1990289B9290563CA069CB74EF9 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash ABE2E50533899C45DFA03E1D8767648F - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx[11/03/2014 22:44] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {5C858300-61D1-4BC5-821A-F18F93660646} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {C689F919-CED2-430A-8E86-C6132DB6DAB3} Bing Url="http://www.bing.com/search?q={searchTerms}&r=" ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rudi\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rudi\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Rudi\AppData\Local\Mozilla\Firefox\Profiles\vdhmp4s9.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=253 folders=106 67983347 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Rudi\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rudi\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 29/04/2014 at 17:40:41,37 ======================