Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by e on wo 18/06/2014 at 13:35:02,74. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\e\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 18/06/2014 13:37:06 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\AMD deleted successfully C:\PROGRA~3\CorelDRAW Essentials Suite X5 deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\e\AppData\Roaming\TP deleted successfully C:\Users\e\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\e\AppData\Local\DriverToolkit deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1C81E40-2485-4DB6-8C9D-04BD596B281E} deleted successfully HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E} deleted successfully HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F1C81E40-2485-4DB6-8C9D-04BD596B281E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\virtualKeyboard@kaspersky.ru deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\KavAntiBanner@Kaspersky.ru deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\linkfilter@kaspersky.ru deleted successfully ==== Installed Programs ====================== 64 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 13 ActiveX Adobe Flash Player 13 Plugin Adobe Reader XI (11.0.07) - Nederlands Adobe Shockwave Player 12.0 AIDA32 v3.93 Ashampoo Burning Studio Ashampoo Photo Commander Ashampoo Photo Optimizer Ashampoo Snap Asmedia ASM104x USB 3.0 Host Controller Driver buenosearch toolbar BufferChm Canon Utilities ImageBrowser EX Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Norwegian CCC Help Spanish CCC Help Swedish Control ActiveX de Windows Live Mesh para conexiones remotas Contr“le ActiveX Windows Live Mesh pour connexions … distance Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas Copy Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 64 Bit CorelDRAW Essentials X5 - Common CorelDRAW Essentials X5 - Connect CorelDRAW Essentials X5 - Custom Data CorelDRAW Essentials X5 - DE CorelDRAW Essentials X5 - Draw CorelDRAW Essentials X5 - EN CorelDRAW Essentials X5 - ES CorelDRAW Essentials X5 - Extra Content CorelDRAW Essentials X5 - Filters CorelDRAW Essentials X5 - FR CorelDRAW Essentials X5 - IPM CorelDRAW Essentials X5 - IT CorelDRAW Essentials X5 - PHOTO-PAINT CorelDRAW Essentials X5 - Redist CorelDRAW Essentials X5 - Setup Files CorelDRAW Essentials X5 - WT CorelDRAW Essentials X5 CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover D3DX10 Destinations DeviceDiscovery DJ_AIO_03_F2200_Software_Min DriverTuner 3.1.0.1 F2200 Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Google Chrome Google Earth Google Update Helper GPBaseService2 HP Customer Participation Program 13.0 HP Deskjet F2200 All-In-One Driver Software 13.0 Rel. 3 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Smart Web Printing 4.51 HP Solution Center 13.0 HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Java 7 Update 51 (64-bit) Java 7 Update 55 Java Auto Updater Java(TM) 6 Update 24 Java(TM) 6 Update 24 (64-bit) Junk Mail filter update K-Lite Codec Pack 10.3.0 Full Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Logitech Gaming Software Logitech Gaming Software 5.10 MarketResearch Medion Home Cinema Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Flight Simulator X Microsoft Flight Simulator X Service Pack 1 Microsoft Office 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Starter 2010 - Nederlands Microsoft PowerPoint Viewer Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK PDFCreator Picasa 3 PlayReady PC Runtime amd64 PMDG_MD11_FSX Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live Raccolta foto di Windows Live Realtek High Definition Audio Driver S?????? f?t???af??? t?? Windows Live Scan Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Settings Manager Shop for HP Supplies SkypeT 6.14 SmartWebPrinting SolutionCenter Spelling Dictionaries Support For Adobe Reader X Status swMSM Toolbox TrayApp UnloadSupport WebReg Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Fot¢t r Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vez‚rlo t voli kapcsolatokhoz Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Resource Kit Tools - SubInAcl.exe ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\svchost.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Settings Manager\systemk\systemku.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\e\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SystemkService deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}] ==== Deleting Files \ Folders ====================== C:\PROGRA~3\CorelDRAW Essentials Suite X5 not found C:\Program Files (x86)\buenosearch LTD deleted C:\PROGRA~2\Linkey deleted C:\Program Files (x86)\SearchProtect deleted C:\PROGRA~2\Plus-HD-9.6 deleted C:\PROGRA~2\globalUpdate deleted C:\Users\e\AppData\Roaming\BabSolution deleted C:\Users\e\AppData\Roaming\buenosearch LTD deleted C:\Users\e\AppData\Roaming\pdfforge deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\Package Cache deleted C:\Users\e\AppData\Local\globalUpdate deleted C:\Users\e\AppData\Local\SearchProtect deleted C:\Users\e\Downloads\SoftonicDownloader_for_bluetooth-driver-installer.exe deleted C:\Users\e\AppData\LocalLow\buenosearch LTD deleted C:\Users\e\AppData\LocalLow\DataMngr deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\Users\e\Desktop\BQCKUP My Data\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_avira-free-antivirus.nl.softonic.com_0.localstorage deleted C:\Users\e\Desktop\BQCKUP My Data\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_avira-free-antivirus.nl.softonic.com_0.localstorage-journal deleted "C:\Program Files (x86)\Settings Manager\systemk\del_DM_LL_nsfD91F.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\favicon.ico" not deleted "C:\Program Files (x86)\Settings Manager\systemk\Helper.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\syskldr.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\syskldr_u.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemk.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemkbho.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemkChrome.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemkmgrc1.cfg" not deleted "C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemku.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\tbicon.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\Uninstall.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\del_DM_LL_nsfD91F.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr_u.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\systemk.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\systemkbho.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg" not deleted "C:\Program Files (x86)\Settings Manager\systemk" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4078 MB CPU Info: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz CPU Speed: 3083.2 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon HD 6670 | AMD Radeon HD 6670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 720 - 32 bit Network: Network Present Network Adapters: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-S223C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 1356.2GB | D: 40.0GB | Q: 0.0MB Hard Disks - Free: C: 1284.3GB | D: 22.2GB | Q: 0.0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/22/11 | MEDION - 7292010 Time Zone: Romance (standaardtijd) Motherboard *: MEDIONPC MS-7728 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Internet Explorer Version: 11.0.9600.17126 Google Chrome version: 35.0.1916.153 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_55 (32-bit) Sun Java version: 1.7.0_51 (64-bit) Flash Player version: 13.0.0.214 Shockwave Player version: 12.0.9r149 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\e\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-15 17:51:19 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-06-15 17:51:16 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-15 17:51:16 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-06-15 17:51:16 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-06-15 17:51:15 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-06-15 17:51:15 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-15 17:51:15 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-06-15 17:51:15 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-06-15 17:51:15 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-06-15 17:51:14 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-06-15 17:51:14 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-06-15 17:51:14 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-06-15 17:51:13 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-06-15 17:51:13 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-06-15 17:51:13 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-06-15 17:51:13 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-06-15 17:51:13 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-06-15 17:51:12 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-06-15 17:51:12 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-15 17:51:11 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-06-15 17:51:11 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-15 17:51:11 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-06-15 17:51:11 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-06-15 17:51:11 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-06-15 17:51:11 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll ====== C:\Windows\SysWOW64\drivers ===== 2014-05-26 15:15:55 E4F4D3B35C98DC6BD1D5ED64A23E8910 27388 ----a-w- C:\Windows\SysWOW64\drivers\ihidfilt.sys 2014-05-26 15:15:55 433C633655E1A2450F57E55EF936A852 17344 ----a-w- C:\Windows\SysWOW64\drivers\LHidHi.sys 2014-05-26 15:15:54 C89660A0B3ECC443A9DDB98797636832 13888 ----a-w- C:\Windows\SysWOW64\drivers\LHidLo.sys 2014-05-26 15:15:54 07D5F26874C06B1D575C81BE5F57AC96 10432 ----a-w- C:\Windows\SysWOW64\drivers\LUsbSys.sys ====== C:\Windows\Sysnative ===== 2014-06-15 17:51:19 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-06-15 17:51:17 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-06-15 17:51:17 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-06-15 17:51:15 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-06-15 17:51:15 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-06-15 17:51:14 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-06-15 17:51:14 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-06-15 17:51:13 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-06-15 17:51:13 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-06-15 17:51:13 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-06-15 17:51:13 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-06-15 17:51:12 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-06-15 17:51:12 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-06-15 17:51:12 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-06-15 17:51:12 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-06-15 17:51:11 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-06-15 17:51:11 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-06-15 17:51:10 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-06-15 17:51:10 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-06-15 17:51:10 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-06-15 17:51:10 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-06-15 17:51:09 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-06-15 17:51:09 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-06-15 17:51:09 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-06-15 17:51:09 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-06-15 17:51:09 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-06-15 17:51:09 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-06-15 17:51:08 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-06-15 17:51:08 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-06-15 17:51:07 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-06-15 17:51:07 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-06-15 17:50:46 2C053C9B2A8249F1F9B38ED1AE455771 506368 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-06-15 17:50:45 84A13AB118F433898B5ABA36E8D7CA91 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-15 17:51:18 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-15 17:51:18 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2014-05-27 11:31:08 E77C6DC1AC9100C11A1CDCEFF16037F6 3120 ----a-w- C:\Windows\Sysnative\Tasks\{C112CF25-387B-45B5-89BD-A9B57712A791} 2014-05-26 19:49:50 340537BFDB60516415FF5A8762B110CD 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2014-05-26 19:49:50 231DF3DCFF65966F74350633E6B6E400 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-17 14:27:55 -------- d-----w- C:\Program Files\trend micro 2014-06-03 13:59:54 -------- d-----w- C:\Program Files\AMD ======= C:\PROGRA~2 ===== 2014-06-17 13:00:26 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-06-16 17:06:53 -------- d-----w- C:\PROGRA~2\Canon 2014-06-16 17:06:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Canon_Inc_IC 2014-06-16 17:02:31 -------- d-----w- C:\PROGRA~2\COMMON~1\Canon 2014-06-16 02:30:35 -------- d-----w- C:\PROGRA~2\Windows Resource Kits 2014-06-03 14:01:38 -------- d-----w- C:\PROGRA~2\Raptr 2014-05-26 14:26:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Microsoft Games 2014-05-26 13:56:56 -------- d-----w- C:\PROGRA~2\Microsoft Games 2014-05-20 10:35:27 -------- d-----w- C:\PROGRA~2\COMMON~1\Corel ======= C: ===== ====== C:\Users\e\AppData\Roaming ====== 2014-06-16 17:14:36 -------- d-----w- C:\Users\e\AppData\Roaming\CANON INC 2014-06-16 17:07:10 -------- d-----w- C:\Users\e\AppData\Roaming\Canon_Inc_IC 2014-06-16 17:06:13 -------- d-----w- C:\Users\e\AppData\Roaming\canon 2014-06-04 12:07:13 -------- d-----w- C:\Users\e\AppData\Locallow\Temp 2014-06-03 14:02:09 -------- d-----w- C:\Users\e\AppData\Roaming\library_dir 2014-06-03 14:01:38 -------- d-----w- C:\Users\e\AppData\Roaming\Raptr 2014-05-26 14:45:25 -------- d-----w- C:\Users\e\AppData\Roaming\InstallShield 2014-05-26 13:55:22 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-20 10:32:29 -------- d-----w- C:\Users\e\AppData\Roaming\Corel ====== C:\Users\e ====== 2014-06-16 20:13:34 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\e\Downloads\MicrosoftFixit.Devices.LB.237326380401282642.1.1.Run.exe 2014-06-16 18:36:42 6992D29C19309E36DD849727B358E507 2014840 ----a-w- C:\Users\e\Downloads\DriverBoostPro_Setup.exe 2014-06-16 17:07:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-16 17:05:56 -------- d-----w- C:\ProgramData\Canon_Inc_IC 2014-06-16 16:09:02 3EE3E6CCAB119B71D1588BC4E3E85AC6 183209286 ----a-w- C:\Users\e\Downloads\gkati_rad_cat(vst).exe 2014-06-16 16:08:22 BE8062EE338AAFCCDB4B5E7A12EF35E8 4427827 ----a-w- C:\Users\e\Downloads\usb3asmvstw7.exe 2014-06-04 12:09:28 90DB0DC7F88A778B4937A776DA737BA3 3441528 ----a-w- C:\Users\e\Downloads\Microsoft_Webcam_Driver_Update_06-2014.exe 2014-06-04 12:07:53 90DB0DC7F88A778B4937A776DA737BA3 3441528 ----a-w- C:\Users\e\Downloads\Microsoft_LifeCam_VX-800_Driver_Update_06-2014.exe 2014-06-03 16:03:28 -------- d-----w- C:\ProgramData\ATI 2014-05-27 11:28:09 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Documents 2014-05-26 14:47:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Videos 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Searches 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Saved Games 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Pictures 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Music 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Links 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Favorites 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Downloads 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Documents 2014-05-26 13:55:22 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Contacts 2014-05-20 10:32:30 -------- d-----w- C:\ProgramData\Protexis ====== C: exe-files == 2014-06-16 20:13:34 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\e\Downloads\MicrosoftFixit.Devices.LB.237326380401282642.1.1.Run.exe 2014-06-16 18:36:42 6992D29C19309E36DD849727B358E507 2014840 ----a-w- C:\Users\e\Downloads\DriverBoostPro_Setup.exe 2014-06-16 17:08:53 1C0D861D86894A6AC5763835F05C16D1 140288 ----a-w- C:\Program Files (x86)\Canon\ImageBrowser EX\MovieBinder.exe 2014-06-16 17:06:52 71D4C92EB377C56BFB002DE462FC836D 450672 ----a-w- C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Install\install.exe 2014-06-16 17:06:52 2B70388C12545B42507577D0414F007C 454776 ----a-w- C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe 2014-06-16 17:02:31 33274560C30EED3F8ED2848D510614F7 81920 ----a-w- C:\Program Files (x86)\Common Files\Canon\UPW\2.0.0.0\UPWClean.exe 2014-06-16 16:53:07 A90034756B9702C2ED0375433EC26C8E 7561808 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater_alt.exe 2014-06-16 16:09:02 3EE3E6CCAB119B71D1588BC4E3E85AC6 183209286 ----a-w- C:\Users\e\Downloads\gkati_rad_cat(vst).exe 2014-06-16 16:08:22 BE8062EE338AAFCCDB4B5E7A12EF35E8 4427827 ----a-w- C:\Users\e\Downloads\usb3asmvstw7.exe 2014-06-15 17:51:15 4F2AA3E7BD7257E4937E071E3700819E 810200 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-06-15 17:51:15 4AFAE8BAF6E85311AD78395C47351A1D 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-06-15 17:51:14 60F88F6CA6303E8273AF7AAA9AAFECAC 812248 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-06-15 17:51:14 50989AAF09CDCEBC0FD8EB0FE79C2A98 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-06-15 17:51:14 4076E62E061769E42186AE860007FA08 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-06-15 17:51:13 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-06-15 17:51:12 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-06-15 17:51:12 159C5979C61F51EEFC84D9AB17C4E0E7 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-06-15 17:51:11 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-15 17:51:09 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-06-15 17:51:07 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-06-15 17:50:46 511E0519B437C263E95EA46330312B7F 172224 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-06-15 17:50:45 EF15B0554634BD981BB718E9BF6EE891 46784 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe === C: other files == 2014-06-17 12:57:33 5236B474861533C283CEC266EC865F43 13792 ----a-w- C:\Users\e\Downloads\pcscd_autostart.pkg.zip 2014-06-16 17:04:40 87E1DA2F6E5203867E51848A6499F4A9 130974065 ----a-w- C:\Users\e\Downloads\ibxw-inst-1-1-0a-18-r2-9l.zip 2014-06-16 17:02:01 D0C0357209466CAC4EEA614580212C17 38224377 ----a-w- C:\Users\e\Downloads\zbx-upd-6-9-0a-1-u01-e.zip 2014-06-15 17:51:18 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-06-15 17:51:18 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Google+ Auto Backup"="C:\Users\e\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "Start WingMan Profiler"="C:\Program Files (x86)\Logitech\Profiler\lwemon.exe /noui" "WLSync"="C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe /background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Google+ Auto Backup"="C:\Users\e\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "Start WingMan Profiler"="C:\Program Files (x86)\Logitech\Profiler\lwemon.exe /noui" "WLSync"="C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "MedionReminder"="C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "MedionReminder"="C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey" ==== Startup Folders ====================== 2014-04-04 10:03:22 2103 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2014-06-16 17:07:00 1189 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27/05/2014 06:47] C:\Windows\tasks\DriverToolkit Autorun.job --a------ C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/02/2014 12:50] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/02/2014 12:50] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{1E13BE5A-49A9-4112-9864-8675D25138F9}" ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"] "C:\Windows\SysNative\tasks\{C112CF25-387B-45B5-89BD-A9B57712A791}" ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [04/04/2014 12:04] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [04/04/2014 12:04] ==== Chrome Look ====================== Google Docs - e\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - e\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - e\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - e\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - e\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - e\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\e\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.enhanced-search.com_0.localstorage deleted successfully C:\Users\e\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.enhanced-search.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.buenosearch.com/?babsrc=HP_ss&mntrId=FA25E0B9A536A1C8&affID=128492&tt=240414_16&tsp=5239" "Search Page"="http://www.google.com" "Default_Page_URL"="http://www.aldi.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{B2762573-1B1E-497B-8418-B2BFE9A6803A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {B2762573-1B1E-497B-8418-B2BFE9A6803A} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{828DC97A-2277-4E10-92A9-4907FA0922A9} deleted successfully HKEY_USERS\S-1-5-21-728976382-3213218996-1014119386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{828DC97A-2277-4E10-92A9-4907FA0922A9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{828DC97A-2277-4E10-92A9-4907FA0922A9} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\e\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files (x86)\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [WLSync] "C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe" /background O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\e\Desktop\BQCKUP My Data\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\e\Desktop\BQCKUP My Data\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8LEI7UL1 will be deleted at reboot C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D1LIK8BJ will be deleted at reboot C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPPPWHO5 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\e\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=160 folders=70 34486786 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\e\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\e\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Settings Manager\systemk\del_DM_LL_nsfD91F.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\favicon.ico" not deleted "C:\Program Files (x86)\Settings Manager\systemk\Helper.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\syskldr.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\syskldr_u.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemk.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemkbho.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemkChrome.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemkmgrc1.cfg" not deleted "C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\systemku.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\tbicon.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\Uninstall.exe" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\del_DM_LL_nsfD91F.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr_u.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\systemk.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\systemkbho.dll" not deleted "C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg" not deleted "C:\Program Files (x86)\Settings Manager\systemk" not deleted "C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8LEI7UL1" not found "C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D1LIK8BJ" not found "C:\Users\e\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPPPWHO5" not found ==== EOF on wo 18/06/2014 at 13:49:34,79 ======================