Zoek.exe v5.0.0.0 Updated 15-February-2015 Tool run by Ani on di 17-02-2015 at 10:38:51,57. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ani\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 17-2-2015 11:25:06 Zoek.exe System Restore Point Created Succesfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\FreeTime deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\OpenAL deleted successfully C:\PROGRA~2\COMMON~1\Skype deleted successfully C:\PROGRA~3\Karen's Power Tools deleted successfully C:\PROGRA~3\Systweak deleted successfully C:\PROGRA~3\TechSmith deleted successfully C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\Ani\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Ani\AppData\Roaming\Search Protection deleted successfully C:\Users\Ani\AppData\Roaming\Systweak deleted successfully C:\Users\Ani\AppData\Roaming\Tuneup Pro deleted successfully C:\Users\Ani\AppData\Local\CrashDumps deleted successfully C:\Users\Ani\AppData\Local\PackageAware deleted successfully C:\Users\Ani\AppData\Local\PrivateWiFi deleted successfully C:\Users\Ani\AppData\Local\StormFall deleted successfully C:\Users\Ani\AppData\Local\WorldofTanks deleted successfully C:\Users\Klaas\AppData\Local\VirtualStore deleted successfully C:\Users\Klaas.Ani-HP\AppData\Local\VirtualStore deleted successfully C:\Users\Klaas.Ani-HP.000\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\SearchScopes\{02F7FB44-DE67-4344-A859-5855DB8CCBE0} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2945198A-C645-4B4E-B55F-9233BDE2D1C1} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B955E20-4EA9-4ECC-8A24-EFC502185348} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B8AD65E-F391-44FF-A1DC-0EBBFF2235F6} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{974A3F6D-5515-4033-A17B-B73696EE2649} deleted successfully HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{37e17185-b07a-47b3-bd86-c675e4e4b89a} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311301136} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311551174} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{3444C3C5-6C56-4A16-A453-832B05BF6EA4} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FCE04E1F-9378-4f39-96F6-5689A9159E45} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully ==== Installed Programs ====================== AC3Filter 2.6.0b Acronis True Image Home Adobe AIR Adobe Community Help Adobe Download Assistant Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Flash Player 17 PPAPI Adobe Photoshop CS5.1 Adobe Photoshop CS6 Adobe Reader X (10.1.12) - Nederlands Adobe Shockwave Player 12.1 Aiseesoft Total Video Converter Platinum 7.1.6 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In AMD System Monitor Auslogics BoostSpeed 7 Auslogics Disk Defrag Professional Auslogics DiskDefrag AVG 2014 AVG 2015 AVS Audio Converter 7.3 AVS Audio Editor 7.3 AVS Disc Creator 5.2 AVS Document Converter 2.3.2 AVS Image Converter 3.2.1.277 AVS Media Player 4.2.3.106 AVS Photo Editor 2.3.1.144 AVS Registry Cleaner 2.3.4.261 AVS Video Converter 9.0 AVS Video Editor 7.0 AVS Video ReMaker 4.3.2.166 Canon CanoScan Toolbox 5.0 CanoScan 4400F Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Ccleaner Business Edition x64 x86 Tom_Da_Man Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink YouCam D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition DivX Setup EaseUS Partition Master 10.0 Trial Edition EasyDuplicateFinder v4.4 ESU for Microsoft Windows 7 SP1 FastStone Photo Resizer 3.1 Firebird SQL Server - MAGIX Edition Foxit Cloud Foxit Reader GemistDownloader Google Earth Google Update Helper GrabIt 1.7.2 Beta 6 (build 1008) Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Customer Experience Enhancements HP Documentation HP Games HP Launch Box HP On Screen Display HP Power Manager HP Quick Launch HP QuickWeb HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Java 7 Update 7 (64-bit) Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update Karen's Directory Printer Malwarebytes Anti-Malware versie 2.0.4.1028 MediaInfo 0.7.64 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4.5 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 MiniTool Partition Wizard Home Edition 8.1.1 More Games from HP Games Movie Maker Mozilla Firefox 35.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Opera Stable 24.0.1558.64 Opera Stable 27.0.1689.69 PDF Settings CS5 PDF Settings CS6 Photo Gallery Picasa 3 Rapport RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Cloud Realtek Ethernet Controller Driver Realtek PCIE Card Reader REALTEK Wireless LAN Driver RealUpgrade 1.1 Recover Keys Recovery Manager Recuva Revo Uninstaller 1.95 Revo Uninstaller Pro 3.1.2 ScanSoft OmniPage SE 4.0 Screensaver Factory 6.5 Search Protection Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2833957) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft .NET Framework 4.5 (KB2861208) Security Update for Microsoft .NET Framework 4.5 (KB2898864) Security Update for Microsoft .NET Framework 4.5 (KB2901118) Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Spotnet swMSM Synaptics Pointing Device Driver SyncBackFree Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Trusteer Eindpuntbeveiliging TuneUp Utilities Language Pack (nl-NL) Typecursus 7.0 UmmyVideoDownloader 1.2.0.9 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft .NET Framework 4.5 (KB2805221) Update for Microsoft .NET Framework 4.5 (KB2805226) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition UpdateService VC80CRTRedist - 8.0.50727.6195 Veetle TV Video Downloader Virtual Villagers 5 - New Believers Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player Vuze Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Resources Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (64-bit) Wondershare Data Recovery(Build 4.7.0.5) Youtube Downloader HD v. 2.9.9.21 ZHPDiag 2015 ==== Running Processes ====================== C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\ffprobe.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe C:\Windows\SysWOW64\ctfmon.exe c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\ffprobe.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Users\Ani\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\5zieywzr.default user.js not found ---- Lines mysearch removed from prefs.js ---- user_pref("browser.startup.homepage", "https://mysearch.avg.com?cid={5A5749D0-0409-4C42-B5C0-1C46CFC11491}&mid=6ba74f42844e47d0958a3dd332d8bce0-4d6c49 ---- FireFox user.js and prefs.js backups ---- prefs_17-02-2015_1825_.backup ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_17-02-2015_1825_.backup ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\fygi4x0g.default-1423995463084 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_17-02-2015_1825_.backup ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\ro3qjnrh.default-1413205861432 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_17-02-2015_1825_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found "C:\Windows\Installer\5960b.msi" not found C:\Users\Ani\.android deleted C:\PROGRA~2\Wondershare deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\Users\Ani\AppData\Roaming\ProductData deleted C:\PROGRA~3\BSD deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\Users\Ani\AppData\Local\Wondershare deleted C:\Users\Ani\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Ani\Downloads\SpeedyPC Pro Installer_d8261c3_.exe deleted C:\Users\Ani\AppData\LocalLow\IObit Apps deleted C:\Users\Ani\AppData\LocalLow\ADSRemoval deleted C:\Users\Ani\AppData\LocalLow\boost_interprocess deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\windows\SysNative\Tasks\Tuneup Pro deleted C:\windows\SysNative\Tasks\Tuneup Pro_DEFAULT deleted C:\windows\SysNative\Tasks\Tuneup Pro_UPDATES deleted C:\Windows\Tasks\Tuneup Pro_DEFAULT.job deleted C:\Windows\Tasks\Tuneup Pro_UPDATES.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\SafeAppRichList.ocx deleted C:\Windows\Syswow64\CUUpdateComponent.ocx deleted C:\Windows\Syswow64\ComputerUpdaterLM.ocx deleted C:\Windows\Syswow64\InstallUtil.InstallLog deleted C:\Users\Ani\Documents\BitLord deleted C:\Users\Public\Desktop\UmmyVideoDownloader.lnk deleted C:\Users\Ani\Desktop\Youtube Downloader HD.lnk deleted C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com deleted "C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\5zieywzr.default\extensions\iobitapps@mybrowserbar.com" deleted "C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\5zieywzr.default\extensions\iobitapps@mybrowserbar.com" deleted "C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted "C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitapps@mybrowserbar.com" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 5610 MB CPU Info: AMD A4-3300M APU with Radeon(tm) HD Graphics CPU Speed: 1893,6 MHz Sound Card: Luidsprekers en koptelefoons (I | Communicatie koptelefoons (IDT | Display Adapters: AMD Radeon HD 6480G | AMD Radeon HD 6480G | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Realtek RTL8188CE 802.11b/g/n WiFi Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 2x (F: | G: | ) F: hp DVD-RAM UJ8B1 | G: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 679,6GB | D: 14,9GB | E: 4,0GB Hard Disks - Free: C: 109,7GB | D: 1,6GB | E: 1,1GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | 05/13/13 | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 3566 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Internet Explorer Version: 11.0.9600.17633 Mozilla Firefox version: 35.0.1 (x86 nl) Opera Browser version: 27.0.1689.69 Sun Java version: 1.7.0_07 (64-bit) Flash Player version: 16.0.0.305 Shockwave Player version: 12.1.6r156 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-01-22 12:17:37 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2015-01-22 12:17:37 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2015-01-22 12:17:37 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2015-01-22 12:17:37 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2015-01-22 12:17:37 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe ====== C:\Users\Ani\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-02-12 10:22:38 D969572B5DD59273D886D15766992A66 201800 ----a-w- C:\Windows\SysWOW64\rmoc3260.dll 2015-02-12 10:20:58 608EC2D8B0B54DBE56D934091EB485CB 278600 ----a-w- C:\Windows\SysWOW64\pncrt.dll 2015-02-12 10:20:06 983838081FAE2C92690BA5DD744E75E8 505416 ----a-w- C:\Windows\SysWOW64\msvcp71.dll 2015-02-12 10:20:06 42044F7D8B16F6FFA7228C6038F4C81B 353864 ----a-w- C:\Windows\SysWOW64\msvcr71.dll 2015-02-12 06:59:11 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-02-12 06:59:11 01BD2653F2185218837CF4A175617F8A 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-02-11 10:01:53 B63A6FF4339C9B701A93D3973C7FB6D2 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-02-11 10:01:53 7D94A9161E8432B8521E60E064B1D737 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 10:01:53 7C893DBA0A58855A99DA68B751FD223B 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-02-11 10:01:52 F3F6BE20A03215209B61CA85B4A83E1F 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 10:01:52 3BB446DE24501FEA5FDB9A9DB23A22AE 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 10:01:51 C256EFD3655EC782F8094E96094E8F9E 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-02-11 10:01:51 A12D64A94EC57079C2D96A741CB4FF53 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-02-11 10:00:18 E1A4D24281526DDFEA418F729CDA9DC6 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-02-11 10:00:18 D87759889FE7BCAE4461439139E62BAA 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 10:00:18 B0F7BD3492C2D60A70F15AEADCE1E2A6 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 10:00:17 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 10:00:16 94B1F7CE1AAA5542923E0AD63C4D0050 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 10:00:16 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-02-11 10:00:16 74EA6C792F57E453261DA210C1BCEB53 342712 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 10:00:15 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 10:00:15 6FA05244FD2E40A3DC08337146B3C425 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 10:00:15 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-02-11 10:00:13 47B26D89EF9973E2DD586D0C827F61A9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 10:00:12 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 10:00:12 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 10:00:12 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-02-11 10:00:12 5FB7E9786F70F4072663746072C9E6CE 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-02-11 10:00:11 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 10:00:11 994E7459260D315573DD72783D1B78A7 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-02-11 10:00:11 55A84600EAAF8F1D3F0E6206E2EF6D48 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 10:00:11 28B2D3CB1B4306D476200D80AF7D87AD 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 10:00:10 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-02-11 10:00:06 180168942E4A133C55E7BBF17DA3C142 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 10:00:05 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-02-11 10:00:05 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-02-11 10:00:04 6F10743069DFFC56DEE079204960844E 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-02-11 09:57:07 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-02-11 09:57:06 F312300F29620F74E3AF3AF018151935 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-02-11 09:57:06 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-02-11 09:57:06 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-02-11 09:57:06 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-02-11 09:57:06 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-02-11 09:56:14 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 09:56:10 A208DAC2932649CFF82A6A684D8BB1F6 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 09:55:44 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-02-11 09:55:44 623E143F2DF17C0106A9988F5D7DC878 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-02-11 09:55:44 0C96A745A76C7DD75C5503E86D968E49 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-02-11 09:55:01 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\SysWOW64\scesrv.dll 2015-02-11 09:54:05 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 09:54:04 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 09:54:02 97B7E7E3356F7F7FE5B948AB3ED707DD 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll ====== C:\Windows\SysWOW64\drivers ===== 2015-01-19 07:36:32 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS ====== C:\Windows\Sysnative ===== 2015-02-12 06:59:11 16ACAA0C01F31B39F39446188F6A3593 6041600 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-02-12 06:59:10 D363FBB2D0223956FF61ADBDBF5499B1 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-02-11 10:02:25 64EAD6C9D342E7E0CFCA3559FCBFDDAC 894976 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-02-11 10:02:25 47709F1B718859ED8AB5EA3EA3974BEB 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-02-11 10:02:24 B5746809407BDEB18D9D4769CD9FF24E 414720 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-02-11 10:02:24 7150E809474BBD4D4AD24B13FA2454E5 1239720 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2015-02-11 10:02:24 5C09611AB8D508CC252BB2D5A069D1AC 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-02-11 10:02:24 5632EB9633EACCC323CEA2C03A0B4133 762368 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-02-11 10:02:23 EF4FA1D31D146EA0C04D16E75FCA6BCF 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-02-11 10:02:23 7F2F9AACF457CE48CDDBD643FC53487C 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-02-11 10:01:53 DDACB408E607655EC64269706BFD504C 341504 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-02-11 10:01:53 C1F9E139B8AE80803CE44DC0377CA342 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-02-11 10:01:53 6A06BCED1DF1CFE8A32E7D10ABAA7188 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-02-11 10:01:52 A46A6C5AD462071B718EBF3C9E117849 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-02-11 10:01:52 8F33880F1863BE3925D3A0121FAC5E8F 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-02-11 10:01:52 5350A548BEC957978B7014CDFF091542 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-02-11 10:01:51 22E30E28865C32C3CF4F4E0E7E277FDC 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-02-11 10:00:18 71EBA93C5322A52A7E177E03E1AE7161 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-02-11 10:00:18 01A314677CC80041A63ED109B56A76B0 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-02-11 10:00:16 F42B1DAAB5B7621341243878180446CD 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-02-11 10:00:16 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-02-11 10:00:16 68A2B96528F58D995882FBEB4D9658A5 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-02-11 10:00:15 92BD5080B81EDFA32B0CEE8B923D62C3 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-02-11 10:00:12 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-02-11 10:00:12 1D824B5A200C284E1A546C2C50704471 389808 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-02-11 10:00:11 DF39C79DFC1C063493D2DB9B3237B29F 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-02-11 10:00:11 97F037E09A706ACDA681D740DEE16AE4 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-02-11 10:00:11 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-02-11 10:00:11 2E4F8664B54426C2F5523665B279E984 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-02-11 10:00:09 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-02-11 10:00:09 512DD29CE6CDCB22EA615286DA7022E7 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-02-11 10:00:07 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-02-11 10:00:07 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-02-11 10:00:04 A7814E76ED4ACE0694A83F6E4B6A7272 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-02-11 10:00:04 6916B0663357B183B120D1A4DD7DDAB0 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-02-11 10:00:02 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-02-11 10:00:02 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-02-11 10:00:02 CA3F410410DE9E5234217D33B9628224 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-02-11 09:59:59 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-02-11 09:59:59 4CE68D160D80AF6C9FDB5C60BA087DA5 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-02-11 09:59:58 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-02-11 09:59:57 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-02-11 09:59:55 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-02-11 09:59:55 4701399F7BA312353ADE8225F6EB512B 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-02-11 09:59:54 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-02-11 09:57:07 C97662B6752BFEF07C565D96E8ECC98F 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-02-11 09:57:07 6EAD88B508E4785F4AFDFD24F76E8839 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-02-11 09:57:06 E0105F3B5B1C4B0F5B3D788A13504EC6 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-02-11 09:57:06 BE4927689BA39E18A104986CB1363C97 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-02-11 09:57:06 94C6BCF9212E20866AC1558A32E9F228 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-02-11 09:57:06 857CED230A6B87E84FCA04B472A3CB1A 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-02-11 09:57:06 51BB93FF96AE3882B4AF7CA11000D3A3 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-02-11 09:57:06 2EE57F4491A402C04FCAA7D012493884 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-02-11 09:57:06 1798826FE9FFEA9E93E74A5868559D4A 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-02-11 09:56:14 4861B9AF67E1B0154A55FDE4B3A61EB9 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-02-11 09:56:10 AE4FEDD98096C09A8A86E021FC5E9D67 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2015-02-11 09:55:44 E5AF792AB409F600D416CB257C84305D 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-02-11 09:55:44 7FC292D1527EDFEBA2576B6789DE6AB5 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-02-11 09:55:44 19D511CC455C19DE1ADF60E6C39C85B6 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-02-11 09:55:01 FE72C89986E1BA32AD926A820491F23F 406528 ----a-w- C:\Windows\Sysnative\scesrv.dll 2015-02-11 09:54:06 9819614CA9EFB5A96493B379170B9D89 5554112 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-02-11 09:54:03 F7A3018D8F1825427BC11E912D5287CD 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-02-11 09:54:03 0147AA370862201A443752351F135D31 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-02-11 09:54:02 D6CDCAF84810641D1D2B455750825ACA 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-02-11 09:49:36 DF07110F77639E73D0537188703F44F6 3201536 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-02-11 09:57:07 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-11 09:57:07 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-02-11 09:57:07 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-01-19 08:08:13 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_point64_01009.Wdf 2015-01-19 08:04:14 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_dc3d_01009.Wdf 2015-01-19 07:52:58 A87FC6E3670DB55788184FE3A3808712 18959360 ----a-w- C:\Windows\Sysnative\drivers\atikmdag.sys 2015-01-19 07:52:58 971F3B12C24BB83B48F8CCA2ED019906 589312 ----a-w- C:\Windows\Sysnative\drivers\atikmpag.sys 2015-01-19 07:52:57 8F626F7DEECBC545ED3C2DB95DFD693C 43520 ----a-w- C:\Windows\Sysnative\drivers\ati2erec.dll 2015-01-19 07:52:53 A2737AA6B6EC398987CFBE7D79BE36A3 294600 ----a-w- C:\Windows\Sysnative\drivers\amdacpksd.sys 2015-01-19 07:52:37 A2844D704DB69FC92F5FA8AE9E3316A4 43720 ----a-w- C:\Windows\Sysnative\drivers\amd_xata.sys 2015-01-19 07:52:37 2834CC82613CEA492261885D1CAA25A0 83656 ----a-w- C:\Windows\Sysnative\drivers\amd_sata.sys 2015-01-19 07:51:34 6F593C7B14264FE2C6F3B96165BD95E5 942808 ----a-w- C:\Windows\Sysnative\drivers\Rt64win7.sys 2015-01-19 07:51:16 EB83209D15DBBE7664AD72B6A1F361CB 359128 ----a-w- C:\Windows\Sysnative\drivers\RtsPStor.sys 2015-01-19 07:51:03 4F0878FD62D5F7444C5F1C4C66D9D293 45416 ----a-w- C:\Windows\Sysnative\drivers\point64.sys 2015-01-19 07:50:10 8491CB08BD8248EAA31FBCA5135794B1 52584 ----a-w- C:\Windows\Sysnative\drivers\dc3d.sys 2015-01-19 07:42:16 33497249626E7787AA5CEA99B226CCA6 94720 ----a-w- C:\Windows\Sysnative\drivers\AtihdW76.sys ====== C:\Windows\Tasks ====== 2015-02-15 08:58:59 16DEE3C70CF75B362B52FCDB0A25638A 3354 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3633932082-2820396212-1660159255-1001 2015-02-12 10:29:14 C24E11BD490B62010B676CC47212E3C3 3416 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloader Update Check 2015-02-02 21:07:19 006CF7E901F38C5CA271DDABA8F11598 3124 ----a-w- C:\Windows\Sysnative\Tasks\{6E315BCB-0846-45ED-9BE2-AA476389F697} 2015-01-27 14:41:42 303C19E90B3BDF57A1F0F4DBDAD7EE83 3332 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3633932082-2820396212-1660159255-1001 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-15 16:23:43 448512 ----a-w- C:\Program Files\TFC.exe 2015-01-20 13:48:29 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-02-12 10:23:38 -------- d-----w- C:\PROGRA~2\COMMON~1\xing shared 2015-02-06 16:56:30 -------- d-----w- C:\PROGRA~2\Adguard 2015-01-29 15:54:17 -------- d-----w- C:\PROGRA~2\Spotnet 2015-01-23 12:24:23 -------- d-----w- C:\PROGRA~2\COMMON~1\AVSMedia 2015-01-23 12:24:22 -------- d-----w- C:\PROGRA~2\AVS4YOU 2015-01-20 07:33:28 -------- d-----w- C:\PROGRA~2\VS Revo Group 2015-01-19 11:13:56 -------- d-----w- C:\PROGRA~2\ZHPDiag ======= C: ===== 2015-02-16 00:07:51 D6B974887AB9AD60D623A3E1CDC44ADA 3544 ------w- C:\bootsqm.dat ====== C:\Users\Ani\AppData\Roaming ====== 2015-02-10 16:55:38 -------- d-s---w- C:\Users\Klaas.Ani-HP.000\AppData\Roaming\Microsoft 2015-02-10 16:55:38 -------- d-----w- C:\Users\Klaas.Ani-HP.000\AppData\Roaming\Media Center Programs 2015-02-10 16:55:38 -------- d-----w- C:\Users\Klaas.Ani-HP.000\AppData\Local\Trusteer 2015-02-10 16:55:38 -------- d-----w- C:\Users\Klaas.Ani-HP.000\AppData\Local\temp 2015-02-10 16:55:38 -------- d-----w- C:\Users\Klaas.Ani-HP.000\AppData\Local\Microsoft Help 2015-02-10 16:55:38 -------- d-----w- C:\Users\Klaas.Ani-HP.000\AppData\Local\Microsoft 2015-02-10 16:55:38 -------- d-----r- C:\Users\Klaas.Ani-HP.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-02-10 16:55:38 -------- d-----r- C:\Users\Klaas.Ani-HP.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2015-02-10 16:55:38 -------- d-----r- C:\Users\Klaas.Ani-HP.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-02-10 16:55:37 -------- d-----w- C:\Users\Klaas.Ani-HP.000\AppData\Roaming\TuneUp Software 2015-02-10 16:34:21 -------- d-----r- C:\Users\Klaas.Ani-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2015-02-10 16:32:20 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Roaming\Identities 2015-02-10 16:31:47 -------- d-s---w- C:\Users\Klaas.Ani-HP\AppData\Locallow\Microsoft 2015-02-10 16:30:28 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Roaming\Media Center Programs 2015-02-10 16:30:28 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Local\Trusteer 2015-02-10 16:30:28 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Local\temp 2015-02-10 16:30:28 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Local\Microsoft Help 2015-02-10 16:30:28 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Local\Microsoft 2015-02-10 16:30:28 -------- d-----r- C:\Users\Klaas.Ani-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2015-02-10 16:30:28 -------- d-----r- C:\Users\Klaas.Ani-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-02-10 16:30:27 -------- d-s---w- C:\Users\Klaas.Ani-HP\AppData\Roaming\Microsoft 2015-02-10 16:30:27 -------- d-----w- C:\Users\Klaas.Ani-HP\AppData\Roaming\TuneUp Software 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-02-06 17:01:43 -------- d-----w- C:\Users\Ani\AppData\Roaming\Insoft LLC 2015-02-02 07:05:47 -------- d-----w- C:\Users\Ani\AppData\Roaming\InstallShield 2015-01-23 15:48:41 -------- d-----w- C:\Users\Ani\AppData\Roaming\NCH Software 2015-01-23 12:41:30 -------- d-----w- C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2015-01-22 13:33:51 -------- d-----w- C:\Users\TEMP\AppData\Local\temp 2015-01-22 13:33:51 -------- d-----w- C:\Users\Klaas\AppData\Local\temp 2015-01-22 13:33:51 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-01-22 13:33:51 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-01-21 15:26:23 9FDB50D22E8B18A8CA6968610E0AAC75 275 ----a-w- C:\Users\Ani\AppData\Local\HamsterAudioConverterSettings.cfg 2015-01-20 19:26:25 -------- d-----w- C:\Users\Ani\AppData\Roaming\Audacity 2015-01-20 10:33:27 -------- d-----w- C:\Users\Ani\AppData\Roaming\AMD 2015-01-20 07:33:29 -------- d-----w- C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-01-19 11:13:56 -------- d-----w- C:\Users\Ani\AppData\Roaming\ZHP 2015-01-19 07:55:54 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun ====== C:\Users\Ani ====== 2015-02-16 14:33:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Ani\Downloads\RSITx64(1).exe 2015-02-12 12:29:53 A367D59C944826CE2B65C6971B5E2CE2 1228312 ----a-w- C:\Users\Ani\Downloads\PhotoshopElements_8_LS8.exe 2015-02-12 10:20:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2015-02-10 16:55:43 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Klaas.Ani-HP.000\ntuser.ini 2015-02-10 16:55:37 -------- d--h--w- C:\Users\Klaas.Ani-HP.000\AppData 2015-02-10 16:55:37 -------- d-----w- C:\Users\Klaas.Ani-HP.000\Saved Games 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Videos 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Pictures 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Music 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Links 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Favorites 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Downloads 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Documents 2015-02-10 16:55:37 -------- d-----r- C:\Users\Klaas.Ani-HP.000\Desktop 2015-02-10 16:34:16 -------- d-----r- C:\Users\Klaas.Ani-HP\Searches 2015-02-10 16:32:08 -------- d-----r- C:\Users\Klaas.Ani-HP\Contacts 2015-02-10 16:30:35 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Klaas.Ani-HP\ntuser.ini 2015-02-10 16:30:27 -------- d--h--w- C:\Users\Klaas.Ani-HP\AppData 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Videos 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Saved Games 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Pictures 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Music 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Links 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Favorites 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Downloads 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Documents 2015-02-10 16:30:27 -------- d-----r- C:\Users\Klaas.Ani-HP\Desktop 2015-02-06 17:00:17 -------- d-----w- C:\ProgramData\Adguard 2015-02-05 12:25:23 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Ani\Downloads\adwcleaner_4.109.exe 2015-01-31 19:27:26 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2015-01-29 15:54:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet 2015-01-26 18:57:49 -------- dc-h--w- C:\ProgramData\{23F3535B-7807-4332-ABA2-0B13B9A309C9} 2015-01-25 08:52:42 -------- d-----w- C:\ProgramData\Wondershare 2015-01-25 08:51:33 -------- d-----w- C:\Users\Public\Documents\Wondershare 2015-01-23 15:48:19 -------- d-----w- C:\ProgramData\NCH Software 2015-01-23 12:26:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2015-01-23 12:26:06 -------- d-----w- C:\ProgramData\AVS4YOU 2015-01-19 11:13:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot" "RealDownloader"="C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll,DllRegisterServer" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "AdobeBridge"="\"C:\\Program Files (x86)\\Adobe\\Adobe Bridge CS5.1\\Bridge.exe\" -stealth" "DAEMON Tools Lite"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" "Facebook Update"="\"C:\\Users\\Ani\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" "Skype"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "ArcSoft Connection Service"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SSBkgdUpdate"="\"C:\\Program Files (x86)\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot" "DivXUpdate"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" "TkBellExe"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe\" -osboot" "AdobeCS6ServiceManager"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" "AdobeCS5.5ServiceManager"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin" "DivXMediaServer"="C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe" "HP Quick Launch"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch\\HPMSGSVC.exe" "HPOSD"="C:\\Program Files (x86)\\Hewlett-Packard\\HP On Screen Display\\HPOSD.exe" "HPQuickWebProxy"="\"C:\\Program Files (x86)\\Hewlett-Packard\\HP QuickWeb\\hpqwutils.exe\"" "OpwareSE4"="\"C:\\Program Files (x86)\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe\"" "SwitchBoard"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" "vProt"="\"C:\\Program Files (x86)\\AVG Secure Search\\vprot.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "command"="\"c:\\program files\\microsoft office\\office14\\bcssync.exe\" /delayservices" "hkey"="HKLM" "item"="BCSSync" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXMediaServer] "command"="c:\\program files (x86)\\divx\\divx media server\\divxmediaserver.exe" "hkey"="HKLM" "item"="DivXMediaServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "command"="\"c:\\program files (x86)\\divx\\divx update\\divxupdate.exe\" /checknow" "hkey"="HKLM" "item"="DivXUpdate" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Quick Launch] "command"="c:\\program files (x86)\\hewlett-packard\\hp quick launch\\hpmsgsvc.exe" "hkey"="HKLM" "item"="HP Quick Launch" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPOSD] "command"="c:\\program files (x86)\\hewlett-packard\\hp on screen display\\hposd.exe" "hkey"="HKLM" "item"="HPOSD" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "command"="\"c:\\program files (x86)\\ati technologies\\ati.ace\\core-static\\amd64\\clistart.exe\" msrun" "hkey"="HKLM" "item"="StartCCC" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "command"="%programfiles%\\synaptics\\syntp\\syntpenh.exe" "hkey"="HKLM" "item"="SynTPEnh" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "command"="\"c:\\program files (x86)\\real\\realplayer\\update\\realsched.exe\" -osboot" "hkey"="HKLM" "item"="TkBellExe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "AdobeAAMUpdater-1.0"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" "SysTrayApp"="C:\\Program Files\\IDT\\WDM\\sttray64.exe" "BCSSync"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" "SetDefault"="C:\\Program Files\\Hewlett-Packard\\HP LaunchBox\\SetDefault.exe" ==== Startup Folders ====================== 2015-02-12 10:21:27 1252 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-02-2015 20:30] C:\Windows\tasks\AVSRegistryCleaner.job --a------ C:\Program Files (x86)\AVS4YOU\AVSRegistryCleaner\AVSRegistryCleaner.exe [22-10-2014 18:52] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3633932082-2820396212-1660159255-1001Core.job --a------ C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 09:02] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3633932082-2820396212-1660159255-1001UA.job --a------ C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 09:02] C:\Windows\tasks\HPCeeScheduleForAni.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13-09-2010 21:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Ani-HP-Ani" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ArcSoft Connect Daemon" [C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Ani" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\AVSRegistryCleaner" [C:\Program Files (x86)\AVS4YOU\AVSRegistryCleaner\AVSRegistryCleaner.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Ani)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3633932082-2820396212-1660159255-1001Core" [C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3633932082-2820396212-1660159255-1001UA" [C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForAni" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1413717818" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\PCHB_Ani_PCHealthBoost_LogonTask" [C:\Program Files (x86)\PC HealthBoost\PCHealthBoost.exe] "C:\Windows\SysNative\tasks\PCHB_Ani_PCHealthBoost_RS_DailyTask" [C:\Program Files (x86)\PC HealthBoost\PCHealthBoost.exe] "C:\Windows\SysNative\tasks\PCHB_Ani_PCHealthBoost_RS_WeeklyTask" [C:\Program Files (x86)\PC HealthBoost\PCHealthBoost.exe] "C:\Windows\SysNative\tasks\Real Player-online actualiseringsprogramma" [C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe] "C:\Windows\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe] "C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3633932082-2820396212-1660159255-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3633932082-2820396212-1660159255-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3633932082-2820396212-1660159255-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3633932082-2820396212-1660159255-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3633932082-2820396212-1660159255-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\ScanSoft Background Update" [C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7D60E71F-9576-456D-9960-72FAC07E2415}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{8E0A7E26-E11D-4FCD-8C0A-9B162899D17A}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{BBB43086-55D2-491F-83C7-15E4244BE1C9}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{CC084444-F044-4A20-A416-8DB15A006062}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{56AA6442-ADA9-4CEF-9CB6-3E14210AB4BB}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.9.0.114.259/nl/go/help.faq.installer?source=lightinstaller&LastError=1618] "C:\Windows\SysNative\tasks\{72A8D4CC-B2D5-4D59-9D10-F0597A08695B}" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Auslogics\BoostSpeed\Scan and Repair" [rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"] "C:\Windows\SysNative\tasks\Auslogics\BoostSpeed\Start BoostSpeed ?n Ani logon" [C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe] "C:\Windows\SysNative\tasks\Auslogics\Disk Defrag Prof\Task {00000001-1C27-498E-B201-7CCEBBFF1705} for Ani" [C:\Program Files (x86)\Auslogics\Disk Defrag Professional\DiskDefragPro.exe] "C:\Windows\SysNative\tasks\Auslogics\Disk Defrag Prof\Task {00000001-4758-4BCD-BA75-56B11C943B19} for Ani" [C:\Program Files (x86)\Auslogics\Disk Defrag Professional\DiskDefragPro.exe] "C:\Windows\SysNative\tasks\Auslogics\Disk Defrag Prof\Task {00000001-F45F-4F47-AF1A-F0D481C26EB8} for Ani" [C:\Program Files (x86)\Auslogics\Disk Defrag Professional\DiskDefragPro.exe] "C:\Windows\SysNative\tasks\AVG\PC Tuneup\Integrator\Start On Ani Logon" [C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-09-23 15:12:53 -------- d-----w- C:\PROGRA~3\BoostSoftware 2014-09-25 14:32:43 -------- d-----w- C:\PROGRA~3\HitmanPro 2014-10-20 11:11:58 -------- d-----w- C:\PROGRA~3\AVG2015 2015-01-23 12:26:06 -------- d-----w- C:\PROGRA~3\AVS4YOU 2015-01-23 15:48:19 -------- d-----w- C:\PROGRA~3\NCH Software 2015-01-25 08:52:42 -------- d-----w- C:\PROGRA~3\Wondershare 2015-01-26 16:06:44 -------- d-----w- C:\PROGRA~3\Auslogics 2015-01-26 18:57:49 -------- dc-h--w- C:\PROGRA~3\{23F3535B-7807-4332-ABA2-0B13B9A309C9} 2015-01-31 19:27:26 -------- d-sh--w- C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2015-02-06 17:00:17 -------- d-----w- C:\PROGRA~3\Adguard ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\5zieywzr.default user_pref("browser.search.defaultenginename", "AVG Secure Search"); user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "AVG Secure Search"); user_pref("browser.search.selectedEngine", "Yahoo!"); user_pref("keyword.URL", "https://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=523482&p="); ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "Yahoo!"); user_pref("keyword.URL", "https://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=523482&p="); ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\ro3qjnrh.default-1413205861432 user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "Yahoo!"); user_pref("keyword.URL", "https://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=523482&p="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="" [] ==== Firefox Extensions ====================== ExtDir: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Torrent Handler - %ExtDir%\TorrentHandler@TorrentHandler.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\5zieywzr.default 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Ani\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin Profilepath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\fygi4x0g.default-1423995463084 C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash AD76B0F3348914E133455E52743C839D - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll - Shockwave for Director / Shockwave for Director 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Ani\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin Profilepath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\ro3qjnrh.default-1413205861432 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Ani\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Deleted Firefox Extensions ====================== C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\TorrentHandler@TorrentHandler.com.xpi deleted ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Ani\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Ani\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Ani\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== ==== Chromium Fix ====================== C:\Users\Ani\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Ani\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_charting.vwdservices.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com?cid={5A5749D0-0409-4C42-B5C0-1C46CFC11491}&mid=6ba74f42844e47d0958a3dd332d8bce0-4d6c49f09668e948d23730d7d7a9dbe31b330809&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-25 13:18:43&v=4.0.5.7&pid=wtu&sg=&sap=hp" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {D968007F-19C7-415F-8528-4E64BFB15F9F} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3633932082-2820396212-1660159255-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D968007F-19C7-415F-8528-4E64BFB15F9F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB4C6D07EBCD9C14DBAFAD89913E05C1 deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08 will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Ani\AppData\Local\Mozilla\Firefox\Profiles\fygi4x0g.default-1423995463084\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Ani\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=549 folders=105 6174404701 bytes) ==== Empty Temp Folders ====================== C:\Users\Ani\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Klaas\AppData\Local\temp emptied successfully C:\Users\Klaas.Ani-HP\AppData\Local\temp emptied successfully C:\Users\Klaas.Ani-HP.000\AppData\Local\temp emptied successfully C:\Users\TEMP\AppData\Local\temp emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ani\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\container.dat" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\02R9ZDKJ" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\B4MBBC08" not found "C:\Users\Ani\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\RJKC4ZGD" not found ==== EOF on di 17-02-2015 at 22:32:24,11 ======================