Zoek.exe v5.0.0.0 Updated 14-December-2014 Tool run by DELL on ma 15-12-2014 at 12:26:01,67. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\DELL\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-11-25-092855.log 48187 bytes C:\zoek-results2014-11-25-120049.log 1191 bytes C:\zoek-results2014-11-25-141513.log 52941 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\Universal Updater deleted successfully C:\Program Files\ReviverSoft deleted successfully C:\Users\DELL\AppData\Roaming\AdobeUM deleted successfully C:\Users\Administrator\AppData\Local\Comodo deleted successfully C:\Users\Administrator\AppData\Local\Google deleted successfully C:\Users\Gast\AppData\Local\Comodo deleted successfully C:\Users\Gast\AppData\Local\Google deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B568805-CBBD-4136-B14-FBD7832768CF} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4326D537-9C36-4BCF-9BE6-824394FA9A70} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58087C84-FDDF-4DE0-8872-1E45454283A} deleted successfully HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71C23089-F8B5-4F6F-A754-E520511A3769} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eec4279c-7ec0-4744-951f-d731e696f9c9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 20/20 v2.2 Acronis˙True˙Image˙Home Adobe Flash Player 15 Plugin Adobe Flash Player 16 ActiveX Adobe Reader 7.0.5 Afdrukpakket cd-dvd Apple Application Support Apple Mobile Device Support Apple Software Update Ashampoo Burning Studio 10 v.10.0.10 Ashampoo Burning Studio 14 v.14.0.5 Audacity 1.2.0 Bonjour calibre 64bit CDisplayEx 1.10.29 Compatibiliteitspakket voor het 2007 Microsoft Office system ContentHD Contents Corel PaintShop Photo Pro X3 Corel PaintShop Pro X6 Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition DeviceIO Download Navigator EPSON BX535WD Series Printer Uninstall Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) Epson Event Manager EPSON Scan EpsonNet Print Eye Candy 4000 FastStone Capture 5.3 FileZilla Client 3.8.0 FilterMeister 1.0 Beta 8.7 FM Patcher 1.01 Foxit Reader Gebruikershandleiding EPSON BX535WD Series Google Chrome HTML-Kit ICA iCloud IPM_PSP_COM IPM_PSP_COM64 IPM_PSP_Pro iTunes Java 8 Update 25 Java Auto Updater KPN Installatie Assistent Malwarebytes Anti-Malware versie 2.0.3.1025 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Antimalware Service NL-NL Language Pack Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office SharePoint Designer 2007 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office SharePoint Designer 2010 Microsoft Office SharePoint Designer MUI (Dutch) 2007 Microsoft Office SharePoint Designer MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft SharePoint Designer 2010 Microsoft Silverlight Microsoft SkyDrive Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 MLE Mpeg Layer3 Codec FHG-Radium v1.263 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) neroxml Netwerkhandleiding EPSON B42WD Series Netwerkhandleiding EPSON BX535WD Series NXPowerLite Photomatix Pro version 3.0 PIXresizer Plugin Commander Light 1.61 PSP Thumbnail Handler PSPH10Pro PSPPContent PSPPHelp PSPPRO_DCRAW PSPPro64 PureHD QuickTime 7 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Excel 2010 (KB2910902) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office SharePoint Designer 2007 (KB2596810) 32-Bit Edition Security Update for Microsoft SharePoint Designer 2010 (KB2810069) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2899519) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Servicetool Setup Share Share64 Simple Sticky Notes 2.4 SoundTap Streaming Audio Recorder Spotify Switch Sound File Converter Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition VIO VLC media player 1.1.11 Windows Media Encoder 9 Series WinRAR 4.00 (32-bit) ==== Running Processes ====================== C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Windows\SysWOW64\brss01a.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\SysWOW64\ENAgent.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Repair.exe C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe C:\Users\DELL\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KMService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KMService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UniversalUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\UniversalUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b786bdb3c67d deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\b786bdb3c67d deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaultenginename", "WebSearch"); user_pref("browser.startup.homepage", "http://websearch.searchmania.info/?pid=2800&r=2014/11/30&hid=2944326092898986235&lg=EN&cc=NL&unqvl=70"); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.selectedEngine", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.searchmania.info/?pid=2800&r=2014/11/30&hid=2944326092898986235&lg=EN&cc=NL&unqvl=70&l=1&q="); user_pref("browser.search.defaulturl", "http://websearch.searchmania.info/?pid=2800&r=2014/11/30&hid=2944326092898986235&lg=EN&cc=NL&unqvl=70&l=1&q=") user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); ---- FireFox user.js and prefs.js backups ---- user_15-12-2014_1245_.backup prefs_15-12-2014_1245_.backup ProfilePath: C:\Users\DELL\AppData\Roaming\Thunderbird\Profiles\yee9j9v7.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_15-12-2014_1245_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HostSecurePlugin"=- "HostSecurePlugin3"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SwvUpdtr"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Host Secure not found C:\Users\DELL\AppData\Local\9638 not found C:\Program Files (x86)\Universal Updater not found "C:\windows\SysNative\srvany.exe" not found C:\Program Files (x86)\BuyNsave deleted C:\Program Files (x86)\globalUpdate deleted C:\ProgramData\WindowsMangerProtect deleted C:\Program Files (x86)\f552dd4c52e3 deleted C:\PROGRA~2\Reimageplus.com deleted C:\Program Files\Common Files\System\SysMenu.dll deleted C:\Users\DELL\AppData\Roaming\EZDownloader deleted C:\Users\DELL\AppData\Local\Doctor_PC deleted C:\Users\DELL\AppData\Local\globalUpdate deleted C:\Users\DELL\AppData\Local\CrashRpt deleted C:\windows\SysNative\Tasks\DoctorPC_Popup deleted C:\windows\SysNative\Tasks\DoctorPC_Start deleted C:\Users\Public\Documents\ShopperPro deleted C:\Windows\tasks\BZTMYQ.job deleted C:\windows\SysNative\tasks\BZTMYQ deleted C:\Windows\tasks\IFE.job deleted C:\windows\SysNative\tasks\IFE deleted C:\Windows\tasks\RGVBKM.job deleted C:\windows\SysNative\tasks\RGVBKM deleted C:\Windows\tasks\UNWFZMY.job deleted C:\windows\SysNative\tasks\UNWFZMY deleted C:\windows\SysNative\Tasks\LaunchSignup deleted C:\windows\SysNative\tasks\YTDownloader deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted C:\windows\SysNative\tasks\SMupdate1 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted C:\END deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default\searchplugins\WebSearch.xml deleted C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default\extensions\staged deleted C:\Users\DELL\AppData\Roaming\BZTMYQ.exe deleted C:\Users\DELL\AppData\Roaming\IFE.exe deleted C:\Users\DELL\AppData\Roaming\RGVBKM.exe deleted C:\Users\DELL\AppData\Roaming\UNWFZMY.exe deleted C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com deleted C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default\extensions\ROUAILDE73397174@UXGZI17268980.com deleted "C:\Windows\syswow64\srvany.exe" deleted "C:\Users\DELL\AppData\Roaming\BZTMYQ" deleted "C:\Users\DELL\AppData\Roaming\IFE" deleted "C:\Users\DELL\AppData\Roaming\RGVBKM" deleted "C:\Users\DELL\AppData\Roaming\UNWFZMY" deleted "C:\Program Files\Common Files\System\SysMenu64.dll" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 1910 MB CPU Info: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz CPU Speed: 2656,7 MHz Sound Card: Luidsprekers (High Definition A | Luidsprekers (WsAudioDevice_383 | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Intel(R) Centrino(R) Advanced-N 6200 AGN | Bluetooth-apparaat (Personal Area Network) | Broadcom NetXtreme Gigabit Ethernet CD / DVD Drives: 1x (D: | ) D: TSSTcorpDVD+-RW TS-L633J Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 149,0GB Hard Disks - Free: C: 60,8GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 11/18/10 | DELL - 6222004 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 023HKR Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 35.0.1916.114 Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 35.0.1916.114 Adobe Reader version: 7.0.5.2005092300 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\DELL\AppData\Local\Temp ==== 2014-12-14 17:42:57 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\psmachine.dll 2014-12-14 17:42:57 A8A32FE07817511AA30D05B46FE44549 761856 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\goopdate.dll 2014-12-14 17:42:57 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\psuser.dll 2014-12-14 17:42:57 8CC38D4600B4F51C4D54ABDFD6889701 220672 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\npGoogleUpdate4.dll 2014-12-14 17:42:56 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdateHelper.msi 2014-12-14 17:42:56 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdateBroker.exe 2014-12-14 17:42:56 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdate.exe 2014-12-14 17:42:56 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdateOnDemand.exe 2014-12-14 17:42:56 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleCrashHandler.exe 2014-12-14 17:41:31 BCBA8747AB53932F8613C006444078E9 297672 ----a-w- C:\Users\DELL\AppData\Local\Temp\BackupSetup.exe 2014-12-14 17:41:28 C3C07B16BBF7D4E856BB7D99EAF3242D 13019600 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_9661\ins_cr.exe 2014-12-14 17:41:28 9908170B935B38AA6073C9E517EE7572 96464 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_9661\ins_jd.exe 2014-12-14 17:41:28 481186C9C050B88B3F21B1A7CF558DFF 6866725 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_9661\ins_ytd.exe 2014-12-14 17:41:12 0581C9EBE17BBA824F6D718C5876DFF0 1185152 ----a-w- C:\Users\DELL\AppData\Local\Temp\ytd_sysmenu_setup.exe 2014-12-14 09:42:59 668C31A099237A0CDA04ED87140DF308 222704 ----a-w- C:\Users\DELL\AppData\Local\Temp\tu17p84.exe 2014-12-14 09:32:38 3B59515D6422423C08F40792B281FA18 697949 ----a-w- C:\Users\DELL\AppData\Local\Temp\814185492340\Setup_product_8181.exe 2014-12-14 09:31:14 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\DELL\AppData\Local\Temp\SearchProtectINT.exe 2014-12-14 09:27:32 C0AADEB53F2231042313E5BC17164E5E 58562 ----a-w- C:\Users\DELL\AppData\Local\Temp\81418549234\GIX20637.exe 2014-12-14 09:27:23 9B1CDF717FBEC6C9B43E6CA2E87C834C 6857857 ----a-w- C:\Users\DELL\AppData\Local\Temp\Check.exe 2014-12-14 09:27:08 8FB710D824724384E0C370DC7CD8B92F 579928 ----a-w- C:\Users\DELL\AppData\Local\Temp\setup.exe 2014-12-14 09:23:25 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\psmachine.dll 2014-12-14 09:23:25 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\psuser.dll 2014-12-14 09:23:24 A8A32FE07817511AA30D05B46FE44549 761856 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\goopdate.dll 2014-12-14 09:23:24 8CC38D4600B4F51C4D54ABDFD6889701 220672 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\npGoogleUpdate4.dll 2014-12-14 09:23:24 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdateOnDemand.exe 2014-12-14 09:23:23 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdateHelper.msi 2014-12-14 09:23:23 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdateBroker.exe 2014-12-14 09:23:23 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdate.exe 2014-12-14 09:23:23 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleCrashHandler.exe 2014-12-14 09:22:31 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\psmachine.dll 2014-12-14 09:22:31 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\psuser.dll 2014-12-14 09:22:30 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdateHelper.msi 2014-12-14 09:22:30 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdateBroker.exe 2014-12-14 09:22:30 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdate.exe 2014-12-14 09:22:30 A8A32FE07817511AA30D05B46FE44549 761856 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\goopdate.dll 2014-12-14 09:22:30 8CC38D4600B4F51C4D54ABDFD6889701 220672 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\npGoogleUpdate4.dll 2014-12-14 09:22:30 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdateOnDemand.exe 2014-12-14 09:22:30 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleCrashHandler.exe 2014-12-14 09:20:20 DE2905BD4D4ED916B137646B931AB978 4690393 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_shopperpro.exe 2014-12-14 09:20:19 FCAEF60257A3A15CA82F3480CF0DA870 13063096 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_iwebar.exe 2014-12-14 09:20:19 F1816B36AC9B2199315699BB7A168AF9 6866708 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_ytd.exe 2014-12-14 09:20:19 E03A9109D9DB9329011B29F67A696782 12947024 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_cr.exe 2014-12-14 09:14:45 A082E5473B2A9A4D846ED7DDF637AC76 8704 ----a-w- C:\Users\DELL\AppData\Local\Temp\SpOrder.dll 2014-12-14 09:12:53 8DA552CDC61BDABF40ADCB6ECCF9E7E5 1248302 ----a-w- C:\Users\DELL\AppData\Local\Temp\ytdieamo_amodc_setup.exe 2014-12-14 09:11:27 1CC51F6F51318932F688B517586C261B 619200 ----a-w- C:\Users\DELL\AppData\Local\Temp\Corel KnockOut 2 v 2 77__10924_i1423646797_il1380787.exe 2014-12-13 03:22:46 7BA915519FC91B68D7C9326A8CF68A75 758664 ----a-w- C:\Users\DELL\AppData\Local\Temp\uobnyv04ydl6.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-14 11:36:22 D17954CA6343F43B62637F51996B4E95 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2014-12-14 11:36:22 60FBCF033FF42A40C916C01A962A8802 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2014-12-14 11:36:22 52096F5F476733F2E2725CF346FF373B 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll 2014-12-14 11:36:21 FF0A6E76FAE624AC74780AB008752F98 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll 2014-12-14 11:36:21 20257A0BFB824B49055A6EEC29C72C03 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll 2014-12-14 09:14:51 E75C8AAE15EBAB76958012EF7646966B 2408 ----a-w- C:\Windows\SysWOW64\abengineOff.ini 2014-12-14 09:14:51 E2C4072817DA38FA1159BA67C746DE46 4528 ----a-w- C:\Windows\SysWOW64\abengine.ini 2014-12-11 06:42:12 E1456E7396022EBE4E5434188D1AC8B0 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-11 06:42:02 BB25F69463AD8E7E51B5D9D158B5F8DF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-12-11 06:42:02 2EADED07BDA52C1FC5A6D4E1CC5858F0 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-11 06:42:01 F25284C763E728E4DAC248C211D1FC5B 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-12-11 06:42:00 F98B3860BB47089EA8C1504F043E90E9 342200 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-12-11 06:42:00 F34F6DC38A21FCDBB50CDD1EE97B1EA3 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-12-11 06:42:00 D7A98A4CEA2E89F544065A00BF37FC10 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-12-11 06:42:00 69AC6FD5B0B4DC963723E1EBDEE10A2C 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-12-11 06:42:00 2ABC5587D582ACCEA30B4CF968C2A4A5 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-11 06:42:00 220505B0B3E96C857DD01729AF0CD369 19749376 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-12-11 06:41:59 F0BCBD8FCDA145EED53ED66C45CC378B 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-12-11 06:41:59 DEB9476A3CD1A5819DD4504BB7C6BA66 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-12-11 06:41:59 41AFA61E061E98E97272AC02184C8C2C 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-12-11 06:41:58 543ADCEA31CF9C2B4EEB900D4AAFD0F9 2052096 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-12-11 06:41:57 EC5A3E4E21079B9D423AA0760828D678 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-12-11 06:41:57 759E2FAD5371512C6679FA346719493E 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-12-11 06:41:57 01777AB557997E98691E322225314E57 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-12-11 06:41:56 D90585C3BE942DAAFBDC868FDC061844 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 06:41:56 35BD045804B67E78F4CAB72CB820AF7F 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-12-11 06:41:55 CF9D05678B02B44FBC8D8AD8C9F30D58 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-12-11 06:41:55 B59E370277EDB6643083B62297175628 12836864 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-12-11 06:41:53 F728E7E9937117E0F32F39840EB6D737 4299264 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-12-11 06:41:53 2E9E105037AC1274656C3D1125323352 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-11 06:41:52 5E4E0E43E0A5BF9F089696DFA7A3D677 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-12-11 06:41:52 37F078B5B435AFC6BF316F2AD14B469A 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-12-11 06:41:51 930F63D6BC43D4BCD937DFCECDA95F82 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-12-11 06:41:51 29CED1A4777A43526A4ED8A7B6936883 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-11 06:41:12 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe 2014-12-11 06:41:10 B6AC69FFBAA159DD5CEED814245A286D 214016 ----a-w- C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-11 06:41:10 2C28FEC61C4AC68480A99CB7AA197FA9 248832 ----a-w- C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-11 06:41:10 1DE9BD23AFA36150586C732D876D9B74 1177088 ----a-w- C:\Windows\SysWOW64\WsmSvc.dll 2014-12-11 06:41:09 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-11 06:41:07 5D9A1A3E5824CECE65871C60E5A08A1A 145920 ----a-w- C:\Windows\SysWOW64\WsmAuto.dll 2014-12-11 06:41:03 50C73E54062BA252350F3F29580E28DA 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-14 11:36:22 AB2EB93A982A2C26BA3E4D2D65328804 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2014-12-14 11:36:22 68E09E7CD4DC52F132A4B492ACE8C243 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe 2014-12-14 11:36:22 63578DB847FCC40883CB8F303E785D46 2048 ----a-w- C:\Windows\Sysnative\mferror.dll 2014-12-14 11:36:21 9797A23F773C0782A0D91BEC44054166 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2014-12-14 11:36:20 6E1DDE0E72FB8268F42F6777CE4C5036 4121600 ----a-w- C:\Windows\Sysnative\mf.dll 2014-12-14 09:14:51 BE7B232BE1CF5E9CA80FACEACE09D1D1 2408 ----a-w- C:\Windows\Sysnative\abengineOff.ini 2014-12-11 06:42:13 A9A0BFD706B3A24C403EEFEB0790D011 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2014-12-11 06:42:02 D471F7A428C21DB04D810445D12D68E0 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-12-11 06:42:02 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-12-11 06:42:00 F987718A5CA053DC23E94A531F1754A4 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-12-11 06:42:00 9F07E8FC75C5F98A783ABFD3005EFC22 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-12-11 06:42:00 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-12-11 06:42:00 077AEB068A51B396F25BBCAB0944FC3A 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-12-11 06:41:58 E7A2061ADF0F4D430FECDA1E8D6B7BA6 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-12-11 06:41:58 5BF0BAA1E5EF724287565E97C9219254 389296 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-12-11 06:41:57 B4E481E9498CE22113628C4E9EA24427 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-12-11 06:41:56 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-12-11 06:41:56 0AF0AEF0BA9EF6169E61C78504DCAE55 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-12-11 06:41:55 14BA910E7731FC84EB85328BD0F1EE81 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-12-11 06:41:54 EFBA893429814EA3244C87C2D1256618 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-12-11 06:41:54 3FE71E2A5BD3EC652E64FC8BCEFEDD2C 2125312 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-12-11 06:41:54 23AE7A3B44D5C550B81347288CE3230E 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-12-11 06:41:53 982B871A25B5078093FAD82D0AB0E3FC 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-12-11 06:41:52 DFECAE6D925FBC9078870E16F98C471F 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-12-11 06:41:52 5F24313333AB409251152CAFADA40015 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-12-11 06:41:46 F7CCA58B973FB5EAED8D1F12DD3E51F6 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-12-11 06:41:46 8EF01E2EF21D41A23FF70B28179F9ABE 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-12-11 06:41:44 556D271F4243B273EDA353512BF3608A 14412800 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-12-11 06:41:43 DB10D681314714E0D4623E4C0CF6654A 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-12-11 06:41:43 7AC115968B8856004920057B2271224C 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-12-11 06:41:43 021DFF3CB0ADCD19B3AAA00A650FDEE2 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-12-11 06:41:42 8D64466AD12CA5677CD0099C43C58569 6039552 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-12-11 06:41:41 1D294810D3A8A8F722E86AA001F54DCC 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-12-11 06:41:39 4AF089160FE082E5EA5C4AA72782DCA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-12-11 06:41:36 89296EF4A3729A049DA25B7D67A04078 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-12-11 06:41:36 17A157A4225CF562202AC71DB8103177 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-12-11 06:41:32 D478A4CF07FB8ADF72FB16B88E8030B8 25059840 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-12-11 06:41:20 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\Sysnative\charmap.exe 2014-12-11 06:41:11 D929ABD465A2DED963DA8B30946A8D5C 2020352 ----a-w- C:\Windows\Sysnative\WsmSvc.dll 2014-12-11 06:41:10 FDEB5EE2E4DB9DE9251DDAF6A5BCA070 346624 ----a-w- C:\Windows\Sysnative\WSManMigrationPlugin.dll 2014-12-11 06:41:10 9B44CABE3536D0E3BF627176318AAFC9 181248 ----a-w- C:\Windows\Sysnative\WsmAuto.dll 2014-12-11 06:41:10 5C642B7B0365305451D579F3EFAD57D4 310272 ----a-w- C:\Windows\Sysnative\WsmWmiPl.dll 2014-12-11 06:41:10 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\Sysnative\WSManHTTPConfig.exe 2014-12-11 06:41:03 A026998E927FD2095505154CBD72F35B 2048 ----a-w- C:\Windows\Sysnative\tzres.dll ====== C:\Windows\Sysnative\drivers ===== 2014-12-11 06:42:10 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys ====== C:\Windows\Tasks ====== 2014-12-14 12:06:35 520941863F603707256868ACE4FE5C87 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-14 12:06:35 208D2FFC0C6B421576F1FE98FC263B4B 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-12-14 12:06:32 6502E06671304B300121AD393CD72CE4 3796 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-12-14 12:06:29 B204B16A9930F2E73C56C2E2FEA166A7 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-14 09:14:25 1155428E615A08FC5908BD8767941CD3 3084 ----a-w- C:\Windows\Sysnative\Tasks\upfs7235 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-12-14 09:32:40 -------- d-----w- C:\PROGRA~2\MiniGet 2014-12-14 09:20:05 -------- d-----w- C:\PROGRA~2\0ca45c95134d 2014-12-14 09:14:13 -------- d-----w- C:\PROGRA~2\Flwsrf 2014-11-30 16:10:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-11-23 19:21:37 -------- d-----w- C:\PROGRA~2\doctorpclab.com ======= C: ===== ====== C:\Users\DELL\AppData\Roaming ====== 2014-12-14 09:32:43 -------- d-----w- C:\Users\DELL\AppData\Roaming\MiniGet 2014-11-30 11:25:28 -------- d-----w- C:\Users\DELL\AppData\Roaming\RHEng 2014-11-25 14:11:32 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-11-25 14:11:32 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-11-25 14:11:32 -------- d-----w- C:\Users\Public\AppData\Local\temp 2014-11-25 14:11:32 -------- d-----w- C:\Users\Eye Candy 4000\AppData\Local\temp 2014-11-25 14:11:32 -------- d-----w- C:\Users\DELL\AppData\Local\Temp 2014-11-25 14:11:32 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-11-25 14:11:32 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2014-11-24 10:13:03 -------- d-----w- C:\Users\DELL\AppData\Locallow\Dr. PC 2014-11-19 11:02:10 -------- d-----r- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-11-19 10:08:16 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Fighters ====== C:\Users\DELL ====== 2014-12-14 13:33:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64 (1).exe 2014-12-14 12:08:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-14 09:13:37 4D0EE724A29F2E3FD70DF1CE12485763 310720 ----a-w- C:\Users\DELL\Downloads\Corel KnockOut 2 v 2 77_10924_i5556587_il345.exe 2014-12-01 09:56:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-11-30 16:29:42 -------- d-----w- C:\ProgramData\3872871776 2014-11-30 16:26:01 -------- d-----w- C:\ProgramData\ngloolpkfjmafeofahiibfobledoikdn 2014-11-30 16:22:21 -------- d-----w- C:\ProgramData\Trusted Publisher 2014-11-30 16:20:43 -------- d-----w- C:\ProgramData\3568271937775203904 2014-11-30 16:20:21 -------- d-----w- C:\ProgramData\jgpamompenikgebajlaoofpplfhhhnel 2014-11-30 16:09:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-30 16:08:43 -------- d-----w- C:\ProgramData\Oracle 2014-11-18 19:38:09 -------- d-----w- C:\Users\Public\Documents\kpn 2014-11-18 19:18:26 -------- dc-h--w- C:\ProgramData\{40571C04-FADC-4CD9-AA4C-CF43208480CA} ====== C: exe-files == 2014-12-14 17:42:56 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdateBroker.exe 2014-12-14 17:42:56 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdate.exe 2014-12-14 17:42:56 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleUpdateOnDemand.exe 2014-12-14 17:42:56 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.247412\GoogleCrashHandler.exe 2014-12-14 17:41:31 BCBA8747AB53932F8613C006444078E9 297672 ----a-w- C:\Users\DELL\AppData\Local\Temp\BackupSetup.exe 2014-12-14 17:41:28 C3C07B16BBF7D4E856BB7D99EAF3242D 13019600 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_9661\ins_cr.exe 2014-12-14 17:41:28 9908170B935B38AA6073C9E517EE7572 96464 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_9661\ins_jd.exe 2014-12-14 17:41:28 481186C9C050B88B3F21B1A7CF558DFF 6866725 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_9661\ins_ytd.exe 2014-12-14 17:41:12 0581C9EBE17BBA824F6D718C5876DFF0 1185152 ----a-w- C:\Users\DELL\AppData\Local\Temp\ytd_sysmenu_setup.exe 2014-12-14 13:33:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64 (1).exe 2014-12-14 12:07:07 3AF5806AAB54D86CDA7AAA034FD2C35E 38382160 ----atw- C:\Program Files (x86)\Google\Update\Install\{77290F97-C988-48FC-891F-946F80EBE2FE}\chrome_installer.exe 2014-12-14 12:07:01 3AF5806AAB54D86CDA7AAA034FD2C35E 38382160 ----atw- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.114\chrome_installer.exe 2014-12-14 12:06:10 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe 2014-12-14 12:06:10 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe 2014-12-14 12:06:08 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2014-12-14 12:06:08 3E7A239DE9FD3A81C336F28B0C7C84B3 39809104 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe 2014-12-14 12:06:05 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe 2014-12-14 12:06:04 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe 2014-12-14 12:06:04 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe 2014-12-14 12:06:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe 2014-12-14 11:36:22 D17954CA6343F43B62637F51996B4E95 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2014-12-14 11:36:22 AB2EB93A982A2C26BA3E4D2D65328804 24576 ----a-w- C:\Windows\System32\mfpmp.exe 2014-12-14 11:36:22 68E09E7CD4DC52F132A4B492ACE8C243 55808 ----a-w- C:\Windows\System32\rrinstaller.exe 2014-12-14 11:36:22 60FBCF033FF42A40C916C01A962A8802 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2014-12-14 09:42:59 668C31A099237A0CDA04ED87140DF308 222704 ----a-w- C:\Users\DELL\AppData\Local\Temp\tu17p84.exe 2014-12-14 09:32:38 3B59515D6422423C08F40792B281FA18 697949 ----a-w- C:\Users\DELL\AppData\Local\Temp\814185492340\Setup_product_8181.exe 2014-12-14 09:31:14 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\DELL\AppData\Local\Temp\SearchProtectINT.exe 2014-12-14 09:27:32 C0AADEB53F2231042313E5BC17164E5E 58562 ----a-w- C:\Users\DELL\AppData\Local\Temp\81418549234\GIX20637.exe 2014-12-14 09:27:23 9B1CDF717FBEC6C9B43E6CA2E87C834C 6857857 ----a-w- C:\Users\DELL\AppData\Local\Temp\Check.exe 2014-12-14 09:27:08 8FB710D824724384E0C370DC7CD8B92F 579928 ----a-w- C:\Users\DELL\AppData\Local\Temp\setup.exe 2014-12-14 09:23:24 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdateOnDemand.exe 2014-12-14 09:23:23 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdateBroker.exe 2014-12-14 09:23:23 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleUpdate.exe 2014-12-14 09:23:23 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.181469\GoogleCrashHandler.exe 2014-12-14 09:22:30 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdateBroker.exe 2014-12-14 09:22:30 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdate.exe 2014-12-14 09:22:30 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleUpdateOnDemand.exe 2014-12-14 09:22:30 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\DELL\AppData\Local\Temp\comh.456082\GoogleCrashHandler.exe 2014-12-14 09:20:20 DE2905BD4D4ED916B137646B931AB978 4690393 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_shopperpro.exe 2014-12-14 09:20:19 FCAEF60257A3A15CA82F3480CF0DA870 13063096 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_iwebar.exe 2014-12-14 09:20:19 F1816B36AC9B2199315699BB7A168AF9 6866708 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_ytd.exe 2014-12-14 09:20:19 E03A9109D9DB9329011B29F67A696782 12947024 ----a-w- C:\Users\DELL\AppData\Local\Temp\Install_28718\ins_cr.exe 2014-12-14 09:13:37 4D0EE724A29F2E3FD70DF1CE12485763 310720 ----a-w- C:\Users\DELL\Downloads\Corel KnockOut 2 v 2 77_10924_i5556587_il345.exe 2014-12-14 09:12:53 8DA552CDC61BDABF40ADCB6ECCF9E7E5 1248302 ----a-w- C:\Users\DELL\AppData\Local\Temp\ytdieamo_amodc_setup.exe 2014-12-14 09:11:27 1CC51F6F51318932F688B517586C261B 619200 ----a-w- C:\Users\DELL\AppData\Local\Temp\Corel KnockOut 2 v 2 77__10924_i1423646797_il1380787.exe 2014-12-13 03:22:46 7BA915519FC91B68D7C9326A8CF68A75 758664 ----a-w- C:\Users\DELL\AppData\Local\Temp\uobnyv04ydl6.exe 2014-12-13 03:21:12 E22D027692B79925CCD9A7F4EDDE10CA 696320 ----a-w- C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe 2014-12-11 06:42:02 0FABE2AB8CA2D5CC7C95798533B4D057 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-12-11 06:42:00 A8A8FD02E3A9264A603892DE1F522166 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-12-11 06:42:00 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-12-11 06:41:59 B7BCC767AC0E76384BCDC292184DD8C8 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-12-11 06:41:58 43CE0C99DBC0F96DB2B7259B0BE0930E 468992 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-12-11 06:41:57 A24BFBAE8B50A6780B68FF3673FAB52F 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-12-11 06:41:56 EBC8C9F61F4C148B8C6A28EDE80C51E4 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-12-11 06:41:56 D90585C3BE942DAAFBDC868FDC061844 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 06:41:54 C3D17F3199D39A2AB85956A63731F188 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-12-11 06:41:53 2A9DA9E7462EBA3F6D2036E8D18FF773 813744 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-12-11 06:41:52 5F24313333AB409251152CAFADA40015 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-12-11 06:41:20 36E5E9D0400475230A7F57F274B88321 165888 ----a-w- C:\Windows\System32\charmap.exe 2014-12-11 06:41:12 9EA3783672D21817B9DF1061B54C3B3C 155136 ----a-w- C:\Windows\SysWOW64\charmap.exe 2014-12-11 06:41:10 41457C1909F6D1100C0F9B9CFF7960FC 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe 2014-12-11 06:41:09 B975C202F590BBC5AA63225FBD148791 198656 ----a-w- C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-11 06:41:03 BE8F985609BE0809B7E29960AC997511 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe === C: other files == 2014-12-15 08:32:58 FC55EEE52A776C1E5D3152FE3E54539D 1430210 ----a-w- C:\Users\DELL\Downloads\596161.zip 2014-12-11 06:42:10 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "Spotify Web Helper"="C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Google Update"="C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe /c" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" "Simple Sticky Notes"="C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe" "EPLTarget\P0000000000000002"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000002 /M Epson Stylus Office BX535WD" "EPLTarget\P0000000000000003"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000003 /M Epson Stylus Office BX535WD" "LiveSupport"="C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "Standby"="c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Servicetool"="C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "Spotify Web Helper"="C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Google Update"="C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe /c" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" "Simple Sticky Notes"="C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe" "EPLTarget\P0000000000000002"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000002 /M Epson Stylus Office BX535WD" "EPLTarget\P0000000000000003"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000003 /M Epson Stylus Office BX535WD" "LiveSupport"="C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "HostSecurePlugin"="C:\Program Files (x86)\Host Secure\HostSecure.exe" "HostSecurePlugin3"="C:\Program Files (x86)\Host Secure\HostSecure.exe" ==== Startup Folders ====================== 2014-11-26 08:16:57 1256 ----a-w- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-01-10 21:05:31 2048 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2014 13:02] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-12-2014 13:05] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000UA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000Core" [C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000UA" [C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\upfs7235" [C:\PROGRA~2\Flwsrf\upfs7235.exe] "C:\Windows\SysNative\tasks\{2CEBD3C1-8B80-4E17-80E7-E35F56793018}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{5E8F5F64-C672-480A-B9D7-D5A97D528A31}" [C:\Users\DELL\Desktop\regedit.exe] "C:\Windows\SysNative\tasks\{6C3C0A90-402B-4F5E-A829-BE630018D5CB}" [C:\Program Files (x86)\byLight\2020\2020.exe] "C:\Windows\SysNative\tasks\{768738BE-F51C-41B2-9CEC-36AFD5B77F1B}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{858E836B-9B19-40B5-9F3A-877C201715F1}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{98A8F3EF-38EE-4563-BA85-8B04001F4E19}" [C:\Users\DELL\Documents\Eyecandy3.1\Eyecandy3.1\301PATCH.EXE] "C:\Windows\SysNative\tasks\{9AA12B15-FC4B-4F3A-BF15-155BA3B69259}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{9CA753FE-D476-4B0F-A38E-16EE3BB1EFD2}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{BB4B5DE4-3F8E-492A-ACA4-1F04645E72E6}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{CFDF3649-0DFB-4067-BA86-0A9EF7EBCFB4}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe] "C:\Windows\SysNative\tasks\{F2627C0D-8562-4900-ADCA-98FBA40D1DA8}" [C:\Users\DELL\Documents\Eyecandy3.1\Eyecandy3.1\301PATCH.EXE] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\NCH Swift Sound\soundtapShakeIcon" [C:\Program Files (x86)\NCH Swift Sound\SoundTap\SoundTap.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default - chineseperakungmailcom - %ProfilePath%\extensions\chineseperakun@gmail.com - Undetermined - %ProfilePath%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a} ProfilePath: C:\Users\DELL\AppData\Roaming\Thunderbird\Profiles\yee9j9v7.default - Undetermined - %ProfilePath%\extensions\staged-xpis - Statusbar Date - %ProfilePath%\extensions\statusbardate@webspirited.com.xpi - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 35.0.1916.114 (Possible outdated, latest Stable version: 39.0.2171.95) Missing e - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid Comodo Web Inspector - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn Object Browser - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan Image Properties Context Menu - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon Comodo Share Page Service - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Cricwaves - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ogkedgpbfenekaceibcobmmgdbokmndm Google Docs - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Preferences "homepage": "http://websearch.searchmania.info/?pid=2800&r=2014/11/30&hid=2944326092898986235&lg=EN&cc=NL&unqvl=70", C:\Users\DELL\AppData\Local\Google\Chrome\User Data\default\Preferences "homepage": "http://www.google.com/", "startup_urls": [ "http://www.google.com/" ], ==== Chromium Fix ====================== C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid deleted successfully C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\khagclindddokccfbmfmckaflngbmpon deleted successfully C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582" "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1418548424&from=amt&uid=WDCXWD1600BEVT-75A23T0_WD-WX11A11M9582M9582&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="https://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {094623FD-0882-4581-B15F-0850E1DF9835} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" {45F215C4-7DDB-4673-88B7-72DA458A0A1B} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" {497EF518-8FDE-4404-9C3B-EBA8D1492014} Google Url="https://www.google.com/search?q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PLXB_nlNL604" {AA9CB244-84A2-4F2D-889B-54AB47D100A7} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" {D9135E14-DE1C-4FE1-B1A0-D5DE8755E5AE} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Servicetool] C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe O4 - HKCU\..\Run: [Simple Sticky Notes] C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000002" /M "Epson Stylus Office BX535WD" O4 - HKCU\..\Run: [EPLTarget\P0000000000000003] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000003" /M "Epson Stylus Office BX535WD" O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Epson Redirect Agent (ENAgent) - SEIKO EPSON CORPORATION - C:\Windows\SysWOW64\ENAgent.exe O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DELL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DELL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8EPL9TMK will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\DELL\AppData\Local\Mozilla\Firefox\Profiles\vvyzlx5u.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\DELL\AppData\Local\Google\Chrome\User Data\default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2379 folders=429 229348042 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\DELL\AppData\Local\Temp will be emptied at reboot C:\Users\Eye Candy 4000\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\DELL\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\DELL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8EPL9TMK" deleted ==== EOF on ma 15-12-2014 at 13:01:42,08 ======================