Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by ANTONIO on di 05/05/2015 at 21:10:13,64. Running in: Normal Mode Internet Access Detected Launched: C:\Users\ANTONIO\Desktop\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== Failed to create System Restore Point ==== Empty Folders Check ====================== C:\Users\ANTONIO\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer AAC Decoder ACDSee Pro 2 Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 17 ActiveX Adobe Reader X (10.1.13) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 11.6 Alcatech BPM Studio Professional v4.9.1 Alt.Binz 0.25.0 Apple Application Support Apple Software Update Asterisk Key 10.0 AutoUnpack 4.4.4 AutoUpdate AVI DivX to DVD SVCD VCD Converter 4.0.0822 AVS Update Manager 1.0 AVS Video Converter 6 Belastingen 2009 versie 1.x Belastingen 2010 versie 1.x Belastingen 2013 versie 1.x Belastingen 2014 versie 1.x Belgium e-ID middleware 4.0.7 (build 7466) BS.Player FREE BufferChm C310 CADdy++ - SEE Camera RAW Plug-In for EPSON Creativity Suite CardRecovery 5.30 CCleaner Combined Community Codec Pack 2009-09-09 Compatibiliteitspakket voor het 2007 Microsoft Office system CompuApps SwissKnife V3 ConvertXtoDVD 4.0.3.312 CoreAAC CyberLink PowerDVD 10 CyberLink PowerDVD 9 D3DX10 Destinations DeviceDiscovery Dicom Viewer Demo (Rubo) DicomWorks 1.3.5b DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Version Checker DivX Web Player Document Express DjVu Plug-in Doxillion Document Converter Dropbox DVD Decrypter (Remove Only) DVD Profiler Version 3.5.1 DVD Shrink 3.2 DVD to DivX Converter 4 dvdSanta 4.50 ECOhome 2009b EPSON-printersoftware Facebook Video Calling 3.1.0.521 Firebird SQL Server - MAGIX Edition Foxit Reader Free YouTube to MP3 Converter version 3.9.31 FSC OSD Utility Fujitsu Siemens Computers Recovery GoGear VIBE Device Manager Google Chrome Google Drive Google Earth Google Earth Pro Google SketchUp Pro 7 Google Toolbar for Internet Explorer Google Update Helper Google+ Auto Backup GPBaseService2 GrabIt 1.7.2 Beta 4 (build 997) H.264 Decoder Home'Bank Light 3.3.3 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 HP Solution Center 14.0 HP Update HPAppStudio HPPhotoGadget HPProductAssistant HPSSupply ImagXpress ImgBurn Intel(R) Graphics Media Accelerator Driver IrfanView (remove only) Java 8 Update 25 Java 8 Update 31 Java Auto Updater Junk Mail filter update Launch Manager LCP 5.04 LifeTV MAGIX Foto Manager MX MAGIX Photo Designer 7 Malwarebytes Anti-Malware versie 2.0.4.1028 MarketResearch Maxtor Manager Media Converter for Philips Media Player Product Tool 5.25 MediaPortal MEDION GoPal Assistant Medion GoPal Assistant 4.03.006 Mesh Runtime Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Rekenmachine Plus Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MKV Splitter Mozilla Firefox 34.0.5 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 17.0.2 (x86 nl) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MultiStage Recovery 4 MyFreeCodec Nero 8 Essentials Nero Burning ROM Help Nero ControlCenter Nero Vision neroxml Network Norton Ghost NZB finder Off-linediensten van Home'Bank 5.21 OGA Notifier 2.0.0048.0 Onis 2.3 Free Edition OpenOffice.org 3.0 Opera 9.64 Paragon Drive BackupT 9 Personal Edition Password Spectator PC Connectivity Solution PC Inspector File Recovery PDF Architect PDFCreator Picasa 3 Picture Resize 5.1.3 Pinkhof Geneeskundig woordenboek PS_AIO_07_C310_SW_Min QuickPar 0.9 QuickTime 7 QuickTransfer Realtek High Definition Audio Driver REALTEK Wireless LAN Driver and Utility Recover My Files Recuva Revo Uninstaller 1.95 SA304x Device Manager SA304x Media Converter SABnzbd (remove only) SAMSUNG Intelli-studio Samsung Kies Samsung New PC Studio Samsung New PC Studio USB Driver Installer SAMSUNG USB Driver for Mobile Phones SamsungConnectivityCableDriver Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition SeePassword Segoe UI Shockwave Director 11.0.3 Shop for HP Supplies SIW version 2009.10.22 SkypeT 7.0 SmartWebPrinting SolutionCenter Spybot - Search & Destroy SSC Service Utility v4.30 Status Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) SUPERAntiSpyware swMSM Synaptics Pointing Device Driver SystemDiagnostics Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TomTom HOME TomTom HOME Visual Studio Merge Modules Toolbox TrayApp TuneUp Utilities 2013 TuneUp Utilities Language Pack (nl-NL) TweakVI Ultra DVD to DivX Converter 3.0.1228 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2965207) 32-Bit Edition Update voor het stuurprogramma voor Windows Mobile Apparaatcentrum Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB Storage Driver VC80CRTRedist - 8.0.50727.4053 VCRedistSetup VirtualCloneDrive VLC media player 1.0.1 WebcamTest WebReg wGXe Photo Recovery Windows-stuurprogrammapakket - Nokia pccsmcfd (10/12/2007 6.85.4.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver WinUtilities 9.2 WinUtilities 9.4 Professinal Edition Xilisoft Video Converter Ultimate ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Windows\System32\mobsync.exe C:\Users\ANTONIO\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\FsUsbExService.Exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\Program Files\PDF Architect\HelperService.exe C:\Program Files\PDF Architect\ConversionService.exe C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtWlan.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\ANTONIO\Desktop\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Windows\system32\appdata deleted C:\Program Files\DownShotFree_e0 deleted C:\Users\ANTONIO\AppData\Roaming\DownShotFree_e0 deleted C:\Users\ANTONIO\AppData\Roaming\ParetoLogic deleted C:\Users\ANTONIO\AppData\Roaming\DriverCure deleted C:\PROGRA~2\ParetoLogic deleted ==== System Specs ====================== Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002) Memory (RAM): 2908 MB CPU Info: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz CPU Speed: 2158,1 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1680 X 945 - 16 bit Network: Network Present Network Adapters: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCDDVDW TS-L633A | F: ELBY CLONEDRIVE Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 92,2GB | D: 131,9GB Hard Disks - Free: C: 2,1GB | D: 61,1GB Manufacturer *: BIOS Info: AT/AT COMPATIBLE | 02/04/09 | FSC - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 34.0.5 (x86 nl) Google Chrome version: 42.0.2311.135 Adobe Reader version: 10.1.13.16 Sun Java version: 1.8.0_31 (32-bit) Shockwave Player version: 11.6.1r629 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ANTONIO\AppData\Local\Temp ==== 2015-05-05 19:02:28 C9889FA47FA63E6257B7A966C40BE286 43008 ----a-w- C:\Users\ANTONIO\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeqrk_m.dll 2015-05-04 20:27:27 91C8795E21A181B9CF9B42B7150A8BDE 307400 ----a-w- C:\Users\ANTONIO\AppData\Local\Temp\InstHelper.exe ====== Java Cache ===== 2015-05-02 19:44:00 4BA68B1AF72A39A5706AD48784A7C4FF 179385 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\30e05300-6d0613a7 2015-05-02 19:43:59 5CEEF80373C22E8501AFF1A0D6E09996 56813 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\126ed74e-53eb2139 2015-05-02 19:43:59 899403C509EE6FA74420BD84D7EB4A3D 102477 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\54b49f9b-624b1953 2015-05-02 19:43:47 13E988C5D265FD64C5177129111DAF1C 3859 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\125f995d-7e290916 2015-05-02 19:43:58 68582E414BC09D05A2E8F01605A8DDC8 11080 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\13b897e6-44adcce0 2015-05-02 19:43:59 298FE95DDCF409E14410A8B289DC4894 614987 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\17cd0aa6-7b690303 2015-05-02 19:43:38 FAD1C515B344AAC2460258AEB305CB38 245684 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\198577e6-676444fc 2015-05-02 19:43:40 B68C475CD5AEE9EA3311760F213E439B 6467 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\2fb889a6-7cefe392 2015-05-02 19:44:01 5C51ECE75E13045E9A37399A294292B8 69826 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\1d2912e7-17342710 2015-05-02 19:44:04 76EA082CF4E29D4177A078154B5AF778 5370 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\556c7268-4d43ed08 2015-05-02 19:43:36 0C044AA126FBC7BBAD0E894B8A323A66 433 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\31adec72-198ab5b2a35ca98946e2dc7b05a99b23d9dee0130be83b4b957a1ca402dcc81b-6.0.lap 2015-05-02 19:43:49 411F007403AF004ED67418C23D76DA68 9799 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\1f02b7b3-48c2d57e 2015-05-02 19:43:58 B0E55F47D4D7F205EEC19A4C71122036 71719 ----a-w- C:\Users\ANTONIO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\6b714034-44c70e21 ====== C:\Windows\system32 ===== 2015-04-28 20:27:12 AC841E83E5B0914C700D236AC2E84BB0 369664 ----a-w- C:\Windows\System32\WMPhoto.dll 2015-04-28 20:26:50 217B3071BA854D5D704EE24CFF7E5F9C 975360 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2015-04-28 20:26:33 BFC1892FFA0E8D3351EF59D6E3F39A2F 1249280 ----a-w- C:\Windows\System32\msxml3.dll 2015-04-28 20:26:11 9F0BF29BB9D6E77C6F909412FB052F1D 2064384 ----a-w- C:\Windows\System32\win32k.sys 2015-04-28 20:14:40 1359F3CD7DF4D105C6C70CCE671F8520 297984 ----a-w- C:\Windows\System32\gdi32.dll 2015-04-28 20:14:24 5D9311526801643000D7032A83B18B12 244152 ----a-w- C:\Windows\System32\clfs.sys 2015-04-28 20:14:24 2FF4B8BA9805BABA5E8FB923AF44F480 57344 ----a-w- C:\Windows\System32\clfsw32.dll 2015-04-28 20:13:46 E33CD56F2F344658C6000821611BBBD7 1205168 ----a-w- C:\Windows\System32\ntdll.dll 2015-04-28 20:13:46 D9DD1D278927A9CD5FF135887928C8EC 49152 ----a-w- C:\Windows\System32\csrsrv.dll 2015-04-28 20:13:46 B5C66E0B251D954D6CED30E4FDB07792 64000 ----a-w- C:\Windows\System32\smss.exe 2015-04-28 20:13:45 952EA6E27E3A16F02F85C10BB7F4752A 3552184 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-04-28 20:13:45 377602E869DA9C05AC67CA3A5019A051 3604920 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-04-28 20:13:16 ED1E4D1CA97596E0871C1F59AC4DE8F0 34304 ----a-w- C:\Windows\System32\atmlib.dll 2015-04-28 20:13:16 AB272D0B2EF1C79E43E7744D098352B2 296960 ----a-w- C:\Windows\System32\atmfd.dll 2015-04-28 20:12:49 259F6A6294AF75E74F93F480E05F264A 807936 ----a-w- C:\Windows\System32\msctf.dll 2015-04-28 20:12:11 2D357C80ABB17CFACB7B552BC9CC8548 279040 ----a-w- C:\Windows\System32\schannel.dll 2015-04-28 20:11:09 2BF660554AD726BD43869E2A452B547F 11587584 ----a-w- C:\Windows\System32\shell32.dll 2015-04-28 19:39:16 BAC7D3632B09A5DF7D2BD067933E49E0 2264064 ----a-w- C:\Windows\System32\msi.dll 2015-04-27 18:38:41 C1BC2B2E0AA56E9C28299273C86A73E4 421376 ----a-w- C:\Windows\System32\vbscript.dll 2015-04-27 18:38:41 9B1B09743E49F4E2364C34203F843844 11776 ----a-w- C:\Windows\System32\mshta.exe 2015-04-27 18:38:40 686DFDA82EE2DBE1F58A48C9E3093996 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2015-04-27 18:38:40 67DB0E50E830E45BA24AA7B1B2143B93 1139200 ----a-w- C:\Windows\System32\urlmon.dll 2015-04-27 18:38:39 E8DFFB36F1120DC1DB7C0BCBCF1640AD 231936 ----a-w- C:\Windows\System32\url.dll 2015-04-27 18:38:39 E6DE7F4A4BF8CD9E5C4F9466981892EC 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-04-27 18:38:39 E38129C89502D27580368D9762B6AFC6 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2015-04-27 18:38:39 B4AAF0FD9C32478889639DE464B21DA0 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2015-04-27 18:38:39 052A629983DD1A2116629293D02B1B58 1803264 ----a-w- C:\Windows\System32\iertutil.dll 2015-04-27 18:38:37 B76F31C79764D2D8835CBEC935D49DB7 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-04-27 18:38:37 02D9B399770C9C971F3B3344017106BA 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2015-04-27 18:38:36 F73E3C29743621D9AAF09503E523E175 367104 ----a-w- C:\Windows\System32\html.iec 2015-04-27 18:38:36 5E2BFFFBAA061C1660F8255B2E3BD25C 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2015-04-27 18:38:36 19B481D70FBC176AE5D3E91347B0128F 1129472 ----a-w- C:\Windows\System32\wininet.dll 2015-04-27 18:38:35 95D3A97897CE0386358FA6F65D8F343D 717824 ----a-w- C:\Windows\System32\jscript.dll 2015-04-27 18:38:35 88965158C3620A7AA0B177599C6504AC 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-04-27 18:38:34 6B5500DE200DC9C51A3F6A9377D14789 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2015-04-27 18:38:32 5FCA6B58D90B6D17327B48216451266D 1810944 ----a-w- C:\Windows\System32\jscript9.dll 2015-04-27 18:38:31 A4C519E68C75A9657B884990326CA1C8 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2015-04-27 18:38:30 16BAD3B8ABC01EC9D34E912162CA4A53 176640 ----a-w- C:\Windows\System32\ieui.dll 2015-04-27 18:38:26 59717C2C872AAEA7519B0124409B4578 9747968 ----a-w- C:\Windows\System32\ieframe.dll 2015-04-27 18:38:23 1035970885DD6ABA0EBCB3C02006A8E9 12377600 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== 2015-04-19 16:07:34 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-04-19 16:06:57 A3F4391DFDF2F9E9FE4EAD193265A5AD 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-04-19 16:06:57 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-04-19 16:06:57 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys ====== C:\Windows\Tasks ====== 2015-05-02 16:49:41 B8E4D76F30E3659C8573506FF40A4861 2960 ----a-w- C:\Windows\system32\Tasks\{50026D17-3B73-4457-AFDE-3F8122A40E7D} 2015-05-02 16:49:29 -------- d-----w- C:\Windows\system32\Tasks\Leader Technologies ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-15 17:34:32 -------- d-----w- C:\Program Files\trend micro ======= C: ===== 2015-04-22 17:23:06 B1C1A4D42AD4EC0D9E498AF62E0A4157 1272 ----a-w- C:\DelFix.txt ====== C:\Users\ANTONIO\AppData\Roaming ====== 2015-05-02 17:11:26 -------- d-----w- C:\Users\ANTONIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownShotFree 2015-05-02 16:46:26 -------- d-----w- C:\Users\ANTONIO\AppData\Roaming\Leadertech 2015-04-21 20:37:33 -------- d-----w- C:\Users\ANTONIO\AppData\Local\Windows Live Writer 2015-04-17 19:42:11 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Temp 2015-04-17 19:42:11 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-04-17 19:42:11 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-04-17 19:42:11 -------- d-----w- C:\Users\TEMP\AppData\Local\temp 2015-04-17 19:42:11 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-04-17 19:42:11 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-04-17 19:42:11 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-04-17 19:42:11 -------- d-----w- C:\Users\Administrator\AppData\Local\temp 2015-04-17 19:42:10 -------- d-----w- C:\Users\ANTONIO\AppData\Local\Temp ====== C:\Users\ANTONIO ====== 2015-05-04 20:26:57 -------- d-----w- C:\ProgramData\ESET 2015-04-24 21:11:40 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-04-22 18:15:29 0F5FBD63A50CB19C13EB111D3C3A7E40 1286504 ----a-w- C:\Users\ANTONIO\Desktop\wlsetup-web.exe ====== C: exe-files == 2015-05-05 19:13:48 DA03D3F395FF4D163FFF1E9018DD825C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1290501801-2183166161-1729595285-1000\$IMKPW9Y.exe 2015-05-05 19:11:20 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1290501801-2183166161-1729595285-1000\$RMKPW9Y.exe 2015-05-04 20:27:27 91C8795E21A181B9CF9B42B7150A8BDE 307400 ----a-w- C:\Users\ANTONIO\AppData\Local\Temp\InstHelper.exe 2015-05-02 19:27:44 B4605D865BF030CD5CEFCC3266A06C7F 41792592 ----a-w- C:\Program Files\Google\Update\Install\{14CF9D95-481A-464C-A3F1-02F274214DF2}\42.0.2311.135_chrome_installer.exe 2015-05-02 19:27:40 B4605D865BF030CD5CEFCC3266A06C7F 41792592 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_chrome_installer.exe 2015-05-02 14:27:22 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files\Google\Update\Install\{B7BA6FDC-31B3-4B2D-A41A-F2A889364946}\42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-05-02 14:27:22 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-04-28 20:13:46 B5C66E0B251D954D6CED30E4FDB07792 64000 ----a-w- C:\Windows\System32\smss.exe 2015-04-28 20:13:45 952EA6E27E3A16F02F85C10BB7F4752A 3552184 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-04-28 20:13:45 377602E869DA9C05AC67CA3A5019A051 3604920 ----a-w- C:\Windows\System32\ntkrnlpa.exe === C: other files == 2015-05-04 20:34:32 5C63B68556BEE5F4EDB40BAD8FBA63AB 156533 ----a-w- C:\Users\ANTONIO\Desktop\Speclean\ei_D570.exe_20150504.223432.1688.zip 2015-05-04 20:28:04 27E3168D793645808344C5CA179ECFB0 156535 ----a-w- C:\Users\ANTONIO\Desktop\Speclean\ei_DA5F.exe_20150504.222804.4704.zip 2015-04-28 20:26:11 9F0BF29BB9D6E77C6F909412FB052F1D 2064384 ----a-w- C:\Windows\System32\win32k.sys 2015-04-28 20:14:24 5D9311526801643000D7032A83B18B12 244152 ----a-w- C:\Windows\System32\clfs.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "RtHDVCpl"="RtHDVCpl.exe" "Skytel"="Skytel.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MoraLrob"="regsvr32.exe C:\ProgramData\MoraLrob\KaliTakz.kes" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcSoft Connection Service" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BDRegion" "hkey"="HKLM" "command"="C:\\Program Files\\Cyberlink\\Shared files\\brs.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ESDRWSTT] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ESDRWSTT" "hkey"="HKLM" "command"="C:\\Program Files\\wGXe SOFTWARE\\wGXe Photo Recovery\\esdrwstt.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\ANTONIO\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FSC OSD Utility] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FSC OSD Utility" "hkey"="HKLM" "command"="c:\\PROGRA~1\\FSCOSD~1\\OSDUTI~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FSCRecovery] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FSCRecovery" "hkey"="HKLM" "command"="c:\\Program Files\\Fujitsu Siemens Computers\\Fujitsu Siemens Computers Recovery\\FSCRecoveryReminder.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google EULA Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google EULA Launcher" "hkey"="HKLM" "command"="c:\\Program Files\\Google\\Google EULA\\GoogleEULALauncher.exe IE PA" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\ANTONIO\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google+ Auto Backup" "hkey"="HKCU" "command"="\"C:\\Users\\ANTONIO\\AppData\\Local\\Programs\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesHelper" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\KiesHelper.exe /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Launch Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Launch Manager" "hkey"="HKLM" "command"="C:\\PROGRA~1\\FSCLAU~1\\LAUNCH~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSC" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mxomssmenu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mxomssmenu" "hkey"="HKLM" "command"="\"C:\\Program Files\\Maxtor\\OneTouch Status\\maxmenumgr.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Ghost 12.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Ghost 12.0" "hkey"="HKLM" "command"="\"C:\\Program Files\\Norton Ghost\\Agent\\VProTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD9LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVD9LanguageShortcut" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD9\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl10" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD10\\PDVD10Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl9] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl9" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD9\\PDVD9Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="RtHDVCpl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SDTray" "hkey"="HKLM" "command"="\"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirtualCloneDrive] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VirtualCloneDrive" "hkey"="HKLM" "command"="\"C:\\Program Files\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe\" /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Mobile Device Center" "hkey"="HKLM" "command"="%windir%\\WindowsMobile\\wmdc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear VIBE Device Manager.lnk] "item"="Philips GoGear VIBE Device Manager" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Philips GoGear VIBE Device Manager.lnk" "backup"="C:\\Windows\\pss\\Philips GoGear VIBE Device Manager.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Philips\\GOGEAR~1\\GOGEAR~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^ANTONIO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk] "path"="C:\\Users\\ANTONIO\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MyPC Backup.lnk" "backup"="C:\\Windows\\pss\\MyPC Backup.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MYPCBA~1\\MYPCBA~1.EXE " "item"="MyPC Backup" ==== Startup Folders ====================== 2015-04-14 18:30:45 1049 ----a-w- C:\Users\ANTONIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/04/2015 21:06] C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core.job --a------ C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 23:08] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA.job --a------ C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 23:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/10/2014 21:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/10/2014 21:49] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core.job --a------ C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe [26/04/2014 18:12] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA.job --a------ C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe [26/04/2014 18:12] C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDImmunize.exe [] C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDScan.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Check for updates (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core" [C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA" [C:\Users\ANTONIO\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000Core" [C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1290501801-2183166161-1729595285-1000UA" [C:\Users\ANTONIO\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Refresh immunization (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe] "C:\Windows\system32\tasks\Scan the system (Spybot - Search & Destroy)" [C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe] "C:\Windows\system32\tasks\Security Center Update - 1173996274" [C:\Users\ANTONIO\AppData\Roaming\Fefuka\odepi.exe] "C:\Windows\system32\tasks\{C508080C-72AD-49D4-A934-1BF3D462BD69}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.18.0.106/nl/go/help.faq.installer?LastError=1618] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [03/03/2015 20:21] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/01/2012 23:06] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Thunderbird\Profiles\a78shui8.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\ANTONIO\AppData\Roaming\Thunderbird\Profiles\5jz6rqsn.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\ANTONIO\AppData\Roaming\TomTom\HOME\Profiles\mbkco0cd.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.419.1257@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.401.862279@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.430.890926@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.465.1074274@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.135 Google Slides - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Wallet - ANTONIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="https://www.google.com/search?q={searchTerms}" {868F27AB-A2F6-4A28-9031-62139268FE42} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}" {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== R3 - URLSearchHook: (no name) - {99a56a24-3a9c-4760-bb2e-7eb2e02cf02e} - C:\Program Files\DownShotFree_e0\bar\1.bin\e0SrcAs.dll (file missing) O1 - Hosts: ::1 localhost O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKCU\..\Run: [MoraLrob] regsvr32.exe "C:\ProgramData\MoraLrob\KaliTakz.kes" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKUS\S-1-5-21-1290501801-2183166161-1729595285-1000\..\Run: [MoraLrob] regsvr32.exe "C:\ProgramData\MoraLrob\KaliTakz.kes" (User '?') O4 - HKUS\S-1-5-21-1290501801-2183166161-1729595285-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?') O4 - HKUS\S-1-5-21-1290501801-2183166161-1729595285-1000\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s (User '?') O4 - S-1-5-21-1290501801-2183166161-1729595285-1000 Startup: Dropbox.lnk = C:\Users\ANTONIO\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = C:\Users\ANTONIO\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: StartupFaster O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ANTONIO\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe O23 - Service: Realtek87B - Realtek - C:\Program Files\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Silent Runners ====================== ==== Empty IE Cache ====================== C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\ANTONIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\ANTONIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\nfb8qx5l.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ANTONIO\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=51 folders=23 7979933 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\temp emptied successfully C:\Users\ANTONIO\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\TEMP\AppData\Local\temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ANTONIO\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\ANTONIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 05/05/2015 at 22:00:38,76 ======================