
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Nancy on do 23/07/2015 at  7:28:11,81.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nancy\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-07-22-195343.log	1449 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\Nancy\AppData\Local\Temp\ocrDD53.tmp\bin\rubyw.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
c:\Program Files\Microsoft SQL Server\MSSQL10_50.KLUWER2008R2\MSSQL\Binn\sqlservr.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\rubyw.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\TOP\SQL Anywhere 9\Shared\Sybase Central 4.3\win32\scjview.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Nancy\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Windows Live SkyDrive deleted
C:\found.000 deleted
C:\Users\Nancy\AppData\LocalLow\ADSRemoval deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\system32\config\systemprofile\Searches deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3511 MB
CPU Info: Intel(R) Core(TM) i3 CPU       M 330  @ 2.13GHz
CPU Speed: 2126.5 MHz
Sound Card: Speakers (Realtek High Definiti | 
Realtek Digital Output (Realtek | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: TAP-Win32 Adapter V9 | Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-S083C
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  424.7GB | D:  40.0GB
Hard Disks - Free: C:  275.9GB | D:  21.8GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/01/10 | MEDION - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: MEDION          E6214
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Internet Explorer Version: 11.0.9600.17358 
Mozilla Firefox version: 39.0 (x86 en-US)
Adobe Reader version: 15.8.20082.147029
Sun Java version: 1.8.0_51 (32-bit) 
Flash Player version: 18.0.0.209

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-07-20 19:36:12	B8D7EE225189671CE978E420D568AE99	43112	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\Nancy\AppData\Local\Temp ====
2015-07-23 04:55:12	FD8B4821B62CF212AB5C054D11E511F7	83968	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\zlib1.dll
2015-07-23 04:55:12	F47CE903B5464F9CBD4ACC66D1369880	340992	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\SSLEAY32.dll
2015-07-23 04:55:12	D4AAB247A300230A8AE2D035A0977798	127316	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\libffi-6.dll
2015-07-23 04:55:12	ACA9CC399CAC869CEFC34EABF8450A29	1486336	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\LIBEAY32.dll
2015-07-23 04:55:12	8259E9D39B76FC64BA8B3C009D9ACD16	70239	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\rubyw.exe
2015-07-23 04:55:12	2723D5E743239D5D282DE7EDEF69032B	2141184	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\msvcrt-ruby191.dll
2015-07-23 04:55:06	D4AAB247A300230A8AE2D035A0977798	127316	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrDD53.tmp\bin\libffi-6.dll
2015-07-23 04:55:06	8259E9D39B76FC64BA8B3C009D9ACD16	70239	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrDD53.tmp\bin\rubyw.exe
2015-07-23 04:55:06	2723D5E743239D5D282DE7EDEF69032B	2141184	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrDD53.tmp\bin\msvcrt-ruby191.dll
2015-07-21 06:16:06	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356_permissionsCopy\updates\3.4.3_40298.exe
2015-07-21 06:16:05	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356_permissionsCopy\uTorrent.exe
2015-07-21 06:16:03	87FBC335E4B7F7145770AD562B8E2B52	195032	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356\HTA\3rdparty\OCComSDK.dll
2015-07-21 06:16:03	5AD9A24DC3CE7CEFBDD916116266838C	845272	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356\HTA\3rdparty\OCSetupHlp.dll
====== Java Cache =====
2015-07-16 21:08:45	06960048C7F98BFB0FD52C2EB2B4E365	33664	----a-w-	C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\706e0e51-422ba396
2015-07-03 06:25:55	9056573C66D15FE35FF5C38336ED5C9C	8267	----a-w-	C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\23ac4802-5646e97a
2015-07-03 06:25:54	D497DD2F1685B10E7DA52F383BB6E42B	423	----a-w-	C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2e4c72ea-474b2262
2015-07-03 06:25:51	6B314349459122FBDB2BCE7D67B3A14B	181481	----a-w-	C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\13d17dac-10f7dd28
2015-07-16 21:08:33	D54236A629AA90C51DEEB24E9EE8E216	84	----a-w-	C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\4ec50d75-106901f817e7a1f87674432132bba03e32ea810511d30d0ca866f2ac36354200-6.0.lap
====== C:\Windows\system32 =====
2015-07-20 19:40:08	29A9D4A0EF7D1599A387E87542C04F81	313472	----a-w-	C:\Windows\System32\aswBoot.exe
2015-07-18 19:49:10	CCC258525A8EFBE43C9124DB6A9FE3FF	74703	----a-w-	C:\Windows\System32\mfc45.dat
====== C:\Windows\system32\drivers =====
2015-07-20 19:40:23	11D101C6EDE012E018F37275CD3DAA3C	95112	----a-w-	C:\Windows\System32\drivers\ngvss.sys
2015-07-18 19:49:13	4E237DDD763CE3CB3D9F69B6046AFCFB	28256	----a-w-	C:\Windows\System32\drivers\rawdsk3.sys
2015-07-18 08:01:42	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-07-18 08:01:27	B4CD87E78A01562E3DA67FE1C2779204	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-07-18 08:01:27	A1E3A332E76F48410CF403FDF85FAFE0	94936	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-07-18 08:01:27	490F0F3ED8A970E2BAA38F719242B8F7	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-07-18 06:02:05	8CF6E2AE1707D82E904ECCA68CEF8B87	26624	----a-w-	C:\Windows\System32\drivers\tap0901.sys
====== C:\Windows\Tasks ======
2015-07-20 06:52:27	820798656ABDF655E8022B041B0804FC	3166	----a-w-	C:\Windows\system32\Tasks\{5C41EC67-AD7F-4102-BCEC-F0D254EE3592}
2015-07-18 06:02:15	AEABE3CEAD944F7D30D81B0624C15230	3158	----a-w-	C:\Windows\system32\Tasks\Private Internet Access Startup
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-07-22 10:03:39	--------	d-----w-	C:\Program Files\trend micro
2015-07-22 06:39:15	--------	d-----w-	C:\Program Files\Defraggler
2015-07-21 16:04:59	--------	d-----w-	C:\Program Files\CloneSpy
2015-07-20 06:51:44	--------	d-----w-	C:\Program Files\Common Files\Java
2015-07-18 06:01:57	--------	d-----w-	C:\Program Files\pia_manager
======= C: =====
2015-07-18 07:57:13	2E34421D8E4C13832183EFCBAF0D7C43	9800356	----a-w-	C:\rules.ref
2015-07-18 07:56:17	7D3F28A24E0CB34328E53D3D8C5DD757	25602	----a-w-	C:\swissarmy.ref
2015-07-18 07:56:17	643B11322D78D9F4F46F030869ECFC49	92	----a-w-	C:\domains.ref
2015-07-18 07:56:17	59037AB07C372BE4FE44E41DA21099EE	1469	----a-w-	C:\actions.ref
2015-07-18 07:56:17	2EC9C118CAEC1AE4B78C6EA95DA0539F	80	----a-w-	C:\ips.ref
====== C:\Users\Nancy\AppData\Roaming ======
2015-07-21 16:05:00	--------	d-----w-	C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CloneSpy
2015-07-21 16:01:15	--------	d-----w-	C:\Users\Nancy\AppData\Roaming\CloneSpy
2015-07-19 06:50:50	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2015-07-19 06:50:50	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-07-19 06:50:50	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
2015-07-18 19:54:59	--------	d-----w-	C:\Users\Nancy\AppData\Roaming\VSRevoGroup
2015-07-18 06:03:39	--------	d-----w-	C:\Users\Nancy\AppData\Local\Apple Computer
2015-07-18 06:03:37	--------	d-----w-	C:\Users\Nancy\AppData\Roaming\Titanium
2015-07-16 11:53:03	--------	d-----w-	C:\Users\Nancy\AppData\Local\CEF
====== C:\Users\Nancy ======
2015-07-22 10:02:00	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Nancy\Downloads\RSIT.exe
2015-07-22 06:39:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-07-22 06:38:15	0F794F64ABB5A8B61CD4CC97A2FD40F6	4532776	----a-w-	C:\Users\Nancy\Downloads\dfsetup219.exe
2015-07-21 16:00:17	4F6BC8CA659FD55C32ED1ECC03E9466A	2881562	----a-w-	C:\Users\Nancy\Downloads\cspy313.exe
2015-07-21 15:59:44	703A5CBF27CDA2686E5BB457C9C556CF	75752	----a-w-	C:\Users\Nancy\Downloads\cspy313-49803545.exe
2015-07-20 07:02:43	B8C997E772BE343E1664FEE14C1FB9B7	28849904	----a-w-	C:\Users\Nancy\Downloads\vlc-2.2.1-win32.exe
2015-07-20 06:51:57	AE1A3729436B8A63AA140BDC2C680034	563296	----a-w-	C:\Users\Nancy\Downloads\jre-8u51-windows-i586-iftw(1).exe
2015-07-20 06:50:24	AE1A3729436B8A63AA140BDC2C680034	563296	----a-w-	C:\Users\Nancy\Downloads\jre-8u51-windows-i586-iftw.exe
2015-07-19 06:21:06	8B968045D75783A09592C3105F2865DA	688992	------r-	C:\Users\Nancy\Desktop\dds(1).com
2015-07-18 19:49:10	--------	d-----w-	C:\ProgramData\iolo
2015-07-18 08:35:05	09B6F6FCCC35DBAFCB38CB3751FA7C2F	2248704	----a-w-	C:\Users\Nancy\Downloads\adwcleaner_4.208.exe
2015-07-18 08:00:34	D3B6FA14CB7E12B7FBC0B3AA26235898	24345872	----a-w-	C:\Users\Nancy\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-18 06:02:14	--------	d-----w-	C:\Users\Nancy\Start Menu
2015-07-18 05:59:51	F6C4ED980ACC6DEF2F4656FC8D5E94C9	25723531	----a-w-	C:\Users\Nancy\Downloads\privateinternetaccess.exe

====== C: exe-files ==
2015-07-23 04:55:12	8259E9D39B76FC64BA8B3C009D9ACD16	70239	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrF6DC.tmp\bin\rubyw.exe
2015-07-23 04:55:06	8259E9D39B76FC64BA8B3C009D9ACD16	70239	----a-w-	C:\Users\Nancy\AppData\Local\Temp\ocrDD53.tmp\bin\rubyw.exe
2015-07-22 10:03:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Nancy.exe
2015-07-22 10:02:00	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Nancy\Downloads\RSIT.exe
2015-07-22 06:38:15	0F794F64ABB5A8B61CD4CC97A2FD40F6	4532776	----a-w-	C:\Users\Nancy\Downloads\dfsetup219.exe
2015-07-21 16:05:00	E0664B159DFEFFD8727462987E7A786B	64780	----a-w-	C:\Program Files\CloneSpy\CSUninstall.exe
2015-07-21 16:04:36	B00D564230293DC6305EF56FFC5242A6	4429440	----a-w-	C:\Users\Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RBYDY516\cspy321.exe
2015-07-21 16:00:17	4F6BC8CA659FD55C32ED1ECC03E9466A	2881562	----a-w-	C:\Users\Nancy\Downloads\cspy313.exe
2015-07-21 16:00:03	ECBD8B66888F61C7C3FC84A71CBC6E94	607368	----a-w-	C:\Users\Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G25NUYYM\Installer[1].exe
2015-07-21 15:59:44	703A5CBF27CDA2686E5BB457C9C556CF	75752	----a-w-	C:\Users\Nancy\Downloads\cspy313-49803545.exe
2015-07-21 06:47:20	96E00C7BC24657F2137B52B83FDBCB11	1758648	----a-w-	C:\Windows\temp\avast_ash2\WinRAR Archiver (32 Bit)\wrar521.exe
2015-07-21 06:46:46	AFFC0C73DB16496587050FE45DA29D66	18009776	----a-w-	C:\Windows\temp\avast_ash2\Flash Player ActiveX\install_flash_player_ax.exe
2015-07-21 06:16:06	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356_permissionsCopy\updates\3.4.3_40298.exe
2015-07-21 06:16:05	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356_permissionsCopy\uTorrent.exe
2015-07-20 19:40:08	29A9D4A0EF7D1599A387E87542C04F81	313472	----a-w-	C:\Windows\System32\aswBoot.exe
2015-07-20 08:10:26	E9E9E6FDE792915B428786B772F314D8	3955200	----a-r-	C:\David\films\System Mechanic 12.5.0.79 incl. Crack {AmanPC}\Crack\SystemGuardAlerter.exe
2015-07-20 08:10:24	58063A483878DD425AD168B022D1C4DE	35940736	----a-r-	C:\David\films\System Mechanic 12.5.0.79 incl. Crack {AmanPC}\SystemMechanic.exe
2015-07-20 07:02:43	B8C997E772BE343E1664FEE14C1FB9B7	28849904	----a-w-	C:\Users\Nancy\Downloads\vlc-2.2.1-win32.exe
2015-07-20 06:51:57	AE1A3729436B8A63AA140BDC2C680034	563296	----a-w-	C:\Users\Nancy\Downloads\jre-8u51-windows-i586-iftw(1).exe
2015-07-20 06:51:07	5E1561548895218973EB5C833D96BD60	159328	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\unpack200.exe
2015-07-20 06:51:06	F3D19B026E09B8150D9FF40D537C8F2A	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\rmid.exe
2015-07-20 06:51:06	EF442149A0502661D49628A66A69F33C	15968	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\policytool.exe
2015-07-20 06:51:06	C4B3393396204E759E6EDFF92A9CAA50	15968	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\tnameserv.exe
2015-07-20 06:51:06	8B09EF707CE0895D5478300CC2CE90DB	15968	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\rmiregistry.exe
2015-07-20 06:51:06	8516D08420A7AB22A9B722FAF631E320	50784	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\ssvagent.exe
2015-07-20 06:51:06	56C175D9B0D7EE7D1DA92B8D8A12772A	15968	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\servertool.exe
2015-07-20 06:51:06	46AD9258E9B6EA56AFC8723CEFDF8425	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\pack200.exe
2015-07-20 06:51:05	D50189686D9D144CB4EC807652640FC0	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\ktab.exe
2015-07-20 06:51:05	B5AA17A9ACE57080909B9CB47CD74C39	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\kinit.exe
2015-07-20 06:51:05	76BD4372DD5C5A316F64D562C2404BF8	15968	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\orbd.exe
2015-07-20 06:51:05	6790CB3F51E280A2A3EEAA3C5BD58EFF	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\keytool.exe
2015-07-20 06:51:05	235015745A6A6FE26BCDA8F227C9132B	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\klist.exe
2015-07-20 06:51:04	9A474C07C5242EF2AE12FF6BF387F334	273504	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\javaws.exe
2015-07-20 06:51:04	547F9D4CB6FAAC8E941F1689D5555CDB	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\jjs.exe
2015-07-20 06:51:04	4E022C0940633A9538892CB26B65BD0D	191584	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\javaw.exe
2015-07-20 06:51:04	0CFCEE90C8711D4DEAD9EC7046918A45	77920	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\jp2launcher.exe
2015-07-20 06:51:03	F52607E7F53DA8FE1C4A3C1F11CE2AE7	15456	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\java-rmi.exe
2015-07-20 06:51:03	E7ABC6445E6A2F1EDE5F8BB082ECEEA1	30304	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\jabswitch.exe
2015-07-20 06:51:03	BC66611222047778694C7650B7814978	68192	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\javacpl.exe
2015-07-20 06:51:03	A4D1AC4078F1A819ECECC546F64907A1	190560	----a-w-	C:\Program Files\Java\jre1.8.0_51\bin\java.exe
2015-07-20 06:50:24	AE1A3729436B8A63AA140BDC2C680034	563296	----a-w-	C:\Users\Nancy\Downloads\jre-8u51-windows-i586-iftw.exe
2015-07-18 16:48:40	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Nancy\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe
2015-07-18 16:48:21	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Nancy\AppData\Roaming\uTorrent\uTorrent.exe
2015-07-18 09:21:54	0BAD8F399A71C09401FE1AFBBCB2C4FB	121344	------w-	C:\ProgramData\HP\Installer\Temp\hpqrrx08.exe
2015-07-18 08:35:05	09B6F6FCCC35DBAFCB38CB3751FA7C2F	2248704	----a-w-	C:\Users\Nancy\Downloads\adwcleaner_4.208.exe
2015-07-18 08:00:34	D3B6FA14CB7E12B7FBC0B3AA26235898	24345872	----a-w-	C:\Users\Nancy\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-18 06:02:05	F6C4ED980ACC6DEF2F4656FC8D5E94C9	25723531	----a-w-	C:\Program Files\pia_manager\privateinternetaccess.exe
2015-07-18 06:02:05	D152B979D279DE645A4DFCBC67156135	77824	----a-w-	C:\Program Files\pia_manager\tapinstall.exe
2015-07-18 06:02:00	A7B9C579A37A32F9F158DC7EFB36975D	176128	----a-w-	C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\kboot.exe
2015-07-18 06:01:59	67EC2F2DE248F5669208729E56ACAA07	184320	----a-w-	C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-07-18 06:01:59	4C834FB65B3B79EC5CF37FE92CBA4D60	585728	----a-w-	C:\Program Files\pia_manager\pia_tray\installer\installer.exe
2015-07-18 06:01:58	C1AF2F760CE27A038205AA532B97115F	8817658	----a-w-	C:\Program Files\pia_manager\pia_manager.exe
2015-07-18 06:01:58	49898AF67BCBEEAE485288CC12D70813	573440	----a-w-	C:\Program Files\pia_manager\openvpn.exe
2015-07-18 05:59:51	F6C4ED980ACC6DEF2F4656FC8D5E94C9	25723531	----a-w-	C:\Users\Nancy\Downloads\privateinternetaccess.exe
=== C: other files ==
2015-07-21 07:34:10	BB76AE7BD9CBDF772A035BD01855A0D0	248568	----a-w-	C:\Windows\System32\vbox\VBoxSF.sys
2015-07-21 06:15:56	F5B7A3FC956E95B3440A61D8597DA57C	2180272	----a-w-	C:\Users\Nancy\AppData\Local\Temp\HYDDC99.tmp.1437459356\HTA\install.1437459356.zip
2015-07-20 19:40:23	11D101C6EDE012E018F37275CD3DAA3C	95112	----a-w-	C:\Windows\System32\drivers\ngvss.sys
2015-07-20 06:51:07	5F7B14A65C88D4AEB0E3DF49C6A0941F	14130	----a-w-	C:\Program Files\Java\jre1.8.0_51\lib\deploy\ffjcext.zip
2015-07-19 06:21:06	8B968045D75783A09592C3105F2865DA	688992	------r-	C:\Users\Nancy\Desktop\dds(1).com
2015-07-18 19:49:13	4E237DDD763CE3CB3D9F69B6046AFCFB	28256	----a-w-	C:\Windows\System32\drivers\rawdsk3.sys
2015-07-18 19:49:12	4E237DDD763CE3CB3D9F69B6046AFCFB	28256	----a-w-	C:\ProgramData\iolo\RawDisk\rawdsk3.sys
2015-07-18 14:41:13	0B481FF0D113429A471C970696F9B9F6	144	---ha-w-	C:\Program Files\Common Files\X10\Common\x10prod.sys
2015-07-18 08:01:42	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-07-18 08:01:27	B4CD87E78A01562E3DA67FE1C2779204	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-07-18 08:01:27	A1E3A332E76F48410CF403FDF85FAFE0	94936	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-07-18 08:01:27	490F0F3ED8A970E2BAA38F719242B8F7	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-07-18 06:02:05	8CF6E2AE1707D82E904ECCA68CEF8B87	26624	----a-w-	C:\Windows\System32\DriverStore\FileRepository\oemwin2k.inf_x86_neutral_7c02b9ff2469cfac\tap0901.sys
2015-07-18 06:02:05	8CF6E2AE1707D82E904ECCA68CEF8B87	26624	----a-w-	C:\Windows\System32\drivers\tap0901.sys
2015-07-18 06:02:05	8CF6E2AE1707D82E904ECCA68CEF8B87	26624	----a-w-	C:\Program Files\pia_manager\tap0901.sys
2015-07-18 06:02:05	1091BA75C2BD821BD552E3AD6D84E709	250	----a-w-	C:\Program Files\pia_manager\reinstall_tap.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1911627587-2711903257-3630052222-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"SybaseCentral43"="C:\Top\SQL Anywhere 9\Shared\Sybase Central 4.3\win32\scjview.exe -preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SybaseCentral43"="C:\Top\SQL Anywhere 9\Shared\Sybase Central 4.3\win32\scjview.exe -preload"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LMgrVolOSD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LMgrVolOSD"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Launch Manager\\OSD.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Users\\Nancy\\AppData\\Roaming\\uTorrent\\uTorrent.exe\"  /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wbutton]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wbutton"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Launch Manager\\Wbutton.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"
"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\MCAFEE~1\\38A880~1.141\\SSSCHE~1.EXE "
"item"="McAfee Security Scan Plus"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdvancedSystemCareService7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McComponentHostService]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"DBISQL9"="\"C:\\Top\\SQL Anywhere 9\\SQL Anywhere 9\\win32\\dbisqlg.exe\" -preload"
"swg"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"AdobeAAMUpdater-1.0"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
"RtHDVBg"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVBg.exe /FORPCEE3 "


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21/07/2015 08:47]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe online update program" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\HP online update program" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\system32\tasks\Private Internet Access Startup" ["C:\Program Files\pia_manager\pia_manager.exe"]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{02F280C5-87C4-4FB8-844E-333F69C0C052}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\49ptrqxq.default-1437292842120
user_pref("browser.startup.homepage", "https://www.google.be/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20/07/2015 21:40]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\49ptrqxq.default-1437292842120
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

ProfilePath: C:\Users\Nancy\AppData\Roaming\TomTom\HOME\Profiles\5xpqt7rn.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com

AppDir: C:\Program Files\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\49ptrqxq.default-1437292842120
0A1788EE70EF444DABA1E958092F4B85	- C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll -	Adobe Acrobat
52CE0DBFD9738AE528CF525A0367EBEB	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
1C8124B6A03A620EB0CBCA615666D2AE	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live® Photo Gallery
073A22FDCDAFD513DAD0D972BD2DF76E	- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll -	Silverlight Plug-In
C7090AB2D8473D12D48B818FC1FE7AF9	- C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 8 U51
95479782C832632116E0FC0C8373F43E	- C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll -	Java Deployment Toolkit 8.0.510.16
FD82108FD60B63010325D9AF6F00AF99	- C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll -	Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0	- C:\Users\Nancy\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
6D23BB87BCF88731959BF79082D442E6	- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrlui.dll -	Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20/07/2015 21:34]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AURU_nlBE503"

==== HijackThis Entries ======================

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SybaseCentral43] "C:\Top\SQL Anywhere 9\Shared\Sybase Central 4.3\win32\scjview.exe" -preload
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.minfin.fgov.be
O15 - Trusted Zone: http://*.fgov.be
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/resources/capicom.cab
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Realtek11nSU - Realtek - C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

==== Empty IE Cache ======================

C:\Users\Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Nancy\AppData\Local\Mozilla\Firefox\Profiles\49ptrqxq.default-1437292842120\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=48 folders=7 18484910 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Nancy\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nancy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nancy\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HHN2QCXE\files.muzu.tv"  not found

==== EOF on do 23/07/2015 at  8:24:47,08 ======================