Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by eddy on wo 08-04-2015 at 20:23:14,86. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: E:\magazijn E\_downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 8-4-2015 20:24:48 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\web parijs deleted successfully C:\Program Files\ATI Technologies deleted successfully C:\PROGRA~3\BlueStacks deleted successfully C:\Users\eddy\AppData\Roaming\Open Rails deleted successfully C:\Users\eddy\AppData\Roaming\Splashtop deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3431553772-2128345478-2891135067-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-3431553772-2128345478-2891135067-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-3431553772-2128345478-2891135067-1000\Software\Microsoft\Internet Explorer\SearchScopes\{80062E2A-BE6B-465a-8719-8A4ED3359F9F} deleted successfully HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3431553772-2128345478-2891135067-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully ==== Installed Programs ====================== Adobe AIR Adobe Flash Player 17 NPAPI Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager AMD Accelerated Video Transcoding AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AMD Wireless Display v3.0 Any Wallpaper 1.1.1 AnyDVD Apple Application Support Apple Software Update Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Audacity 2.0.6 Avira Antivirus Avira SearchFree Toolbar AVS Audio Converter 7 AVS Audio Editor 7.1 AVS Audio Recorder version 4.0 AVS Disc Creator 5 AVS Document Converter 2.2.5 AVS DVD Copy 4.1.2.283 AVS Image Converter 2.3.2.248 AVS Media Player 4.1.10.99 AVS Photo Editor AVS Registry Cleaner version 2.2 AVS Ringtone Maker version 1.6 AVS Video Converter 8 AVS Video Editor 6 AVS Video Recorder 2.5 AVS Video ReMaker 4.1.3.149 Beetle Bomp Big Fish: Game Manager BlueStacks App Player BlueStacks Notification Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CHIPDRIVE MyKey CloneDVD2 Convert DVD to AVI Digital Media Doctor 2013 EditPad Pro 7 v.7.3.6 FileMaker Pro 8 FlashFXP 4 FreeCommander 2009.02b GAMESVOORIEDEREEN.NL GAME CENTER Gmail Notifier Intel(R) Management Engine Components Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client Mahjong Escape - Ancient China Malwarebytes Anti-Malware versie 2.1.4.1018 MDB Converter Microsoft .NET Framework 4.5.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft XNA Framework Redistributable 3.1 Mozilla Firefox 37.0.1 (x86 nl) Mozilla Maintenance Service Paragon Backup & RecoveryT 10 Home Peggle Nights QuickTime 7 Raptr Realtek HDMI Audio Driver for ATI Realtek High Definition Audio Driver RescuePRO 4.2.4.6 RescuePRO Deluxe 5.2.3.6 SCR3xxx Smart Card Reader Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956107) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2956109) 32-Bit Edition SILKYPIX Developer Studio 3.1 SE Total Commander 64-bit (Remove or Repair) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Windows Phone app for desktop XnView 2.20 ==== Running Processes ====================== C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe C:\GmailNotifierPro\GmailNotifierPro.exe C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\MyKey.exe C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\scmsok.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\PROGRA~2\Raptr\raptr.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\PROGRA~2\Raptr\raptr_im.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe C:\totalcmd\TOTALCMD.EXE C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE E:\magazijn E\_downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\eddy\AppData\Roaming\Mozilla\Firefox\Profiles\1odu5r2m.default ---- Lines AtuZi removed from prefs.js ---- user_pref("extensions.AtuZi.aul", "1400778538121"); user_pref("extensions.AtuZi.irl", true); user_pref("extensions.AtuZi.is", "cbslugp6"); user_pref("extensions.AtuZi.ug", "ED712FAC-9629-40D1-9005-0D23E0FC00DA"); ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com"); ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"tineye@ideeinc.com\":{\"d\":\"C:\\\\Users\\\\eddy\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\ ---- FireFox user.js and prefs.js backups ---- user_08-04-2015_2032_.backup prefs_08-04-2015_2032_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 Objects\{41564952-412D-5637-4300-7A786E7484D7}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\web parijs not found C:\Users\eddy\.android deleted C:\Users\eddy\AppData\Roaming\Systweak deleted C:\PROGRA~3\AskPartnerNetwork deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\Trymedia deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\S1C621DC6.tmp deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Users\eddy\AppData\Roaming\Mozilla\Firefox\Profiles\1odu5r2m.default\extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe" deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe" deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll" deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\PROGRA~2\AskPartnerNetwork" deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork" not deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar" not deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater" not deleted "C:\Users\eddy\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8154 MB CPU Info: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz CPU Speed: 3088,7 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: AMD Radeon HD 5700 Series | AMD Radeon HD 5700 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) CD / DVD Drives: 2x (F: | G: | ) F: PIONEER DVD-RW DVR-220L | G: TSSTcorpCDDVDW SH-224DB Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 465,4GB | D: 931,5GB | E: 1862,9GB | H: 1397,3GB | I: 189,9GB Hard Disks - Free: C: 399,2GB | D: 771,1GB | E: 1811,8GB | H: 935,0GB | I: 151,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/21/12 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. H77-DS3H Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Avira Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Avira Antivirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 37.0.1 Internet Explorer Version: 11.0.9600.17691 Mozilla Firefox version: 37.0.1 (x86 nl) Adobe Reader version: 11.0.10.32 Flash Player version: 17.0.0.134 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\eddy\AppData\Local\Temp ==== 2015-04-04 16:16:54 FDCF03208012026400DA8626656983F8 298096 ----a-w- C:\Users\eddy\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-04-06 17:15:38 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-04-06 17:15:24 CF12E148C6FC151335B7D7FE03F1C7A2 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-04-06 17:15:24 68C3B11D1ED8C97648BEEFEC37E93E74 107736 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-04-06 17:15:24 0CE2F3E26C770CBAEB50787A2C1FD09E 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-03-11 09:51:41 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-03-11 09:51:36 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2015-03-11 09:51:36 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-03-11 09:51:07 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-03-11 09:51:07 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-03-11 09:51:07 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-07 19:02:50 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-03-20 17:15:40 -------- d-----w- C:\PROGRA~2\BlueStacks 2015-03-12 18:03:08 -------- d-----w- C:\PROGRA~2\RescuePRO ======= C: ===== ====== C:\Users\eddy\AppData\Roaming ====== 2015-03-20 17:15:10 -------- d-----w- C:\Users\eddy\AppData\Local\Bluestacks ====== C:\Users\eddy ====== 2015-03-20 17:15:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2015-03-20 17:15:11 -------- d-----w- C:\ProgramData\BlueStacksSetup 2015-03-12 18:03:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RescuePRO ====== C: exe-files == 2015-04-07 19:02:50 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\eddy.exe 2015-04-04 16:16:54 FDCF03208012026400DA8626656983F8 298096 ----a-w- C:\Users\eddy\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe 2015-04-04 12:27:46 E32AAB3E477398B78E9D8F2418D1989C 658944 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe 2015-04-04 12:27:46 A6C3E3120AC125BABE410959083A0108 459264 ----a-w- C:\Windows\System32\GWX\GWX.exe 2015-04-04 12:27:46 86345D30828786E1CC6AF12DF769D136 392704 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe 2015-04-04 12:27:46 771215B601C7D7E88D015D974AF7BEC7 393216 ----a-w- C:\Windows\System32\GWX\GWXUX.exe 2015-04-04 12:27:46 29038FF696BB007224872DA9645EA324 353048 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe === C: other files == 2015-04-08 09:05:31 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\eddy\AppData\Roaming\Raptr\data\raptrguestqkh3taek\config\certificates\x509\tls_peers\xmpp-server3.raptr.com 2015-04-07 21:18:27 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\eddy\AppData\Roaming\Raptr\data\raptrguestqkh3taek\config\certificates\x509\tls_peers\xmpp-server4.raptr.com 2015-04-07 20:36:05 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\eddy\AppData\Roaming\Raptr\data\raptrguestqkh3taek\config\certificates\x509\tls_peers\xmpp-server2.raptr.com 2015-04-07 11:52:57 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\eddy\AppData\Roaming\Raptr\data\raptrguestqkh3taek\config\certificates\x509\tls_peers\xmpp-server7.raptr.com 2015-04-07 09:05:05 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\eddy\AppData\Roaming\Raptr\data\raptrguestqkh3taek\config\certificates\x509\tls_peers\xmpp-server8.raptr.com 2015-04-06 17:15:38 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-04-06 17:15:24 CF12E148C6FC151335B7D7FE03F1C7A2 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-04-06 17:15:24 68C3B11D1ED8C97648BEEFEC37E93E74 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-04-06 17:15:24 0CE2F3E26C770CBAEB50787A2C1FD09E 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-04-06 09:54:43 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\eddy\AppData\Roaming\Raptr\data\raptrguestqkh3taek\config\certificates\x509\tls_peers\xmpp-server5.raptr.com ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3431553772-2128345478-2891135067-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Any Wallpaper"="C:\Program Files (x86)\AnyUtils\Any Wallpaper\AnyWallpaper.exe hide" "AnyDVD"="C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe" "GmailNotifierPro"="C:\GmailNotifierPro\GmailNotifierPro.exe /minimized" "Gmail Notifier.exe"="C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe /startup" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "MyKey"="C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\MyKey.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "Raptr"="C:\Program Files (x86)\Raptr\raptrstub.exe --startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Any Wallpaper"="C:\Program Files (x86)\AnyUtils\Any Wallpaper\AnyWallpaper.exe hide" "AnyDVD"="C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe" "GmailNotifierPro"="C:\GmailNotifierPro\GmailNotifierPro.exe /minimized" "Gmail Notifier.exe"="C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe /startup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ApnTBMon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\AskPartnerNetwork\\Toolbar\\Updater\\TBNotifier.exe\"" ==== Startup Folders ====================== 2014-07-26 22:35:45 2155008 ----a-w- C:\Users\eddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gmail Notifier.exe 2014-11-03 12:39:13 1093 ----a-w- C:\Users\eddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JL Christmas Market.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22-03-2015 12:57] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\{526B2175-FB5F-4F37-8607-2FC1D8F3D7C0}" [G:\AUTOPLAY.EXE] "C:\Windows\SysNative\tasks\{B4EFF15B-BE9F-4F12-8451-BB164A6041D7}" [G:\AUTOPLAY.EXE] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\eddy\AppData\Roaming\Mozilla\Firefox\Profiles\1odu5r2m.default user_pref("browser.startup.homepage", "https://www.google.be/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{FACC66B7-E49F-49ed-997E-66A221FD956D}"="C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\FireFox" [04-05-2014 18:32] ==== Firefox Extensions ====================== ProfilePath: C:\Users\eddy\AppData\Roaming\Mozilla\Firefox\Profiles\1odu5r2m.default - TinEye Reverse Image Search - %ProfilePath%\extensions\tineye@ideeinc.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\eddy\AppData\Roaming\Mozilla\Firefox\Profiles\1odu5r2m.default 43583AB4DFD406F4C188342F41B1F91C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pcoohmdcpejoeggdnihdfhohjgdbllgm - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\ToolbarCR.crx[] YouTube - eddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - eddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - eddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - eddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{524502DC-3EEE-4e5b-BFF6-AE8CE5E8DA6E}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {524502DC-3EEE-4e5b-BFF6-AE8CE5E8DA6E} Bing Url="http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH" {D30EB15B-8171-4c3b-BEF3-752C240B3C99} Google Url="http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=4183257091&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=nl&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [MyKey] C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\MyKey.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup O4 - HKCU\..\Run: [Any Wallpaper] "C:\Program Files (x86)\AnyUtils\Any Wallpaper\AnyWallpaper.exe" "hide" O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe" O4 - HKCU\..\Run: [GmailNotifierPro] C:\GmailNotifierPro\GmailNotifierPro.exe /minimized O4 - HKCU\..\Run: [Gmail Notifier.exe] C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe /startup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Gmail Notifier.exe O4 - Startup: JL Christmas Market.lnk = C:\Program Files (x86)\JL Christmas Market\JL Christmas Market.exe O8 - Extra context menu item: CHIPDRIVE - Fill form - res://C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\\ieif.dll/formfill.html O8 - Extra context menu item: CHIPDRIVE - Fill forms on this site only if requested - res://C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\\ieif.dll/formigno.html O8 - Extra context menu item: CHIPDRIVE - Fill password - res://C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\\ieif.dll/passfill.html O8 - Extra context menu item: CHIPDRIVE - Fill passwords on this site only if requested - res://C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\\ieif.dll/passigno.html O8 - Extra context menu item: CHIPDRIVE - Save password - res://C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\\ieif.dll/passave.html O8 - Extra context menu item: CHIPDRIVE - Save passwords on this site only if requested - res://C:\Program Files (x86)\CHIPDRIVE\CHIPDRIVE MyKey\MyKey\\ieif.dll/passsvig.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Updater Service;gadgetDataDir=H:\BlueStacks\UserData\Gadget" (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\eddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\eddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\eddy\AppData\Local\Mozilla\Firefox\Profiles\1odu5r2m.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\eddy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1149 folders=349 83326749 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\eddy\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\eddy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\eddy\AppData\Local\AskPartnerNetwork" not found ==== EOF on wo 08-04-2015 at 20:41:21,78 ======================