Zoek.exe v5.0.0.0 Updated 01-March-2015 Tool run by 11307625 on zo 01/03/2015 at 15:16:41,09. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\11307625\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 1/03/2015 15:17:52 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\11307625\AppData\Roaming\hpqlog deleted successfully C:\Users\11307625\AppData\Roaming\QuickScan deleted successfully C:\Users\11307625\AppData\Local\KONICA MINOLTA deleted successfully C:\windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-919585450-3989951782-4046941352-9551\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully HKEY_USERS\S-1-5-21-919585450-3989951782-4046941352-9551\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 1400 1400_Help 1400Trb 64 Bit HP CIO Components Installer Adblock Plus voor IE (32-bit en 64-bit) Adobe Reader XI (11.0.10) - Nederlands AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Apple Application Support Apple Mobile Device Support Apple Software Update Arc Battle.net Belgium e-ID middleware 4.0.7 (build 7453) Bonjour Broadcom Bluetooth Drivers BufferChm BullGuard Internet Security CCleaner Citrix Receiver (Enterprise) Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver(SSON) Citrix Receiver(USB) Copy CyberLink YouCam Definition Update for Microsoft Office 2013 (KB2920752) 32-Bit Edition Destinations DeviceDiscovery DocProc Fax Free M4a to MP3 Converter 8.3 GPBaseService2 Hewlett-Packard ACLM.NET v1.2.2.3 HP FWUpdateEDO2 HP Hotkey Support HP Imaging Device Functions 14.0 HP Officejet Pro 8620 Basissoftware van het apparaat HP Officejet Pro 8620 Help HP Photo Creations HP Photosmart Officejet and Deskjet All-In-One Driver Software HP Solution Center 14.0 HP Support Assistant HP Update HPDiagnosticAlert HPPhotoGadget HPProductAssistant I.R.I.S. OCR Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft Access MUI (Dutch) 2013 Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 64-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 64-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Word MUI (Dutch) 2013 Mozilla Firefox 35.0.1 (x86 en-US) Mozilla Maintenance Service Network64 Neverwinter OCR Software by I.R.I.S. 14.0 Online Plug-in Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais Portal 2 Seagate Dashboard SeaTools for Windows Security Update for Microsoft Excel 2013 (KB2920753) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2726958) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2910941) 32-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition SkypeT 7.1 SolutionCenter Spore Spore: Creepy & Cute Parts Pack Status Steam Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamSpeak 3 Client Toolbox TrayApp Update for Microsoft Access 2013 (KB2910930) 32-Bit Edition Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition Update for Microsoft Lync 2013 (KB2920744) 32-Bit Edition Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition Update for Microsoft Office 2013 (KB2827223) 32-Bit Edition Update for Microsoft Office 2013 (KB2837654) 32-Bit Edition Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition Update for Microsoft Office 2013 (KB2880977) 32-Bit Edition Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition Update for Microsoft Office 2013 (KB2889846) 32-Bit Edition Update for Microsoft Office 2013 (KB2899498) 32-Bit Edition Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition Update for Microsoft Office 2013 (KB2910921) 32-Bit Edition Update for Microsoft Office 2013 (KB2920735) 32-Bit Edition Update for Microsoft Office 2013 (KB2920740) 32-Bit Edition Update for Microsoft Office 2013 (KB2920742) 32-Bit Edition Update for Microsoft Office 2013 (KB2920745) 32-Bit Edition Update for Microsoft Office 2013 (KB2920769) 32-Bit Edition Update for Microsoft Office 2013 (KB2920798) 32-Bit Edition Update for Microsoft Office 2013 (KB2956102) 32-Bit Edition Update for Microsoft OneDrive for Business (KB2920746) 32-Bit Edition Update for Microsoft OneNote 2013 (KB2920739) 32-Bit Edition Update for Microsoft Outlook 2013 (KB2956087) 32-Bit Edition Update for Microsoft PowerPoint 2013 (KB2956149) 32-Bit Edition Update for Microsoft Project 2013 (KB2956091) 32-Bit Edition Update for Microsoft Publisher 2013 (KB2883048) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition Update for Microsoft Word 2013 (KB2956085) 32-Bit Edition VLC media player VLC media player 2.1.3 WebReg ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe C:\windows\SysWOW64\svchost.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Users\11307625\Desktop\zoek.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ArcService deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\DataStore deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted "C:\PROGRA~2\Windows Multimedia Platform" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8142 MB CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz CPU Speed: 2554,2 MHz Sound Card: Luidsprekers / HP (IDT High Def | Display Adapters: AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M | AMD Radeon HD 7570M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Intel(R) 82579V Gigabit Network Connection | Intel(R) Centrino(R) Advanced-N 6205 CD / DVD Drives: 1x (D: | ) D: hp CDDVDW SN-208BB Ports: COM1 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 117,2GB | E: 2,0GB Hard Disks - Free: C: 13,1GB | E: 2,0GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 10/31/11 | HPQOEM - f Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 17AB Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: BullGuard Antivirus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: BullGuard Antispyware disabled (Outdated) Firewall: BullGuard Firewall disabled Default Browser: Firefox 35.0.1 Internet Explorer Version: 11.0.9600.17631 Mozilla Firefox version: 35.0.1 (x86 en-US) Adobe Reader version: 11.0.10.32 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\11307625\AppData\Local\Temp ==== 2015-02-27 15:31:13 AB44CCD0FA8E55EF88DB941EEF95560A 49152 ----a-w- C:\Users\11307625\AppData\Local\Temp\vfind.exe 2015-02-27 15:31:13 92BD80F82FE8A28385B7D9D3F215E8B3 73728 ----a-w- C:\Users\11307625\AppData\Local\Temp\pv.exe ====== Java Cache ===== 2015-02-04 19:59:19 E4BA7879E540CFCA9D8D541312560B36 37 ----a-w- C:\Users\11307625\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\49acd34c-84c28d2b59cb0430162a0f2c7ed59acaa08d2e459222a95cd2e55c50038aa1f8-6.0.lap 2015-02-04 19:59:22 215F50F8CB678DFA9E837E14B1D637F6 9328 ----a-w- C:\Users\11307625\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\69cc98ed-22aef33c ====== C:\windows\SysWOW64 ===== 2015-02-25 18:08:10 3541ACE396B5B80DF5D883FE882BBB15 64336 ----a-w- C:\windows\SysWOW64\BGLsp.dll.PendingBullGuardUpdate 2015-02-25 18:08:10 0AD9E9098F1F6535EEE56FB53876B625 140280 ----a-w- C:\windows\SysWOW64\BgGamingMonitor.dll.PendingBullGuardUpdate ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2015-03-01 14:14:33 573C35DE38AEA84EF8E57908F79CBE30 512 ----a-w- C:\windows\Sysnative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD 2015-02-25 18:08:10 B09D9E671AA0C1AC58BC6D2681BB1815 153712 ----a-w- C:\windows\Sysnative\BgGamingMonitor.dll.PendingBullGuardUpdate 2015-02-25 18:08:10 278A9DC66ADCBD065A905A6B086DA4AB 76624 ----a-w- C:\windows\Sysnative\BGLsp.dll.PendingBullGuardUpdate ====== C:\windows\Sysnative\drivers ===== 2015-02-11 12:34:13 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\windows\Sysnative\drivers\cng.sys 2015-02-11 12:34:13 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys 2015-02-11 12:33:47 C851CAA8DC77C8562744439F026A4EF3 403456 ----a-w- C:\windows\Sysnative\drivers\rdbss.sys 2015-02-11 12:33:47 2A855A78A7EE4600B330CB5A800201F6 401920 ----a-w- C:\windows\Sysnative\drivers\mrxsmb.sys 2015-02-11 12:33:46 D01CAFDD13158FCA1EEC82908A40148B 138240 ----a-w- C:\windows\Sysnative\drivers\dfsc.sys 2015-02-11 12:33:46 A4171C59571A4CB89D48EC4E9E799F62 284672 ----a-w- C:\windows\Sysnative\drivers\mrxsmb10.sys 2015-02-11 12:33:46 2E958EFAA41BF41A70411F30C61A20E4 112960 ----a-w- C:\windows\Sysnative\drivers\mup.sys 2015-02-11 12:33:46 097C313161DC479481E0631A6EE04458 202240 ----a-w- C:\windows\Sysnative\drivers\mrxsmb20.sys ====== C:\windows\Tasks ====== 2015-02-27 15:36:47 050A4789E4EAE63814E98492C6408E43 3152 ----a-w- C:\windows\Sysnative\Tasks\{93E850FC-D502-4B7A-937F-59EFBBAACA32} 2015-02-27 15:31:22 74B45C47899DFCC981C18205006003FA 3242 ----a-w- C:\windows\Sysnative\Tasks\{1B356246-D26B-4A43-91A5-0513ECEB19A9} 2015-01-30 18:07:10 7F5F79FCA31DCFA5465F7555754C82B8 3348 ----a-w- C:\windows\Sysnative\Tasks\HP Photo Creations Communicator 2015-01-30 18:07:10 540A447E0EA12ED980670E9F106E3978 360 ----a-w- C:\windows\Tasks\HP Photo Creations Communicator.job ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2015-02-27 18:20:08 -------- d-----w- C:\Program Files\trend micro 2015-02-12 23:42:24 -------- d-----w- C:\Program Files\Adblock Plus for IE 2015-01-31 17:25:17 -------- d-----w- C:\Program Files\HP ======= C:\PROGRA~2 ===== 2015-01-30 18:07:04 -------- d-----w- C:\PROGRA~2\HP Photo Creations ======= C: ===== ====== C:\Users\11307625\AppData\Roaming ====== 2015-02-26 19:42:38 -------- d-----w- C:\Users\11307625\AppData\Local\Steam 2015-02-12 23:42:25 -------- d-----w- C:\Users\11307625\AppData\Locallow\Adblock Plus for IE 2015-01-30 18:08:04 -------- d-----w- C:\Users\11307625\AppData\Roaming\Visan 2015-01-30 17:35:33 -------- d-----w- C:\Users\11307625\AppData\Roaming\HpUpdate ====== C:\Users\11307625 ====== 2015-02-27 18:19:49 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\11307625\Desktop\RSITx64.exe 2015-01-30 18:07:04 -------- d-----w- C:\ProgramData\Visan 2015-01-30 18:07:04 -------- d-----w- C:\ProgramData\HP Photo Creations 2015-01-30 17:34:19 0843F0E4B519DC276B30DD8705B12905 57 ----a-w- C:\ProgramData\Ament.ini ====== C: exe-files == 2015-02-27 18:20:13 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\11307625.exe 2015-02-27 18:19:49 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\11307625\Desktop\RSITx64.exe 2015-02-27 15:31:13 AB44CCD0FA8E55EF88DB941EEF95560A 49152 ----a-w- C:\Users\11307625\AppData\Local\Temp\vfind.exe 2015-02-27 15:31:13 92BD80F82FE8A28385B7D9D3F215E8B3 73728 ----a-w- C:\Users\11307625\AppData\Local\Temp\pv.exe 2015-02-26 20:26:04 16B3EA8D939BC78A0CE4D1C43ED40195 10095152 ----a-w- C:\Users\11307625\Downloads\Battle.net\Battle.net.5566\Battle.net.exe 2015-02-26 19:42:39 25C16F7D749F1BA7D573756338658727 835776 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe 2015-02-25 12:02:54 345477F02C308B7480702767218C86A2 114800 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe 2015-02-24 19:13:18 30FAB53DB952D41C531C0F35BA0EFC44 7117360 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.3789\Agent.exe 2015-02-23 21:54:44 83E85973A21AA87A70601CDE1CA57359 385360 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe 2015-02-22 17:11:07 191B72971CFD5331A24561BCA0B0DBB3 7117360 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.3783\Agent.exe === C: other files == 2015-02-25 18:08:07 C66A008C5002C9421E0BAF8DB2818F85 20088 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\xp\x86\NSNetmon.sys 2015-02-25 18:08:07 BD58CA379550A01219230AB5CD759C5A 21888 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x86\NSNetmon.sys 2015-02-25 18:08:07 B88420A2FEEF13DD5DC22E6AE65AF36A 21888 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x86\NSNetmon.sys 2015-02-25 18:08:07 97EE3F732B41D46C136B26A5F326F0CA 27544 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x64\NSNetmon.sys 2015-02-25 18:08:07 726FB42866B0B6C7A44B17C78D8E43A3 27544 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x64\NSNetmon.sys 2015-02-25 18:07:58 ED6FA505036BC9A895FBD440EB272C68 269600 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x86\NSKernel.sys 2015-02-25 18:07:58 6F12F200E88BBC19F54E882130813A3A 219136 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win8\x86\NSKernel.sys 2015-02-25 18:07:57 C0BFE1C2F8D054C29FE600E1EB672977 269600 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x86\NSKernel.sys 2015-02-25 18:07:57 956A1F4702B7AEE69C70563E4446B3A8 328840 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x64\NSKernel.sys 2015-02-25 18:07:57 194A38145ECAFE9E63C1E43F3DEE580C 328840 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x64\NSKernel.sys 2015-02-25 18:07:57 1284A6427EB5BBA15C1D1B86DEF51131 267528 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win8\x64\NSKernel.sys 2015-02-25 18:07:53 CC8BB06398150CF279C2B756852D92C7 820408 ----a-w- C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\xp\x86\NSKernel.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-919585450-3989951782-4046941352-9551\Software\Microsoft\Windows\CurrentVersion\Run] "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\PROGRA~1\\BULLGU~1\\BULLGU~1\\Files32\\BgAgent.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\PROGRA~1\\BULLGU~1\\BULLGU~1\\BgAgent.dll" ==== Startup Folders ====================== 2015-01-31 17:37:35 1938 ----a-w- C:\Users\11307625\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Officejet Pro 8620.lnk 2014-07-17 20:21:45 2125 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\HP Photo Creations Communicator.job --a-------- C:\ProgramData\HP Photo Creations\Communicator.exe [30/01/2015 19:07] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{D775E0E6-3F55-4423-A24B-31B2CBC284E1}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "antiphishing@bullguard"="C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard" [08/08/2014 22:25] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\11307625\AppData\Roaming\Mozilla\Firefox\Profiles\vvdkzejt.default FDF7B2D69F2B7AF5B77124FCCB1DE2FC - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Default_Page_URL"="http://www.pxl.be" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - Startup: Inktwaarschuwingen controleren - HP Officejet Pro 8620.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.google.be O15 - Trusted Zone: http://*.pxl.be O15 - Trusted Zone: http://*.sharepoint.com O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = STUD.PXL.LOCAL O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = STUD.PXL.LOCAL O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @oem87.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem35.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\11307625\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\11307625\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\11307625\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\11307625\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=33 folders=56 14348301 bytes) ==== Empty Temp Folders ====================== C:\Users\11307625\AppData\Local\Temp will be emptied at reboot C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\11307625\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 01/03/2015 at 15:44:38,34 ======================