Zoek.exe v5.0.0.0 Updated 18-February-2015 Tool run by Anne on do 19-02-2015 at 14:25:18,40. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Anne\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19-2-2015 14:28:30 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Nitro deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Asus deleted successfully C:\PROGRA~3\Deadtime Stories deleted successfully C:\Users\Anne\AppData\Roaming\HpUpdate deleted successfully C:\Users\Anne\AppData\Roaming\TP deleted successfully C:\Users\Anne\AppData\Local\hBnapK8rUb9 deleted successfully C:\Users\Anne\AppData\Local\PACE Anti-Piracy deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26DF446D-3A78-4F66-9C4F-8F5EAF7342E7} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31D99914-3E8D-45D5-9A6D-1FFEB661E7EA} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CC46E0F-A5AD-484E-88EB-FFD61DBA229} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{664EDB42-89F0-483D-91E-74C896CB0DE} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully ==== Installed Programs ====================== ???? ???? ????? ???? Windows Live ????? Windows Live ?????? ??????? ???????? ?????????? Windows Live ?????????? ?????????? (????????????? ??????) Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Manager Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Akamai NetSession Interface Apple Application Support Apple Software Update ASUS Smart Gesture ASUS Splendid Video Enhancement Technology ASUS USB Charger Plus ASUS Virtual Camera ASUS WebStorage AsusVibe2.0 ATK Package Autodesk 3ds Max 2015 Autodesk 3ds Max 2015 Populate Data Autodesk 3ds Max 2015 SP1 Autodesk 3ds Max 2015 SP2 Autodesk Application Manager Autodesk Backburner 2015 Autodesk DirectConnect 2015 64-bit Autodesk DirectConnect 2015 64-bit Hotfix1 Autodesk Inventor Server Engine for 3ds Max 2015 Autodesk Material Library 2015 Autodesk Material Library Base Resolution Image Library 2015 Autodesk Material Library Medium Resolution Image Library 2015 Autodesk Revit Interoperability for 3ds Max 2015 BitTorrent bl Bonjour CCleaner D3DX10 Definition Update for Microsoft Office 2010 (KB2956079) 32-Bit Edition Dropbox FileZilla Client 3.9.0.6 Fotogalerie Galeria de Fotografias Galer¡a de fotos Galerie de photos Google Chrome Google Update Helper HP Deskjet 3520 series Basissoftware van het apparaat HP Deskjet 3520 series Productverbeteringsonderzoek HP Deskjet 3520 series Setup Guide HP Update iCloud InstantOn for NB Intel(R) Management Engine Components Intel(R) OpenCL CPU Runtime Intel(R) Processor Graphics Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client iTunes Junk Mail filter update Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Camera Codec Pack Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 NVIDIA Control Panel 296.67 NVIDIA Graphics Driver 296.67 NVIDIA Install Application NVIDIA Optimus 1.7.13 NVIDIA Update 1.7.13 NVIDIA Update Components PDF Settings CS6 ph Photo Common Photo Gallery Qualcomm Atheros WiFi Driver Installation QuickTime 7 Raccolta foto Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek PCIE Card Reader S?????? f?t???af??? SceneSwitch Security Update for Microsoft Excel 2010 (KB2956081) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2956066) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Skype Click to Call SkypeT 6.22 Spotify SpyHunter 4 Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition Update for Microsoft Office 2010 (KB2956054) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2956129) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition VLC media player Windows Driver Package - ASUS (ATP) Mouse (07/08/2012 1.0.0.93) Windows Live ??? Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash WinRAR 5.01 (64-bit) Wireless Console 3 ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\ProgramData\lDqxbtKNAw\KXnWFuuFyK.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Users\Anne\AppData\Local\Akamai\netsession_win.exe C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Users\Anne\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Anne\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KXnWFuuFyK deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KXnWFuuFyK deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mbot_nl_162"=- ==== Batch Command(s) Run By Tool====================== De Winsock-catalogus is opnieuw ingesteld. De computer dient opnieuw te worden opgestart om het opnieuw instellen te voltooien. ==== Deleting Files \ Folders ====================== c:\PROGRA~2\mcafee deleted C:\PROGRA~3\Package Cache deleted C:\Users\Anne\AppData\Local\uninst.tmp deleted C:\windows\SysNative\ColorMedia64.dll deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\machine deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\sho24BF.tmp deleted C:\Windows\Syswow64\shoA3F3.tmp deleted C:\Windows\Syswow64\shoB680.tmp deleted C:\Windows\SysWOW64\ColorMedia.ini deleted "C:\Windows\SYSWOW64\log.txt" not deleted "C:\PROGRA~3\lDqxbtKNAw\info.dat" not deleted "C:\PROGRA~3\lDqxbtKNAw\KXnWFuuFyK.dat" not deleted "C:\PROGRA~3\lDqxbtKNAw\KXnWFuuFyK.exe" deleted "C:\ProgramData\lDqxbtKNAw\info.dat" not deleted "C:\ProgramData\lDqxbtKNAw\KXnWFuuFyK.dat" not deleted "C:\ProgramData\lDqxbtKNAw\KXnWFuuFyK.exe" deleted "C:\PROGRA~3\lDqxbtKNAw\dat\IPvOZzHGMb.exe" not deleted "C:\PROGRA~3\lDqxbtKNAw\dat\IPvOZzHGMb.exe.config" not deleted "C:\PROGRA~3\lDqxbtKNAw\dat\OkiRQu.exe" not deleted "C:\PROGRA~3\lDqxbtKNAw\dat\OkiRQu.exe.config" not deleted "C:\PROGRA~3\lDqxbtKNAw\dat\SAIlyTN.dll" not deleted "C:\PROGRA~3\lDqxbtKNAw\dat\yfBPjfajCA.dll" not deleted "C:\ProgramData\lDqxbtKNAw\dat\IPvOZzHGMb.exe" not deleted "C:\ProgramData\lDqxbtKNAw\dat\IPvOZzHGMb.exe.config" not deleted "C:\ProgramData\lDqxbtKNAw\dat\OkiRQu.exe" not deleted "C:\ProgramData\lDqxbtKNAw\dat\OkiRQu.exe.config" not deleted "C:\ProgramData\lDqxbtKNAw\dat\SAIlyTN.dll" not deleted "C:\ProgramData\lDqxbtKNAw\dat\yfBPjfajCA.dll" not deleted "C:\PROGRA~3\lDqxbtKNAw" not deleted "C:\ProgramData\lDqxbtKNAw" not deleted "C:\PROGRA~3\lDqxbtKNAw\dat" not deleted "C:\ProgramData\lDqxbtKNAw\dat" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3982 MB CPU Info: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz CPU Speed: 2353,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce 610M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (F: | ) F: TSSTcorpCDDVDW SN-208BB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 161,0GB | D: 279,5GB | E: 931,5GB | Q: 0,0MB Hard Disks - Free: C: 56,4GB | D: 258,0GB | E: 635,6GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/11/13 | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. K55VD Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 36.0.1985.143 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 36.0.1985.143 Adobe Reader version: 11.0.10.32 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Anne\AppData\Local\Temp ==== 2015-02-19 13:00:55 057631047016A448B842B96E872B132B 43008 ----a-w- C:\Users\Anne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpquumt0.dll 2015-02-19 10:00:36 30EB4B0B974B83C488D78EE19F42916A 10995632 ----a-w- C:\Users\Anne\AppData\Local\Temp\HitmanPro.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-02-14 16:59:25 7C893DBA0A58855A99DA68B751FD223B 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-02-14 16:59:24 B63A6FF4339C9B701A93D3973C7FB6D2 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-02-14 16:59:23 7D94A9161E8432B8521E60E064B1D737 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-02-14 16:59:23 3BB446DE24501FEA5FDB9A9DB23A22AE 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-02-14 16:59:22 F3F6BE20A03215209B61CA85B4A83E1F 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-02-14 16:59:22 C256EFD3655EC782F8094E96094E8F9E 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-02-14 16:59:22 A12D64A94EC57079C2D96A741CB4FF53 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-02-14 16:58:11 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-14 16:58:05 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-02-14 16:58:04 F312300F29620F74E3AF3AF018151935 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-02-14 16:58:04 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-02-14 16:58:04 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-02-14 16:58:04 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-02-14 16:58:04 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-02-14 16:56:45 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-02-14 16:56:45 623E143F2DF17C0106A9988F5D7DC878 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-02-14 16:56:45 0C96A745A76C7DD75C5503E86D968E49 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-02-14 16:56:25 A208DAC2932649CFF82A6A684D8BB1F6 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2015-02-14 16:56:16 F5142E9A99F44F9CC19A8AF31761F7F9 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2015-02-14 16:56:14 B3AC14EA18DD0EE517703A86963AED18 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2015-02-14 16:55:26 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\SysWOW64\scesrv.dll 2015-02-14 16:55:14 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-14 16:55:14 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-14 16:55:06 97B7E7E3356F7F7FE5B948AB3ED707DD 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-02-14 16:59:36 64EAD6C9D342E7E0CFCA3559FCBFDDAC 894976 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-02-14 16:59:36 47709F1B718859ED8AB5EA3EA3974BEB 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-02-14 16:59:35 B5746809407BDEB18D9D4769CD9FF24E 414720 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-02-14 16:59:35 7150E809474BBD4D4AD24B13FA2454E5 1239720 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2015-02-14 16:59:35 5C09611AB8D508CC252BB2D5A069D1AC 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-02-14 16:59:35 5632EB9633EACCC323CEA2C03A0B4133 762368 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-02-14 16:59:34 EF4FA1D31D146EA0C04D16E75FCA6BCF 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-02-14 16:59:34 7F2F9AACF457CE48CDDBD643FC53487C 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-02-14 16:59:25 DDACB408E607655EC64269706BFD504C 341504 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-02-14 16:59:23 C1F9E139B8AE80803CE44DC0377CA342 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-02-14 16:59:23 A46A6C5AD462071B718EBF3C9E117849 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-02-14 16:59:23 8F33880F1863BE3925D3A0121FAC5E8F 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-02-14 16:59:23 6A06BCED1DF1CFE8A32E7D10ABAA7188 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-02-14 16:59:23 5350A548BEC957978B7014CDFF091542 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-02-14 16:59:22 22E30E28865C32C3CF4F4E0E7E277FDC 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-02-14 16:58:11 4861B9AF67E1B0154A55FDE4B3A61EB9 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-02-14 16:58:06 C97662B6752BFEF07C565D96E8ECC98F 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-02-14 16:58:06 6EAD88B508E4785F4AFDFD24F76E8839 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-02-14 16:58:05 857CED230A6B87E84FCA04B472A3CB1A 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-02-14 16:58:04 E0105F3B5B1C4B0F5B3D788A13504EC6 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-02-14 16:58:04 BE4927689BA39E18A104986CB1363C97 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-02-14 16:58:04 94C6BCF9212E20866AC1558A32E9F228 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-02-14 16:58:04 51BB93FF96AE3882B4AF7CA11000D3A3 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-02-14 16:58:04 2EE57F4491A402C04FCAA7D012493884 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-02-14 16:58:04 1798826FE9FFEA9E93E74A5868559D4A 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-02-14 16:56:45 E5AF792AB409F600D416CB257C84305D 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-02-14 16:56:45 7FC292D1527EDFEBA2576B6789DE6AB5 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-02-14 16:56:45 19D511CC455C19DE1ADF60E6C39C85B6 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-02-14 16:56:26 AE4FEDD98096C09A8A86E021FC5E9D67 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2015-02-14 16:56:16 2A25F5ACA9DCAF9AE9570DED13A8E078 3722752 ----a-w- C:\Windows\Sysnative\mstscax.dll 2015-02-14 16:55:26 FE72C89986E1BA32AD926A820491F23F 406528 ----a-w- C:\Windows\Sysnative\scesrv.dll 2015-02-14 16:55:16 9819614CA9EFB5A96493B379170B9D89 5554112 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-02-14 16:55:11 F7A3018D8F1825427BC11E912D5287CD 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-02-14 16:55:11 0147AA370862201A443752351F135D31 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-02-14 16:55:06 D6CDCAF84810641D1D2B455750825ACA 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-02-14 16:54:32 DF07110F77639E73D0537188703F44F6 3201536 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-02-19 13:07:31 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys 2015-02-19 09:38:42 C00C33ECF1273D50FA4468A4444DCEA2 43664 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2015-02-14 16:58:06 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-14 16:58:05 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-02-14 16:58:05 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2015-02-19 13:07:50 EEFC99CE8ACC87DC9568C8A979C8CD3C 3320 ----a-w- C:\Windows\Sysnative\Tasks\SpyHunter4Startup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-19 13:07:28 -------- d-----w- C:\Program Files\Enigma Software Group 2015-02-19 11:09:03 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== 2015-02-18 16:15:48 A5213E0B5E2C12D1BA69CA8B95DF9B23 3544 ------w- C:\bootsqm.dat ====== C:\Users\Anne\AppData\Roaming ====== 2015-02-19 13:07:53 -------- d-----w- C:\Users\Anne\AppData\Roaming\Enigma Software Group 2015-02-19 13:03:25 -------- d-----w- C:\Users\Anne\AppData\Local\ZombieNews 2015-01-27 12:23:43 -------- d-----w- C:\Users\Anne\AppData\Roaming\Nitro PDF ====== C:\Users\Anne ====== 2015-02-19 13:24:26 2F2FCDD095984B37C1EF21F2FA22552D 1167680 ----a-w- C:\Users\Anne\Downloads\yet_another_cleaner_mat_setup_152743.exe 2015-02-19 13:07:12 B4CD9E8513C17C32224C70330A235296 3044736 ----a-w- C:\Users\Anne\Downloads\SpyHunter-Installer (1).exe 2015-02-19 13:06:02 B4CD9E8513C17C32224C70330A235296 3044736 ----a-w- C:\Users\Anne\Downloads\SpyHunter-Installer.exe 2015-02-19 11:08:16 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Anne\Downloads\RSITx64.exe 2015-02-03 15:03:30 -------- d-----w- C:\ProgramData\HitmanPro ====== C: exe-files == 2015-02-19 11:08:41 815DCBE7A08E17080A9D11A7911DDDF0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3396135674-2509926080-1459073561-1001\$I6CDTTR.exe === C: other files == 2015-02-19 13:07:33 633BB002E3061041EE6B1D3136E773E7 7580544 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.com 2015-02-19 13:07:32 7AEC5E76816178BF6C543A155D8208B6 15920 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys 2015-02-19 13:07:31 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\EsgScanner.sys 2015-02-19 11:08:46 30A45FF8292EA66E6573DAA7D5996A8A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3396135674-2509926080-1459073561-1001\$IZXQ6BV.zip 2015-02-16 20:46:38 E53B5F91A8363A0BF7E7DD841412DFAF 116461 ----a-w- C:\$Recycle.Bin\S-1-5-21-3396135674-2509926080-1459073561-1001\$RZXQ6BV.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Anne\AppData\Local\Akamai\netsession_win.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-3396135674-2509926080-1459073561-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Anne\AppData\Local\Akamai\netsession_win.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "ASUS Quick Gesture (x86)"="C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe" "ASUS TP Center (x64)"="C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" "ASUS Quick Gesture (x64)"="C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Acrobat Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrobat_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSKAppManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ADSKAppManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Autodesk Shared\\AppManager\\R1\\AdAppMgr.exe\" -showminimized -checkautorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASUS Screen Saver Protector" "hkey"="HKLM" "command"="C:\\Windows\\AsScrPro.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASUSWebStorage" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.108.222\\AsusWSPanel.exe /S" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Anne\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Deskjet 3520 series (NET)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Deskjet 3520 series (NET)" "hkey"="HKCU" "command"="\"C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\ScanToPCActivationApp.exe\" -deviceID \"CN389129KX05SY:NW\" -scfn \"HP Deskjet 3520 series (NET)\" -AutoStart 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Anne\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Anne\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk" "backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE /start" "item"="AsusVibeLauncher" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Anne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk] "path"="C:\\Users\\Anne\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk" "backup"="C:\\Windows\\pss\\Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Windows\\system32\\RunDll32.exe \"C:\\Program Files\\HP\\HP Deskjet 3520 series\\bin\\HPStatusBL.dll\",RunDLLEntry SERIALNUMBER=CN389129KX05SY;CONNECTION=NW;MONITOR=1;" "item"="Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk)" ==== Startup Folders ====================== 2014-08-27 08:51:23 1135 ----a-w- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-10-2014 18:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-10-2014 18:10] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\ASUS Wireless Console 3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\NNYOXBV" ["C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0\3a8e94626c7e455eab9ee6b45c18d0d0.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [] ==== Chromium Look ====================== Google Chrome Version: 36.0.1985.143 (Possible outdated, latest Stable version: 40.0.2214.111) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] Google Drive - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Wallet - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "https://www.google.nl/" ], ==== Chromium Fix ====================== C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" "Default_Search_URL"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Anne\AppData\Local\Akamai\netsession_win.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3396135674-2509926080-1459073561-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3396135674-2509926080-1459073561-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: mental ray Satellite for Autodesk 3ds Max 2015 64-bit (mi-raysat_3dsmax2015_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=550 folders=27 57992346 bytes) ==== Empty Temp Folders ====================== C:\Users\Anne\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Anne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\SYSWOW64\log.txt" not deleted "C:\PROGRA~3\lDqxbtKNAw\info.dat" not found "C:\PROGRA~3\lDqxbtKNAw\KXnWFuuFyK.dat" not found "C:\ProgramData\lDqxbtKNAw\info.dat" not found "C:\ProgramData\lDqxbtKNAw\KXnWFuuFyK.dat" not found "C:\PROGRA~3\lDqxbtKNAw\dat\IPvOZzHGMb.exe" not found "C:\PROGRA~3\lDqxbtKNAw\dat\IPvOZzHGMb.exe.config" not found "C:\PROGRA~3\lDqxbtKNAw\dat\OkiRQu.exe" not found "C:\PROGRA~3\lDqxbtKNAw\dat\OkiRQu.exe.config" not found "C:\PROGRA~3\lDqxbtKNAw\dat\SAIlyTN.dll" not found "C:\PROGRA~3\lDqxbtKNAw\dat\yfBPjfajCA.dll" not found "C:\ProgramData\lDqxbtKNAw\dat\IPvOZzHGMb.exe" not found "C:\ProgramData\lDqxbtKNAw\dat\IPvOZzHGMb.exe.config" not found "C:\ProgramData\lDqxbtKNAw\dat\OkiRQu.exe" not found "C:\ProgramData\lDqxbtKNAw\dat\OkiRQu.exe.config" not found "C:\ProgramData\lDqxbtKNAw\dat\SAIlyTN.dll" not found "C:\ProgramData\lDqxbtKNAw\dat\yfBPjfajCA.dll" not found "C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\PROGRA~3\lDqxbtKNAw" not found "C:\ProgramData\lDqxbtKNAw" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 19-02-2015 at 16:21:57,94 ======================