Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Magic Tom on di 16/08/2016 at 23:02:07,47. Microsoft Windows 10 Home 10.0.10586 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Magic Tom\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 16/08/2016 23:05:26 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\eSobi deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\NewTech Infosystems deleted successfully C:\Program Files\SlySoft deleted successfully C:\Program Files\TallStick deleted successfully C:\Program Files\TomTom DesktopSuite deleted successfully C:\Program Files\Common Files\G DATA deleted successfully C:\PROGRA~2\1D37A deleted successfully C:\PROGRA~2\33DB deleted successfully C:\PROGRA~2\Comms deleted successfully C:\PROGRA~2\SlySoft deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Magic Tom\AppData\Local\ActiveSync deleted successfully C:\Users\Magic Tom\AppData\Local\CRE deleted successfully C:\Users\Magic Tom\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Magic Tom\AppData\Local\EmieSiteList deleted successfully C:\Users\Magic Tom\AppData\Local\EmieUserList deleted successfully C:\Users\Magic Tom\AppData\Local\Magentic deleted successfully C:\Users\Magic Tom\AppData\Local\NetworkTiles deleted successfully C:\Users\Schattie\AppData\Local\ActiveSync deleted successfully C:\Users\Schattie\AppData\Local\CRE deleted successfully C:\Users\Schattie\AppData\Local\NetworkTiles deleted successfully C:\Users\Schattie\AppData\Local\{22B1F64D-0139-41CA-86EF-5AD5ACDDAA84} deleted successfully C:\Users\Schattie\AppData\Local\{39E4C8F5-BC71-400E-8B48-4AD7BBF41AF4} deleted successfully C:\Users\Schattie\AppData\Local\{40CD7AF4-2030-40FC-B9B2-D60ECDDA43BB} deleted successfully C:\Users\Schattie\AppData\Local\{4EA5DD09-3E6B-4D37-B2C2-DFAC6A573398} deleted successfully C:\Users\Schattie\AppData\Local\{D211174B-6D8D-4B10-8B74-F842CAE68D8C} deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-126822462-2923299525-1815723027-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c3c77255-42c0-499f-b664-6e981a0b1647} deleted successfully HKEY_USERS\S-1-5-21-126822462-2923299525-1815723027-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c3c77255-42c0-499f-b664-6e981a0b1647} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73204B8A-87A8-49C8-A91A-FFCDE788A9ED} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{903C3322-6CEF-4CA5-BD37-4F056155FC08} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD41E1A5-99E5-41BA-8703-6BE974416118} deleted successfully HKEY_USERS\S-1-5-21-126822462-2923299525-1815723027-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3F45C9B-C8F3-4D87-B69C-DD43E4B04BFE} deleted successfully HKEY_USERS\S-1-5-21-126822462-2923299525-1815723027-1004\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA01FBA0-3FC5-46E8-8F02-2352653C293F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d8f67242-b229-4065-95fa-391b077ed6ca} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73204B8A-87A8-49C8-A91A-FFCDE788A9ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{903C3322-6CEF-4CA5-BD37-4F056155FC08} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-126822462-2923299525-1815723027-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) æTorrent Acer Crystal Eye Webcam 3.0.6.3 Acer eAudio Management Acer eDataSecurity Management Acer Empowering Technology Acer ePower Management Acer eRecovery Management Acer eSettings Management Acer GridVista Acer Mobility Center Plug-In Acer ScreenSaver Acer VCM Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 22 NPAPI Adobe Reader 8.1.3 Agere Systems HDA Modem Apple Application Support (32-bit) Apple Mobile Device Support Apple Software Update Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver Avira Antivirus Avira Browser Safety Avira Launcher Belgium e-ID middleware 4.0.5 (build 7363) Bonjour CCleaner D3DX10 DAEMON Tools Lite DC-Bass Source 1.3.0 DivX Converter DivX Plus DirectShow Filters DivX Setup DivX Version Checker Easy DVD Player FastImageResizer (remove only) Google Chrome Google Earth Plug-in Google Update Helper HiJackThis IncrediMail IncrediMail 2.0 Intel© Matrix Storage Manager ITECIR iTunes Java 8 Update 101 Java Auto Updater JMicron JMB38X Flash Media Controller Junk Mail filter update Launch Manager LightScribe 1.4.142.1 Mesh Runtime Messenger Companion Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x86) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Works MioMore Desktop 7.50 Mozilla Firefox 47.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec neroxml NVIDIA-configuratiescherm 341.92 NVIDIA Grafisch stuurprogramma 341.92 NVIDIA HD Audio-stuurprogramma 1.3.30.1 NVIDIA Install Application NVIDIA Update 10.4.0 NVIDIA Update Core OGA Notifier 1.7.0105.35.0 OpenSource Flash Video Splitter 1.0.0.5 Photo Notifier and Animation Creator PhotoMail Maker PhotoNow PowerDirector QuickTime 7 Realtek High Definition Audio Driver Samsung i-Launcher 1.1.0.0 Samsung Kies Samsung USB Driver for Mobile Phones Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114895) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114982) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114892) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114983) 32-Bit Edition SkypeT 7.4 Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) Synaptics Pointing Device Driver TomTom HOME TomTom HOME Visual Studio Merge Modules Total Annihilation - Battle Tactics Total Annihilation - Core Contingency Total Annihilation Ultimate Codec Packages Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Validity Sensors software VC80CRTRedist - 8.0.50727.6195 Visual Studio C++ 10.0 Runtime WIDCOMM Bluetooth Software 6.0.1.5000 WinAce Archiver Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinZip 12.0 ==== Running Processes ====================== C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvvsvc.exe C:\WINDOWS\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Acer\Empowering Technology\Service\ETService.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Acer\Acer VCM\RS_Service.exe C:\Acer\Mobility Center\MobilityService.exe C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Windows\system32\vfsFPService.exe C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\WINDOWS\system32\dashost.exe C:\Program Files\Avira\Antivirus\sched.exe C:\Program Files\Avira\Antivirus\avguard.exe C:\Program Files\Avira\Antivirus\avshadow.exe C:\WINDOWS\System32\WinLogon.exe C:\WINDOWS\System32\dwm.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\WINDOWS\system32\nvvsvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\sihost.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\WINDOWS\Explorer.EXE C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\system32\DllHost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files\Avira\Antivirus\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\CCleaner\CCleaner.exe C:\WINDOWS\System32\fontdrvhost.exe C:\Windows\System32\InstallAgent.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\WINDOWS\system32\SettingSyncHost.exe C:\WINDOWS\system32\ApplicationFrameHost.exe C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x86__8wekyb3d8bbwe\WinStore.Mobile.exe C:\Windows\System32\wuapihost.exe C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x86__8wekyb3d8bbwe\Video.UI.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe C:\Program Files\Windows Defender\MpCmdRun.exe C:\Program Files\Avira\Launcher\Avira.Systray.exe C:\Users\Magic Tom\Downloads\zoek.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\system32\svchost.exe -k iissvcs C:\WINDOWS\System32\svchost.exe -k utcsvc C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k appmodel C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\eSobi not found C:\Program Files\NewTech Infosystems not found C:\Program Files\SlySoft not found C:\Program Files\TallStick not found C:\Program Files\TomTom DesktopSuite not found C:\WINDOWS\system32\appdata deleted C:\Users\Schattie\AppData\LocalLow\uTorrentBar_NL deleted C:\Users\Magic Tom\.android deleted C:\Program Files\Wondershare deleted C:\StartUpManager_scandataINPUT.xml deleted C:\StartUpManager_scandataOUTPUT.xml deleted C:\extensions deleted C:\ministub.exe deleted C:\regxpcom.exe deleted C:\SUPPORT deleted C:\PROGRA~2\Package Cache deleted C:\Users\Magic Tom\AppData\Local\Thinstall deleted C:\Users\Magic Tom\AppData\Local\Wondershare deleted C:\Users\Schattie\AppData\Local\Thinstall deleted C:\Users\Schattie\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Magic Tom\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted C:\WINDOWS\WININIT.INI deleted C:\WINDOWS\System32\SET39CC.tmp deleted C:\WINDOWS\System32\SET3AD8.tmp deleted C:\WINDOWS\System32\SET6E54.tmp deleted C:\WINDOWS\System32\SET910A.tmp deleted C:\WINDOWS\System32\SETBFBE.tmp deleted C:\WINDOWS\System32\SETC296.tmp deleted C:\WINDOWS\System32\SETD631.tmp deleted C:\WINDOWS\System32\SETE533.tmp deleted C:\Users\MAGICT~1\AppData\Roaming\Mozilla\Firefox\Profiles\OUeRlgaR.default\extensions\abs@avira.com deleted C:\Users\MAGICT~1\AppData\Roaming\Mozilla\Firefox\Profiles\OUeRlgaR.default\extensions\safesearchplus2@avira.com deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\SSL.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\Program Files\Common Files\Wondershare" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3069 MB CPU Info: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz CPU Speed: 555,8 MHz Sound Card: NVIDIA HDMI Out (NVIDIA High De | Realtek Digital Output (Realtek | Luidsprekers (Realtek High Defi | Display Adapters: NVIDIA GeForce 9600M GT | NVIDIA GeForce 9600M GT Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1360 X 768 - 32 bit Network: Network Present Network Adapters: Intel(R) WiFi Link 5100 AGN | Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller CD / DVD Drives: 2x (F: | G: | ) F: Optiarc BD ROM BC-5500S | G: DTSOFT BDROM Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 144,0GB | D: 298,1GB | E: 139,5GB Hard Disks - Free: C: 60,4GB | D: 77,4GB | E: 138,6GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 08/07/08 | ACRSYS - 1 Time Zone: Romance (standaardtijd) Motherboard *: Acer Aspire 8930 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Default Browser: Firefox 47.0.1 Internet Explorer Version: 11.212.10586.0 Mozilla Firefox version: 47.0.1 (x86 nl) Google Chrome version: 51.0.2704.103 Adobe Reader version: 8.1.0.2007051100 Sun Java version: 1.8.0_101 (32-bit) Flash Player version: 22.0.0.209 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\MAGICT~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== 2016-08-16 20:57:22 DA0271DE445060EDDBBE583CB88DD398 4200 ----a-w- C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AD752589-3A6F-430F-B01C-6CD34016D83B} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-07-21 12:15:46 -------- d-----w- C:\Program Files\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Magic Tom\AppData\Roaming ====== 2016-07-23 16:40:47 -------- d-----w- C:\Users\TEMP\AppData\Local\TileDataLayer 2016-07-23 16:40:41 -------- d-----w- C:\Users\TEMP\AppData\Local 2016-07-21 12:16:01 -------- d-----w- C:\Users\Magic Tom\AppData\Local\Mozilla 2016-07-21 11:52:01 -------- d-----w- C:\Users\Magic Tom\AppData\Local\Tempdivx99ba ====== C:\Users\Magic Tom ====== 2016-08-16 20:53:55 0AF64B59269F6F5C7DF5B97DF8C0E0AB 739904 ----a-w- C:\Users\Magic Tom\Downloads\JavaSetup8u101.exe 2016-08-11 10:22:42 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Magic Tom\Downloads\RSIT.exe 2016-07-23 16:40:41 -------- d--h--w- C:\Users\TEMP\AppData ====== C: exe-files == 2016-08-16 20:59:02 E6DD71FF95C619A6CCE339048D399F6A 4928616 ----a-w- C:\ProgramData\Avira\Launcher\Temp\avira.exe 2016-08-16 20:56:03 F434A8AC7F1C8C0E2587B9A9F30E397B 52800 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\ssvagent.exe 2016-08-16 20:56:03 ED3F3D8E4C382BF8095B9DE217511E29 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\policytool.exe 2016-08-16 20:56:03 E9AA62B1696145A08D223E7190785E25 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\pack200.exe 2016-08-16 20:56:03 CA17B8CBD623477C5D1D334B79890225 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\klist.exe 2016-08-16 20:56:03 C15F0FE651B05F4288CBC3672F6DC3CE 159296 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\unpack200.exe 2016-08-16 20:56:03 B4AD335E868693F009B7644E2ED555C1 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\ktab.exe 2016-08-16 20:56:03 9A4CF09834F086568DF469E3F670BF07 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\keytool.exe 2016-08-16 20:56:03 7DA6AA3CC4763C6F9C20B43E6C9A9547 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\orbd.exe 2016-08-16 20:56:03 7624A9B769CDCF3A75FE5A9FEAADD61F 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\tnameserv.exe 2016-08-16 20:56:03 5F85F7F2DFAC397D642834B61809240F 82496 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\jp2launcher.exe 2016-08-16 20:56:03 4F11D43AA2215CE771DA528878F01C8E 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\jjs.exe 2016-08-16 20:56:03 4DE6BFE6EA98BC42A5358ED8307107B2 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\kinit.exe 2016-08-16 20:56:03 43C1D1D0E248604CB3B643C0BDF4EC9A 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\servertool.exe 2016-08-16 20:56:03 31C0CED43A07A2DFF3AFC557EBABBE0F 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\rmiregistry.exe 2016-08-16 20:56:03 12B6E1C3205A8B17AC20E00A889DFC43 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\rmid.exe 2016-08-16 20:56:02 F8211DB97BF852C3292C3E9C710C19D9 269888 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\javaws.exe 2016-08-16 20:56:02 E3E51A21B00CDDE757E4247257AA7891 191040 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\java.exe 2016-08-16 20:56:02 CF2F023D2B5F0BFB2ECF8AEEA7C51481 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\java-rmi.exe 2016-08-16 20:56:02 C2A59C7343D370BC57765896490331E5 70208 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe 2016-08-16 20:56:02 530D5597E565654D378F3C87654CCABA 30784 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\jabswitch.exe 2016-08-16 20:56:02 48C96771106DBDD5D42BBA3772E4B414 191552 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe 2016-08-16 20:53:55 0AF64B59269F6F5C7DF5B97DF8C0E0AB 739904 ----a-w- C:\Users\Magic Tom\Downloads\JavaSetup8u101.exe 2016-08-11 10:23:02 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Magic Tom.exe 2016-08-11 10:22:42 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Magic Tom\Downloads\RSIT.exe 2016-08-10 18:19:17 946E8C3705E54367A10DB76B0E3B19BA 1554424 ----a-w- C:\Users\Schattie\AppData\Local\Google\Chrome\User Data\SwReporter\8.62.4\software_reporter_tool.exe === C: other files == 2016-08-16 20:56:03 91052ADB799AEF68EA76931997C40CE4 14156 ----a-w- C:\Program Files\Java\jre1.8.0_101\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-126822462-2923299525-1815723027-1004\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="C:\Program Files\CCleaner\CCleaner.exe /AUTO" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "OneDrive"="C:\Users\Magic Tom\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "Avira SystrayStartTrigger"="C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe" "NvBackend"="C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" "Wondershare Helper Compact.exe"="C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe" "avgnt"="C:\Program Files\Avira\Antivirus\avgnt.exe /min" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="C:\Program Files\CCleaner\CCleaner.exe /AUTO" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "OneDrive"="C:\Users\Magic Tom\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent] "command"="\"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\"" "hkey"="HKLM" "item"="ArcadeDeluxeAgent" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXMediaServer] "hkey"="HKLM" "command"="C:\\Program Files\\DivX\\DivX Media Server\\DivXMediaServer.exe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXMediaServer" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "hkey"="HKLM" "command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eAudio] "command"="\"C:\\Program Files\\Acer\\Empowering Technology\\eAudio\\eAudio.exe\"" "hkey"="HKLM" "item"="eAudio" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eDataSecurity Loader] "command"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSloader.exe" "hkey"="HKLM" "item"="eDataSecurity Loader" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray.exe] "command"="C:\\Windows\\ehome\\ehTray.exe" "hkey"="HKCU" "item"="ehTray.exe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ePower_DMC] "command"="C:\\Program Files\\Acer\\Empowering Technology\\ePower\\ePower_DMC.exe" "hkey"="HKLM" "item"="ePower_DMC" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search] "command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "hkey"="HKLM" "item"="Google Desktop Search" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif] "command"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" "hkey"="HKLM" "item"="IAAnotif" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "command"="\"C:\\Program Files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "hkey"="HKCU" "item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesAirMessage] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesAirMessage" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\KiesAirMessage.exe -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" "hkey"="HKLM" "item"="KiesTrayAgent" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager] "hkey"="HKLM" "item"="LManager" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "command"="C:\\PROGRA~1\\LAUNCH~1\\LManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan] "command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\"" "hkey"="HKLM" "item"="NBKeyScan" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie] "command"="\"C:\\Program Files\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\"" "hkey"="HKLM" "item"="PlayMovie" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PLFSetI" "hkey"="HKLM" "command"="C:\\Windows\\PLFSetI.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetL] "hkey"="HKLM" "command"="C:\\Windows\\PLFSetL.exe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PLFSetL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "hkey"="HKLM" "item"="QuickTime Task" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SNUVCDSM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SNUVCDSM" "hkey"="HKLM" "command"="C:\\Windows\\snuvcdsm.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" "hkey"="HKLM" "item"="SynTPEnh" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s" "hkey"="HKCU" "item"="TomTomHOME.exe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\MAGICT~1\\AppData\\Local\\Temp\\uttB913.tmp.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WarReg_PopUp] "command"="C:\\Program Files\\Acer\\WR_PopUp\\WarReg_PopUp.exe" "hkey"="HKLM" "item"="WarReg_PopUp" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender] "command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide" "hkey"="HKLM" "item"="Windows Defender" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WindowsWelcomeCenter] "command"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "hkey"="HKCU" "item"="WindowsWelcomeCenter" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZPdtWzdVitaKey MC3000] "command"="\"C:\\Program Files\\Acer\\Acer Bio Protection\\PdtWzd.exe\" show" "hkey"="HKLM" "item"="ZPdtWzdVitaKey MC3000" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] "backup"="C:\\Windows\\pss\\Acer VCM.lnk.CommonStartup" "backupExtension"=".CommonStartup" "item"="Acer VCM" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Acer VCM.lnk" "command"="C:\\PROGRA~1\\Acer\\ACERVC~1\\AcerVCM.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] "backup"="C:\\Windows\\pss\\BTTray.lnk.CommonStartup" "backupExtension"=".CommonStartup" "item"="BTTray" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk" "command"="C:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21/07/2016 14:42] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2015 09:56] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2015 09:56] C:\WINDOWS\tasks\OGADaily.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\OGALogon.job --a-------- C:\Windows\system32\OGAVerify.exe [31/12/2008 18:04] C:\WINDOWS\tasks\SpyHunter4.job --a-------- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\system32\tasks\Avira Browser Safety Updater Task" ["C:\Program Files\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe"] "C:\WINDOWS\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\system32\tasks\DivXUpdate" [C:\Program Files\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\OGADaily" [C:\Windows\system32\OGAVerify.exe] "C:\WINDOWS\system32\tasks\OGALogon" [C:\Windows\system32\OGAVerify.exe] "C:\WINDOWS\system32\tasks\SpyHunter4" [C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{1559CF56-9F26-48DB-B4A6-B4BCFF5DFF3F}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{4CC3761C-8F16-4E09-BDF4-668949E47CE1}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{AD752589-3A6F-430F-B01C-6CD34016D83B}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\system32\tasks\{D89D0EE7-E348-4153-9994-397E122CA8F6}" [C:\Program Files\Skype\\Phone\Skype.exe] "C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [20/07/2013 14:48] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MAGICT~1\AppData\Roaming\TomTom\HOME\Profiles\5mdzblw9.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.016.9380@tomtom.com ProfilePath: C:\Users\Schattie\AppData\Roaming\TomTom\HOME\Profiles\jfifpuws.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.7.163.8493@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Magic Tom\AppData\Roaming\Mozilla\Firefox\Profiles\t99ucohg.default DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5 B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5 5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5 87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5 5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5 8130FF8214221BA5AC764909587E161A - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat C426F7E678D6E539041847556059D5E8 - C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll - Google Update 65FB4909BD29CAAA81FDC69AD21BB905 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 01F0264937036BD962563F1ADF35CE72 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox 1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 9BFF4C87460FE3E8BEE0CF5D550D76F9 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player 79039398587F475ADA606D1A3B740A63 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in F40E8C944675BF87E605E8E02FA76EDA - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] ipmkfpcnmccejididiaagpgchgjfajgp - No path found[] Avira Browser Safety - Magic Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Whitelisted domains - Magic Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Avira SafeSearch Plus - Magic Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp Chrome Web Store Payments - Magic Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chrome Media Router - Magic Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Google Docs - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avira Browser Safety - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Google Docs Offline - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avira SafeSearch Plus - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp Chrome Web Store Payments - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Schattie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{19C5EEDF-C3DC-498B-8E1C-D37F5BD2CC8C} - No_Url_Value HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - No_Url_Value ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNUVCDSM deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Antivirus\avgnt.exe" /min O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [OneDrive] "C:\Users\Magic Tom\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - (no file) O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avmailc7.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avwebg7.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files\Wondershare\MobileTrans\DriverInstall.exe (file missing) ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Magic Tom\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Magic Tom\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Schattie\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Schattie\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Magic Tom\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Magic Tom\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Schattie\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Schattie\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Magic Tom\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Schattie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=748 folders=152 178239479 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\MAGICT~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 16/08/2016 at 23:54:44,26 ======================