Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by guido on vr 15/04/2016 at 18:48:40,87. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: D:\cleansoftware\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 15/04/2016 19:12:34 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\CanonEPP deleted successfully C:\PROGRA~2\CanonIJEPPEX2 deleted successfully C:\Users\guido\AppData\Roaming\Malwarebytes deleted successfully C:\Users\guido\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\guido\AppData\Local\EmieSiteList deleted successfully C:\Users\guido\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4BAF4BDB-5ECA-470E-A424-3EAE80F63746} deleted successfully HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5354-2D53-5045-7A786E7484D7} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Reader XI (11.0.12) - Nederlands Adobe Refresh Manager Adobe SVG Viewer 3.0 ArcSoft ShowBiz DVD 2 Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Autodesk Design Review 2012 Autodesk Inventor Content Center Libraries 2012 (Desktop Content) Autodesk Inventor Fusion 2012 Autodesk Inventor Fusion 2012 Language Pack Autodesk Inventor Fusion for Inventor 2012 Add-in Autodesk Inventor Fusion for Inventor 2012 Add-in Language Pack Autodesk Inventor Professional 2012 Autodesk Inventor Professional 2012 English Autodesk Inventor Professional 2012 English Language Pack Autodesk Material Library 2012 Autodesk Material Library Base Resolution Image Library 2012 Autodesk Material Library Low Resolution Image Library 2012 Autodesk Vault 2012 (Client) Autodesk Vault 2012 (Client) English Language Pack Bing Bar Bomber Mario Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon MG3100 series MP Drivers Canon MG3100 series On-screen Manual Canon MP Navigator EX 5.0 Canon My Printer Canon Solution Menu EX CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CorelDRAW Essentials 4 - Content CorelDRAW Essentials 4 - Draw CorelDRAW Essentials 4 - Filters CorelDRAW Essentials 4 - ICA CorelDRAW Essentials 4 - IPM - No VBA CorelDRAW Essentials 4 - Lang BR CorelDRAW Essentials 4 - Lang DE CorelDRAW Essentials 4 - Lang EN CorelDRAW Essentials 4 - Lang ES CorelDRAW Essentials 4 - Lang FR CorelDRAW Essentials 4 - Lang IT CorelDRAW Essentials 4 - Lang NL CorelDRAW Essentials 4 - PHOTO-PAINT CorelDRAW Essentials 4 - Windows Shell Extension CorelDRAW Essentials 4 CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDVD Copy CyberLink YouCam D3DX10 DWG TrueView 2012 Eco Materials Adviser Fishdom Freemake Video Converter versie 4.1.4 Freemake Youtube Mp3 Converter Gebruikersregistratie voor Canon MG3100 series Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper Intel(R) Graphics Media Accelerator Driver Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Java 8 Update 77 Java Auto Updater JavaFX 2.1.1 Junk Mail filter update Korean Fonts Support For Adobe Reader 9 Launch Manager V1.5.0.8 MAGIX Video easy SE Malwarebytes Anti-Malware versie 2.0.2.1012 Medion Home Cinema Microsoft .NET Framework 4.6.1 Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft WSE 3.0 Runtime Mozilla Firefox 36.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) Native Instruments Traktor DJ Studio 3 Octoshape add-in for Adobe Flash Player PlayReady PC Runtime x86 PoiEdit Quick Uninstall Tool for Autodesk Inventor 2012 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader REALTEK Wireless LAN Driver SAMSUNG Intelli-studio Search App by Ask Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3143693) Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114895) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114982) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114892) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2880510) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114983) 32-Bit Edition Shopping App by Ask SkypeT 7.10 Spotify Synaptics Pointing Device Driver TrySim Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114979) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB Video/Audio Driver VBA (2627.01) VirtualDJ Home FREE VLC media player 2.0.3 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR X10 Hardware(TM) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Windows\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\WButton.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\guido\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Windows\system32\GWX\GWX.exe C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Launch Manager\WisLMSvc.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\cleansoftware\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\guido\AppData\Roaming\Mozilla\Firefox\Profiles\4j73e15h.default user.js not found ---- Lines BrowseFox removed from prefs.js ---- user_pref("extensions.BrowseFox.aul", "1393149555752"); user_pref("extensions.BrowseFox.irl", true); user_pref("extensions.BrowseFox.is", "grbbfbe"); user_pref("extensions.BrowseFox.ug", "18758D60-96EE-42DD-AF41-790E88388B49"); ---- FireFox user.js and prefs.js backups ---- prefs_20161504_1925_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- "ApnTBMon"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AskPartnerNetwork deleted C:\PROGRA~2\APN deleted C:\Users\guido\AppData\Local\AskPartnerNetwork deleted C:\Users\guido\AppData\Roaming\Mozilla\Firefox\Profiles\4j73e15h.default\extensions\staged deleted "C:\Windows\Installer\2526c.msi" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 2935 MB CPU Info: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz CPU Speed: 2259,2 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-S083C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 267,0GB | D: 30,0GB Hard Disks - Free: C: 179,6GB | D: 9,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 02/01/10 | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MEDION E7214 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Google Chrome 49.0.2623.112 Internet Explorer Version: 11.0.9600.18282 Mozilla Firefox version: 36.0.1 (x86 nl) Google Chrome version: 49.0.2623.112 Adobe Reader version: 11.0.12.18 Sun Java version: 1.8.0_77 (32-bit) Flash Player version: 21.0.0.213 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\guido\AppData\Local\Temp ==== 2016-04-14 05:19:48 593EB0B236A6E2372D11B975F0455A99 7603992 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-f7276f95.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2016-04-13 07:47:34 E08CCC70F5520717E764A966A7BA22EF 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2016-04-13 07:47:34 DDD0F1861689EC17F8CA0CD8E46B8D5A 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2016-04-13 07:47:34 88E354002F529A39B3098B7164CB4C14 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-04-13 07:47:34 4949ACC87CA50A42863676CEA35147EA 30720 ----a-w- C:\Windows\System32\iernonce.dll 2016-04-13 07:47:33 E90EF76CB74E7AECB0355AF44B6B1B78 346320 ----a-w- C:\Windows\System32\iedkcs32.dll 2016-04-13 07:47:33 D1DD8FAFC2157E552D27F65BE4E600BE 689664 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-04-13 07:47:33 55E69CE386E20BE89CB62FD5A205D5A1 91136 ----a-w- C:\Windows\System32\inseng.dll 2016-04-13 07:47:33 340F204F636FB15D8C52DC1FFBD88F51 130048 ----a-w- C:\Windows\System32\occache.dll 2016-04-13 07:47:33 282091D681AB6AFD9FBC59DF900F9861 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-04-13 07:47:32 C0C84BA8E2C98159BC0847BE36B05D47 47104 ----a-w- C:\Windows\System32\jsproxy.dll 2016-04-13 07:47:32 A0701B16086577DD3D592AE7D28EFAB6 416256 ----a-w- C:\Windows\System32\dxtmsft.dll 2016-04-13 07:47:32 79E4D96CCB1E68A3CE18B6E8E3F3B705 1311744 ----a-w- C:\Windows\System32\urlmon.dll 2016-04-13 07:47:32 3E816997AA0924BE8C1F957BB0B6A2AD 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-04-13 07:47:32 2CBA7EBF49FF867C7F116BF66C0049BF 620032 ----a-w- C:\Windows\System32\jscript9diag.dll 2016-04-13 07:47:31 B68217807ABBCA26B08D33E7315F4566 710144 ----a-w- C:\Windows\System32\ieapfltr.dll 2016-04-13 07:47:31 65BC52D21BBCED6B6538378E11439850 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2016-04-13 07:47:31 28009063B84E8F9C8479D34AD32BF7D2 693248 ----a-w- C:\Windows\System32\msfeeds.dll 2016-04-13 07:47:29 CBDA03CEE7784F2A3D3C3E197B5C3784 230400 ----a-w- C:\Windows\System32\webcheck.dll 2016-04-13 07:47:29 96537B3B2E17273D4B4DB5A061B5D07B 2056192 ----a-w- C:\Windows\System32\inetcpl.cpl 2016-04-13 07:47:29 2AEBB3308B4AACDC0BB548EF5560AACF 62464 ----a-w- C:\Windows\System32\iesetup.dll 2016-04-13 07:47:29 26597D00E5A4A022D5D4C4459967BF30 168960 ----a-w- C:\Windows\System32\msrating.dll 2016-04-13 07:47:28 EE3825FFE3F31B7FCB7B4A284197361B 2121216 ----a-w- C:\Windows\System32\wininet.dll 2016-04-13 07:47:28 A0CEB2F346FED505360E8F3A1398DEAB 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2016-04-13 07:47:27 145A62FF0E34A8DC81DC45954EBD7EE9 279040 ----a-w- C:\Windows\System32\dxtrans.dll 2016-04-13 07:47:26 795F250FBBC41FC616557767E4FD63EF 13811712 ----a-w- C:\Windows\System32\ieframe.dll 2016-04-13 07:47:26 720DCF5A80B0D37865CBB58333961335 476160 ----a-w- C:\Windows\System32\ieui.dll 2016-04-13 07:47:25 7C06F83E73201DE87B471917E8C9BCBD 341504 ----a-w- C:\Windows\System32\html.iec 2016-04-13 07:47:24 B49EBDC69A49D67A3F20C583DDC7BF5D 76288 ----a-w- C:\Windows\System32\mshtmled.dll 2016-04-13 07:47:24 39E2397EE90CBC724567B9E6906E1AFC 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2016-04-13 07:47:23 E1DEB2313E5527B721514570756A33C8 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll 2016-04-13 07:47:23 49E51E0E5A6BF6B893017578CEB42B2D 2285056 ----a-w- C:\Windows\System32\iertutil.dll 2016-04-13 07:47:22 8C99981E6B4209ABC8BCF887BDEBCE53 20352512 ----a-w- C:\Windows\System32\mshtml.dll 2016-04-13 07:47:21 9A94A96401F9E8D777145C4A10E2F068 4611072 ----a-w- C:\Windows\System32\jscript9.dll 2016-04-13 07:47:19 E34AB80B40980408CE370070512AB6AB 663552 ----a-w- C:\Windows\System32\jscript.dll 2016-04-13 07:47:19 7A24C77D85DE57C80D300A2F241F1721 496640 ----a-w- C:\Windows\System32\vbscript.dll 2016-04-13 07:44:32 F86B112953D1BFA0345BDFC594818D04 424960 ----a-w- C:\Windows\System32\devinv.dll 2016-04-13 07:44:32 DA8BEF41E71B67D328199DB5B6A663FF 1218048 ----a-w- C:\Windows\System32\appraiser.dll 2016-04-13 07:44:32 CC8104EA2BDB83C131B1851CF4A09FC9 957952 ----a-w- C:\Windows\System32\aeinv.dll 2016-04-13 07:44:32 CA1D207328D76910CAC095AE3F97CA23 34024 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-04-13 07:44:32 4AECB6D0F5FDE5F3472154E5ED1BD02A 177664 ----a-w- C:\Windows\System32\aepic.dll 2016-04-13 07:44:32 279C82F0E9F660E1E037148B4BBD28C5 560640 ----a-w- C:\Windows\System32\generaltel.dll 2016-04-13 07:44:32 1ECAD6875E94D987E30C3BF2190FFA87 65536 ----a-w- C:\Windows\System32\acmigration.dll 2016-04-13 07:44:32 15ADCB0D0B1B1584AFD5150929483C2F 232960 ----a-w- C:\Windows\System32\invagent.dll 2016-04-13 07:44:26 1F54F58D7FA2B3442084E32CDE5E309E 376320 ----a-w- C:\Windows\System32\rpcss.dll 2016-04-13 07:44:23 C86AFCDD4584CFDF7B57335FEC7546E4 111616 ----a-w- C:\Windows\System32\mtxoci.dll 2016-04-13 07:44:23 936AF75B1A7A663C24F999029A84142C 176128 ----a-w- C:\Windows\System32\msorcl32.dll 2016-04-13 07:44:13 F1CA4530A435A6741346A1ECF3FE10E9 3943144 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-13 07:44:13 E518B37F8C82A4320732352E4DA9BF41 1414144 ----a-w- C:\Windows\System32\ole32.dll 2016-04-13 07:44:13 599F7B42E0F91BBB7226B2C584B44A6C 294400 ----a-w- C:\Windows\System32\KernelBase.dll 2016-04-13 07:44:12 E4068870715898300C3B99660862F24D 1310528 ----a-w- C:\Windows\System32\ntdll.dll 2016-04-13 07:44:12 DD1314B5C4AFC9F93E1F678B5F417229 69632 ----a-w- C:\Windows\System32\smss.exe 2016-04-13 07:44:12 A144F79630703204460163861501A7D7 1062400 ----a-w- C:\Windows\System32\lsasrv.dll 2016-04-13 07:44:12 9F55E7A647A793A4D8C89A32B9543799 644096 ----a-w- C:\Windows\System32\advapi32.dll 2016-04-13 07:44:12 761D6906DE888CF832606CFCDC9E7C47 271360 ----a-w- C:\Windows\System32\conhost.exe 2016-04-13 07:44:12 6B69810EDAEBBC68B205F5BBFD625E84 553984 ----a-w- C:\Windows\System32\kerberos.dll 2016-04-13 07:44:12 5C47821CC760ED48EA66A28465BD35E4 3998952 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2016-04-13 07:44:12 4D1BC518FF64EB70F6B9218A6FBFDEF6 872448 ----a-w- C:\Windows\System32\kernel32.dll 2016-04-13 07:44:12 4B042CC5ED798D41463A4E4BF756295C 655360 ----a-w- C:\Windows\System32\rpcrt4.dll 2016-04-13 07:44:12 2AE06D99B4BB580557F2F608C69AFF33 400896 ----a-w- C:\Windows\System32\srcore.dll 2016-04-13 07:44:12 090FF4D4A003291D7579A81089D06981 171008 ----a-w- C:\Windows\System32\winsrv.dll 2016-04-13 07:44:11 F7DF39F60CCB70AD4551BAC41C18ACA1 43008 ----a-w- C:\Windows\System32\srclient.dll 2016-04-13 07:44:11 E9EC44ED304D4100900BDFBB6D1A255C 99840 ----a-w- C:\Windows\System32\sspicli.dll 2016-04-13 07:44:11 E8618EF4CB8D38462D4D8A4ED7DA9850 171520 ----a-w- C:\Windows\System32\wdigest.dll 2016-04-13 07:44:11 E47C6A567296FD8BB2048B186F6FC6CA 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2016-04-13 07:44:11 B782F44A047D0D9459F0078A98AA8542 36352 ----a-w- C:\Windows\System32\cryptbase.dll 2016-04-13 07:44:11 A3ECF0CFA0BFE509A77F0514885EA608 50688 ----a-w- C:\Windows\System32\appidapi.dll 2016-04-13 07:44:11 972332B4F1AC8EF3A42AE45BF65D3B60 141312 ----a-w- C:\Windows\System32\rpchttp.dll 2016-04-13 07:44:11 96E3E544A4C4EDF86BD70F34CA3D285B 29696 ----a-w- C:\Windows\System32\appidsvc.dll 2016-04-13 07:44:11 88B9000A87883C908F927AF5036B8309 223232 ----a-w- C:\Windows\System32\ncrypt.dll 2016-04-13 07:44:11 77426C777A32E1493A787374B3D5F94B 22016 ----a-w- C:\Windows\System32\lsass.exe 2016-04-13 07:44:11 6B0E139FEF3B7C0061983C1502AE0CA3 22016 ----a-w- C:\Windows\System32\secur32.dll 2016-04-13 07:44:11 47B6BE9CDF6888B7F9FDC5B2DB41B107 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2016-04-13 07:44:11 28B998D3ACC5AF930B78A982B4698CB8 260608 ----a-w- C:\Windows\System32\msv1_0.dll 2016-04-13 07:44:11 2610C8EF506344326F7250691093A3B9 251392 ----a-w- C:\Windows\System32\schannel.dll 2016-04-13 07:44:11 23E5F79DD396258940B8EE394196C3DA 262656 ----a-w- C:\Windows\System32\rstrui.exe 2016-04-13 07:44:11 1FCAFC14E7B1BA3569DD1E483E486998 6656 ----a-w- C:\Windows\System32\apisetschema.dll 2016-04-13 07:44:11 07056A62D21893AF825125E888141CBA 50176 ----a-w- C:\Windows\System32\setbcdlocale.dll 2016-04-13 07:44:10 C8AE40931A2AC87E30E05C75E4A61796 17408 ----a-w- C:\Windows\System32\credssp.dll 2016-04-13 07:44:10 48723F3CA245A0D1FDB1DC4FA014C733 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2016-04-13 07:44:10 039A0B3CB3E564EF5B3092B25A79BB8F 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2016-04-13 07:44:09 F5042159B95FD2748F55D89E08A89B48 146432 ----a-w- C:\Windows\System32\msaudite.dll 2016-04-13 07:44:09 8DCFB284FC896E2F6F02134298A8F1E1 50176 ----a-w- C:\Windows\System32\auditpol.exe 2016-04-13 07:44:09 5B8DCCC1F8FF583BBFA1F2382DFBFCF3 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2016-04-13 07:44:09 4DD90351DB68847F9048133E45004B2F 60416 ----a-w- C:\Windows\System32\msobjs.dll 2016-04-13 07:44:09 38958A47AEE19E4CD89A0850640217C3 690688 ----a-w- C:\Windows\System32\adtschema.dll 2016-04-13 07:43:22 2D366CB2A6F0E4F7676B0CC250202B59 566272 ----a-w- C:\Windows\System32\samsrv.dll 2016-04-13 07:43:21 795F356F6027FCA3FD4AD5F3CCD904B7 60416 ----a-w- C:\Windows\System32\samlib.dll 2016-04-13 07:43:16 386E748E484BA802FCCBF00FC90729C4 2048 ----a-w- C:\Windows\System32\tzres.dll 2016-04-13 07:43:04 7B36BA338408A68B84574EB4D5FE6BC3 2397184 ----a-w- C:\Windows\System32\win32k.sys 2016-04-13 07:41:40 D25FCA441C69C3E6E78DE1BBCBF97BBC 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2016-04-13 07:41:40 8007E4C5C9B40FB30F816F6E74284DF1 1240576 ----a-w- C:\Windows\System32\msxml3.dll 2016-04-13 07:41:33 C2E392F3CE66FE21ADB7CA1158790BAA 15360 ----a-w- C:\Windows\System32\tbs.dll 2016-04-13 07:41:33 6B83397B551BA65E2B28F7AD17DE1F9C 355456 ----a-w- C:\Windows\System32\fveapi.dll 2016-04-13 07:41:33 0036298766DB8C93D72F03AE7C1337BF 97792 ----a-w- C:\Windows\System32\fveapibase.dll ====== C:\Windows\system32\drivers ===== 2016-04-13 07:44:12 B2ED7C4729F363E7DBDA8506A9979A47 67304 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-04-13 07:44:12 8E5D0A077B5592B4E8F26D8CDC2492CE 226304 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-04-13 07:44:12 85E6428349B8E4E4845D633E85879FB4 137960 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-04-13 07:44:12 7B9C4C7FAE04079D405AE658A7616ED0 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-04-13 07:44:11 5D5A1C8C046AA8DAF5FC778B4019D7CE 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-04-13 07:44:11 3427D31384ACDC3A7C432113D38D0ACC 50688 ----a-w- C:\Windows\System32\drivers\appid.sys 2016-04-13 07:43:13 B7B470F163002A0D0E381EE45834BF6B 57280 ----a-w- C:\Windows\System32\drivers\disk.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-04-15 16:45:26 -------- d-----w- C:\Program Files\Common Files\Java ======= C: ===== ====== C:\Users\guido\AppData\Roaming ====== 2016-04-15 16:45:02 -------- d-----w- C:\Users\guido\AppData\Roaming\Sun ====== C:\Users\guido ====== 2016-04-15 16:45:02 -------- d-----w- C:\Users\guido\.oracle_jre_usage ====== C: exe-files == 2016-04-15 16:44:31 A48BDE309534612FBA41D58E754A38BE 159296 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\unpack200.exe 2016-04-15 16:44:30 F4E94CBB9DEF622171D8943F2160B214 51776 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\ssvagent.exe 2016-04-15 16:44:30 D709404CB67D09946628987244B98A60 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\servertool.exe 2016-04-15 16:44:30 C1F46A7656D1DED6326D8E28B1CF1862 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-04-15 16:44:30 AC4F3A4F853070419C9E8479B3868103 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\tnameserv.exe 2016-04-15 16:44:30 8DF0EA1993F98096557A4AFA6235DE4E 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\rmid.exe 2016-04-15 16:44:29 E2AF676759086BAE2F16D6B5033E7F46 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\policytool.exe 2016-04-15 16:44:29 C558C87F624CF96F812028165190EEDE 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\pack200.exe 2016-04-15 16:44:29 A756D5633F6596B0E4711E60D3F61BCA 16448 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\orbd.exe 2016-04-15 16:44:29 5192C3656176D1D21D21372E1061D1A4 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\ktab.exe 2016-04-15 16:44:29 26E779D9D96192E312E5DC042E993DED 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\klist.exe 2016-04-15 16:44:28 F85C40988E94C2F463508FBEE94025BF 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\kinit.exe 2016-04-15 16:44:28 D62B10425DC16A177CB64D6B0356F915 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jjs.exe 2016-04-15 16:44:28 724998551979EB4E0DF53CA3994AF035 77888 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-04-15 16:44:28 4CC7AA4DCC143BB06999A62B8763EA6C 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\keytool.exe 2016-04-15 16:44:27 D763E321831C859D9195ADF15A951E95 15936 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\java-rmi.exe 2016-04-15 16:44:27 C31F1BDBB1902458FA15515BD0D8340B 191040 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\java.exe 2016-04-15 16:44:27 AAADCD8DA5BCE8986D6FEC09FAB7B70D 68672 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javacpl.exe 2016-04-15 16:44:27 A5AECC1529B64CB123B1880D3AD0F1AE 268352 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javaws.exe 2016-04-15 16:44:27 6101EC702C56D5F688AA578AC457A440 30784 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\jabswitch.exe 2016-04-15 16:44:27 2AD9EFBB015490AA315707BAC2BFD816 191552 ----a-w- C:\Program Files\Java\jre1.8.0_77\bin\javaw.exe 2016-04-14 05:19:48 593EB0B236A6E2372D11B975F0455A99 7603992 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-f7276f95.exe 2016-04-13 07:47:34 88E354002F529A39B3098B7164CB4C14 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-04-13 07:47:33 D1DD8FAFC2157E552D27F65BE4E600BE 689664 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-04-13 07:47:33 4220C16D79E0386F9C684EEF5586699B 221184 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-04-13 07:47:33 282091D681AB6AFD9FBC59DF900F9861 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-04-13 07:47:32 3E816997AA0924BE8C1F957BB0B6A2AD 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-04-13 07:47:30 0D509AB88C513DE28EF46B434AD3B1AA 473600 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-04-13 07:47:29 3A3666314CA3CAB290DCD6C0445DDB12 815312 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-04-13 07:44:32 CA1D207328D76910CAC095AE3F97CA23 34024 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-04-13 07:44:13 F1CA4530A435A6741346A1ECF3FE10E9 3943144 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-13 07:44:12 DD1314B5C4AFC9F93E1F678B5F417229 69632 ----a-w- C:\Windows\System32\smss.exe 2016-04-13 07:44:12 761D6906DE888CF832606CFCDC9E7C47 271360 ----a-w- C:\Windows\System32\conhost.exe 2016-04-13 07:44:12 5C47821CC760ED48EA66A28465BD35E4 3998952 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2016-04-13 07:44:11 77426C777A32E1493A787374B3D5F94B 22016 ----a-w- C:\Windows\System32\lsass.exe 2016-04-13 07:44:11 23E5F79DD396258940B8EE394196C3DA 262656 ----a-w- C:\Windows\System32\rstrui.exe 2016-04-13 07:44:10 039A0B3CB3E564EF5B3092B25A79BB8F 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2016-04-13 07:44:09 8DCFB284FC896E2F6F02134298A8F1E1 50176 ----a-w- C:\Windows\System32\auditpol.exe 2016-04-13 07:44:09 5B8DCCC1F8FF583BBFA1F2382DFBFCF3 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2016-04-13 07:43:16 DA5C8373F3618DD5C13A4B94F853AA66 40448 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2016-04-12 04:55:45 55BEEABD97E0D556E08A463A58FC17FF 2547800 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe 2016-04-11 05:07:33 BC158D4F14B7F51BE0ECD30BE43FB5E4 404712 ----a-w- C:\ProgramData\Adobe\ARM\S\1869\AdobeARMHelper.exe 2016-04-10 05:47:25 BC158D4F14B7F51BE0ECD30BE43FB5E4 404712 ----a-w- C:\ProgramData\Adobe\ARM\S\22446\AdobeARMHelper.exe 2016-04-09 17:41:34 BC158D4F14B7F51BE0ECD30BE43FB5E4 404712 ----a-w- C:\ProgramData\Adobe\ARM\S\11296\AdobeARMHelper.exe === C: other files == 2016-04-15 16:44:31 4EDC09D3151E434741F50E8F7210D162 14130 ----a-w- C:\Program Files\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-04-15 16:39:30 D187BCDFFBA233D65C8725FF2B447F4F 84 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys 2016-04-13 07:44:12 B2ED7C4729F363E7DBDA8506A9979A47 67304 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-04-13 07:44:12 8E5D0A077B5592B4E8F26D8CDC2492CE 226304 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-04-13 07:44:12 85E6428349B8E4E4845D633E85879FB4 137960 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-04-13 07:44:12 7B9C4C7FAE04079D405AE658A7616ED0 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-04-13 07:44:11 5D5A1C8C046AA8DAF5FC778B4019D7CE 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-04-13 07:44:11 3427D31384ACDC3A7C432113D38D0ACC 50688 ----a-w- C:\Windows\System32\drivers\appid.sys 2016-04-13 07:43:13 B7B470F163002A0D0E381EE45834BF6B 57280 ----a-w- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b1d91cea6f3429b1\disk.sys 2016-04-13 07:43:13 B7B470F163002A0D0E381EE45834BF6B 57280 ----a-w- C:\Windows\System32\drivers\disk.sys 2016-04-13 07:43:04 7B36BA338408A68B84574EB4D5FE6BC3 2397184 ----a-w- C:\Windows\System32\win32k.sys 2016-04-13 07:41:33 F0E99E1982E78251A564159EB1D22CBE 123328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\tpm.inf_x86_neutral_56b145ccbfca752c\tpm.sys ==== Orphaned Tasks deleted from Registry ====================== Scheduled Update for Ask Toolbar deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-875346456-3498223844-2771357875-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Spotify Web Helper"="C:\Users\guido\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 " "HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" "LMgrVolOSD"="C:\Program Files\Launch Manager\OSD.exe" "Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" "CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "IJNetworkScannerSelectorEX"="C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Spotify Web Helper"="C:\Users\guido\AppData\Roaming\Spotify\SpotifyWebHelper.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\guido\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\guido\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2016 10:04] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/08/2015 20:44] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/08/2015 20:44] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{AA0EBBA0-ADF3-4DE9-A1E6-4771E3DC1351}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\guido\AppData\Roaming\Mozilla\Firefox\Profiles\4j73e15h.default user_pref("browser.startup.homepage", "http://be.msn.com/default.aspx?pc=UP22&ocid=UP22DHP&dt=050113"); user_pref("browser.search.selectedEngine", "Google"); user_pref("keyword.URL", "http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=050113&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "fmconverter@gmail.com"="C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox" [03/06/2014 22:38] ==== Firefox Extensions ====================== ProfilePath: C:\Users\guido\AppData\Roaming\Mozilla\Firefox\Profiles\4j73e15h.default - Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com - Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox - Flash Video Downloader - YouTube HD Download [4K] - %ProfilePath%\extensions\artur.dubovoy@gmail.com - YouTube to MP3 - %ProfilePath%\extensions\youtube2mp3@mondayx.de.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\guido\AppData\Roaming\Mozilla\Firefox\Profiles\4j73e15h.default A9E98D1FCB614713E87149FCBE8459F2 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 0FFC7C7A12BD7B0465D97E7745287370 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat AEA69AF0E4F27AABA1A4DF66B43179A3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In A41DEB06F72E3FE35144E9F6BEECE152 - C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U77 ACCF169CDF30537B3747C38E43E83912 - C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.770.3 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 9C06DBC403F91D518ED117E460F03F85 - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility for IJ 57C7E359ED8D049132EED23EFA444C63 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash 4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[27/01/2014 22:42] jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[12/05/2014 12:10] Google Cast - guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Freemake Youtube Download Button - guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh Freemake Video Converter - guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Chrome Web Store Payments - guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\guido\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\guido\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gfe_rd=cr&ei=vwHJVOj4E83kOeKjgBA&gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gfe_rd=cr&ei=vwHJVOj4E83kOeKjgBA&gws_rd=ssl" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UP22 HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} HKCU\SearchScopes\{E0CA81C8-D2E3-4AD5-8DB3-18DFABD7FBF4} - http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC07200 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C2700} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC07200 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\guido\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O16 - DPF: {1E81B1B9-0245-4E6F-AAA7-0BCA975F7B4C} (NamoWeCtl 6.0 for hmc-kia_ecbank) - http://kia-hotline.com/Namo/NamoWec.cab O16 - DPF: {8D558E41-D24F-441D-A7C9-75B278C326FD} (knowledge.Knowledge_UserControl) - http://www.kia-hotline.com/OCX/Knowledge.CAB O16 - DPF: {CD5AC92D-5288-4387-9547-335ACB75F95D} (MLReport Launcher Class) - http://www.kia-hotline.com/config/mlreport/MLReportLauncher.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F1E66947-D853-4CB0-BCB2-62F6F00A5ED1}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager (mitsijm2012) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\guido\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\guido\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\guido\AppData\Local\Mozilla\Firefox\Profiles\4j73e15h.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\guido\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=709 folders=149 103375763 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\guido\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\guido\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\abcnewsplayer-a.akamaihd.net" not found "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\cdnapi.kaltura.com" not found "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\nl.chaturbate.com" not found "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\static.xvideos.com" not found "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\static1.syndication.vmma.be" not found "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\static1.vtm.vmmacdn.be" not found "C:\Users\guido\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\AUMF6UFG\www.wat.tv" not found ==== EOF on vr 15/04/2016 at 19:50:49,16 ======================