Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

ook een Hijack log

Abraham54
17 antwoorden
  • problemen met een trage computer. (bijna) altijd 100% processor gebruik.
    Als er iemand zo vriendelijk zou kunnen zijn om naar dit log te kijken, dan is mijn dank enorm.


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:23:21, on 28-4-2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16537)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    C:\Users\Thorimo\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
    C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Vuze\Azureus.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\Thorimo\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://s1.sfgame.nl/?adv=0103
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - Startup: Dropbox.lnk = Thorimo\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: Aztec Riches - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\aztecrichesMPP\MPPoker.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 10624 bytes
  • We gaan beginnen - graag de drie logs in één keer posten.

  • de scans zijn gemaakt.
    hier de log files.

    ADWcleaner
    [quote:970e5c44c7]# AdwCleaner v2.300 - Logfile created 04/29/2013 at 18:01:03
    # Updated 28/04/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Thorimo - LAPTOP-17
    # Boot Mode : Normal
    # Running from : C:\Users\Thorimo\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\END
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Users\Thorimo\AppData\Local\Conduit
    Folder Deleted : C:\Users\Thorimo\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Thorimo\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\Thorimo\AppData\Roaming\Mozilla\Firefox\Profiles\tvqdd3xh.default\ConduitCommon

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16537

    [OK] Registry is clean.

    -\\ Mozilla Firefox v20.0.1 (en-US)

    File : C:\Users\Thorimo\AppData\Roaming\Mozilla\Firefox\Profiles\tvqdd3xh.default\prefs.js

    Deleted : user_pref("CT2504091..clientLogIsEnabled", false);
    Deleted : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[…]
    Deleted : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[…]
    Deleted : user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx";);
    Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
    Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
    Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_1359634298000", true);
    Deleted : user_pref("CT2504091.CTID", "CT2504091";);
    Deleted : user_pref("CT2504091.CurrentServerDate", "8-4-2013";);
    Deleted : user_pref("CT2504091.DSInstall", false);
    Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR";);
    Deleted : user_pref("CT2504091.DialogsGetterLastCheckTime", "Mon Apr 08 2013 13:06:05 GMT+0200";);
    Deleted : user_pref("CT2504091.DownloadReferralCookieData", "";);
    Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Tue Jan 17 2012 07:28:42 GMT+0100";);
    Deleted : user_pref("CT2504091.EnableClickToSearchBox", false);
    Deleted : user_pref("CT2504091.EnableSearchHistory", false);
    Deleted : user_pref("CT2504091.EnableSearchSuggest", false);
    Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
    Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Tue Jan 17 2012 07:23:42 GMT+0100";);
    Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Tue Jan 17 2012 07:23:42 GMT+0100";);
    Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
    Deleted : user_pref("CT2504091.FirstServerDate", "16-1-2012";);
    Deleted : user_pref("CT2504091.FirstTime", true);
    Deleted : user_pref("CT2504091.FirstTimeFF3", true);
    Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
    Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
    Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/";);
    Deleted : user_pref("CT2504091.HPInstall", false);
    Deleted : user_pref("CT2504091.HasUserGlobalKeys", true);
    Deleted : user_pref("CT2504091.HomePageProtectorEnabled", false);
    Deleted : user_pref("CT2504091.HomepageBeforeUnload", "hxxp://www.nu.nl/";);
    Deleted : user_pref("CT2504091.Initialize", true);
    Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
    Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
    Deleted : user_pref("CT2504091.InstallationId", "ConduitNSISIntegration";);
    Deleted : user_pref("CT2504091.InstallationType", "ConduitXPEIntegration";);
    Deleted : user_pref("CT2504091.InstalledDate", "Mon Jan 16 2012 14:48:44 GMT+0100";);
    Deleted : user_pref("CT2504091.IsAlertDBUpdated", true);
    Deleted : user_pref("CT2504091.IsGrouping", false);
    Deleted : user_pref("CT2504091.IsInitSetupIni", true);
    Deleted : user_pref("CT2504091.IsMulticommunity", false);
    Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
    Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
    Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon Apr 08 2013 13:06:05 GMT+0200";);
    Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
    Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[…]
    Deleted : user_pref("CT2504091.LastLogin_3.12.0.7", "Thu Apr 26 2012 21:39:06 GMT+0200";);
    Deleted : user_pref("CT2504091.LastLogin_3.13.0.6", "Thu Jul 12 2012 09:14:57 GMT+0200";);
    Deleted : user_pref("CT2504091.LastLogin_3.14.1.0", "Sat Jul 21 2012 13:51:54 GMT+0200";);
    Deleted : user_pref("CT2504091.LastLogin_3.15.1.0", "Tue Mar 05 2013 22:32:10 GMT+0100";);
    Deleted : user_pref("CT2504091.LastLogin_3.18.0.7", "Mon Apr 08 2013 21:11:40 GMT+0200";);
    Deleted : user_pref("CT2504091.LastLogin_3.9.0.3", "Tue Jan 17 2012 07:23:42 GMT+0100";);
    Deleted : user_pref("CT2504091.LatestVersion", "3.18.0.7";);
    Deleted : user_pref("CT2504091.Locale", "en-us";);
    Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83";);
    Deleted : user_pref("CT2504091.MCDetectTooltipShow", false);
    Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@
    ank/tooltip/?version=1";);
    Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295";);
    Deleted : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
    Deleted : user_pref("CT2504091.OriginalFirstVersion", "3.9.0.3";);
    Deleted : user_pref("CT2504091.SHRINK_TOOLBAR", 1);
    Deleted : user_pref("CT2504091.SearchBackToDefaultEngine", false);
    Deleted : user_pref("CT2504091.SearchCaption", "Web Search";);
    Deleted : user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale
    egion.properties";);
    Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
    Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[…]
    Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
    Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
    Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Mon Apr 08 2013 13:06:04 GMT+0200";);
    Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[…]
    Deleted : user_pref("CT2504091.SearchInNewTabUserEnabled", false);
    Deleted : user_pref("CT2504091.SearchProtectorEnabled", false);
    Deleted : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
    Deleted : user_pref("CT2504091.SendProtectorDataViaLogin", true);
    Deleted : user_pref("CT2504091.ServiceMapLastCheckTime", "Mon Apr 08 2013 13:06:04 GMT+0200";);
    Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Mon Apr 08 2013 17:11:38 GMT+0200";);
    Deleted : user_pref("CT2504091.SettingsLastUpdate", "1365409507";);
    Deleted : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13";);
    Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
    Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Mon Jan 16 2012 14:48:44 GMT+0100";);
    Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586";);
    Deleted : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
    Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091";);
    Deleted : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[…]
    Deleted : user_pref("CT2504091.UserID", "UN64428654524163838";);
    Deleted : user_pref("CT2504091.ValidationData_Toolbar", 2);
    Deleted : user_pref("CT2504091.alertChannelId", "897164";);
    Deleted : user_pref("CT2504091.approveUntrustedApps", false);
    Deleted : user_pref("CT2504091.autoDisableScopes", -1);
    Deleted : user_pref("CT2504091.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e.:2z527", "2423";);
    Deleted : user_pref("CT2504091.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e06cg5el8:", "6E6D6F6C6C6C74727478";);
    Deleted : user_pref("CT2504091.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473757272727A787A7E242F4B4947[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e31;cja>hk!lad", "247E61393F236B257572777A2A212C6E414F444D3[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[…]
    Deleted : user_pref("CT2504091.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[…]
    Deleted : user_pref("CT2504091.backendstorage./9b-0?3g>d", "676B3C71736F42707A7271797820494D4E79257E7D51202A7E[…]
    Deleted : user_pref("CT2504091.backendstorage./9b-0?3g@6:5;", "";);
    Deleted : user_pref("CT2504091.backendstorage./9b-0?3gfa7ef", "2B2E2C3D";);
    Deleted : user_pref("CT2504091.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[…]
    Deleted : user_pref("CT2504091.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576";);
    Deleted : user_pref("CT2504091.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[…]
    Deleted : user_pref("CT2504091.backendstorage./9b5ba==9cjag", "3B6C3C416F7075717A6F757372794C4A7A7A4B7C4F";);
    Deleted : user_pref("CT2504091.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6C6C6C7472756F72787A";);
    Deleted : user_pref("CT2504091.backendstorage./9b9643g3/9e", "6A";);
    Deleted : user_pref("CT2504091.backendstorage./9b<:222h64<", "393F352F3E";);
    Deleted : user_pref("CT2504091.backendstorage./9b=+03eh8h8j?:", "4443";);
    Deleted : user_pref("CT2504091.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[…]
    Deleted : user_pref("CT2504091.backendstorage./9b?b0d:8aj62<h", "6D";);
    Deleted : user_pref("CT2504091.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B";);
    Deleted : user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "536174204A616E20323120323031322031343A[…]
    Deleted : user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "6E65746865726C616E6473";);
    Deleted : user_pref("CT2504091.components.1000034", false);
    Deleted : user_pref("CT2504091.components.129079840422182852", false);
    Deleted : user_pref("CT2504091.components.129079840422339107", false);
    Deleted : user_pref("CT2504091.components.129079840422964131", false);
    Deleted : user_pref("CT2504091.components.129079849636241789", false);
    Deleted : user_pref("CT2504091.components.129707804829376918", false);
    Deleted : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Tue Jan 17 2012 07:23:43 GMT+0100";);
    Deleted : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
    Deleted : user_pref("CT2504091.initDone", true);
    Deleted : user_pref("CT2504091.isAppTrackingManagerOn", true);
    Deleted : user_pref("CT2504091.isSearchProtectorNotifyChanges", false);
    Deleted : user_pref("CT2504091.myStuffEnabled", true);
    Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
    Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[…]
    Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
    Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[…]
    Deleted : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129[…]
    Deleted : user_pref("CT2504091.revertSettingsEnabled", true);
    Deleted : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
    Deleted : user_pref("CT2504091.searchProtectorEnableByLogin", true);
    Deleted : user_pref("CT2504091.testingCtid", "";);
    Deleted : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Mon Apr 08 2013 13:06:05 GMT+0200";);
    Deleted : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Mon Jan 16 2012 14:48:45 GMT+0100";);
    Deleted : user_pref("CT2504091.undefined", "Tue Jan 17 2012 07:23:42 GMT+0100";);
    Deleted : user_pref("CT2504091.usageEnabled", false);
    Deleted : user_pref("CT2504091.usagesFlag", 2);
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[…]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[…]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[…]
    Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[…]
    Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Thorimo\\AppData\\Roaming\\Mozilla\[…]
    Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3";);
    Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[…]
    Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "";);
    Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091";);
    Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091";);
    Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091";);
    Deleted : user_pref("CommunityToolbar.globalUserId", "5c5bde78-4d71-468a-a5c3-b61655628847";);
    Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Jan 17 2012 07:31:3[…]
    Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com";);
    Deleted : user_pref("CommunityToolbar.notifications.locale", "en";);
    Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jan 16 2012 14:48:44 GMT+0100";);
    Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611";);
    Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com";);
    Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Deleted : user_pref("CommunityToolbar.notifications.userId", "c7b2db8c-522a-4861-86c8-63a34d8c32a0";);
    Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.nu.nl/";);
    Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale
    egion.properties[…]

    *************************

    AdwCleaner[R1].txt - [18171 octets] - [29/04/2013 18:00:11]
    AdwCleaner[S1].txt - [18519 octets] - [29/04/2013 18:01:03]

    ########## EOF - C:\AdwCleaner[S1].txt - [18580 octets] ##########
    [/quote:970e5c44c7]

    JRT.exe
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.9.2 (04.29.2013:1)
    OS: Windows 7 Home Premium x64
    Ran by Thorimo on ma 29-04-2013 at 18:07:06,48
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{168CEB7E-3E6D-438C-AFE7-DB11AE29D12C}



    ~~~ Files

    Successfully deleted: [File] C:\eula.1028.txt
    Successfully deleted: [File] C:\eula.1031.txt
    Successfully deleted: [File] C:\eula.1033.txt
    Successfully deleted: [File] C:\eula.1036.txt
    Successfully deleted: [File] C:\eula.1040.txt
    Successfully deleted: [File] C:\eula.1041.txt
    Successfully deleted: [File] C:\eula.1042.txt
    Successfully deleted: [File] C:\eula.2052.txt
    Successfully deleted: [File] C:\install.res.1028.dll
    Successfully deleted: [File] C:\install.res.1031.dll
    Successfully deleted: [File] C:\install.res.1033.dll
    Successfully deleted: [File] C:\install.res.1036.dll
    Successfully deleted: [File] C:\install.res.1040.dll
    Successfully deleted: [File] C:\install.res.1041.dll
    Successfully deleted: [File] C:\install.res.1042.dll
    Successfully deleted: [File] C:\install.res.2052.dll
    Successfully deleted: [File] C:\install.res.3082.dll



    ~~~ Folders

    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{001695F4-0F16-412A-AFD2-2C2E1C0520E0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{001D39AB-FD2B-400D-BC0F-5AA7AA5603FE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{005F449E-365B-4970-AF98-696604366E3E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0067C63A-7936-4662-9AD7-DE367D7DC0F5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{008055BF-C3A1-49A8-8706-B3CD160C9492}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{00DC7FE4-6EAF-4F2C-B7F1-528E7E91DA66}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{00FB6BC1-5380-4659-8A3A-411FAAB74762}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{013B1679-803A-4FB1-A72F-2D95051BB9ED}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{017E1224-F9B4-4D55-9B41-6522399A4B63}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0186AB52-021B-4806-B026-1F4470840E89}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{01980696-3ED5-474C-924C-9CBEDBC6481D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{01A1A18D-E492-4003-BE52-F324EC958D8D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{01ABDEF3-1093-404A-9374-DF81D4CDD60D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{01E25447-6BD2-460D-B55C-562DDD2634DE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{01FEE626-E05D-46DD-B90C-413F7BF65810}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{023661AF-D988-4CAC-97BA-B36502FC3F3F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{025B6FDA-2083-4C4E-9D08-FDE1A2376251}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{02CF7D1A-E05A-4BFC-B057-C0BDE55174CA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{02E22E88-98BF-47D5-918C-597CE0F8D4E9}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{02EB4E81-6E98-431B-A046-0DF007A30FC2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{031F9E4C-59D4-437D-B2CE-D933D7D5DEDA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0375F18D-57E4-4AB4-B7E9-BE704F5D74A5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{03772E7A-BE3B-48A4-AE7F-C85D3AF4809C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{03968EF5-9152-4C52-92DF-016C42D73977}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{04115EC3-2BB0-47D8-ADC0-23B15C9B724D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{04E7A337-D820-457D-82BD-A8FD021F2A31}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{054D64D9-6CF3-46B6-86B9-1B8ED2D68678}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{055DEBBF-B909-4A7C-A3AA-26542A363765}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{056DAF39-3315-423F-8E98-2341F6DA98C6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0582A7D1-F9A7-4825-A9BD-357827DA413F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{05B57755-7FA3-480F-B91E-6DB75B4AA413}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{061E7DB7-8402-4CC0-AD27-ABF3EA8A4364}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0674FFA5-D5E9-40AC-B2A5-3954854C0102}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{06AAF452-61DC-431F-BFE3-436007066973}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{06DC64D9-E5DE-4A29-AA97-A28C3C4A9BA1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{06E2ADCF-FF23-4F02-8B8C-788E9A196F08}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{072EBA33-12E4-43AD-BC8C-5922647F3CC3}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{074D0653-54AC-40D2-BA1F-936161877A5E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{074EF489-9C1B-4A4C-9BAB-04FF8EA3E945}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{076BCDB6-EA90-404E-8493-FCCD69AD0233}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0814FBE9-4406-451F-9657-C9AF4127FD14}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{083CB9DA-628C-4755-AE55-9A7B73C06248}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0876BA16-9DF4-4279-B7A5-FFDE2E3C4F4C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0881748E-E78E-41C6-A24B-F5D42D01F93E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{08AFA94F-D450-4B00-A00E-A9ACC8219C2B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{08DADC20-D015-431D-89D3-67217711F5D8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{08EA23CF-7EAB-4410-B309-F77CD183E050}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0902F92E-2B81-46A5-9B54-A212CACDB65F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{09127E0D-D6A5-47A0-AC68-1F7017C6CD31}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0958401C-6F4D-4F8F-A05F-78B1C4475129}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{09F2FCBA-6EB4-47F0-AB08-EF1071F3939B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0A21E666-797B-4CC9-A08B-39C117F90394}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0A8D6F6E-F173-41AB-A0C7-6339A43B7CC5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0B14C5FC-0226-48B0-BE8F-C3925CFDFA09}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0B346FF2-2FBE-4433-A053-605705337CA8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0B53350D-B126-4687-87FB-067933D7CD66}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0B54EE4E-BEA5-46A4-839B-71ABBF3F8043}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0B9157A8-FC2D-4021-8C72-5B17584FEA26}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0C13D5EC-2F3E-4CE1-B6EA-98F6071C95FA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0C24AAFA-A84C-4D76-8C9D-E3A9B2723C36}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0C5ECA3E-442D-4908-857E-E19F776E20E0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0CA08772-4437-4BB8-A3C1-D4B84A3846E1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0CA96652-C9DE-48FF-9DC5-75049BC6A7CD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0CB1AEB2-C18B-408F-860B-D7A7EC406B29}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0D0EBDC8-BE63-4467-A4DE-3D50A6D0F6E0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0D9D0D1F-72C3-46A4-B79C-7FB6F7C213B0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0DE3335D-5FB3-41E8-8D9D-A293684D3534}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0DFD27C7-7D52-46DE-ADD4-F84CD4C5E105}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0E3DCE49-2C4F-490A-8A8A-E996D0C1A73B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0ED89176-B5D4-4023-A248-5BC23265A885}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0EEE01BA-C566-4175-B0BE-32B4250764B3}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0F301657-F78A-4BE4-A36E-DA07D16EF489}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0F7F2928-7983-4322-A973-C2DB4EE0F6EF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{0FE41155-E872-4A4D-8762-E760D30AE18C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{10378388-3C18-4C19-BF14-05A514630DBE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{10608EB9-CD73-42AA-AA3B-4024FBF8E189}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{10A04E29-4F48-411B-BCDA-D716AC8FE783}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{114C76DE-DB74-4128-9053-C6D1A47D3FF7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{119BD2B1-2933-40FF-8872-8CDE6061315F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{11B4CD0F-B865-47F5-8943-6CE7726E083C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{11BFC2BF-A112-41FC-8A1B-775980B57CC8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{11DF6CCB-1EF3-4292-9640-5E9ADB8CD891}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{127040A1-EC5B-4B5E-B120-91A824706CBD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1280FE0D-F617-4446-9685-750640A2D47F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{128E7F72-522E-4DBC-A033-C28EFD6C8B85}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{12DD8F6F-4423-4F16-8560-106F74ABAE52}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{13A6A7BF-167F-4A12-A44C-D1276683A6C2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{13BD06C8-D26A-4CC2-9E18-B99FC2D127D2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{13D93A93-E21B-4D60-93CD-374A56B7D885}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{13D967FD-89D3-4FBD-A777-E3F5F6F1250A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1457FB85-CA0B-4020-B308-334A2337BA39}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{14A0FCFB-9BB8-454F-8C7B-CFCF9D716AC8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{150837EE-68A1-4B3E-B78F-6EBAAABE7AFC}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{152848C1-29FB-4959-AB1F-EF9D2A04836C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{15744715-8E23-4B77-B516-B6F1780C7461}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{161E9286-FE02-4542-BB40-78CA34D25764}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{16704343-B2AD-4823-A2FB-6C6F3C0EAA7C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{16746C10-2584-4A56-B87C-34D778A62375}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{16B31C46-0397-4EE9-A4E9-21ADA4E48102}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1711780D-D8F2-49E1-B07D-320E80BDE178}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1726AF09-62D4-4AB7-8A8B-199F0B219F32}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{17308110-321E-442F-8862-86CAC75D5BD4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{175C4F9F-7CA3-411D-BAFB-5B4B2C6A17CF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{17E19CB4-4381-41C4-8892-0041AF947CEE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{18024BA6-1E9C-4761-A3C7-72128FE1AE49}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{181194A5-A605-4D5C-9853-36A41121598B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{182668BD-C1D8-4A78-BF15-1A411F336584}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{18281CAB-6895-458F-8E6F-3E43E0B47F4D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1831DDB4-A3EF-4361-8618-4BAC1D7C8027}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1835DF3A-52D9-4513-BAFF-06C482491850}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{183F8F3C-5ACD-4E26-8229-86DC89FF32BA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{185E6C46-9256-4D05-A3F9-33745B75C8C7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{18698A12-A237-473D-9F03-E761EA49DCD0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{18FC0949-AE1B-4747-867E-F6DE6CF570EF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{19164EF9-E03D-4045-8F98-58A6A9748E1B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{19179D76-C507-4F87-BA89-8B997A71FAD0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1920466E-106A-4864-90E1-AAF4F37D26C0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1955A677-EAE3-4529-B39F-DA5201B1E6D1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{197312BC-920E-44BE-92A5-D357C50829FD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{197C43A4-7891-4F0E-8DEF-B7D8DAF9355A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1983621F-0211-4D9A-9B94-24B6190B764D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{19B9FE11-F6B6-49B6-9E82-CB8457E39EF9}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{19C672FD-2331-4BEC-991C-1F55607DE8F6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{19D086F7-A9BE-40B7-9D73-957E0E5F5F8E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{19DE533B-1035-43B0-8E6C-DC2F548A4FF7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1A2D1D9A-04C0-497F-BBA9-76189ADFFE51}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1A2F8133-8144-4990-9E50-0B1360F66C3B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1A37EA43-88F6-42F4-9689-BCB137E5A0B0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1A88E625-F2B8-45F6-BF2B-6C5FDCE3DD66}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1AA1E368-5914-4A32-9FEE-E43D0C541A52}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1ABC8FA9-26EA-488C-A31A-D8A910AD1720}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1B1602DF-D638-4571-81D5-C7CA723ED378}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1B28CC58-C8BF-40B4-B1AE-18DCFDC4F2C8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1B5E4A8C-BB1C-4585-8254-37148E13E617}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1B8D76CC-9BCE-4826-9DC9-8DA247C72633}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1BAEE542-04A7-44BF-8725-32B7F5B4F551}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1C393490-1668-4A2B-AD9D-DA180AAA773B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1C8FFEC6-5A50-4F45-9469-5A8946C0B07B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1CB9AAC0-5816-4078-982C-0581B163009F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1CC2ED38-EE3B-4AAA-A09E-28B9A8444EC7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1CDD0C45-8A46-4896-AFED-EBB3EF867A39}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1CF8E62E-F866-4500-9CA3-8FB55AA92D1B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1D530F8A-2062-4DA9-9C80-86E5F2353238}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1D71005A-5101-4BBB-99D9-91B78B32D9E2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1D904061-0586-42AC-A4C7-4ABE96C65C9C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1DB21F72-C9F3-4362-B8D7-9579CC7E94AB}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1DBF2B12-10E9-4187-9C1F-0A1F2D95E3A3}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1DC2F05F-869E-40CA-82C9-E809A18F99F5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1DED9937-765E-4533-8729-66924936CD0F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E38575D-0B31-4E70-A679-0749321B369D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E412A23-1077-41F2-9140-21B753F4BD18}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E5E83A3-671B-485B-B9CB-6534A2FBB85F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E606C6F-2B75-4D35-8AFE-A94536B99332}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E867098-DBE0-4C0F-B281-810E60D68006}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E90ED5F-DBF2-44DE-9CBF-F9BC2287695E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1E98337E-D418-45C9-A86F-89C35D1E637F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1EC5566A-C7B5-4B05-A516-6ED7FB11A02B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1EE53533-D84E-4DC4-99A0-D8B50C4F3282}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1EF40350-9501-45FC-AFE0-A03E20CF8567}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1F3EB462-607D-4BB2-88BA-17238169D03D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1F4F1382-CA79-499B-82A2-AB35766F53D0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1F9F8C65-B134-4A01-B104-67ACE3D84F13}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1FB75A4C-345E-4851-9CF1-2AA26C2BD816}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1FBEF9F0-3417-4FCE-8038-A2EF49335EE1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1FBFBCA2-9957-4966-A4C8-091A7199CFC6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1FC8453A-6D17-4DF1-8A68-8B51073E7A00}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{1FDD9959-920C-4EE2-9FE9-54AA4D4119DE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{202EBDE2-D79B-425C-A221-BD35ACB6B70C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{20DE9F0C-24AA-4468-8835-8DC622DF9EF6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{20E85D45-EC51-47BF-AEA4-DD45732FB304}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{21155E79-9369-45DB-83D5-48F0D27F7B87}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2173590B-EB99-4336-9B3E-BC0823F1732B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2176D6C6-E328-44C7-A3CC-739F39D7C196}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{218046F9-F271-4C36-89EF-AEDB52015F28}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2192DAD6-65BA-49B9-8AA5-9B38A8C771B7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{21AA49C9-860F-4B8A-A53A-6788E1059573}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{21C83A9C-76BC-4C44-A999-6C12DA1E1D06}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{21F4B068-966E-42A0-BE63-416E9576188F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{227A40B9-350B-4E05-90AA-2370D13B96F6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{227B453A-B0E4-4BA4-8B09-9F508997148B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{22B14C7D-22B3-4BC2-845D-AECF0AC64BDE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{22D797F0-AAC3-4FCF-A1D0-5555CD7EBA31}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{22EB6794-A4BE-483D-A731-2BB488E0D7A0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2302057A-0047-4EF9-9558-DD6C63934351}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{23444AE0-E360-48F6-807E-39A7C016CF35}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{23C654C8-4023-4DBE-A66C-60BE9FD86F31}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{23E11E21-698B-462B-9367-A6012B73653E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{23EBDF5B-9A60-47A0-BB2F-64DC20294BC3}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{240E9FB5-E3C6-4AC4-A056-805B45A92E11}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{241B75C1-AFCE-49C2-832B-2B2516F0A2F5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{244E2035-716E-4240-8AA8-425FCE4687E6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{246385E7-5FDE-448F-921C-FCD26ABCD309}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{24664239-C184-4892-885E-5EF9EB639DB1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{247B5DA0-896F-4F94-A934-F7928C9C9A9E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{247EDADE-996F-487D-9AA8-2F9507B7673D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2597D139-9ED2-41EE-A9D1-DBE2691246B0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{25C42073-0218-4418-B178-F72D4A2A8283}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{25EF9A9A-8899-4A51-8D12-F860BC2663E0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{25FBFE0D-A121-4C0F-83F9-E9776A3059AF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2600FE2A-4A3B-42EC-88D2-33BFEB280CFF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{260832FD-CC36-4AA9-A4F7-8F1D6EAC427A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2613DE75-BE15-4E7E-A3EB-313FE2062C17}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2630DA32-494D-4D57-B546-FEC47EF16990}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2636E2CD-9F8F-4991-B439-3C2C3D9F0FB1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2652D599-A38F-40D3-B683-E4131AD2AB3D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{26983B61-99A2-4568-87C5-4BA62D5B339C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{26C9D9E0-292C-4022-8EF4-82170AF903BE}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{26E59A83-DCCF-4958-A6B8-6E8DE8B8761C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{27582C7F-5D8A-4B56-BE27-D15858B19548}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{279ADF11-447E-4B1D-9B19-14B334E3EBD1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{27A01B96-3FDB-4F63-AB0B-0A56612BF2C2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{27A599EB-FCA3-40F5-A5A2-A2945AB6D4E1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{27D33119-6A2E-496A-B566-9BBD9D7FE987}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{282DE468-5101-4C61-BDB4-D73795E7DDE0}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{28461C7A-76A4-4B53-999D-7B22B6A86FC5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2888B89E-796D-44C3-B1D6-C2E0543107DD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{288C0426-F083-45D3-9AE1-30EF1E59AB3D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{28BA2EC7-21EF-4F3F-A3AA-80330939E2E6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{28BEDBE4-1E6D-4969-9CCE-FB5A134AF74C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{28D39C04-F397-4D2F-A81F-616A1CA1CE39}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{28E9FF9B-B4DD-4A17-8798-1E354AEE67BC}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{292DF4EE-56F0-4EB6-8016-C65747DD9B69}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{298926F4-90CF-4EAE-971E-EF9E9E3727B1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{299E62CD-5631-4D85-83E6-95BCBA38C65A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{29A8CB9A-A08A-498D-87DA-B12D5F4DCCB4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{29C2496B-8650-4FBA-976E-7404258EF7E2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{29E5EEB8-C7C3-4A68-B10D-CEEA2850998D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2A3E6EB8-DD02-4800-9213-9262558E6963}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2A732576-D819-4438-BF12-6024F8689E67}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2A944465-0DFE-40EC-AFCC-ECBA5F43BAAA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2AADDA89-2B95-4810-943D-F6F24DB6BAF8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2AC9AA3C-7989-4914-8DE0-C952B33843C7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B05AA78-C5F4-495A-AAD2-CDBF66DFDDEF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B26DAAC-A73E-4D09-83B5-2B284D18838D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B2E40DB-FB3B-4B30-BF11-C3A274BAD645}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B3C3720-7A07-46C1-9006-8B7462DEFB1C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B7BBD37-1784-4B35-A1B7-BB5FBB57E9FD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B8E9712-2603-45C1-B078-93CD46CD7F14}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2B9EECD6-98DB-4843-AB55-9093BA4766CB}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2BC983C9-8563-46A2-86BB-375966DED517}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2C234F84-17EF-4646-883D-F09519DBBDA5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2C305965-3BBA-4111-843B-9EF438293782}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2C36F22E-D909-4845-8456-D1DA33A4A332}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2D07DC16-1EBC-40DA-86B8-B843814EC93D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2D21DF44-E64D-4B69-BC13-D7BC4B3C03E9}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2D42C3B7-9992-4B1A-8AB0-321AB58BF34C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2D9376FA-A01F-4FD1-BF13-008B4AA3E61B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2DA17B03-5519-4F44-85A2-0C2E394CDB6F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2DD8621E-9557-4C14-BC59-C8A16EE5B068}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2DEB5344-B0BF-4DCB-AF8E-2908CC5CFB8A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2DF60AAF-5988-4ACF-BAC1-BC339D011716}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2E296F18-515F-49A9-9905-5A5A1A80899A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2E2D61A0-C3A0-402F-9FE8-56A8F94ED881}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2E5F5D7D-5EB2-49DB-9895-8DC358C29DB4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2EA26956-2462-4811-8137-7D039263F2B1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2EBFDB31-0A81-4A50-856C-C11878364C1D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2EE8B767-F411-457A-BD04-3F843D7149F9}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F259A3C-1C11-462B-84B4-2966584E1EA5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F71A7B0-61A5-46E8-879A-929761136A02}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F8005A0-13B7-4D66-A77A-E9182025F7D6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F890F7F-DCF9-4C25-8A20-933FEA017A16}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F8C2EFF-2C43-4FDD-8A67-9253EA8343C4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F8E455E-AFD4-41CD-9AA2-84FA08113E06}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2F9EB680-4945-43CE-B922-1F8F9B11D0CD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2FC3EF1D-4DB2-4C07-9AEF-C8F9B171A2AD}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2FEA3FDB-FFA7-4B6B-969B-B1961395C02F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{2FFCCCD6-184A-4BEE-B193-EFBAE73153FF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{30798324-711E-48A6-8754-6C9C3D85F3C3}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{30B0B55F-45C2-44AF-AEC7-422837232AE2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{30CA35F6-F3BF-4AA1-884F-CD089EE9EB76}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{30CADB81-4094-47B9-92A2-3BC427A57E73}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{310FD1D9-6C2E-490D-940C-983851E3BCBA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{311781CF-F44D-4A68-A515-30871F40D982}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{31266EDD-EE81-4D46-981E-F60ACF41509B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{317AEE87-52FE-4725-A960-F46765B6C51F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3196A4B5-A7ED-4B9C-9DE8-A511AF28413E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3216471B-DE8E-4389-AEFE-F9D6FEADC4B4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{321900AD-B1A9-4A9F-9A61-6458BEC6C354}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{325BEE01-A30A-467C-9454-13DEC6F074B2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{325D848B-6C11-49ED-9285-06FEAF64C541}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{32632D3D-0F3B-4C37-ABB1-03269134D46C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3283C353-6F30-41D7-ACC8-4A42CBAB2D3B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{32E5DC77-0DE2-4B66-A0F4-46CE839B7A11}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{33398C26-2803-490F-AB99-A53FCC11A5D7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{334620E7-C3BB-43CC-8776-9F0E9572AF96}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{33B3C2C1-CF92-4855-86FE-3B7CDCA65213}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{33F4DC8C-378C-445E-A28C-D38A3F9F6698}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{33F74B95-CE3A-4B34-B0C4-69268AEF37B8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{344B6BF0-91CC-4B6B-B3EB-DBFCEBE0F6B6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{345B76DE-8942-418C-98D9-2AE7D8AC09E2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{347965A7-942F-48F7-BD81-9F864969B1FB}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{34F4C1D3-4604-422A-8ACA-845B43E00536}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3596CBA7-1D86-400D-B2C5-BCFFFC846269}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{35B1C7FC-5393-4176-8F14-86790D5D9C65}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{35CB7689-DFE1-494D-B008-F6B79AFE7F42}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{35DDF725-9911-49FA-B887-36A1100B80B7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{35F9A38C-9D30-4D01-B0E9-6BBBF1D46C9D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3616BAD8-C359-4335-9261-953C945796BF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{36264237-959F-491E-8872-132B543AAF1B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3659D8BF-5A5C-410B-8749-CF6FD951E133}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{366B4DAF-308F-402B-8D47-A2C6E10DCC9C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{368F6B41-8373-4F35-A091-1D5D8AD9AFA1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{36C221C6-5D37-4C24-9832-CF8C4DDAB144}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{372EFB2B-C4F1-4131-9CDD-0B2E04F90CC2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3742D287-B523-4A04-8979-579D2962D09F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{375BF520-FD69-4FEF-BA26-58254A724B83}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{376DEA92-A101-4CD7-8DF3-938E1E1F0685}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3770069D-B0F5-4465-BD72-4A43329A215B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{377D981C-2696-414F-B4D2-ECB0F24B4333}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{377F1A85-6CFD-4FAE-8D06-5CFFA3169A74}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{37B770A1-B803-4981-BD79-D7A86777A5E4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{37DCF15B-BF19-4E47-8EC3-4A827EB7A967}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3811EE59-2BFA-4C27-BAB4-434E790BD684}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{383DCF43-1AB6-49B0-BE7E-5C85961E1506}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3848E53B-5563-4A1C-88FF-DE133E505357}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{38A308C1-4D2F-4FBF-BD6B-EE15E4E35624}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3905D4EF-1A18-45C9-B34C-A0F0D5716748}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3936B5B3-A852-4E18-9184-9BB408066B94}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{393763B7-E784-4B78-A61A-A9AC0C74EC9D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{396CEEF6-386D-48CC-ADC7-362395025EEF}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{397A4E9E-8A51-4C4A-95D6-3FA4B7737CBA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{39869A5D-C2FB-4CAB-AF9D-1EDB2DA6E171}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{39A40E3B-F4F6-4889-B87D-E21307EAA7F4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{39F548D0-8348-4DAF-90C6-54E0C5446CF6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{39FD6DF8-5E90-4548-8D7F-ECFECDD14B7C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{39FF4E61-86AB-422C-B953-7866ABD2D8FA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3A65EF02-211F-48C0-8DC7-A00FF5B8116E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3A745C72-FEF7-4AF7-9966-E9F77803C738}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3A8129F2-D544-4129-98EF-D1AB07BD633D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3AA2714E-1573-4685-9B8A-2C8A60A1C6A4}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3ACB0062-9780-4A38-8F91-E19E00DAF727}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3B2F2DEF-169A-4F42-BE0E-7C86A97A8C65}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3B7B1394-6E2C-42EE-99EF-EE8C0BF13C7E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3BC7958A-5D51-48F6-86E0-3321C115699C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3BF3B216-887D-4F35-A819-399B8A647CB8}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3BFE5BDD-5ACC-4292-BE58-4E9017B6ACFA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3C10072E-5ED9-48C5-9338-9DD005B88595}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3C13B931-4C12-4D8F-A74C-B7380183201C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3C244D00-AB98-44A0-B5E7-B92FC4E15679}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3CC7BB53-B691-43DB-8DC7-E470A494240A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3CCB8E30-84EC-4833-9739-7B5065C9A078}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3D20DA90-641F-49B5-B3A2-EB28335BE6F2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3D245D04-9E5B-4658-9D6E-B0BE8D771E2D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3D3562B5-DEB0-4C7D-A4FA-4238A149A476}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3D9C22FD-0402-4C5A-8F7A-4428A260C514}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3DA4BE4D-1C4B-4C99-B88C-201B30A9A80D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3DE2DB7B-0D0F-4333-8C91-7E9BF3BCA656}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E064630-FD2D-45B5-9FC2-EE1D3D8E7F4D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E0937F0-28E6-48D8-BB55-C5BD96C80D6E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E120556-6A44-4EDC-87C0-E6E50356C624}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E3E3E3B-C346-4DD9-AD53-528D586F7BEB}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E75CDF9-07B9-44BF-94C2-4A4FEAABEFC6}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E875D0A-B86E-424A-93DB-130FE7C2A006}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E8B0E56-81CD-4B54-9D40-F37C8BC90C5A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3E9F7FFC-1FC9-4662-9D40-D4038151F59F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3EBE86D5-1033-469E-B6DB-598CF287730D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3EEAA487-C724-4F4F-860A-DE8046D3E39D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3EEBB2AD-86C9-4FC1-8E5C-684F57DC36E1}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3EEC3ADE-346B-4E57-BBD9-5ED9A9DF0074}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3EF2A02D-7EE5-4064-802F-5D8202458375}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3EFC054B-B639-498D-89A8-E77E96344E79}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3F2BB30E-794C-405F-9834-8E117CBDD33B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3F7FFFF6-7D3B-40F2-B961-1AFE668E4D95}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3FA5E1DA-C755-484C-B76B-18EA14CA1E30}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{3FF106FB-5760-4129-8DAD-1CDDA7D5367F}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{401C6A89-437A-4B30-B20E-6D1B3EB50BFA}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{4034D67E-656D-47E4-BB57-EDC487A31250}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{403F4A7B-6C25-417B-97C9-EF20340AAE51}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{40593CFD-116B-4D0B-BFEF-52E0B5C00A77}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{4073BAD0-8B4A-468A-B7D7-AC1A043798D9}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{40CFAEA0-C1D9-446C-A1AC-1A177D7E23D2}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{4172E96B-1484-4817-BAB8-3E25537D301A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{41826C2F-2A55-46C4-8F12-C081C6519F72}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{419AD48B-1257-4F81-9E55-3279F08CA96B}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{41C508D2-1295-4EF5-8A5D-48A9AC48A8ED}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{41CF1100-5610-4AAC-A4FE-16149D5C4D79}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{41DDE80D-540D-40D6-AA7E-E2AE84E08B7C}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{41FE3525-9FAA-4DE8-8C5B-7E1E45F8423D}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{428360BB-8637-4F2F-A37C-C0CE4FDBA455}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{4285E71A-8931-4B33-BDE4-9FED8A5CE0B7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{428C6ADE-9035-42C1-B0C2-0A72FCD39369}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{42A3B033-0E0C-4F0E-96E4-E52B4CECFB50}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{42A40750-1057-4BB9-821F-7FB2BCBFC26E}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{42D80719-F661-4869-8E9E-29B7EE189DDC}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{43426559-B591-4E20-854D-86C8E797F9D9}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{436C4896-6B24-4A26-821B-76B987959686}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{43A31CBF-A82E-49A7-B2EF-3A18D2D4CD97}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{43C7E338-8AFA-4C6C-8227-C0BFAEB1249A}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{4407E092-D246-4DDF-87C5-6B05D3FF4BBC}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{4409CEB1-AD40-45EB-A039-1A1455266AF5}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{44BB6D3C-8347-4F26-A6D7-8AFCEF5F2581}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{44CDECFD-358D-4E25-88E0-46F5312560D7}
    Successfully deleted: [Empty Folder] C:\Users\Thorimo\appdata\local\{44EA6027-9E6E-494F-AFF3-4A5BBBB6548A}
    Succ


    [quot



  • En dan nu graag ook de gegevens van RogueKiller.
  • raar, waarschijnlijk de post te lang?

    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com
    oguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Thorimo [Admin rights]
    Mode : Scan – Date : 04/29/2013 19:23:28
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [HJPOL] HKCU\[…]\System : DisableTaskMgr (0) -> FOUND
    [HJPOL] HKCU\[…]\System : DisableRegistryTools (0) -> FOUND
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    –> C:\Windows\system32\drivers\etc\hosts



    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: Hitachi HTS725032A9A364 +++++
    — User —
    [MBR] fd583f98c1cd4de1b1eac02b81ff0000
    [BSP] 93e1ef594218ce3209c9779be1a85994 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 291589 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 597583872 | Size: 13352 Mo
    3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    Finished : << RKreport[1]_S_04292013_02d1923.txt >>
    RKreport[1]_S_04292013_02d1923.txt
  • Start RogueKiller opnieuw op en na de pre-scan klik je op de knop Scan.

    Klik dan vervolgens op de knop Verwijderen.


    Daarna doe je het volgende:

    [b:f91abc1436]Welk programma[/b:f91abc1436]:
  • ComboFix 13-04-28.01 - Thorimo 29-04-2013 21:32:22.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1033.18.2934.1495 [GMT 2:00]
    Gestart vanuit: c:\users\Thorimo\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\windows\XSxS
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2013-03-28 to 2013-04-29 ))))))))))))))))))))))))))))))
    .
    .
    2013-04-29 19:42 . 2013-04-29 19:42 ——– d—–w- c:\users\Ditalidas\AppData\Local\temp
    2013-04-29 16:16 . 2013-04-29 16:16 76232 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC3B3659-4502-44D8-B0FD-AD5F57E1134A}\offreg.dll
    2013-04-29 16:07 . 2013-04-29 16:07 ——– d—–w- c:\windows\ERUNT
    2013-04-29 16:06 . 2013-04-29 16:06 ——– d—–w- C:\JRT
    2013-04-28 16:44 . 2012-06-05 07:37 256904 —-a-w- c:\windows\SysWow64\drivers\tmcomm.sys
    2013-04-27 00:20 . 2013-04-10 03:46 9317456 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC3B3659-4502-44D8-B0FD-AD5F57E1134A}\mpengine.dll
    2013-04-25 20:56 . 2013-04-25 20:56 48648 —-a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2013-04-25 20:56 . 2013-04-25 20:56 856712 —-a-w- c:\programdata\Microsoft\ehome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2013-04-24 05:23 . 2013-04-12 14:45 1656680 —-a-w- c:\windows\system32\drivers
    tfs.sys
    2013-04-17 17:07 . 2013-04-17 17:07 ——– d—–w- c:\program files (x86)\Common Files\Java
    2013-04-17 17:06 . 2013-04-04 03:35 95648 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-04-10 05:47 . 2013-04-10 05:47 ——– d—–w- c:\programdata\McAfee Security Scan
    2013-04-10 05:47 . 2013-04-11 07:05 ——– d—–w- c:\program files (x86)\McAfee Security Scan
    2013-04-10 05:29 . 2013-02-15 06:06 3717632 —-a-w- c:\windows\system32\mstscax.dll
    2013-04-10 05:29 . 2013-02-15 04:37 3217408 —-a-w- c:\windows\SysWow64\mstscax.dll
    2013-04-10 05:29 . 2013-02-15 06:02 158720 —-a-w- c:\windows\system32\aaclient.dll
    2013-04-10 05:29 . 2013-02-15 04:34 131584 —-a-w- c:\windows\SysWow64\aaclient.dll
    2013-04-10 05:29 . 2013-02-15 06:08 44032 —-a-w- c:\windows\system32\tsgqec.dll
    2013-04-10 05:29 . 2013-02-15 03:25 36864 —-a-w- c:\windows\SysWow64\tsgqec.dll
    2013-04-10 05:29 . 2013-03-01 03:36 3153408 —-a-w- c:\windows\system32\win32k.sys
    2013-04-10 05:29 . 2013-01-24 06:01 223752 —-a-w- c:\windows\system32\drivers\fvevol.sys
    2013-04-10 05:28 . 2013-03-19 06:04 5550424 —-a-w- c:\windows\system32
    toskrnl.exe
    2013-04-10 05:28 . 2013-03-19 05:04 3913560 —-a-w- c:\windows\SysWow64
    toskrnl.exe
    2013-04-10 05:28 . 2013-03-19 05:04 3968856 —-a-w- c:\windows\SysWow64
    tkrnlpa.exe
    2013-04-10 05:28 . 2013-03-19 03:06 112640 —-a-w- c:\windows\system32\smss.exe
    2013-04-10 05:28 . 2013-03-19 05:46 43520 —-a-w- c:\windows\system32\csrsrv.dll
    2013-04-10 05:28 . 2013-03-19 04:47 6656 —-a-w- c:\windows\SysWow64\apisetschema.dll
    2013-04-06 18:22 . 2013-04-06 18:22 ——– d—–w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-04-12 05:40 . 2012-04-03 16:39 691592 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-04-12 05:40 . 2011-05-23 18:53 71048 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-10 05:54 . 2010-06-01 19:06 72702784 —-a-w- c:\windows\system32\MRT.exe
    2013-03-24 17:04 . 2013-03-24 17:04 861088 —-a-w- c:\windows\SysWow64
    pDeployJava1.dll
    2013-03-24 17:04 . 2010-06-01 17:28 782240 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2013-03-15 06:09 . 2013-03-15 06:09 97280 —-a-w- c:\windows\system32\mshtmled.dll
    2013-03-15 06:09 . 2013-03-15 06:09 92160 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
    2013-03-15 06:09 . 2013-03-15 06:09 905728 —-a-w- c:\windows\system32\mshtmlmedia.dll
    2013-03-15 06:09 . 2013-03-15 06:09 81408 —-a-w- c:\windows\system32\icardie.dll
    2013-03-15 06:09 . 2013-03-15 06:09 77312 —-a-w- c:\windows\system32\tdc.ocx
    2013-03-15 06:09 . 2013-03-15 06:09 762368 —-a-w- c:\windows\system32\ieapfltr.dll
    2013-03-15 06:09 . 2013-03-15 06:09 73728 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2013-03-15 06:09 . 2013-03-15 06:09 719360 —-a-w- c:\windows\SysWow64\mshtmlmedia.dll
    2013-03-15 06:09 . 2013-03-15 06:09 62976 —-a-w- c:\windows\system32\pngfilt.dll
    2013-03-15 06:09 . 2013-03-15 06:09 61952 —-a-w- c:\windows\SysWow64\tdc.ocx
    2013-03-15 06:09 . 2013-03-15 06:09 599552 —-a-w- c:\windows\system32\vbscript.dll
    2013-03-15 06:09 . 2013-03-15 06:09 523264 —-a-w- c:\windows\SysWow64\vbscript.dll
    2013-03-15 06:09 . 2013-03-15 06:09 52224 —-a-w- c:\windows\system32\msfeedsbs.dll
    2013-03-15 06:09 . 2013-03-15 06:09 51200 —-a-w- c:\windows\system32\imgutil.dll
    2013-03-15 06:09 . 2013-03-15 06:09 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
    2013-03-15 06:09 . 2013-03-15 06:09 48640 —-a-w- c:\windows\system32\mshtmler.dll
    2013-03-15 06:09 . 2013-03-15 06:09 452096 —-a-w- c:\windows\system32\dxtmsft.dll
    2013-03-15 06:09 . 2013-03-15 06:09 441856 —-a-w- c:\windows\system32\html.iec
    2013-03-15 06:09 . 2013-03-15 06:09 38400 —-a-w- c:\windows\SysWow64\imgutil.dll
    2013-03-15 06:09 . 2013-03-15 06:09 361984 —-a-w- c:\windows\SysWow64\html.iec
    2013-03-15 06:09 . 2013-03-15 06:09 281600 —-a-w- c:\windows\system32\dxtrans.dll
    2013-03-15 06:09 . 2013-03-15 06:09 27648 —-a-w- c:\windows\system32\licmgr10.dll
    2013-03-15 06:09 . 2013-03-15 06:09 270848 —-a-w- c:\windows\system32\iedkcs32.dll
    2013-03-15 06:09 . 2013-03-15 06:09 247296 —-a-w- c:\windows\system32\webcheck.dll
    2013-03-15 06:09 . 2013-03-15 06:09 235008 —-a-w- c:\windows\system32\url.dll
    2013-03-15 06:09 . 2013-03-15 06:09 23040 —-a-w- c:\windows\SysWow64\licmgr10.dll
    2013-03-15 06:09 . 2013-03-15 06:09 226304 —-a-w- c:\windows\system32\elshyph.dll
    2013-03-15 06:09 . 2013-03-15 06:09 216064 —-a-w- c:\windows\system32\msls31.dll
    2013-03-15 06:09 . 2013-03-15 06:09 197120 —-a-w- c:\windows\system32\msrating.dll
    2013-03-15 06:09 . 2013-03-15 06:09 185344 —-a-w- c:\windows\SysWow64\elshyph.dll
    2013-03-15 06:09 . 2013-03-15 06:09 173568 —-a-w- c:\windows\system32\ieUnatt.exe
    2013-03-15 06:09 . 2013-03-15 06:09 167424 —-a-w- c:\windows\system32\iexpress.exe
    2013-03-15 06:09 . 2013-03-15 06:09 158720 —-a-w- c:\windows\SysWow64\msls31.dll
    2013-03-15 06:09 . 2013-03-15 06:09 1509376 —-a-w- c:\windows\system32\inetcpl.cpl
    2013-03-15 06:09 . 2013-03-15 06:09 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
    2013-03-15 06:09 . 2013-03-15 06:09 149504 —-a-w- c:\windows\system32\occache.dll
    2013-03-15 06:09 . 2013-03-15 06:09 144896 —-a-w- c:\windows\system32\wextract.exe
    2013-03-15 06:09 . 2013-03-15 06:09 1441280 —-a-w- c:\windows\SysWow64\inetcpl.cpl
    2013-03-15 06:09 . 2013-03-15 06:09 1400416 —-a-w- c:\windows\system32\ieapfltr.dat
    2013-03-15 06:09 . 2013-03-15 06:09 138752 —-a-w- c:\windows\SysWow64\wextract.exe
    2013-03-15 06:09 . 2013-03-15 06:09 13824 —-a-w- c:\windows\system32\mshta.exe
    2013-03-15 06:09 . 2013-03-15 06:09 137216 —-a-w- c:\windows\SysWow64\ieUnatt.exe
    2013-03-15 06:09 . 2013-03-15 06:09 136192 —-a-w- c:\windows\system32\iepeers.dll
    2013-03-15 06:09 . 2013-03-15 06:09 135680 —-a-w- c:\windows\system32\IEAdvpack.dll
    2013-03-15 06:09 . 2013-03-15 06:09 12800 —-a-w- c:\windows\SysWow64\mshta.exe
    2013-03-15 06:09 . 2013-03-15 06:09 12800 —-a-w- c:\windows\system32\msfeedssync.exe
    2013-03-15 06:09 . 2013-03-15 06:09 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
    2013-03-15 06:09 . 2013-03-15 06:09 1054720 —-a-w- c:\windows\system32\MsSpellCheckingFacility.exe
    2013-03-15 06:09 . 2013-03-15 06:09 102912 —-a-w- c:\windows\system32\inseng.dll
    2013-03-11 23:10 . 2010-06-01 19:05 282744 ——w- c:\windows\system32\MpSigStub.exe
    2013-03-06 23:33 . 2013-03-16 06:16 178624 —-a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-03-06 23:33 . 2013-03-16 06:16 65336 —-a-w- c:\windows\system32\drivers\aswRvrt.sys
    2013-03-06 23:33 . 2012-02-25 21:23 70992 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
    2013-03-06 23:33 . 2011-05-22 17:12 1025808 —-a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-03-06 23:33 . 2010-06-01 17:41 68920 —-a-w- c:\windows\system32\drivers\aswTdi.sys
    2013-03-06 23:33 . 2010-06-01 17:41 377920 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2013-03-06 23:33 . 2010-06-01 17:41 80816 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-03-06 23:33 . 2010-06-01 17:41 33400 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2013-03-06 23:32 . 2010-06-29 17:36 41664 —-a-w- c:\windows\avastSS.scr
    2013-03-06 23:32 . 2011-01-18 06:24 287840 —-a-w- c:\windows\system32\aswBoot.exe
    2013-02-12 05:45 . 2013-03-13 06:32 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45 . 2013-03-13 06:32 308736 —-a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45 . 2013-03-13 06:32 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45 . 2013-03-13 06:32 111104 —-a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48 . 2013-03-13 06:32 474112 —-a-w- c:\windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48 . 2013-03-13 06:32 2176512 —-a-w- c:\windows\apppatch\AcGenral.dll
    2013-02-12 04:12 . 2013-03-14 22:10 19968 —-a-w- c:\windows\system32\drivers\usb8023.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
    "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
    "UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
    "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-05-29 655360]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
    .
    c:\users\Thorimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Thorimo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
    OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "HideFastUserSwitching"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
    "Userinit"="c:\windows\system32\userinit.exe"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
    "TkBellExe"="c:\program files\real player\Update\realsched.exe" -osboot
    "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 aswVmm;aswVmm; [x]
    R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
    R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS
    etw5v64.sys [2009-06-10 5434368]
    R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
    R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers
    mwcdnsucx64.sys [x]
    R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers
    mwcdnsux64.sys [x]
    R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-23 225280]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1255736]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
    S0 aswRvrt;aswRvrt; [x]
    S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
    S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-12-12 87368]
    S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
    S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 244736]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
    .
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2010-05-19 08:36 451872 —-a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-04-29 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 05:40]
    .
    2013-04-29 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files (x86)\Glary Utilities\initialize.exe [2010-10-18 15:24]
    .
    2013-04-06 c:\windows\Tasks\HPCeeScheduleForThorimo.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2013-03-06 23:32 133840 —-a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\Thorimo\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-09-07 6489704]
    "RtkOSD"="c:\program files (x86)\Realtek\Audio\OSD\RtVOsd64.exe" [2010-06-08 995840]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
    FontCache
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://s1.sfgame.nl/?adv=0103
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
    FF - ProfilePath - c:\users\Thorimo\AppData\Roaming\Mozilla\Firefox\Profiles\tvqdd3xh.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.nu.nl/
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-04-29 21:49:09
    ComboFix-quarantined-files.txt 2013-04-29 19:49
    .
    Pre-Run: 45.385.351.168 bytes free
    Post-Run: 45.545.099.264 bytes free
    .
    - - End Of File - - 271BEAE29188A1DFA91C33B423BA8C88







  • Hoe gaat het inmiddels?

    [b:1a71000c3e]Doe de [/b:1a71000c3e]
    [list:1a71000c3e]
    [*:1a71000c3e]Klik op de knop [b:1a71000c3e]ESET Online Scanner[/b:1a71000c3e]
    [*:1a71000c3e]Zet een vinkje bij [b:1a71000c3e]YES, I accept the Terms of Use[/b:1a71000c3e]
    [*:1a71000c3e]Klik op [b:1a71000c3e]Start[/b:1a71000c3e]
    [*:1a71000c3e][b:1a71000c3e]Sta het ActiveX control toe om te installeren.[/b:1a71000c3e]
    [*:1a71000c3e]Zet een vinkje bij de volgende opties:
    [list:1a71000c3e][*:1a71000c3e][b:1a71000c3e]
  • Hmmm, een kink in de kabel.

    Doordat ik gisteravond nog moest reageren op een alarmmelding vanuit de winkel waar ik werk, heb ik niet het einde van de scan gezien.

    Toen ik weg ging, stond de scanner op 99%, en had 3 threats gevonden.

    Waaronder een trojan.

    Sorry.

    Ik doe vanavond een nieuwe scan.
  • Dat is niet nodig lijkt mij.
    Doe het volgende: druk gelijktijdig de Windows toets + de R-toets in.
    Hierdoor start het venster [b:03da4da4c2]Uitvoeren[/b:03da4da4c2].

    Kopieer en plak [b:03da4da4c2]
  • hier het logje.

    ESETSmartInstaller@High as downloader log:
    all ok
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=700fb731b5afef42b44ca1c5ff42e431
    # engine=13723
    # end=stopped
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-04-30 06:45:43
    # local_time=2013-04-30 08:45:43 (+0100, W. Europe Daylight Time)
    # country="Netherlands"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode=5893 16776573 100 94 0 118934193 0 0
    # scanned=103544
    # found=4
    # cleaned=0
    # scan_time=4426
    sh=4F0127623167CB3B8CFC053DBA3E9E407816B436 ft=1 fh=889956a719caa967 vn="probably a variant of MSIL/Agent.CTTHWAS trojan" ac=I fn="C:\Program Files (x86)\Vuze\VuzeFW.exe"
    sh=BAD4B860B49E0E16C74527ABCBC9511172E16567 ft=0 fh=0000000000000000 vn="Java/Exploit.Blacole trojan" ac=I fn="C:\Users\Thorimo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6d2e5593-61e5056e"
    sh=41E8A6AE7DB54A4E50388A7DA012FE5085B5EFC2 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.NCH trojan" ac=I fn="C:\Users\Thorimo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\583a5ed7-7cc0b7f6"
    sh=988910D5C6808EBD3D350256BF3F15E96F082516 ft=0 fh=0000000000000000 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Thorimo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-eu.cab"
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=700fb731b5afef42b44ca1c5ff42e431
    # engine=13729
    # end=stopped
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-04-30 05:16:23
    # local_time=2013-04-30 07:16:23 (+0100, W. Europe Daylight Time)
    # country="Netherlands"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode=5893 16776573 100 94 0 118972033 0 0
    # scanned=6417
    # found=0
    # cleaned=0
    # scan_time=374
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=700fb731b5afef42b44ca1c5ff42e431
    # engine=13729
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-04-30 07:11:22
    # local_time=2013-04-30 09:11:22 (+0100, W. Europe Daylight Time)
    # country="Netherlands"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode=5893 16776573 100 94 0 118978932 0 0
    # scanned=215342
    # found=4
    # cleaned=3
    # scan_time=6849
    sh=988910D5C6808EBD3D350256BF3F15E96F082516 ft=0 fh=0000000000000000 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Thorimo\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-eu.cab"
    sh=BAD4B860B49E0E16C74527ABCBC9511172E16567 ft=0 fh=0000000000000000 vn="Java/Exploit.Blacole trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Thorimo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\6d2e5593-61e5056e"
    sh=41E8A6AE7DB54A4E50388A7DA012FE5085B5EFC2 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.NCH trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Thorimo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\583a5ed7-7cc0b7f6"
    sh=988910D5C6808EBD3D350256BF3F15E96F082516 ft=0 fh=0000000000000000 vn="Win32/OpenCandy application (deleted - quarantined)" ac=C fn="C:\Users\Thorimo\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-eu.cab"
  • Download naar je bureaublad [b:0c5ee3ee77].
    [list:0c5ee3ee77][*:0c5ee3ee77] Klik/dubbelklik op [b:0c5ee3ee77]SecurityCheck.exe[/b:0c5ee3ee77] en let op de instrukties in het zwarte venster.
    [*:0c5ee3ee77] Een Kladblok document genaamd [b:0c5ee3ee77]checkup.txt[/b:0c5ee3ee77] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:0c5ee3ee77] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:0c5ee3ee77]
    Post de inhoud van [b:0c5ee3ee77]checkup.txt [/b:0c5ee3ee77]in je volgende post.
  • hier het security logje.


    Results of screen317's Security Check version 0.99.63
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:da387978d1][u:da387978d1]``````````````Antivirus/Firewall Check:``````````````[/b:da387978d1][/u:da387978d1]
    Windows Firewall Enabled!
    Windows Firewall Disabled!
    avast! Antivirus
    Antivirus up to date!
    [b:da387978d1][u:da387978d1]`````````Anti-malware/Other Utilities Check:`````````[/b:da387978d1][/u:da387978d1]
    SlimCleaner
    Java(TM) 6 Update 31
    Java 7 Update 21
    Adobe Flash Player 11.7.700.169
    Adobe Reader XI
    Mozilla Firefox (20.0.1)
    [b:da387978d1][u:da387978d1]````````Process Check: objlist.exe by Laurent````````[/b:da387978d1][/u:da387978d1]
    ESET ESET Online Scanner OnlineScannerApp.exe
    ESET ESET Online Scanner OnlineCmdLineScanner.exe
    Alwil Software Avast5 AvastSvc.exe
    Alwil Software Avast5 AvastUI.exe
    [b:da387978d1][u:da387978d1]`````````````````System Health check`````````````````[/b:da387978d1][/u:da387978d1]
    Total Fragmentation on Drive C: 0%
    [b:da387978d1][u:da387978d1]````````````````````End of Log``````````````````````[/b:da387978d1][/u:da387978d1]
  • Verwijder [b:483c411d22]Java(TM) 6 Update 31[/b:483c411d22] en zorg er in vervolg ervoor dat je altijd maar één Java in jouw Windows hebt.
    De andere Java is coulant.
    Waarom: oude Java's zijn vol veiligheidsproblemen en zo in jouw geval heb je dan ook automatisch een beveiligingsprobleem!

    En dan de Windows Firewall.
    [quote:483c411d22]Windows Firewall Enabled!
    Windows Firewall Disabled![/quote:483c411d22]
    Dit ben ik nog niet eerder tegengekomen in een SecurityCheck-log.

    Controleer nu eerst via Configuratiescherm>Onderhoudsscherm>Beveiliging wat daar over de Windows Firewall wordt vermeld.
  • Java is nu gedeinstaleerd.

    De Windows Firewall was uitgeschakeld. Heb het weer ingeschakeld.
  • Prima gedaan.
    Zijn er nog problemen?
  • zoals het nu lijkt zijn er geen problemen meer.
    Geen 100% cpu use meer.

    Zijn er van deze handelingen die ik nu gedaan heb, die misschien regelmatig gedaan moeten/kunnen worden?

    Abraham54, verschrikkelijk bedankt voor je tijd.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.