Yvontje82

Hallo Jion, Ik ben zelfs nog iets verder teruggegaan voor de zekerheid, maar dezelfde foutmelding blijft bestaan. Heb je een ander plan? Groetjes Yvonne

Hoi Jion, Hij geeft aan dat er geen schendingen zijn. Ik zie geen verwijzing naar een log. Groetjes Yvonne

Hallo Jion, Helaas heeft het het probleem niet opgelost. Ik krijg nog steeds dezelfde foutmelding bij het opstarten van RSIT. Heb je misschien een ander tooltje? Groetjes Yvonne

Hallo Asus, Bedankt voor je snelle reactie. Helaas krijg ik een foutmelding bij het uitvoeren van RSIT. Zie bijgevoegde printscreen. Groetjes Yvonne

Beste, Na het opschonen van de PC van mijn oma, mag ik nu ook mijn vader helpen met het opschonen van de zijne. Inmiddels heb ik al MBAM, adwcleaner en CCcleaner laten draaien. Zou iemand even kunnen kijken naar de logjes? Alvast bedankt. Groetjes Yvonne [ATTACH]34960[/ATTACH] [ATTACH]34961[/ATTACH] - - - Updated - - - Nu de juiste mbam logjes [ATTACH]34962[/ATTACH] [ATTACH]34963[/ATTACH] mbamlog 21-08-2014.txt AdwCleaner[S0].txt mbamlog3.txt mbamlog2.txt

Oh, nouja. Dat is dan zo. Nu heeft ze weer wat extra ruimte om nieuwe liedjes op te slaan Zijn er nog wat andere dingen die we nu nog moeten doen? Groetjes

Poeh, daar vraag je me wat. Ik kan het alleen omschrijven als de bestanden van liedjes en films die ze heeft gedownload via spotnet. Alles wat ze na de schoning van de PC heeft gedownload werkt wel gewoon. Hopelijk kun je hier iets mee? Kun je me anders uitleggen wat je verder nog aan informatie nodig hebt? Met vriendelijke groet, Yvonne

Hallo Kape, Hierbij het logje van Adwcleaner. Mijn oma had alleen een vraagje over haar downloads van spotnet. Al haar downloads zijn verdwenen. Staan die mogelijk nu ergens anders of waren die besmet waardoor ze zijn verwijderd? Ze waren verwijderd na de acties van zoek.exe. Weet niet of het de eerste of tweede is. Groetjes Yvonne [ATTACH]34552[/ATTACH] AdwCleaner[S0].txt

Hoi Kape, Hier het logje. Groetjes [ATTACH]34349[/ATTACH] zoek-results.txt

Hallo Kape, Om de een of andere reden heeft mijn oma nu ineens weer internet. Waarschijnlijk is er toevallig rond dezelfde periode een storing geweest oid. Ik ben nu dus bij mijn oma en heb het logje voor je bij dit bericht gevoegd. PC is gelukkig al een heel stuk sneller nu. Alleen al het opstarten Groetjes Yvonne [ATTACH]34346[/ATTACH] zoek-results.txt

Ja, die heeft wel gelopen. Ik beschikte helaas niet ovr een USB stick om de log meer te nemen. Ik zag een deze dagen terug gaan met USB stick. Dan plaats ik het logje alsnog hier op het forum.

Hallo iEscape, Ik had iets duidelijker moeten zijn in het vorige bericht, maar we kunnen het internet niet op komen. Ik benader dit forum nu via mijn mobiel. Ik heb nog even iets anders geprobeerd, maar het lukt mij niet om plaatjes te uploaden met mijn telefoon.... Ik zit nu nog bij mijn oma. Ik zal als ik straks this ben de foto uploaden vanaf mijn pc. Groetjes Yvonne

Hallo Kape, Ik had eindelijk tijd om bij mijn om langs te gaan en heb gedaan wat je zei, maar......krijg nu bij het opstarten van de internetbrowser de melding : "De proxyserver reageert niet". Ik heb inmiddels alle mogelijkheden doorlopen met behulp van KPN, maar zij komen er ook niet uit. Ik had graag een foto erbij gedaan, maar die is blijkbaar te zwaar.... Kun jij ons misschien hiermee helpen? Groetjes Yvonne

Hallo Kape, Dank je voor je berichtje. Hier was ik al bang voor, hihi. Ik zal zorgen dat ik een van deze dagen weer bij mijn oma ben en zal dan je opdracht uitvoeren. Groetjes en fijne avond nog. Yvonne

hallo Asus, Ik had voor dat ik je berichtje had gelezen MBAM al laten draaien. Heb nu inmiddels al een paar keer geprobeerd om de log in te voegen, maar het verwerken blijkt langer te duren van 30 sec en dan verschijnt een fatal error melding. Ik was even weg gegaan voor een kleine boodschap, maar toen ik weg ging had MBAM al 154 dingen gedetecteerd.... Als het nodig is dan wil ik straks nog wel een keer kijken of het me lukt om de log te laden en anders mail ik het naar mijn mail en dan post ik het vanavond vanaf mijn eigen PC eventjes. Ik zal nu gaan doen wat jij hierboven hebt beschreven. Groetjes Yvonne - - - Updated - - - [ATTACH]34043[/ATTACH] - - - Updated - - - [ATTACH]34044[/ATTACH] En dan hierbij het MBAM logje log rst.txt log mbam.txt

hjhdhdhs

Hallo, Mijn oma van 80+ heeft inmiddels al enkele jaren een PC. Maar om de zoveel tijd krijgen we van haar een telefoontje met de vraag of we haar kunnen helpen, want.... - haar PC is erg langzaam...of - ze heeft weer iets gedownload wat ze er niet af krijgt, of - ze heeft weer een nieuw programma gekocht dat haar moet helpen om de PC op te schonen, maar het lukt niet - en meer van dat soort telefoontjes.... Mijn oma heeft een paar jaar terug een cursus engels gedaan (zodat ze haar soaps beter kon begrijpen ), maar het technische digi-engels is voor haar natuurlijk veels te lastig (met alle respect hoor). Ze geeft ook toe dat als ze het niet begrijpt toch maar gewoon op "OK" klikt... (oh, nee!))) Nu zit ik bij haar thuis en haar PC is inderdaad nu inderdaad traag. Hij doet er nu al bijna 10 tot 15 minuten over om een google toolbar te verwijderen en nog is die bezig. Kunnen jullie mij (en de rest van de familie) misschien helpen om mijn oma's PC weer een beetje op te schonen? Niet alleen vanwege de waarschijnlijk ontzettende vele virussen oid die erop zitten, maar ook gewoon de echt overbodige programma's eraf te halen. Er zijn inmiddels zoveel programma's beschikbaar op het internet en ik moet eerlijk zeggen dat ik ook echt geen idee heb welke programma's echt goed werken en nuttig zijn (natuurlijk eea in samenspraak met mijn oma). Een heleboel programma's heeft mijn oma erop staan, want "ach wat kan het voor kwaad en ik dacht dat het me zou helpen...". Pfff. Ik hoor graag van van jullie.... Het zou ons iig heel erg helpen.... Groetjes Yvonne

Helemaal TOP! Dank je wel, wederom ;-)

Hoi Jion, Hieronder het JRT-logje. Ik had voordat ik je bericht had gelezen ook al CCCleaner laten draaien. ;-) Groetjes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.2 (02.20.2014:1) OS: Windows 7 Home Premium x64 Ran by Yvonne on zo 09-03-2014 at 20:33:21,17 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\Users\Yvonne\AppData\LocalLow\FCTB000062781 ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on zo 09-03-2014 at 20:43:59,06 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.020 - Report created 09/03/2014 at 20:12:31 # Updated 27/02/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Yvonne - YVONNE-HP # Running from : C:\Users\Yvonne\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} File Deleted : C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKCU\Software\Classes\iLivid.torrent Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid] Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_safari_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_safari_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_web-creator_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_web-creator_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Web Assistant Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v24.0 (nl) [ File : C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\prefs.js ] Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=amonetizetest1-ff&s_qt=sb&tb_uuid=6E325D1C86524114B0FFD3C020A22E18&tb_oid=01-05-2013&tb_mrud=02-05-2013[...] -\\ Google Chrome v33.0.1750.146 [ File : C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [6740 octets] - [09/03/2014 20:11:21] AdwCleaner[s0].txt - [6299 octets] - [09/03/2014 20:12:31] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6359 octets] ##########

Hierbij het HJT-logje: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 21:32:39, on 23-2-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) FIREFOX: 24.0 (nl) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Yvonne\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe C:\Users\Yvonne\Desktop\HijackThis.exe C:\Users\Yvonne\AppData\Local\Temp\MSI2EE0.tmp R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11224 bytes

Beste, Na een melding van PC-veilig dat er een trojan is verwijderd heb ik MBAM er even overheen laten gaan en toch nog een paar virussen gevonden. Hieronder het logje. Ik ga mijn PC nu herstarten en Hijackthis laten draaien. Daarna post ik ook het logje daarvan. Zouden jullie kunnen kijken wat ik er nog meer vanaf zou moeten halen...? Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2014.02.23.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Yvonne :: YVONNE-HP [administrator] 23-2-2014 21:08:08 mbam-log-2014-02-23 (21-08-08).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 261902 Verstreken tijd: 10 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 3 C:\$RECYCLE.BIN\S-1-5-21-2155248324-3539292037-1374523505-1000\$RCHOMNB.exe (PUP.Optional.4Shared) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$RECYCLE.BIN\S-1-5-21-2155248324-3539292037-1374523505-1000\$RG0G067.exe (PUP.Optional.4Shared) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Yvonne\Local Settings\Temporary Internet Files\Content.IE5\9EDCJC03\SoftonicDownloader_voor_website-x5.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Hoi Jion. Dat politievirus was met het uitvoeren van het script in zoek.exe al opgelost. Ik zat zelf niet achter de PC toen het virus verscheen en we hebben nadien de PC ook niet meer uitgezet (met het idee dat opstarten dan mogelijk niet meer mogelijk was), maar het virus uitte zich in de browser van IE versie 9. Verder heb ik alle handelingen zoals beschreven uitgevoerd. Alleen bij het installeren van Java kreeg ik niet het bestand jxpiinstall.exe aangeboden, maar JavaSetup7u45. Met vriendelijke groet, Yvonne

Ik had met rechtermuisklik niet de mogelijkheid om "als administrator" te kiezen. DDS (Ver_2012-11-05.02) - NTFS_AMD64 Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.45.2 Run by Yvonne at 17:51:47 on 2013-12-05 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2305 [GMT 1:00] . AV: PC Veilig 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: PC Veilig 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: PC Veilig 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k apphost C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe C:\Program Files (x86)\PC Veilig\Common\FSMA32.EXE C:\Program Files (x86)\PC Veilig\Anti-Virus\FSGK32.EXE C:\Windows\system32\svchost.exe -k ftpsvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\PC Veilig\Anti-Virus\fssm32.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\PC Veilig\Common\FSLAUNCH.EXE C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://www.google.nl/ uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Browsing Protection Class: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: Browsing Protection Toolbar: {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\PC Veilig\NRS\iescript\baselitmus.dll uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup uRun: [spotify Web Helper] "C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE" /splash mRun: [F-Secure TNB] "C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Yvonne\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: HideFastUserSwitching = dword:0 IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: C:\Program Files (x86)\PC Veilig\FSPS\program\FSLSP.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab TCP: NameServer = 192.168.2.254 TCP: Interfaces\{00FD4177-C23D-46E3-88DF-567CE2664FE7} : DHCPNameServer = 192.168.2.254 TCP: Interfaces\{FE0C91F8-4195-459F-B0D9-1B29F873801A} : DHCPNameServer = 192.168.42.129 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?q={searchTerms}&s_it=amonetizetest1-ff&s_qt=sb&tb_uuid=6E325D1C86524114B0FFD3C020A22E18&tb_oid=01-05-2013&tb_mrud=02-05-2013 FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-10-09 22:33; {53A03D43-5363-4669-8190-99061B2DEBA5}; C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false ============= SERVICES / DRIVERS =============== . R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2013-5-11 56016] R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2013-5-11 59784] R1 FSFW;F-Secure Firewall Driver;C:\Windows\System32\drivers\fsdfw.sys [2013-5-11 94024] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2013-5-11 16768] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-2 203264] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\PC Veilig\Anti-Virus\fsgk32st.exe [2013-5-11 221608] R2 ftpsvc;Microsoft FTP-service;C:\Windows\System32\svchost.exe -k ftpsvc [2009-7-14 27136] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-2-2 1128952] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-2-2 116240] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2013-5-11 202176] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-2-2 1002848] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] S1 FSES;F-Secure Email Scanning Driver;C:\Windows\System32\drivers\fses.sys [2013-5-11 50384] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680] S3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2013-5-11 60352] S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-21 1255736] S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files (x86)\PC Veilig\Anti-Virus\win2k\fsfilter.sys [2013-5-11 41640] S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files (x86)\PC Veilig\Anti-Virus\win2k\fsrec.sys [2013-5-11 27048] . =============== Created Last 30 ================ . 2013-12-04 21:26:47 -------- d-sh--w- C:\$RECYCLE.BIN 2013-12-04 21:21:27 24064 ----a-w- C:\Windows\zoek-delete.exe 2013-12-04 21:21:26 -------- d-----w- C:\Users\Yvonne\AppData\Local\Temp 2013-12-03 09:15:30 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6A36D5BD-8E9B-461C-92B8-1FB28E8CDBD8}\mpengine.dll 2013-11-22 10:50:50 -------- d-----w- C:\Program Files (x86)\Steam 2013-11-21 23:03:36 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-21 23:03:36 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-21 23:03:36 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-21 23:03:36 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-21 23:03:36 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-21 23:03:35 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-21 23:03:35 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-11-20 10:11:11 306688 ----a-w- C:\Windows\IsUninst.exe 2013-11-19 00:25:56 45056 ----a-r- C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe 2013-11-19 00:25:56 45056 ----a-r- C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe 2013-11-19 00:25:56 45056 ----a-r- C:\Users\Yvonne\AppData\Roaming\Microsoft\Installer\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}\ARPPRODUCTICON.exe 2013-11-19 00:25:51 -------- d-----w- C:\Program Files (x86)\GameShadow 2013-11-19 00:16:28 -------- d-----w- C:\Program Files (x86)\Firefly Studios 2013-11-19 00:15:28 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll 2013-11-19 00:15:28 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe 2013-11-19 00:15:28 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll 2013-11-19 00:15:28 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll 2013-11-19 00:15:27 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll 2013-11-19 00:15:21 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll 2013-11-19 00:15:20 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll 2013-11-18 18:24:06 -------- d-----w- C:\Users\Yvonne\AppData\Local\PDFC 2013-11-18 17:40:13 -------- d-----w- C:\zoek_backup 2013-11-13 22:13:36 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-13 22:13:35 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-11-13 22:13:21 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-11-13 22:13:08 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-11-13 22:13:06 197120 ----a-w- C:\Windows\System32\credui.dll 2013-11-13 22:13:06 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2013-11-13 22:13:06 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-11-13 22:13:05 168960 ----a-w- C:\Windows\SysWow64\credui.dll 2013-11-13 22:13:05 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll . ==================== Find3M ==================== . 2013-11-11 04:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe 2013-10-13 14:55:42 2334720 ----a-w- C:\Windows\System32\jscript9.dll 2013-10-13 14:47:43 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-10-13 14:46:53 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-10-13 14:42:36 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-10-13 14:42:11 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-10-13 14:35:12 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-10-13 09:48:06 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-10-13 09:35:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-10-13 09:35:38 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-10-13 09:30:14 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-10-13 09:29:02 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-10-13 09:25:39 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL 2013-10-09 01:29:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-09 01:29:20 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-08 05:51:05 873384 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-10-08 05:51:00 796072 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-10-08 05:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll 2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll 2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll 2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll . ============= FINISH: 17:52:36,54 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-05.02) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 20-5-2011 20:48:20 System Uptime: 5-12-2013 17:42:58 (0 hours ago) . Motherboard: PEGATRON CORPORATION | | 2A99 Processor: AMD Athlon II X4 640 Processor | CPU 1 | 1800/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 918 GiB total, 825,744 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1,639 GiB free. E: is CDROM (CDFS) F: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: F-Secure Email Scanning Driver Device ID: ROOT\LEGACY_FSES\0000 Manufacturer: Name: F-Secure Email Scanning Driver PNP Device ID: ROOT\LEGACY_FSES\0000 Service: FSES . ==== System Restore Points =================== . RP299: 22-11-2013 3:00:14 - Windows Update RP300: 22-11-2013 11:50:01 - Installed Steam RP301: 26-11-2013 7:46:10 - Windows Update RP302: 29-11-2013 14:54:58 - Windows Update RP303: 3-12-2013 10:14:29 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Agatha Christie - Peril at End House ATI Catalyst Install Manager ATI Stream SDK v2 Developer AVG Security Toolbar Bejeweled 2 Deluxe Bing Rewards Client Installer Blackhawk Striker 2 Blasterball 3 Bounce Symphony Cake Mania Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Chuzzle Deluxe CyberLink DVD Suite Deluxe Dora's World Adventure DVD Menu Pack for HP MediaSmart Video Farm Frenzy FATE Final Drive Nitro Free Audio CD Burner version 1.4.8 Free YouTube Download version 3.1.35.903 Free YouTube to MP3 Converter version 3.11.22.508 GameShadow Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Customer Experience Enhancements HP Game Console HP Games HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart SmartMenu HP MediaSmart Video HP Odometer HP Setup HP Setup Manager HP Support Assistant HP Support Information HP Update HP Vision Hardware Diagnostics HTC BMP USB Driver HTC Driver Installer HTC Sync HydraVision Java 2 Runtime Environment, SE v1.4.2_05 Java 2 SDK, SE v1.4.2_05 Java 7 Update 45 Java Auto Updater Java 6 Update 25 (64-bit) JCreator LE 3.10 KPN Draadloos Netwerk Assistent LabelPrint LightScribe System Software LMSOFT Web Creator Pro 6 Magic Desktop Malwarebytes Anti-Malware versie 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Starter 2010 - Nederlands Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 24.0 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MusicStation Mystery P.I. - The London Caper NVIDIA Drivers NVIDIA ForceWare Network Access Manager PC Veilig PDF Complete Special Edition Penguins! PhotoNow! PictureMover Pizza Chef 2 Plants vs. Zombies PlayReady PC Runtime amd64 Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector QuickTime Ralink RT2860 Wireless LAN Card Realtek High Definition Audio Driver Recovery Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Skype™ 6.9 Spotify Steam Stronghold Legends Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Virtual Villagers 4 - The Tree of Life Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables World Cup Cricket 20-20 World of Tanks Zuma Deluxe . ==== End Of File ===========================

Zoek.exe Version 4.0.0.5 Updated 30-November-2013 Tool run by Yvonne on wo 04-12-2013 at 21:54:22,53. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Yvonne\Downloads\Zoek.zip\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results2013-04-03-190126.log 32611 bytes C:\zoek-results2013-11-18-182353.log 30991 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Yahoo not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-11-20 10:11:11 515E4684008E955DE0C81E6A7AEA1C2A 306688 ----a-w- C:\Windows\IsUninst.exe ====== C:\Users\Yvonne\AppData\Local\Temp ==== 2013-11-25 04:20:17 316BC1B77C9753CBCD49B3990DF56A8C 35095200 ----a-w- C:\Users\Yvonne\AppData\Local\Temp\SkypeSetup.exe 2013-11-24 15:50:43 C12AA09AA5947BD28EDF2F94C341BFDE 465920 ----a-w- C:\Users\Yvonne\AppData\Local\Temp\COMAP.EXE ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-11-21 23:03:36 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-11-21 23:03:36 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-11-21 23:03:36 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-11-21 23:03:36 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-11-21 23:03:36 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-11-21 23:03:35 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-11-21 23:03:35 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2013-11-13 22:13:21 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-11-13 22:12:41 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-11-13 22:12:41 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-11-13 22:12:40 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys ====== C:\Windows\Tasks ====== 2013-11-18 18:24:11 C322FF035DF8C05214F40D2DEAE3C31A 522 ----a-w- C:\Windows\Tasks\Scheduled scanning task.job 2013-11-18 18:24:11 60BD9C3643BA94647DCAAA0E5BD19507 3298 ----a-w- C:\Windows\Sysnative\Tasks\Scheduled scanning task 2013-11-18 17:06:24 8E88250AA0DF4DB801BEC75F38F44829 3272 ----a-w- C:\Windows\Sysnative\Tasks\{FA80624A-0168-492C-9323-D6B2765CDCF5} 2013-11-12 21:55:28 50122F2242E5CC7628A0D34B4FB8B241 3094 ----a-w- C:\Windows\Sysnative\Tasks\{88A11318-C758-4CB3-961A-78A3829777C7} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2013-11-22 10:50:50 -------- d-----w- C:\PROGRA~2\Steam 2013-11-19 00:25:51 -------- d-----w- C:\PROGRA~2\GameShadow 2013-11-19 00:16:28 -------- d-----w- C:\PROGRA~2\Firefly Studios ======= C: ===== ====== C:\Users\Yvonne\AppData\Roaming ====== 2013-11-24 15:50:40 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\CyberLink 2013-11-19 00:25:56 -------- d-----w- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow 2013-11-18 18:24:06 -------- d-----w- C:\Users\Yvonne\AppData\Local\PDFC 2013-11-18 18:01:45 -------- d-----w- C:\Users\Yvonne\AppData\Local\Temp ====== C:\Users\Yvonne ====== 2013-11-22 10:50:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2013-11-19 00:23:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios ====== C: exe-files == 2068-06-03 20:05:14 BED6EDDBF28DB980AA8D3A42D4A05586 32881 ----a-w- C:\j2sdk1.4.2_05\jre\bin\jusched.exe 2068-06-03 20:05:14 260586772C36D427B364E0F8E9815450 241777 ----a-w- C:\j2sdk1.4.2_05\jre\bin\jucheck.exe 2068-06-03 20:05:12 BED6EDDBF28DB980AA8D3A42D4A05586 32881 ----a-w- C:\Program Files (x86)\Java\j2re1.4.2_05\bin\jusched.exe 2068-06-03 20:05:12 260586772C36D427B364E0F8E9815450 241777 ----a-w- C:\Program Files (x86)\Java\j2re1.4.2_05\bin\jucheck.exe 2013-11-30 06:03:32 C6CA25804A7F161D3D9986DF5A305EBD 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe 2013-11-30 06:03:32 9DDACC673C7EE9F8C8FFE66E0EA1AA5A 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2155248324-3539292037-1374523505-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" "Spotify Web Helper"="C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "HTC Sync Loader"="C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe -startup" "F-Secure Manager"="C:\Program Files (x86)\PC Veilig\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files (x86)\PC Veilig\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" "Spotify Web Helper"="C:\Users\Yvonne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2012-01-22 10:21:25 1316 ----a-w- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2012-03-01 15:50:33 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-05-2013 13:35] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-05-2013 13:35] C:\Windows\tasks\HPCeeScheduleForYVONNE-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14-09-2010 07:15] C:\Windows\tasks\HPCeeScheduleForYvonne.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14-09-2010 07:15] C:\Windows\tasks\Scheduled scanning task.job --a------ C:\PROGRA2\PCVEIL1\ANTI-V1\fsav.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForYvonne" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForYVONNE-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe] "C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe] "C:\Windows\SysNative\tasks\Scheduled scanning task" [C:\PROGRA~2\PCVEIL~1\ANTI-V~1\fsav.exe] "C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{38DF59D7-67EE-4B6C-B405-FBB323BC92E6}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" Downloading] "C:\Windows\SysNative\tasks\{82AE7F7E-0A46-4FA9-9B61-83F712DAD24C}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" Downloading] "C:\Windows\SysNative\tasks\{88A11318-C758-4CB3-961A-78A3829777C7}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype] "C:\Windows\SysNative\tasks\{B8920AB9-3F4C-4BF0-BD57-65B099240783}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype] "C:\Windows\SysNative\tasks\{CEF387AE-FE17-4327-AE07-38934CF7FB9A}" ["c:\program files (x86)\internet explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "litmus-ff@f-secure.com"="C:\Program Files (x86)\PC Veilig\NRS\litmus-ff@f-secure.com" [03-12-2013 12:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} - ScrapBook Plus - %ProfilePath%\extensions\scrapbookplus@addons.mozilla.org.xpi - ScrapBook - %ProfilePath%\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi - Pinterest Pin Button - %ProfilePath%\extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi - Search By Image by Google - %ProfilePath%\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\6hgtzfhm.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.450.18 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {443789B7-F39C-4b5c-9287-DA72D38F4FE6} AOL Search Url="AOL Search" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Yvonne\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0D5H89SD will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\12C0O2F1 will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1H77R58Y will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4FN3JC16 will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6N1WZAJP will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6ONE59RI will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8YI0DQFO will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HJLI4R2R will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QH34C23S will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RUE42NJT will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SD3M1F73 will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XN168W6U will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Yvonne\AppData\Local\Mozilla\Firefox\Profiles\6hgtzfhm.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Yvonne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0D5H89SD" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\12C0O2F1" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1H77R58Y" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4FN3JC16" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6N1WZAJP" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6ONE59RI" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8YI0DQFO" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HJLI4R2R" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QH34C23S" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RUE42NJT" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SD3M1F73" not found "C:\Users\Yvonne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XN168W6U" not found ==== EOF on wo 04-12-2013 at 22:26:35,51 ======================