Zoek.exe v5.0.0.0 Updated 25-March-2015 Tool run by Robert on do 26-03-2015 at 11:22:08,87. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Robert\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26-3-2015 11:24:12 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MyHeritage deleted successfully C:\PROGRA~2\COMMON~1\DVDVideoSoft deleted successfully C:\PROGRA~3\Ashampoo deleted successfully C:\PROGRA~3\Freemake deleted successfully C:\PROGRA~3\Pinnacle Studio Plus deleted successfully C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\Robert\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Robert\AppData\Roaming\ObviousIdea deleted successfully C:\Users\Robert\AppData\Local\CrashDumps deleted successfully C:\Users\Robert\AppData\Local\photoOptimizeHistoryDataBase deleted successfully C:\Users\Robert\AppData\Local\Sparta deleted successfully C:\Users\Robert\AppData\Local\StormFall deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8029EBE0-A5D0-42CC-881C-B4EBA84B9E84} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D1531AE1-1422-4142-899A-878AC22B665A} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} deleted successfully HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe C:\Program Files (x86)\STOPzilla\SZServer.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\STOPzilla\SBAMSvc.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe C:\Program Files (x86)\STOPzilla\STOPzilla.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe C:\Users\Robert\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default ---- Lines srchvstrn removed from prefs.js ---- user_pref("extensions.srchvstrn.AL", 4); user_pref("extensions.srchvstrn.aflt", "vst_secureddownload_15_04_ch"); user_pref("extensions.srchvstrn.appId", "{4CB3598A-82E8-4D1F-983F-061238AE696E}"); user_pref("extensions.srchvstrn.cd", "2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0F0B0EyDyEzyyB0EyE0AtN0D0Tzu0StCtCtCyDtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1O user_pref("extensions.srchvstrn.cr", "882613693"); user_pref("extensions.srchvstrn.dfltSrch", true); user_pref("extensions.srchvstrn.dnsErr", true); user_pref("extensions.srchvstrn.hmpg", true); user_pref("extensions.srchvstrn.hmpgUrl", "http://vosteran.com/?f=1&a=vst_secureddownload_15_04_ch&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0F0B0EyDyEzyyB0EyE0A user_pref("extensions.srchvstrn.id", "D43D7EFBE5497E4A"); user_pref("extensions.srchvstrn.instlDay", "16455"); user_pref("extensions.srchvstrn.instlRef", "142905_f"); user_pref("extensions.srchvstrn.newTabUrl", "http://vosteran.com/?f=2&a=vst_secureddownload_15_04_ch&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0F0B0EyDyEzyyB0EyE user_pref("extensions.srchvstrn.prdct", "srchvstrn"); user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran"); user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran"); user_pref("extensions.srchvstrn.tlbrSrchUrl", "http://vosteran.com/?f=3&a=vst_secureddownload_15_04_ch&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0E0F0B0EyDyEzyyB0E user_pref("extensions.srchvstrn.vrsn", ""); user_pref("extensions.srchvstrn.vrsni", ""); user_pref("extensions.srchvstrn_i.newTab", true); user_pref("extensions.srchvstrn_i.vrsnTs", "8:51:13"); ---- Lines a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063 removed from prefs.js ---- user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.coma6c03cee0ab9442 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.coma6c03cee0ab9442 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.comasyncdb_dbWasSe user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.comasyncdb_dbWasSe user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.comasyncinternaldb user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.comasyncinternaldb user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.active", true); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.addressbar", "NA"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.addressbarenhanced", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.backgroundver", 1); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.certdomaininstaller", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.changeprevious", false); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.cookie.InstallationTime.value", "%221426621333%22"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+ user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22002436%22% user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.description", "Lights out for YouTube"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.domain", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.enablesearch", false); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.homepage", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.iframe", false); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.InstallationThankYouPage", true); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.InstallationTime", 1426621333); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.__defualt_browser__.value", "%22ff%22"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+01 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B% user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:0 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22002436 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.lastDailyReport", "1426621396967"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.lastUpdate", "1426621393089"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.manifesturl", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.name", "CinemaP-1.8c"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.newtab", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.opensearch", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.pluginsurl", "http://js.ourstaticdatastorage.com/plugin/apps/69063 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.pluginsversion", 60); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.publisher", "Cinema Plus"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.searchstatus", 0); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.setnewtab", false); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.thankyou", ""); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.updateinterval", 360); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.69063.ver", 64); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.apps", "69063"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.bic", "14c2942d84ddeb08dfa6b4ec19b173fa"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.cid", 69063); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.firstrun", false); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.hadappinstalled", true); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.installationdate", 1426621389); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.installerAdditionalInfo", "{\"asw\":[67174400, -2147483643, 67109376, 12 user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.modetype", "production"); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.reportInstall", true); user_pref("extensions.a6c03cee0ab9442c4a67a50758d658df5a30468fabf5c7acom69063.statsDailyCounter", 1); ---- Lines spigot removed from prefs.js ---- user_pref("startpage.ntsearch_url", "https://nl.search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=227087&p={searchTerms}"); ---- Lines omiga removed from prefs.js ---- user_pref("browser.search.searchengine.alias", "omiga-plus"); user_pref("browser.search.searchengine.iconURL", "http://isearch.omiga-plus.com/favicon.ico"); user_pref("browser.search.searchengine.name", "omiga-plus"); user_pref("browser.search.searchengine.url", "http://isearch.omiga-plus.com/web/?type=ds&ts=1422140061&from=face&uid=ST1000DM003-1CH162_Z1DACPYYXXXXZ1 ---- Lines certified-toolbar removed from prefs.js ---- user_pref("keyword.url", "http://search.certified-toolbar.com?si=85023&tid=29472&ver=6.9&ts=1426621425766&tguid=85023-29472-1426621425766-FD97799D4E69 ---- Lines quick_start removed from prefs.js ---- user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultengine", "Web Search"); user_pref("browser.search.order.1", "Web Search"); ---- Lines searches removed from prefs.js ---- user_pref("HomeTab_29472.global.DisplayRecentSearches", "true"); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- Lines extensions.HRhccFJ6zzIP8r67 removed from prefs.js ---- user_pref("extensions.HRhccFJ6zzIP8r67.epoch", "1427321387"); user_pref("extensions.HRhccFJ6zzIP8r67.url", "http://winnerspy.eu/sync2/?q=hfZ9ofV9CShEAen0qjk7qHnMg708BNmGWj8pjchGheDUojw8rdrFqHw4qdrGqShIC7n0rjkErHw ---- Lines extensions.gyISX9YdYzVj7f8H removed from prefs.js ---- user_pref("extensions.gyISX9YdYzVj7f8H.epoch", "1427321388"); user_pref("extensions.gyISX9YdYzVj7f8H.url", "http://downloadusaweb.info/sync2/?q=hfZ9oemMhdCHtNbPhd98qjg6qchTB6lKDzt4ok4rtNtVh7n0rjkErHw6rjU9rTnEtMFH ---- FireFox user.js and prefs.js backups ---- user_26-03-2015_1132_.backup prefs_26-03-2015_1132_.backup ProfilePath: C:\Users\Robert\AppData\Roaming\Thunderbird\Profiles\e7kgegpb.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_26-03-2015_1132_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\MyHeritage not found C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found "C:\Users\Robert\AppData\Roaming\NF.exe" not found "C:\Users\Robert\AppData\Roaming\QZFGR.exe" not found C:\PROGRA~2\PrriceeLesss deleted C:\PROGRA~2\0b78ad0b-0ce5-4d46-99c9-2b731e986f31 deleted C:\PROGRA~2\Markdown Preview deleted C:\ProgramData\Avg_Update_0215pi deleted C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default\extensions\iobitascsurfingprotection@iobit.com deleted C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default\extensions\pA@L0W.net deleted C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default\extensions\V@KSXxo.edu deleted C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} deleted C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default\extensions\{cd60c08e-a217-4670-b192-ad6b19f49748} deleted C:\ProgramData\de6a6fe000003423 deleted C:\ProgramData\834672556290129298 deleted C:\ProgramData\{fcfde13d-bc9e-b8db-fcfd-de13dbc984f6} deleted C:\ProgramData\jhpcaodknkgbhmldpfgnbkdcejblhhlc deleted C:\ProgramData\{81879d78-5715-3d04-8187-79d7857175e1} deleted C:\Program Files (x86)\globalUpdate deleted C:\Users\Robert\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z deleted C:\Users\Robert\AppData\Roaming\ProductData deleted C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\Users\Robert\AppData\Local\globalUpdate deleted C:\Users\Robert\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\Robert\AppData\LocalLow\SimplyTech deleted C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat deleted C:\windows\SysNative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat deleted C:\windows\SysNative\tasks\ProtectedSearch deleted C:\Windows\tasks\0215piUpdateInfo.job deleted C:\windows\SysNative\tasks\0215piUpdateInfo deleted C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Robert\Documents\Add-in Express deleted C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default\jetpack deleted C:\Users\Robert\Desktop\4K Video Downloader.lnk deleted "C:\Windows\tasks\NF.job" deleted "C:\Windows\tasks\QZFGR.job" deleted "C:\Windows\tasks\Uninstaller_SkipUac_Robert.job" deleted "C:\Windows\Installer\3e4a27.msi" deleted "C:\Users\Robert\AppData\Roaming\NF" deleted "C:\Windows\tasks\NF.job" deleted "C:\Windows\SysNative\tasks\NF" deleted "C:\Users\Robert\AppData\Roaming\QZFGR" deleted "C:\Windows\tasks\QZFGR.job" deleted "C:\Windows\SysNative\tasks\QZFGR" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller\vcl120.bpl" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 4017 MB CPU Info: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz CPU Speed: 3598,0 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (F: | ) F: TSSTcorpCDDVDW SH-216BB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 145,5GB | D: 0,0MB | S: 299,7GB | T: 282,1GB | U: 349,6GB | V: 283,5GB | W: 99,7GB | X: 103,2GB | Y: 237,8GB Hard Disks - Free: C: 81,3GB | D: 0,0MB | S: 252,0GB | T: 257,9GB | U: 88,7GB | V: 242,5GB | W: 95,0GB | X: 79,8GB | Y: 138,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 11112011 Time Zone: West-Europa (standaardtijd) Motherboard *: mp MS-7848 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: STOPzilla AntiVirus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spybot - Search and Destroy disabled (Outdated) Anti-Spyware: STOPzilla AntiVirus disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Anti-Spyware: IObit Malware Fighter disabled (Outdated) Default Browser: Opera Internet Browser 28.0.1750.48 Internet Explorer Version: 11.0.9600.17690 Mozilla Firefox version: 36.0.4 (x86 en-US) Opera Browser version: 28.0.1750.48 Google Chrome version: 41.0.2272.101 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_40 (32-bit) Sun Java version: 1.8.0_40 (64-bit) Flash Player version: 17.0.0.134 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-03-24 15:08:55 8B7825BC4D6A33D509F23D833933F999 57 ----a-w- C:\Windows\EGK.ini 2015-03-24 13:42:52 814CB3182B28A32C43801C8971877F05 506 ----a-w- C:\Windows\hegames.ini 2015-03-24 10:42:43 EE3F8E8539B80204C03C5405A0AB055F 1069 ----a-w- C:\Windows\disney.ini 2015-03-24 10:16:48 EE747E3419FEBE10BAF1DDA44F2D6936 81 ----a-w- C:\Windows\EDUJR1.INI 2015-03-24 10:10:40 17D69859F318FB74E38CF5F72DAA259B 39 ----a-w- C:\Windows\EDUPAK3.INI 2015-03-24 09:48:57 EDCC04ED632CC2F8B510EF2A0C6B6245 2239112 ----a-w- C:\Windows\rembbb.exe 2015-03-11 10:43:04 C10A66189DC8C090E7C84873EDCEBC88 2501368 ----a-w- C:\Windows\explorer.exe 2015-03-11 10:28:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\setup32.INI ====== C:\Users\Robert\AppData\Local\Temp ==== 2015-03-24 15:30:33 1108B166160D6023AF76435B074052B6 455600 ----a-r- C:\Users\Robert\AppData\Local\Temp\_isCC6C.exe 2015-03-24 11:53:49 328A66F3C89C4CBCBE9FD7EC66BDDA52 520192 ----a-w- C:\Users\Robert\AppData\Local\Temp\AutoRunGUI.dll 2015-03-24 10:54:06 C6918C2ABB68C3A2277082EA43432A9D 967168 ----a-w- C:\Users\Robert\AppData\Local\Temp\TempFolder.aab\dirapi.dll 2015-03-24 10:54:06 9D30E37B7CC5ED9CB892D3EB569CE087 394752 ----a-w- C:\Users\Robert\AppData\Local\Temp\TempFolder.aab\iml32.dll 2015-03-24 10:54:06 6CC73F157A063F676ABE1168B9818734 280576 ----a-w- C:\Users\Robert\AppData\Local\Temp\TempFolder.aab\msvcrt.dll 2015-03-24 10:53:00 C6918C2ABB68C3A2277082EA43432A9D 967168 ----a-w- C:\Users\Robert\AppData\Local\Temp\TempFolder.aaa\dirapi.dll 2015-03-24 10:53:00 9D30E37B7CC5ED9CB892D3EB569CE087 394752 ----a-w- C:\Users\Robert\AppData\Local\Temp\TempFolder.aaa\iml32.dll 2015-03-24 10:53:00 6CC73F157A063F676ABE1168B9818734 280576 ----a-w- C:\Users\Robert\AppData\Local\Temp\TempFolder.aaa\msvcrt.dll ====== Java Cache ===== 2015-03-18 11:36:48 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Robert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-5cb31870 2015-03-18 11:36:26 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Robert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1d1894c1 2015-03-18 11:36:26 049E0DD36AB2BE42D6DD81A594C0DEF5 424 ----a-w- C:\Users\Robert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-03-18 11:36:25 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Robert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-739be7cf 2015-03-18 11:36:26 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Robert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-169a4b67 ====== C:\Windows\SysWOW64 ===== 2015-03-24 15:50:25 DB7AE9635A7968A5FBF0C5CB2A67FF97 38160 ----a-w- C:\Windows\SysWOW64\LMRTREND.dll 2015-03-24 15:50:25 9A58AA9C232C83BACB475D8171ED3FFD 155408 ----a-w- C:\Windows\SysWOW64\LMRT.dll 2015-03-24 15:50:25 89112689A307A65769CA942079CACE9B 140800 ----a-w- C:\Windows\SysWOW64\tm20dec.ax 2015-03-24 15:50:24 B69471289A2C07F7497BD941559E9C42 182032 ----a-w- C:\Windows\SysWOW64\dxtmsft3.dll 2015-03-24 15:50:22 92F8115DDC7136ECCD7BDDBC492F9861 63488 ----a-w- C:\Windows\SysWOW64\unam4ie.exe 2015-03-24 15:50:22 169B101BC0D37583F9B268F644278207 217984 ----a-w- C:\Windows\SysWOW64\strmdll.dll 2015-03-24 15:50:21 F318E151801F7EB505894718E03BC438 5672 ----a-w- C:\Windows\SysWOW64\quartz.vxd 2015-03-24 15:50:21 B5D7471E38ED6D03145D5E6DCB368715 11776 ----a-w- C:\Windows\SysWOW64\mciqtz.drv 2015-03-24 15:50:21 8BFD9305913198FC50EF5282C337498F 194320 ----a-w- C:\Windows\SysWOW64\qcut.dll 2015-03-24 15:50:21 8A226304F2EADD8C96AC211ED190DA48 1088272 ----a-w- C:\Windows\SysWOW64\danim.dll 2015-03-24 15:50:21 7210D5407A2D2F52E851604666403024 2272 ----a-w- C:\Windows\SysWOW64\w95inf16.dll 2015-03-24 15:50:21 550BA20DF6C08E628CA9ABD0F6E917B8 10240 ----a-w- C:\Windows\SysWOW64\vidx16.dll 2015-03-24 15:50:21 4BE7661C89897EAA9B28DAE290C3922F 4608 ----a-w- C:\Windows\SysWOW64\w95inf32.dll 2015-03-24 14:32:23 DA2E749C2B56E93BB2328BB4089E093A 12800 ----a-r- C:\Windows\SysWOW64\wing32.dll 2015-03-24 09:12:50 BEDF4A3CC6422ADFA8185A5D0865A218 1347344 ----a-w- C:\Windows\SysWOW64\msvbvm50.dll 2015-03-24 09:12:49 B9D04A19150D6799C95045719E6E6913 491792 ----a-w- C:\Windows\SysWOW64\zleaut32.dll 2015-03-24 09:06:15 82AA757DE7D80FAFF99179B457AA0FA0 398416 ----a-r- C:\Windows\SysWOW64\VBRUN300.DLL 2015-03-17 19:46:02 7A76F83B4DCA86B5DB17D43A5820CF40 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-25 14:49:08 DD301FDB003F9B48EB7628A48BF32D23 677888 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-03-25 14:49:08 B770418F0FE64D3E986505A6285E91E9 943104 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-03-25 14:49:08 A871B38A544058768F082598412278DB 30720 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-03-25 14:49:08 7F19365C2D9CD0AA5E517A96A22AE7C8 1107456 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-03-25 14:49:07 BB86098B80BC4911B52F4C6095E82381 760320 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-03-25 14:49:07 4E791CFE387374E8651493557B7F9993 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-03-25 14:49:07 4BAF6A3B8DFDDCE080275B236F4B64BC 414208 ----a-w- C:\Windows\Sysnative\devinv.dll ====== C:\Windows\Sysnative\drivers ===== 2015-03-11 10:45:41 D296D0F0DB2CD1504F90405603664493 264000 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2015-03-11 10:45:41 9F4DF0043965808973023A9B51A11136 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2015-03-11 10:45:41 1751F6B031ADAC34724511057D2E455D 44024 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2015-03-11 10:43:32 6D3A2565E01B3E4B0F1BEDB0D4B00B3F 1113920 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2015-03-11 10:43:27 DC66AE45816614D2999DCD3834DCCC4E 167424 ----a-w- C:\Windows\Sysnative\drivers\rfcomm.sys 2015-03-11 10:43:27 42F88B57CAE42FC10059C887B3FCFCEA 97792 ----a-w- C:\Windows\Sysnative\drivers\hidbth.sys 2015-03-01 12:40:25 FBF4DB6D53585437E41A113300002A2B 55024 ------w- C:\Windows\Sysnative\drivers\PxHlpa64.sys 2015-02-24 15:46:04 65E7EE550297D36D592917CA70B53227 280544 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys ====== C:\Windows\Tasks ====== 2015-03-24 14:32:10 B2053A36CD36E4AD38D09FA2DCB29EF8 3074 ----a-w- C:\Windows\Sysnative\Tasks\{4B9FCE32-7482-4A0F-B1A5-A925DC2F1D43} 2015-03-24 09:12:41 129F5CDA2A593A1B47E2C5E52FC030C2 3026 ----a-w- C:\Windows\Sysnative\Tasks\{B4A3083C-DB7D-49C9-9C1E-2A3C27D8FDB8} 2015-03-24 08:51:24 DAAA72C484D4621DF68EAA882DDD002E 3022 ----a-w- C:\Windows\Sysnative\Tasks\{4244B4AF-BF99-42DD-975D-D06DBACEC524} 2015-03-17 19:43:22 895BB2186DC50D9A4CA8E70522EC8E5E 3812 ----a-w- C:\Windows\Sysnative\Tasks\Opera scheduled Autoupdate 1426621384 2015-02-25 13:07:09 -------- d-----w- C:\Windows\Sysnative\Tasks\Games ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-25 17:49:46 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-03-24 15:41:00 -------- d-----w- C:\PROGRA~2\Muntje 2015-03-24 15:30:56 -------- d-----w- C:\PROGRA~2\Atari 2015-03-24 14:58:30 -------- d-----w- C:\PROGRA~2\CRYO 2015-03-24 14:51:18 -------- d-----w- C:\PROGRA~2\Garfield 2015-03-24 11:57:23 -------- d-----w- C:\PROGRA~2\EA GAMES 2015-03-24 11:01:52 -------- d-----w- C:\PROGRA~2\DreamWorks Interactive 2015-03-24 09:47:54 -------- d-----w- C:\PROGRA~2\Safari_nl 2015-03-24 08:54:41 -------- d-----w- C:\PROGRA~2\Rey Play and Print 2015-03-18 14:06:54 -------- d-----w- C:\PROGRA~2\AVG 2015-03-18 11:35:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-03-17 19:45:41 -------- d-----w- C:\PROGRA~2\Java 2015-03-17 19:42:33 -------- d-----w- C:\PROGRA~2\Opera 2015-03-11 10:39:15 -------- d-----w- C:\PROGRA~2\Mindscape 2015-03-01 12:40:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Macrovision Shared 2015-03-01 12:39:34 -------- d-----w- C:\PROGRA~2\COMMON~1\Sonic Shared 2015-03-01 12:39:34 -------- d-----w- C:\PROGRA~2\COMMON~1\PX Storage Engine 2015-02-25 20:21:27 -------- d-----w- C:\PROGRA~2\Ashampoo ======= C: ===== 2015-03-24 11:56:57 85BD4663A6C18B949356CEF38DD99A86 281 ----a-w- C:\debugInstaller.txt ====== C:\Users\Robert\AppData\Roaming ====== 2015-03-24 15:35:12 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps 2015-03-24 11:01:53 -------- d-----w- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamWorks 2015-03-24 09:49:26 -------- d-----w- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boris en Bibi 2015-03-19 18:12:15 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-03-18 20:22:14 -------- d-----w- C:\Users\Robert\AppData\Local\ABBYY 2015-03-18 14:08:03 -------- d-----w- C:\Users\Robert\AppData\Roaming\AVG2015 2015-03-18 14:07:24 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2015-03-18 14:07:24 -------- d-----w- C:\Users\Robert\AppData\Roaming\TuneUp Software 2015-03-18 14:06:55 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2015-03-18 13:56:40 -------- d-----w- C:\Users\Robert\AppData\Local\Avg2015 2015-03-18 11:17:38 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2015-03-17 19:46:06 -------- d-----w- C:\Users\Robert\AppData\Locallow\Oracle 2015-03-17 19:43:34 -------- d-----w- C:\Users\Robert\AppData\Local\Opera Software 2015-03-17 19:43:25 -------- d-----w- C:\Users\Robert\AppData\Roaming\Opera Software 2015-03-17 19:42:36 -------- d-----w- C:\Users\Robert\AppData\Locallow\Sun 2015-03-12 12:53:50 -------- d-----w- C:\Users\Robert\AppData\Local\Ashampoo Video Styler 2015-03-12 12:50:47 -------- d-----w- C:\Users\Robert\AppData\Roaming\Ashampoo Slideshow Studio HD 3 2015-03-10 15:12:31 -------- d-----w- C:\Users\Robert\AppData\Local\Ashampoo Movie Studio Pro 2015-02-27 13:03:40 DE798D15489CD6CC0BF646E5E00C5596 1057232 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2015-02-27 11:22:42 -------- d-----w- C:\Users\Robert\AppData\Local\Ashampoo Movie Studio 2013 2015-02-25 20:22:54 -------- d-----w- C:\Users\Robert\AppData\Roaming\Ashampoo 2015-02-25 20:21:53 -------- d-----w- C:\Users\Robert\AppData\Local\ashampoo 2015-02-25 20:21:50 -------- d-----w- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo ====== C:\Users\Robert ====== 2015-03-25 21:53:21 9866F32F94E0450453A0094F4AB81555 5344528 ----a-w- C:\Users\Robert\Downloads\ccsetup504.exe 2015-03-25 17:48:11 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Robert\Downloads\RSITx64.exe 2015-03-24 15:41:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Muntje 2015-03-24 15:08:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Egypte Kids 2015-03-24 11:59:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2015-03-24 11:01:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamWorks 2015-03-24 10:43:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive 2015-03-24 09:49:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris en Bibi 2015-03-24 08:54:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rey Play and Print 2015-03-23 21:53:42 3D05ADCCB210D24BB67982D95FB2857E 41090240 ----a-w- C:\Users\Robert\Downloads\Firefox Setup 36.0.4.exe 2015-03-19 18:11:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-03-18 19:49:19 9B72A11E78DD55D62389538490FC246A 880208 ----a-w- C:\Users\Robert\Downloads\ChromeSetup.exe 2015-03-18 14:07:11 -------- d-----w- C:\ProgramData\AVG2015 2015-03-18 13:56:40 -------- d--h--w- C:\ProgramData\Common Files 2015-03-17 19:46:07 -------- d-----w- C:\ProgramData\Sun 2015-03-17 19:45:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-17 19:45:46 -------- d-----w- C:\ProgramData\Oracle 2015-03-11 10:39:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mindscape 2015-03-01 12:42:21 -------- d-----w- C:\ProgramData\FLEXnet 2015-02-27 10:44:36 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2015-02-25 20:21:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo ====== C: exe-files == 2015-03-25 21:53:21 9866F32F94E0450453A0094F4AB81555 5344528 ----a-w- C:\Users\Robert\Downloads\ccsetup504.exe 2015-03-25 17:49:46 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Robert.exe 2015-03-25 17:48:11 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Robert\Downloads\RSITx64.exe 2015-03-25 15:58:51 65DD11EBD04D356E8485B12425FB181A 963072 ----a-w- C:\Users\Robert\AppData\Local\Packages\Microsoft.Adera-Lite_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Adera.AppHub.Win8\86c5e534bc55464ca3c6cf54c4fb10b4\Adera.AppHub.Win8.ni.exe 2015-03-25 15:56:37 CDE713A1101CD25329A959BFC5BC596F 146944 ----a-w- C:\Users\Robert\AppData\Local\Packages\34908JigsawPuzzlephotosud.KlondikeSolitaire8_2ty3rvq1c6b9m\AC\Microsoft\CLR_v4.0_32\NativeImages\flow8\894f21febc7954ccdf81744bd04daf8b\flow8.ni.exe 2015-03-25 15:55:07 8EB16C188134DEB81D8AFDA5F4797AD8 7770112 ----a-w- C:\Users\Robert\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\e43da951fd986a26f43502110bed4609\Map.ni.exe 2015-03-25 14:49:07 F22794B93C9FC55A934C1544F9600B43 70832 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe 2015-03-24 22:42:41 288E349FEF1D3A6C0F8C92B9DA93157B 73336 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.48\wow_helper.exe 2015-03-24 22:42:40 AB9CE2188CDC307574BB90EC0C572910 484472 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe 2015-03-24 22:42:40 6D93ECC601C6E1DE3B1FC4E769AC515E 1862776 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.48\opera_autoupdate.exe 2015-03-24 22:42:40 6C4C7B8F254C05A3B0F350F45009B520 51805816 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe 2015-03-24 22:42:39 14F90DDF6EEADA9E9F614737105AA9E0 1255544 ----a-w- C:\Program Files (x86)\Opera\28.0.1750.48\installer.exe 2015-03-24 15:50:22 B16443BA0652C42645B32A48232822E7 109840 ----a-w- C:\Program Files (x86)\Windows Media Player\mplayer2.exe 2015-03-24 15:50:22 92F8115DDC7136ECCD7BDDBC492F9861 63488 ----a-w- C:\Windows\SysWOW64\unam4ie.exe 2015-03-24 15:50:22 0AF665DBF9605D4250908D28860BC364 75024 ----a-w- C:\Windows\Inf\unregmp2.exe 2015-03-24 15:30:33 1108B166160D6023AF76435B074052B6 455600 ----a-r- C:\Users\Robert\AppData\Local\Temp\_isCC6C.exe 2015-03-24 15:05:21 05156828C93EF8C8B4CD54195EE766A4 716800 ----a-w- C:\Program Files (x86)\CRYO\EgypteKids\egyptekids.exe 2015-03-24 11:57:25 3E1E8528632F70CB65EC65D40C14D97F 290816 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\eauninstall.exe 2015-03-24 11:57:25 3C9BD043EAD28FE7501C11112A7E3F8D 3471584 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\QWC.exe 2015-03-24 11:57:24 C8900D8062C01139DD83E1B5E7C3CA21 69632 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\Support\go_ez.exe 2015-03-24 11:57:24 82F9FC5B7FA1229808A2A6E5BA365EB0 626688 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\Support\Harry Potter Quidditch World Cup_EZ.exe 2015-03-24 11:57:24 6F8BEF6D4E71BFF0D2AD63AF1D2DC9B5 290816 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\Support\Harry Potter Quidditch World Cup_code.exe 2015-03-24 11:57:24 56DE1E295BBAAC16094CEDB8FA3AE892 86016 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\Support\Harry Potter Quidditch World Cup_uninst.exe 2015-03-24 11:57:24 196391CB8491B2E318F30531B0966637 618496 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\Support\eReg.exe 2015-03-24 11:57:23 689FB84AAC075F89D775E0E0CA3AFECE 323584 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\Support\EasyInfo.exe 2015-03-24 11:01:52 37D654A2A7BBB01F8C419AB849FF29D4 810496 ----a-w- C:\Program Files (x86)\DreamWorks Interactive\Neverhood\nhc.exe 2015-03-24 11:01:52 2B7B927BA1948BB8937C284BE047B7E6 202240 ---ha-w- C:\Program Files (x86)\DreamWorks Interactive\Neverhood\setup95.exe 2015-03-24 10:43:16 35C3380BA642E7B2B27EEBDB9A5F1164 1645568 ----a-w- C:\Programmabestanden\Disney Interactive\Disneys Magic Artist 2\DMA.EXE 2015-03-24 09:48:57 EDCC04ED632CC2F8B510EF2A0C6B6245 2239112 ----a-w- C:\Windows\rembbb.exe 2015-03-24 09:48:53 F0703C4BCDAC51C780D94BBA43E5C204 166976 ----a-w- C:\Program Files (x86)\Safari_nl\starterbb.exe 2015-03-24 08:54:51 068039CD8C347A2D647AA7E3367720E4 2158852 ----a-w- C:\Program Files (x86)\Rey Play and Print\Winnie de Poeh\Winnie de Poeh.EXE 2015-03-24 08:54:50 8442DC2A789540B74468DE0A2240BAC8 803680 ----a-w- C:\Program Files (x86)\Rey Play and Print\Winnie de Poeh\Xtras\ActiveX\Redist\Axdist.exe 2015-03-24 08:54:50 45C6625F80227F104820B5E15673C9FA 401760 ----a-w- C:\Program Files (x86)\Rey Play and Print\Winnie de Poeh\Xtras\ActiveX\Redist\Wintdist.exe 2015-03-24 08:54:49 BE26A74F273AA83E48933FBDAC0477D1 158560 ----a-w- C:\Program Files (x86)\Rey Play and Print\Winnie de Poeh\Xtras\ActiveX\Redist\Aprxdist.exe 2015-03-23 21:53:42 3D05ADCCB210D24BB67982D95FB2857E 41090240 ----a-w- C:\Users\Robert\Downloads\Firefox Setup 36.0.4.exe 2015-03-21 09:32:43 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files (x86)\Google\Update\Install\{A05B840E-876E-435B-B11C-D960138ED3F4}\41.0.2272.101_41.0.2272.89_chrome_updater.exe 2015-03-21 09:32:43 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.101\41.0.2272.101_41.0.2272.89_chrome_updater.exe 2015-03-19 18:17:34 0122DC60AC2308F4979CBA2EC4942F97 7152488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe === C: other files == 2015-03-26 10:21:01 710B44042297BD2FD355C670D52C56A2 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-32107338-2375938102-2283284955-1001\$IPN1U3Q.zip 2015-03-26 10:20:25 16DA5E6557FCACA09F97253E18117B3C 4170178 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-32107338-2375938102-2283284955-1001\$RPN1U3Q.zip 2015-03-24 11:57:25 BA0D892D2F786BCEBDF03B0A252B47F3 12400 ----a-w- C:\Program Files (x86)\EA GAMES\Harry Potter - WK Zwerkbal\SECDRV.SYS 2015-03-19 22:13:04 0D57D7E5B60C7489D3301A69EAB41235 637279 ----a-w- C:\Users\Robert\AppData\Roaming\Opera Software\Opera Stable\dictionaries\nl.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-32107338-2375938102-2283284955-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Remote Control Editor"="C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe" "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" "AshSnap"="C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe" "Zoner Photo Studio Autoupdate"="C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTRegRun"="C:\Windows\CTRegRun.EXE" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Remote Control Editor"="C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe" "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" "AshSnap"="C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe" "Zoner Photo Studio Autoupdate"="C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:/progra~3/{ba1d5~1/171~1.0/mere.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer_For_P2G8] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLMLServer_For_P2G8" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go8\\CLMLSvc_P2G8.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLVirtualDrive] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLVirtualDrive" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go8\\VirtualDrive.exe\" /R" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="C:\\PROGRA~2\\EPSONS~1\\EVENTM~1\\EEventManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON SX210 Series] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EPSON SX210 Series" "hkey"="HKCU" "command"="C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIFDE.EXE /FU \"C:\\Windows\\TEMP\\E_SF2A2.tmp\" /EF \"HKCU\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Remote Control Editor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Remote Control Editor" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Common Files\\TerraTec\\Remote\\TTTvRc.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl10" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD10\\PDVD10Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-03-2015 19:38] C:\Windows\tasks\ASC8_SkipUac_Robert.job --a-------- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [27-01-2015 12:06] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASC4_PerformanceMonitor" [E:\IObit\Advanced SystemCare 4\PMonitor.exe] "C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Robert" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Robert)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1426621384" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Robert" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{3324AAC2-809C-4480-8D20-A9A8D11603D0}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User Robert)" ["C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe"] "C:\Windows\SysNative\tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User Robert)" ["C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe"] "C:\Windows\SysNative\tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User Robert)" ["C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default user_pref("browser.startup.homepage", "http://doenormaal.eigenstart.nl/"); user_pref("browser.newtab.url", "about:home"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("keyword.url", "http://search.certified-toolbar.com?si=85023&tid=29472&ver=6.9&ts=1426621425766&tguid=85023-29472-1426621425766-FD97799D4E695ED1261AD6F8B2DBD8C4&st=chrome&q="); ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 11:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default - Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi - Strict Pop-up Blocker - %ProfilePath%\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi - Wild West 1.0.1 - %ProfilePath%\extensions\{2f7b2188-af2e-4a82-97ce-a3209818466f}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Robert\AppData\Roaming\Thunderbird\Profiles\e7kgegpb.default - Talkback - C:\Program Files (x86)\Mozilla Thunderbird\extensions\talkback@mozilla.org AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z783g1m6.default 43583AB4DFD406F4C188342F41B1F91C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] Google Slides - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Markdown Preview - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmchmkecamhbiokiopfpnfgbidieafmd Google Wallet - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://doenormaal.eigenstart.nl/", "startup_urls": [ "http://doenormaal.eigenstart.nl/" ] ==== Chromium Fix ====================== C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmchmkecamhbiokiopfpnfgbidieafmd deleted successfully C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jmchmkecamhbiokiopfpnfgbidieafmd_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" "Default_Search_URL"="http://www.google.com" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] @="http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1426546800000.000000&tguid=85023-29472-1426621425766-FD97799D4E695ED1261AD6F8B2DBD8C4&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] @="http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1426546800000.000000&tguid=85023-29472-1426621425766-FD97799D4E695ED1261AD6F8B2DBD8C4&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] @="http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1426546800000.000000&tguid=85023-29472-1426621425766-FD97799D4E695ED1261AD6F8B2DBD8C4&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] @="http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1426546800000.000000&tguid=85023-29472-1426621425766-FD97799D4E695ED1261AD6F8B2DBD8C4&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Trovi Url="http://www.trovi.com/Results.aspx?gd=&ctid=CT3331300&octid=EB_ORIGINAL_CTID&ISID=M1D85B952-D527-450F-B11F-6E6DFD056D15&SearchSource=58&CUI=&UM=8&UP=SPB66207EE-408E-4717-84AD-483B7A12F376&q={searchTerms}&D=031715&SSPV=" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\683E75D5492DAB141964AFEDC067BEA2 deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajNEnhance deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\683E75D5492DAB141964AFEDC067BEA2 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully ==== HijackThis Entries ====================== C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O4 - HKLM\..\Run: [CTRegRun] C:\Windows\CTRegRun.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Remote Control Editor] "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe" O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto O4 - HKCU\..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 7\ashsnap.exe O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:/progra~3/{ba1d5~1/171~1.0/mere.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: STOPzilla! (SBAMSvc) - ThreatTrack Security, Inc. - C:\Program Files (x86)\STOPzilla\SBAMSvc.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: STOPzilla Service (sz7) - iS3, Inc. - C:\Program Files (x86)\STOPzilla\SZServer.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\IHYZ1I16 will be deleted at reboot C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\JCN0FQVT will be deleted at reboot C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\MWMCU8O5 will be deleted at reboot C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\XLHDZ9X3 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\gyse3afc.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Robert\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Robert\AppData\Local\Vivaldi\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=194 folders=70 43342616 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Robert\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Robert\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Robert\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted "C:\Users\Robert\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted "C:\Users\Robert\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted "C:\Users\Robert\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted "C:\Users\Robert\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted "C:\Program Files (x86)\IObit\IObit Uninstaller" not found "C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\IHYZ1I16" not found "C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\JCN0FQVT" not found "C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\MWMCU8O5" not found "C:\Users\Robert\AppData\Local\Microsoft\Windows\INetCache\IE\XLHDZ9X3" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 26-03-2015 at 11:42:56,25 ======================