Zoek.exe v5.0.0.0 Updated 24-11-2014 Tool run by H on di 25-11-2014 at 7:45:38,09. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\H\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== ==== Empty Folders Check ====================== C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\VideoLAN deleted successfully C:\PROGRA~2\COMMON~1\Apple deleted successfully C:\PROGRA~3\give2u deleted successfully C:\PROGRA~3\Hitman Pro deleted successfully C:\Users\H\AppData\Roaming\Malwarebytes deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-260641661-152065904-1245335111-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A9B2A0D-EAE5-40C3-8194-A7A37DAE7CF6} deleted successfully HKEY_USERS\S-1-5-21-260641661-152065904-1245335111-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8954E572-427B-404F-B9CF-3340B8E78366} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Users\H\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fa6789c5 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{239c7dff-7f63-4ba7-96e8-7dbb42034eb1}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\ProgramData\quickpick not found C:\PROGRA~3\MAGIX deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8078 MB CPU Info: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz CPU Speed: 2306,1 MHz Sound Card: Not detected Display Adapters: | RDP Encoder Mirror Driver Monitors: 1x; Screen Resolution: 800 X 600 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #3 | Intel(R) Centrino(R) Wireless-N 2230 #2 | Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2 CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A8SH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 287,6GB | D: 390,6GB Hard Disks - Free: C: 222,2GB | D: 284,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/23/12 | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. N76VM Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: McAfee Antivirus en antispyware On-access scanning disabled (Outdated) Anti-Virus: Emsisoft Anti-Malware On-access scanning disabled (Outdated) Anti-Spyware: McAfee Antivirus en antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Emsisoft Anti-Malware disabled (Outdated) Firewall: McAfee Firewall disabled Default Browser: Google Chrome 38.0.2125.111 Internet Explorer Version: 11.0.9600.17420 Google Chrome version: 38.0.2125.111 Adobe Reader version: 10.1.12.15 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\H\AppData\Local\Temp ==== 2014-11-24 18:37:13 EB4686F6F4BE2B00AA40978D551F66C4 43008 ----a-w- C:\Users\H\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4tifax.dll 2014-11-23 18:02:50 2BA8A8C952DBB9EDAB37D6EE5ADC8AD4 384584 ----atw- C:\Users\H\AppData\Local\Temp\n4213\s4213.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-19 11:10:43 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-11-19 11:10:43 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll 2014-11-12 12:03:05 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2014-11-12 12:03:05 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2014-11-12 12:03:04 9216ABFD53F5EC1F35C3554AD1A175DE 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-11-12 12:03:04 13E5B1CD503A4B21E9F0A2D55A00198B 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2014-11-12 12:02:59 B6273619A3DF28F03B64E911E45A6AB2 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-11-12 12:02:59 A6E51BDCB8F4B84E874F918F0452763D 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 12:02:59 5D5640C34C4A97467F77489DBB157568 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 12:02:58 FB56C76FEA44693752BD99D7D9930ABA 341168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 12:02:58 93074C4FA92A8399404D032F6AF72C1B 19781632 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-11-12 12:02:58 843BD9DAF03ABB6761DEE6D155301F28 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 12:02:58 66F4FFDBCD501260ABC198317D2B0D10 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 12:02:58 4772DB007FFBD4BBE3F526704BCA67FE 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-11-12 12:02:58 26EE6C9780A8FC872C60F9E35D7EBD4B 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 12:02:56 FA310BD4A5DE904445DDDE54C5A654F2 2277376 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-11-12 12:02:56 7748B3DDDC92C7FC11F7462DB872E8E7 2051072 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 12:02:56 5E01004CBC35A78FE2AB4016CCAD4760 708096 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 12:02:56 5972510EF1C6097D9C14C17387A5EDB2 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 12:02:56 19D68FDEE62519C5A0387EB4E88A01EF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-11-12 12:02:55 8A46404AC1AEB22AA2D4C906D0FC86C2 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 12:02:55 6DDC0F44A70976C492CB1666BA9A7912 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 12:02:55 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 12:02:54 A1A2EE55A2C69F79AED00973E604B9C4 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 12:02:54 8585BC27224F97458C186AA085B754A7 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-11-12 12:02:54 36EE0A2A981617610F921BCBB997DB06 12819456 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-11-12 12:02:51 AE39939F1E25401B9A4952A7A8D372AC 4298240 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-11-12 12:02:51 9ED3132B7F0D36FA9911721E8B2CB968 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-11-12 12:02:51 4169C6A6613856D69224498620F0C2B5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 12:02:50 755D0A90CFC4BCB178D7070B0351F0AE 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 12:02:50 6DD7D61A8EF3DFEC4FAEFEB395E77424 1892864 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-11-12 12:02:50 139E85C4E5DF322AE1BF6544D8C32B0A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-11-12 12:01:48 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-11-12 12:01:48 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 12:01:47 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 12:01:47 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 12:01:46 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 12:01:46 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 12:01:44 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 12:01:44 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 12:01:44 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-11-12 12:01:44 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-11-12 12:01:43 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 12:01:43 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-11-12 12:01:36 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\SysWOW64\packager.dll 2014-11-12 12:01:33 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-11-12 12:01:29 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-24 20:37:44 F7CED11558AC313202D8524F3F47AADC 90 ----a-w- C:\Windows\Sysnative\eamclean.dat 2014-11-24 20:37:44 997E22DD62D21C0D18F70866BAB12D2D 77312 ----a-w- C:\Windows\Sysnative\eamclean.exe 2014-11-19 11:10:43 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-11-19 11:10:43 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll 2014-11-12 12:03:09 F992AAE3F2DF1D7D2A75B681B0C5280E 304640 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-11-12 12:03:08 9F1FA4F36406693C77CC5779AA7E532D 228864 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-11-12 12:03:08 6021CF6A11DE9B5FC1BD210B6855C497 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-11-12 12:03:05 C4C1B73FC2FF151BA08E1EAFDE2A2FAF 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-11-12 12:03:05 7184AEACDA13E64B10F84E9DD79C8A01 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2014-11-12 12:03:05 58F87BF5659C8EBC61EB439C916F2F9A 681984 ----a-w- C:\Windows\Sysnative\adtschema.dll 2014-11-12 12:03:05 008CD4EBFABCF78D0F19B3778492648C 683520 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-11-12 12:02:59 7293701905DF1F40760C851F20DDC9EC 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-11-12 12:02:59 1F3794CE1AEA5DA12ACF90210EAE4ECB 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-11-12 12:02:58 854B230F5D77486B67D809FFB8A10C7E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-11-12 12:02:58 4E47ABA3C6C5032446A2AF7EFD026037 716800 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-11-12 12:02:58 33098C85B789630865CD3F5D22FB0DFC 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-11-12 12:02:58 26BC4EC95E363DD59171710E22108F15 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-11-12 12:02:56 56651A76C63DAF2C593F1F767FC8A856 1550336 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-11-12 12:02:56 1C216980E7D21100A357B52B3C45F78D 388272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-11-12 12:02:55 E17C34BECCD1388E9B386A9F82F01222 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-11-12 12:02:54 C6A719FD0B07B2DD0ADACD07636F4BAD 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-11-12 12:02:54 2A1A7F17C906941334C6A67E935F214B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-11-12 12:02:54 1E30BECF0DB35481588FB72C9CF97CA2 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-11-12 12:02:53 BD708EBEDB35E474F1A19747154ACC47 799232 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-11-12 12:02:53 6507CA9349500A535AF70670F248E525 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-11-12 12:02:52 BA4EC6139B8830BBA9CC5D065CA5796C 2884096 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-11-12 12:02:52 5C9D58591D0091630452B04F35527240 2124288 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-11-12 12:02:50 31F2A5ECFD2C75F970A3007ACD5627C7 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-11-12 12:02:50 08BCDD6C9E23D00309F359620461DFE8 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-11-12 12:02:49 69602F6259598A7837CB83D3608FE293 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-11-12 12:02:49 277A4735954F1BF29EE3D138A5251BFE 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-11-12 12:02:49 154B8555A118BCFD95F358390E418B00 14390272 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-11-12 12:02:48 98088A13F65BE35DA3693F264740CEEC 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-11-12 12:02:48 7EE5FBD190BF5B27F7977EA6CBF0DCAC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-11-12 12:02:48 7EC80DB959695D4F927D2D601DA59F35 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-11-12 12:02:47 F208D7FB40FD80EA9F123BABF687359C 6040064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-11-12 12:02:47 B6DC4597FF946B0C8B29650A71F52D4E 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-11-12 12:02:47 6FC2819A4F80AAB2DADEDFC1EFEE3C3F 2365440 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-11-12 12:02:46 EE3592B010E3F69D141323E592C01A1A 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-11-12 12:02:46 4B6D9AB2ECD11AF5F6B1C42D938E0A85 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-11-12 12:02:45 BBD6A636AAA65D874F3863280CD8373D 25110016 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-11-12 12:01:48 D005697F0467BBDDAB7638496DA5DB52 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-11-12 12:01:48 364ECFF4ABD9D575F4F7CF7EB7928EF3 1882624 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-11-12 12:01:47 DE3E38431B00C2EA247C53675DCF01A0 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2014-11-12 12:01:47 9383B21A4B77C130940262DDC5F3F49B 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2014-11-12 12:01:47 1FEBD408F32DFC523882E7DA5AC57819 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL 2014-11-12 12:01:46 FAFCB80D42A65964B6F4945283B8C10F 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2014-11-12 12:01:46 B1BB7B91C3C878FDB2874138CE81C4EF 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2014-11-12 12:01:46 A2C9E45F4069A002E985D1563D16813B 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2014-11-12 12:01:44 DF30FC54FFF79BC744B22A4850A3CF92 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-11-12 12:01:44 A71B81AC2C14ABA013CCF1225D9E3E36 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-11-12 12:01:44 55F0CF40479A1FC89CFA578909A540F2 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-11-12 12:01:44 47C48C705F4F1EFC99B50B43AE4301FE 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-11-12 12:01:44 109CC0DF72CC07A6CB59D2995255A1DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-11-12 12:01:43 336BA030AB7B05300CB0B5C6AFB27176 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-11-12 12:01:36 934735F508E297504460935B71E99F0B 77824 ----a-w- C:\Windows\Sysnative\packager.dll 2014-11-12 12:01:35 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-11-12 12:01:33 2720C94ADCC1727A66365CCB1CE456C4 3241984 ----a-w- C:\Windows\Sysnative\msi.dll 2014-11-12 12:01:29 B938AF16A521C913791C6F7AFF032757 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-23 11:59:01 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-23 11:58:42 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-23 11:58:42 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-12 12:03:05 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2014-11-04 11:59:59 496A8DD16D1C7BAFCE37CE1E3A654001 5016 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for H-PC-H H-PC ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-23 12:47:47 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\H\AppData\Roaming ====== 2014-11-16 19:13:24 -------- d-sh--w- C:\Users\H\AppData\Local\EmieBrowserModeList 2014-11-16 19:12:44 -------- d-sh--w- C:\Users\H\AppData\Locallow\EmieBrowserModeList 2014-11-02 20:03:47 F2DD0DEDB2C260419ECE4A9E03B2E828 4 ----a-w- C:\Users\H\AppData\Roaming\appdataFr2.bin ====== C:\Users\H ====== 2014-11-23 18:04:27 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\H\Downloads\adwcleaner_4.101.exe 2014-11-23 17:50:02 D848F66D99F9008CE10D3FBC0E325F8E 6480192 ----a-w- C:\Users\H\Desktop\HitmanPro35A.exe 2014-11-23 12:42:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\H\Downloads\RSITx64.exe 2014-11-20 12:51:19 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\H\Downloads\344.75-notebook-win8-win7-64bit-international-whql.exe ====== C: exe-files == 2014-11-24 20:37:44 997E22DD62D21C0D18F70866BAB12D2D 77312 ----a-w- C:\Windows\System32\eamclean.exe 2014-11-23 18:04:27 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\H\Downloads\adwcleaner_4.101.exe 2014-11-23 18:02:50 2BA8A8C952DBB9EDAB37D6EE5ADC8AD4 384584 ----atw- C:\Users\H\AppData\Local\Temp\n4213\s4213.exe 2014-11-23 17:50:02 D848F66D99F9008CE10D3FBC0E325F8E 6480192 ----a-w- C:\Users\H\Desktop\HitmanPro35A.exe 2014-11-23 12:47:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\H.exe 2014-11-23 12:42:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\H\Downloads\RSITx64.exe 2014-11-22 19:22:23 A0597F9C38BFADA73C0062874761A43C 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe 2014-11-22 19:22:23 4F417B68A6EB97998C4E9156D053900A 1092816 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe 2014-11-22 19:22:23 1A72E641E2C77131030DA60B7B71F66C 528576 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe 2014-11-22 19:22:23 106021B1146952B8EC9FCBFEA7A7F277 705184 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\dcf\SPREADSHEETCOMPARE.EXE 2014-11-22 19:22:22 CC5C101D61539A7379AA9BC3282FD408 5680856 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe 2014-11-22 19:22:22 9A80F562E89B3D98EBBE7EDD9E75FFAC 39576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe 2014-11-22 19:22:22 1B7AF1B851A7A8763103FA63E8514CD6 207016 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msoxmled.exe 2014-11-22 19:22:21 175B3D01AD19B310238B5C29846D2891 81640 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe 2014-11-22 19:22:17 6447C60B47195C983BBBDAD6A2C22A99 474336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe 2014-11-22 19:22:17 1CFBCB7748780D39C7209EFC929B126B 842440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe 2014-11-22 19:22:16 98A2C1C05D59593050C67B739CA6C0B0 217760 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\msoxmled.exe 2014-11-22 19:22:16 20BC802CA54ACFD48435C9176441C13A 7764184 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe 2014-11-22 19:22:14 36995A650174CC354F6E4C417C6D5625 1923224 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\winword.exe 2014-11-22 19:22:10 E80F15DCA53E1ECD433CFE042400DF97 40672 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\scanpst.exe 2014-11-22 19:22:10 8A59C5C5747DCDB8EA2B77C981E62AA7 665240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe 2014-11-22 19:22:10 1F9754F230A2BA24A961A7502135120E 480976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe 2014-11-22 19:22:09 14EC450D656FCCA98383830B711DAB89 18947744 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe 2014-11-22 19:22:07 33022E733887D50D1F796135A4C4E7C3 873648 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2014-11-22 19:22:05 D7E4EB3AA8CEEBB14DCA08D3B7AE41BD 87232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\namecontrolserver.exe 2014-11-22 19:22:04 CD86464906551942F410AEA5B735D762 8686264 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\groove.exe 2014-11-22 19:22:02 5EDC8FCE400CA9CDA27EFFC4AF4D7275 1765024 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\onenote.exe 2014-11-22 19:22:02 2A057DD0B0AA74B7B9B1FC94E8EB82C9 569584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe 2014-11-22 19:22:02 149A96C02F566E0D38026B409D9CDDBA 1296072 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ocpubmgr.exe 2014-11-22 19:22:01 A5A4E6BD8383533C82BFD99BAAD0B35D 10771104 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\mspub.exe 2014-11-22 19:22:00 69439A00309B451605EBB90AB5B0E7E2 15518880 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe 2014-11-22 19:21:59 F4C40708FC1C59FB5EB10B10AE23D348 33960 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoev.exe 2014-11-22 19:21:59 F45A0DF110AAA1C48D1FA3009A671871 449208 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msosync.exe 2014-11-22 19:21:59 F2C596D99EFF8F337BF4A428767F10EA 497848 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msouc.exe 2014-11-22 19:21:59 DE43B2666E374279165FEAD586A4BA2C 33968 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msotd.exe 2014-11-22 19:21:59 50C11D73A9DB8543B2FA25B9563D3F2D 283312 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoia.exe 2014-11-22 19:21:58 9C9524FBE43E9593437BE11472872B0A 1783968 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\infopath.exe 2014-11-22 19:21:58 05CFC10D672D10CB2F9096B642441D22 19051160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe 2014-11-22 19:21:57 95F05B316E114B7B299DD0D57B1224F6 6484640 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe 2014-11-22 19:21:56 49B2D14B7D2F986BC83666851FD7C1C2 4522680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\graph.exe 2014-11-22 19:21:56 203718811BE4463ACE59C09A7DDFF4E8 517352 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe 2014-11-22 19:21:55 9D8ED241EDD0EF87E4EA33E8536F3668 21934232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2014-11-22 19:21:55 1265BCCDCD1C4585948DCA39AD78CF1A 991904 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe 2014-11-22 19:21:54 B6B52C83F878E9F6BBB25FDC1B718B76 25643168 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe 2014-11-22 19:21:52 4085A1C1A6B05EDCE72BE2837BEAFD7A 229048 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\clview.exe 2014-11-22 19:21:51 FDB0560C147FFB6E1FFC79ABBCCF48D3 590536 ----a-w- C:\Program Files\Microsoft Office 15\root\integration\integrator.exe 2014-11-22 19:21:51 12482D31B8FA8DF122F78A138926A8A1 33432 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\appsharinghookcontroller.exe 2014-11-22 19:21:38 EDC36AE43B7FB8CE366540E729E342AA 281760 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\dcf\DATABASECOMPARE.EXE 2014-11-22 19:21:13 8D03F2858035926F6B1E6EC34A0C0595 145056 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate64.exe 2014-11-22 19:21:13 27DB723A68AE52CF0BCBA8708A44E0CA 311544 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe 2014-11-22 19:21:13 098CA18BC23278B53C76C9F0D6BD7238 124064 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate32.exe 2014-11-22 19:17:32 D567C3DF56AC248EE82039DC0AF6D9E1 205472 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe 2014-11-22 19:17:32 288BD9FFEA8FB0D2176F22751E0D9F92 248992 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\mavinject32.exe 2014-11-21 20:40:16 DEB0B124A3470E05C273D90B0B5984C0 426352 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00006819\CoProc update.19076826.exe 2014-11-20 12:51:19 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\H\Downloads\344.75-notebook-win8-win7-64bit-international-whql.exe 2014-11-20 12:50:28 923CE28B2B6D9C77A2448D17AFC33FDA 426344 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00006800\CoProc update.19070382.exe === C: other files == 2014-11-23 11:59:01 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-23 11:58:42 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-23 11:58:42 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-260641661-152065904-1245335111-1002\Software\Microsoft\Windows\CurrentVersion\Run] "HP Officejet 6600 (NET)"="C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe -deviceID CN35H6RJFF05RN:NW -scfn HP Officejet 6600 (NET) -AutoStart 1" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "ASUS InstantKey"="C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe" "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "RemoteControl10"="C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" "UpdatePSTShortCut"="C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Cyberlink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe /d=60" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Officejet 6600 (NET)"="C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe -deviceID CN35H6RJFF05RN:NW -scfn HP Officejet 6600 (NET) -AutoStart 1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 " "BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON] "command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe" "hkey"="HKLM" "item"="ACMON" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Overwolf] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Overwolf" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Overwolf\\Overwolf.exe -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RTHDVCPL" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2013-09-18 03:47:35 1045 ----a-w- C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-08-20 14:54:50 1916 ----a-w- C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Officejet 6600 (netwerk).lnk 2014-07-01 18:06:33 1111 ----a-w- C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf4c12ac8a7a83.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-08-2013 09:54] C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe [] C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe] "C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe] "C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf4c12ac8a7a83" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Officejet 6600" ["C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe] "C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [20-11-2014 16:29] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] Google Docs - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - H\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [HP Officejet 6600 (NET)] "C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35H6RJFF05RN:NW" -scfn "HP Officejet 6600 (NET)" -AutoStart 1 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = H\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Inktwaarschuwingen controleren - HP Officejet 6600 (netwerk).lnk = ? O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Origin Client Service - Electronic Arts - D:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\H\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\H\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\H\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=13 folders=10 5844321 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\H\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\H\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 25-11-2014 at 8:09:13,15 ======================