Zoek.exe v5.0.0.0 Updated 03-December-2014 Tool run by CorneValkenburg on do 04-12-2014 at 10:53:39,56. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\CorneValkenburg\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 4-12-2014 10:56:00 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\choosefun deleted successfully C:\PROGRA~2\funshopper deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\PC Optimizer Pro deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\choosefun deleted successfully C:\PROGRA~3\funshopper deleted successfully C:\PROGRA~3\rocketsaler deleted successfully C:\PROGRA~3\Symantec deleted successfully C:\Users\CorneValkenburg\AppData\Roaming\Opera deleted successfully C:\Users\CorneValkenburg\AppData\Roaming\Three Rings Design deleted successfully C:\Users\CorneValkenburg\AppData\Local\PackageAware deleted successfully C:\Users\CorneValkenburg\AppData\Local\Unity deleted successfully C:\Users\CorneValkenburg\AppData\Local\WarThunder deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully HKEY_CLASSES_ROOT\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Users\CorneValkenburg\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe C:\Users\CorneValkenburg\AppData\Local\Akamai\netsession_win.exe C:\Users\CorneValkenburg\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Users\CorneValkenburg\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe C:\Program Files (x86)\Popcorn Time\chromecast\node.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fa6789c5 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\CORNEV~1\AppData\Roaming\Mozilla\Firefox\Profiles\v49mtiaj.default prefs.js not found ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.id", "be3c9bb900000000000074de2b578f0b"); user_pref("extensions.BabylonToolbar_i.hardId", "be3c9bb900000000000074de2b578f0b"); user_pref("extensions.BabylonToolbar_i.instlDay", "15476"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:55:15"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.newTab", false); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986&tt=100512_1_"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); ---- FireFox user.js and prefs.js backups ---- user_04-12-2014_1123_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{503e067f-2914-4edd-8432-2d6c52635e23}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "ApnUpdater"=- "DATAMNGR"=- "InboxToolbar"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\funshopper not found C:\ProgramData\rocketsaler not found C:\ProgramData\funshopper not found C:\Program Files\PC Optimizer Pro not found C:\Users\CorneValkenburg\AppData\Roaming\Delta deleted C:\Program Files (x86)\Delta deleted C:\Program Files (x86)\Softonic deleted C:\ProgramData\nohemefkphkohnpemdgfhhdaefofpbod deleted C:\ProgramData\9facff1d343c3272 deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\babylon.xml deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\blekkotb.xml deleted C:\PROGRA~2\Inbox Toolbar deleted C:\PROGRA~2\DealPly deleted C:\PROGRA~2\VideoCnv deleted C:\user.js deleted C:\Users\CorneValkenburg\AppData\Roaming\appdataFr2.bin deleted C:\Users\CorneValkenburg\AppData\Roaming\BabSolution deleted C:\Users\CorneValkenburg\AppData\Roaming\Babylon deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\AlawarWrapper deleted C:\PROGRA~3\hash.dat deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\Trymedia deleted C:\Users\CorneValkenburg\AppData\Local\CRE deleted C:\Users\CorneValkenburg\AppData\Local\APN deleted C:\Users\CorneValkenburg\AppData\Local\cache deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted C:\Users\CorneValkenburg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\CorneValkenburg\Downloads\SoftonicDownloader_voor_age-of-empires-ii.exe deleted C:\Users\CorneValkenburg\AppData\LocalLow\searchresultstb deleted C:\Users\CorneValkenburg\AppData\LocalLow\imeshtoolbar deleted C:\Users\CorneValkenburg\AppData\LocalLow\AskToolbar deleted C:\Users\CorneValkenburg\AppData\LocalLow\BabylonToolbar deleted C:\Users\CorneValkenburg\AppData\LocalLow\Inbox Toolbar deleted C:\Users\CorneValkenburg\AppData\LocalLow\Delta deleted C:\Users\CorneValkenburg\AppData\LocalLow\Softonic deleted C:\Users\CorneValkenburg\AppData\LocalLow\DataMngr deleted C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted C:\windows\SysNative\Tasks\BrowserProtect deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Public\Documents\AlawarWrapper deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\CorneValkenburg\AppData\Local\TempFullTiltPokerEuSetup.exe deleted C:\Users\CORNEV~1\AppData\Roaming\Mozilla\Firefox\Profiles\v49mtiaj.default\extensions\ffxtlbr@babylon.com deleted C:\Users\CORNEV~1\AppData\Roaming\Mozilla\Firefox\Profiles\v49mtiaj.default\extensions\crossriderapp2258@crossrider.com deleted "C:\Windows\Installer\c918a7.msi" deleted "C:\Windows\Installer\c918a7.msi" deleted "C:\Program Files (x86)\Popcorn Time\iconv.dll" deleted "C:\Program Files (x86)\Popcorn Time\icudt52.dll" deleted "C:\Program Files (x86)\Popcorn Time\icuin52.dll" deleted "C:\Program Files (x86)\Popcorn Time\icuuc52.dll" deleted "C:\Program Files (x86)\Popcorn Time\lib.dll" deleted "C:\Program Files (x86)\Popcorn Time\libgcc_s_dw2-1.dll" deleted "C:\Program Files (x86)\Popcorn Time\libstdc++-6.dll" deleted "C:\Program Files (x86)\Popcorn Time\libvlc-qt-widgets.dll" deleted "C:\Program Files (x86)\Popcorn Time\libvlc-qt.dll" deleted "C:\Program Files (x86)\Popcorn Time\libvlc.dll" deleted "C:\Program Files (x86)\Popcorn Time\libvlccore.dll" deleted "C:\Program Files (x86)\Popcorn Time\libwinpthread-1.dll" deleted "C:\Program Files (x86)\Popcorn Time\msvcp100.dll" deleted "C:\Program Files (x86)\Popcorn Time\msvcr100.dll" deleted "C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Core.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Gui.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Multimedia.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5MultimediaWidgets.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Network.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5OpenGL.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Positioning.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5PrintSupport.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Qml.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Quick.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Sensors.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Sql.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5WebKit.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5WebKitWidgets.dll" deleted "C:\Program Files (x86)\Popcorn Time\Qt5Widgets.dll" deleted "C:\PROGRA~3\Wincert\win32cert.dll" deleted "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted "C:\Program Files (x86)\Popcorn Time\bearer\qgenericbearer.dll" deleted "C:\Program Files (x86)\Popcorn Time\bearer\qnativewifibearer.dll" deleted "C:\Program Files (x86)\Popcorn Time\chromecast\node.exe" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qdds.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qgif.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qicns.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qico.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qjp2.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qjpeg.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qmng.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qtga.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qtiff.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qwbmp.dll" deleted "C:\Program Files (x86)\Popcorn Time\imageformats\qwebp.dll" deleted "C:\Program Files (x86)\Popcorn Time\platforms\qwindows.dll" deleted "C:\Program Files (x86)\Popcorn Time\sensors\qtsensors_dummy.dll" deleted "C:\Program Files (x86)\Popcorn Time\sensors\qtsensors_generic.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libaccess_bd_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libaccess_vdr_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libdshow_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libdvdnav_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libfilesystem_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\liblibbluray_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libstream_filter_rar_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access\libzip_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_filter\libsamplerate_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_filter\libscaletempo_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_mixer\libfloat_mixer_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_output\libdirectsound_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_output\libwaveout_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\liba52_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libaes3_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libaraw_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libavcodec_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libcdg_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libdts_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libfaad_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libflac_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libg711_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\liblibass_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\liblpcm_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libmpeg_audio_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libopus_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libpng_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libschroedinger_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libspeex_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libspudec_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libtheora_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec\libvorbis_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\demux\libmp4_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\meta_engine\libtaglib_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\misc\libxml_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\mmx\libi420_rgb_mmx_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\mmx\libi420_yuy2_mmx_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\mmx\libi422_yuy2_mmx_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\sse2\libi420_rgb_sse2_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\sse2\libi420_yuy2_sse2_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\sse2\libi422_yuy2_sse2_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\stream_filter\libdash_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\stream_filter\libhttplive_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\stream_filter\libsmooth_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\text_renderer\libfreetype_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libgrey_yuv_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libi420_rgb_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libi420_yuy2_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libi422_i420_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libi422_yuy2_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libyuy2_i420_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma\libyuy2_i422_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_filter\libscale_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_filter\libswscale_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_filter\libyuvp_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_output\libdirect3d_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_output\libdirectdraw_plugin.dll" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_output\libdrawable_plugin.dll" deleted "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe" deleted "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\x64\datamngr.dll" deleted "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\x64\IEBHO.dll" deleted "C:\PROGRA~2\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe" deleted "C:\PROGRA~2\iMesh Applications\Mediabar\Datamngr\x64\datamngr.dll" deleted "C:\PROGRA~2\iMesh Applications\Mediabar\Datamngr\x64\IEBHO.dll" deleted "C:\PROGRA~2\Ask.com\Updater\Updater.exe" deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Program Files (x86)\Popcorn Time" deleted "C:\Program Files (x86)\iMesh Applications\Mediabar" not deleted "C:\PROGRA~2\iMesh Applications" not deleted "C:\PROGRA~2\Ask.com" deleted "C:\PROGRA~3\Wincert" not deleted "C:\Program Files (x86)\Ask.com\Updater" deleted "C:\Program Files (x86)\Popcorn Time\bearer" deleted "C:\Program Files (x86)\Popcorn Time\chromecast" deleted "C:\Program Files (x86)\Popcorn Time\imageformats" deleted "C:\Program Files (x86)\Popcorn Time\platforms" deleted "C:\Program Files (x86)\Popcorn Time\plugins" deleted "C:\Program Files (x86)\Popcorn Time\sensors" deleted "C:\Program Files (x86)\Popcorn Time\plugins\access" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_filter" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_mixer" deleted "C:\Program Files (x86)\Popcorn Time\plugins\audio_output" deleted "C:\Program Files (x86)\Popcorn Time\plugins\codec" deleted "C:\Program Files (x86)\Popcorn Time\plugins\demux" deleted "C:\Program Files (x86)\Popcorn Time\plugins\meta_engine" deleted "C:\Program Files (x86)\Popcorn Time\plugins\misc" deleted "C:\Program Files (x86)\Popcorn Time\plugins\mmx" deleted "C:\Program Files (x86)\Popcorn Time\plugins\sse2" deleted "C:\Program Files (x86)\Popcorn Time\plugins\stream_filter" deleted "C:\Program Files (x86)\Popcorn Time\plugins\text_renderer" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_chroma" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_filter" deleted "C:\Program Files (x86)\Popcorn Time\plugins\video_output" deleted "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr" not deleted "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\x64" not deleted "C:\PROGRA~2\iMesh Applications\Mediabar" not deleted "C:\PROGRA~2\iMesh Applications\Mediabar\Datamngr" not deleted "C:\PROGRA~2\iMesh Applications\Mediabar\Datamngr\x64" not deleted "C:\PROGRA~2\Ask.com\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3891 MB CPU Info: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz CPU Speed: 2433,9 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633J Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 298,1GB | D: 297,7GB Hard Disks - Free: C: 195,2GB | D: 290,1GB Manufacturer *: TOSHIBA BIOS Info: AT/AT COMPATIBLE | 05/17/11 | TOSCPL - 74 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA PWWAA Country: Nederland Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.0.9600.17420 Adobe Reader version: 11.0.9.29 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.239 Shockwave Player version: 12.0.6r147 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-11-10 18:46:44 84B4F61F59A421BD85D97B35D194B42B 86016 ----a-w- C:\Windows\unvise32.exe ====== C:\Users\CORNEV~1\AppData\Local\Temp ==== 2014-12-03 18:57:34 E045BD7B7B58F9A2C923D56E52F2C2D8 1003520 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\9D375A5.exe 2014-12-03 18:52:15 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\37661.exe 2014-12-03 18:52:12 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\B4ccf24.exe 2014-12-03 18:51:14 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\E481.exe ====== Java Cache ===== 2014-12-01 22:00:01 C30D47F442CFEF552A710A790E0E235A 10026890 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\27875440-2f955c35 2014-12-01 22:00:04 C6BE16FFB895A83664BE96C085FB866F 2101449 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\721d2580-5e53f5bc 2014-12-01 21:59:26 8846FA1F0B228E3A42E604C52B08F128 5231 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\311c0f41-7cff545a 2014-12-01 22:00:12 DD8CFE86729B99CABD5F8B52C40F17EA 8289128 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\43fa904b-3962860a 2014-12-01 22:00:17 CB2239580D515EF5CF4708FB916EF834 7620 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\550bd7ce-7ef99824 2014-12-01 21:59:21 50E1EA1FA7637F9EB8FA51E107C1005C 70349 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\2f0ebe8f-43523168 2014-12-01 21:59:46 6A7C9DEBB432F23DD05A73F230128342 589191 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\4138810-707b93c4 2014-12-01 22:00:08 269805B1D3F2B84AFB64E1BBBC581B6D 3463829 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\7f67c813-79132236 2014-12-01 22:00:03 413ABF36B0BAEA672D37F06C2E0AB3FA 312273 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\e2f6613-618169fd 2014-12-01 21:58:39 B9FE1FE63DEE807F7691B6380A8A5044 156165 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\68d88d58-3172ef63 2014-12-01 21:58:49 9DF75B8E84EE57708F0E87774289280A 86390 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\686f8119-1c7103df 2014-12-01 21:59:26 580D53CF8C51CBE887F47F1E82EC7051 114076 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\58b83b1c-14f1be2e 2014-12-01 22:00:07 40EF82C6FF8745B8DC9C4FF4883C25EB 450245 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1aad19d-16c74ece 2014-12-01 21:59:25 469D0841362E4620C2821740C8C666B4 2939 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\4d07339d-3acb65fc 2014-12-01 21:59:54 698B325EB54A669F1E12D60C882F5D72 18865205 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\49a51f83-19bb1d6c 2014-12-01 21:59:26 9C61C2C51EB752D018E09C7869EA501B 118922 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5218d7de-217b13d9 2014-12-01 21:59:25 32A555CE481C2397B7224CB0C6DF72DD 2778 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\266d82df-1089cd47 2014-12-01 22:00:05 C7A4D61C6445D525209C2681AB6E09B1 106109 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\7c852e1f-50719aa9 2014-12-01 21:59:21 A88E8539CD437878BE400BC4824BCD96 7685160 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\221fa720-4f581f5e 2014-12-01 21:59:46 8FDB0E00D8E80D54E763ED79B3CCE0D0 444485 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\499665e0-6badb04f 2014-12-01 22:00:07 10A7223559F12A4C948868973AE65741 876889 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\48332462-700ddf71 2014-12-01 22:00:07 AAC83D85340369E039ACA876E4EF9BCB 102406 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\75c94863-525b3afb 2014-12-01 21:59:25 72392ECBDFA9A2ECC2256C7E49628DAA 145687 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\4e8d6524-3869a7d3 2014-12-01 22:00:06 352A6B02FC63C88B998389F706309A89 703593 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\723c9324-3ef09c1c 2014-12-01 21:59:59 4B0203D47A5B8D30F30D7B213D50BC09 1047713 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\135be7e6-4d15d943 2014-12-01 21:58:41 3E9CF683D986CE638D4F74170E234A29 13782 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-5d5ed924 2014-12-01 21:59:45 9178CAF3226D4C24F5E1B2420C9A0B8B 629406 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\25731b44-217b5b9f 2014-12-01 22:00:05 5543278E0066C2D8EFA3680F5D5849CC 1937993 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\7d50d9e8-6f21602a 2014-12-01 21:59:17 11C835CF0442948D3409975F9B1E74CF 3557335 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\37d73ae9-5652283d 2014-12-01 21:59:48 D32BB0F94C29A8FF3077681C26C9CB13 5120483 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\3758a82b-6d151486 2014-12-01 21:59:38 8BC24AFB3D80871901D8B7BF434DFAAF 14156778 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\3c22c12c-42478242 2014-12-01 21:59:29 6A4E68245EA60677139D0CAB19219804 12701301 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\45f0ac30-3c0639fd 2014-12-01 21:59:26 8E418247A4C9BFED7A274183B3F5AA9C 37218 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\d3f0870-3b79e65a 2014-12-01 21:59:26 CDD71FAEEFE0238D9470FC4C04678169 3161 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3949adc5-27431d48 2014-12-01 21:59:37 A4C8D5250D5D8F3057E8C345B1C3C594 73498 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\50cc9973-38b5b1d2 2014-12-01 21:59:26 B33ECC73C20C54FCA03A42E8F6667FCD 35968 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\658a9f37-64e6d5c8 2014-12-01 21:59:05 834761CCFA738DFE58E35AC13260E4C1 66100 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\d183ffb-5dc0fefd 2014-12-01 21:59:26 6A3ABB1AF2EF29FDFAD5536BA3E36FE9 152710 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\5e26a57c-44ac23d9 2014-12-01 21:58:38 D89B7BE138760A3C809EA0E6A131581C 468 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\13d631ff-3d6c96d69f76abb955f94218f0fe1143b14ef1c9c727888076f3c15861a8d682-6.0.lap 2014-12-01 21:59:16 69C4A2278C4206DE49AD5EF243B25597 99061 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\a30c27f-27df70e9 2014-12-01 21:59:26 50964030CA611ADDC3FC1FE4C59A4539 33731 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\24a78149-119cff25 2014-12-01 22:00:10 18037F0F12E9AA7BBBDB750671F09A18 183914 ----a-w- C:\Users\CorneValkenburg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\7b4d8c09-31822cc8 ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-11-12 09:48:07 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-03 21:43:57 -------- d-----w- C:\Program Files\trend micro 2014-11-10 18:32:55 -------- d-----w- C:\Program Files\WinRAR 2014-11-10 18:22:44 -------- d-----w- C:\Program Files\Free Opener ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\CorneValkenburg\AppData\Roaming ====== 2014-12-03 19:50:44 -------- d-sh--w- C:\Users\CorneValkenburg\AppData\Locallow\EmieBrowserModeList 2014-12-03 19:50:40 -------- d-sh--w- C:\Users\CorneValkenburg\AppData\Local\EmieBrowserModeList 2014-11-10 18:33:37 -------- d-----w- C:\Users\CorneValkenburg\AppData\Roaming\WinRAR ====== C:\Users\CorneValkenburg ====== 2014-12-03 18:57:29 E045BD7B7B58F9A2C923D56E52F2C2D8 1003520 ----a-w- C:\Users\CorneValkenburg\Downloads\Warlords Battlecry 3 Game (2).exe 2014-12-03 18:52:03 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\Downloads\warlords battlecry 3 game (1).exe 2014-12-03 18:50:46 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\Downloads\warlords battlecry 3 game.exe 2014-12-01 21:42:10 9BFCB23AEC5EE0867F49898376F918C3 151838355 ----a-w- C:\Users\CorneValkenburg\Downloads\TSinstaller12.exe 2014-11-10 18:46:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age Of Empire-II The Age Of Kings 2014-11-10 18:23:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Opener ====== C: exe-files == 2014-12-04 08:33:07 18BC95EE896DB3DE0AD0DB4A06361937 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2760206139-58281569-2970929880-1001\$I986Z3I.exe 2014-12-03 22:18:03 9E81F392A1D29666B7184D1E40025E78 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2760206139-58281569-2970929880-1001\$IVAYG0I.exe 2014-12-03 22:11:11 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1A34959D-C393-449A-9ADD-94EDFD3D6B46}\39.0.2171.71_chrome_installer.exe 2014-12-03 21:43:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\CorneValkenburg.exe 2014-12-03 21:42:14 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2760206139-58281569-2970929880-1001\$RVAYG0I.exe 2014-12-03 21:31:14 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C5D3BFE1-DF99-48A1-9EA8-3A0D8A9D1CED}\39.0.2171.71_chrome_installer.exe 2014-12-03 20:41:42 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{871C855C-FC36-4BB7-A584-D489ED259ED5}\39.0.2171.71_chrome_installer.exe 2014-12-03 20:30:29 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1BC34252-9086-4CC8-B64E-FD3E76FD2E19}\39.0.2171.71_chrome_installer.exe 2014-12-03 20:28:12 4DEDE96BD568BD11DC92C6D893666E1E 32507072 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFHJS02R\Windows-KB890830-x64-V5.18.exe 2014-12-03 20:22:01 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{96324A7F-B0DB-4B87-B903-1298532D273D}\39.0.2171.71_chrome_installer.exe 2014-12-03 20:12:37 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ4IN3V3\MicrosoftFixit.ProgramInstallUninstall.RNP.132341063801186033.1.1.Run.exe 2014-12-03 20:09:37 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{91755CC8-3822-4EA4-B337-3F5E990B5931}\39.0.2171.71_chrome_installer.exe 2014-12-03 20:06:33 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{080AA7B9-8B03-48E7-902F-FD449DA69BB2}\39.0.2171.71_chrome_installer.exe 2014-12-03 20:00:20 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{9553F6CC-4A5C-4CDA-832D-DFE3DF9E069E}\39.0.2171.71_chrome_installer.exe 2014-12-03 19:54:39 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Install\{AF8ACDBD-C936-4D5E-A604-CF43A9FDF0CA}\39.0.2171.71_chrome_installer.exe 2014-12-03 19:54:38 EB1482D0C28EA78549B936F06ACC4FDE 40749136 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.71\39.0.2171.71_chrome_installer.exe 2014-12-03 19:54:22 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-12-03 19:54:22 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-12-03 19:54:22 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-12-03 19:54:22 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-12-03 19:54:22 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-12-03 19:54:22 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-12-03 19:54:22 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-12-03 19:54:17 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Apps\2.0\A3MKGOMX.OXD\5XP8DQLA.AJL\inst...app_4fe91ede9f9bdca3_0001.0003_42ceeda68833d423\GoogleUpdateSetup.exe 2014-12-03 19:54:17 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Apps\2.0\A3MKGOMX.OXD\5XP8DQLA.AJL\clic...exe_4fe91ede9f9bdca3_0001.0003_none_b1328e123920ace1\GoogleUpdateSetup.exe 2014-12-03 19:54:17 0C03930EAEB2C336A067451192677F28 10120 ------w- C:\Users\CorneValkenburg\AppData\Local\Apps\2.0\A3MKGOMX.OXD\5XP8DQLA.AJL\inst...app_4fe91ede9f9bdca3_0001.0003_42ceeda68833d423\clickonce_bootstrap.exe 2014-12-03 18:57:34 E045BD7B7B58F9A2C923D56E52F2C2D8 1003520 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\9D375A5.exe 2014-12-03 18:52:15 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\37661.exe 2014-12-03 18:52:12 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\B4ccf24.exe 2014-12-03 18:51:14 F7E995F69412411914BB01F73AE4516B 1005568 ----a-w- C:\Users\CorneValkenburg\AppData\Local\Temp\E481.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUP" "Spotify Web Helper"="C:\Users\CorneValkenburg\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\CorneValkenburg\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Google Update"="C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Akamai NetSession Interface"="C:\Users\CorneValkenburg\AppData\Local\Akamai\netsession_win.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBAgent"="c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "HWSetup"="C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL" "KeNotify"="C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe LPCM" "ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUP" "Spotify Web Helper"="C:\Users\CorneValkenburg\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\CorneValkenburg\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Google Update"="C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Akamai NetSession Interface"="C:\Users\CorneValkenburg\AppData\Local\Akamai\netsession_win.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL c:\\progra~3\\browse~1\\261095~1.52\\{c16c1~1\\browse~1.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"="C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 " "TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" "Toshiba Registration"="C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe" "TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe " "TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe " "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe " "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe " "TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" ==== Startup Folders ====================== 2011-07-27 08:35:00 1258 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2011-07-27 08:35:00 1258 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2011-07-27 08:56:01 773 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26-11-2014 15:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22-10-2014 08:08] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760206139-58281569-2970929880-1001Core.job --a------ C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe [10-01-2014 19:43] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2760206139-58281569-2970929880-1001UA.job --a------ C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe [10-01-2014 19:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\ConfigFree Startup Programs" [C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1ceeba7414f1481" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2760206139-58281569-2970929880-1001Core" [C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2760206139-58281569-2970929880-1001UA" [C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{2DC761F6-77AA-424F-9342-EC17B62A4A74}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [25-11-2014 08:53] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{0F827075-B026-42F3-885D-98981EE7B1AE}"="C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" [] ==== Firefox Extensions ====================== ExtDir: C:\Users\CorneValkenburg\AppData\Roaming\Mozilla\Firefox\Profiles - Ask Toolbar - %ExtDir%\toolbar@ask.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\CorneValkenburg\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions apgjagobplilmcdfelodhgefiidomnfl - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx[] bopakagnckmlgajfccecajhnimjiiedh - No path found[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\CorneValkenburg\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[] eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\CorneValkenburg\AppData\Roaming\BabSolution\CR\Delta.crx[] fheoggkfdfchfphceeifdbepaooicaho - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cgiaikfpllchefojlnehlmpekeogihnm - C:\Users\CorneValkenburg\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx[] Docs - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo WiseConvert - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgiaikfpllchefojlnehlmpekeogihnm Google Search - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgiaikfpllchefojlnehlmpekeogihnm deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2760206139-58281569-2970929880-1001\Software\mozilla\Firefox\Extensions\{0F827075-B026-42F3-885D-98981EE7B1AE} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\apgjagobplilmcdfelodhgefiidomnfl deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cgiaikfpllchefojlnehlmpekeogihnm deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa6789c5} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\imeshtoolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Softonic deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUP O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\CorneValkenburg\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\CorneValkenburg\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\CorneValkenburg\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\CorneValkenburg\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Global Startup: Toshiba Places Icon Utility.lnk = ? O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (file missing) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll O23 - Service: McAfee Application Installer Cleanup (0141871417688923) (0141871417688923mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\014187~1.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLZI7ECJ will be deleted at reboot C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ4IN3V3 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\CorneValkenburg\AppData\Local\Google\Chrome SxS\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3458 folders=606 294547388 bytes) ==== Empty Temp Folders ====================== C:\Users\CorneValkenburg\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\CORNEV~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\iMesh Applications\Mediabar" not found "C:\PROGRA~2\iMesh Applications" not found "C:\PROGRA~3\Wincert" not found "C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLZI7ECJ" deleted "C:\Users\CorneValkenburg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ4IN3V3" deleted ==== EOF on do 04-12-2014 at 11:56:01,08 ======================