Zoek.exe v5.0.0.0 Updated 08-September-2015 Tool run by User1 on vr 11/09/2015 at 9:07:51,96. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7Q95FTS\zoek[1].exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-09-11-060336.log 502 bytes ==== Empty Folders Check ====================== C:\Users\User1\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\User1\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 18 ActiveX AVG 2015 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Silverlight Mozilla Maintenance Service Mozilla Thunderbird 38.2.0 (x86 nl) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Skype Click to Call SkypeT 7.9 Speccy Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables ==== Running Processes ====================== C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7Q95FTS\zoek[1].exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Microsoft Security Client deleted C:\Users\User1\AppData\Roaming\ParetoLogic deleted C:\Users\User1\AppData\Roaming\DriverCure deleted C:\PROGRA~3\ParetoLogic deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3894 MB CPU Info: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz CPU Speed: 2122,5 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 802.11n-netwerkadapter | Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) CD / DVD Drives: 1x (F: | ) F: hp CDDVDW TS-L633N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 449,8GB | D: 15,6GB | E: 99,0MB Hard Disks - Free: C: 404,3GB | D: 14,1GB | E: 99,0MB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 11/09/11 | DELL - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 143A Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Default Browser: Google Chrome 40.0.2214.91 Internet Explorer version: 8.0.7601.17514 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-09-10 05:54:00 B264298A08F9D8D483C31ADF3DD3A487 689496643 ----a-w- C:\Windows\MEMORY.DMP 2015-08-23 17:28:20 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe ====== C:\Users\User1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-09-10 19:13:25 F5811FD860256CD6A1F19A168EBE0C80 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll 2015-09-10 19:11:26 672CCD96BAB00F869D4F46A148FCCBAE 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll 2015-09-10 19:11:02 F615574BF6B81533F3382856BE359237 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2015-09-10 19:11:02 BF49B5D47D80D8711E3D54C8E0A59130 1241088 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2015-09-10 19:11:02 4DF7AD468DA9828D4B704805EEE2C7B1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2015-09-10 19:11:02 2032B7698A8DCA5E157FD4ED153E9A76 1391104 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2015-08-29 07:12:18 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\SysWOW64\XAudio2_5.dll 2015-08-29 07:12:18 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\SysWOW64\XAPOFX1_3.dll 2015-08-29 07:12:16 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_42.dll 2015-08-29 07:11:03 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\SysWOW64\d3dx9_32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-09-10 19:13:25 E2B939D646418AC4F85C42F0E7790EC9 24576 ----a-w- C:\Windows\Sysnative\jnwmon.dll 2015-09-10 19:13:25 28CAE76925107A4D5FBB63EC0A7DCA51 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2015-09-10 19:13:24 40686B59C127F0C93B4234E4A1E3472A 1110016 ----a-w- C:\Windows\Sysnative\schedsvc.dll 2015-09-10 19:11:26 CF04BDEC90C2AFF1120D1D49647177E7 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2015-09-10 19:11:26 2E0A046F24D89C807B10FE3D202F1238 115136 ----a-w- C:\Windows\Sysnative\consent.exe 2015-09-10 19:11:25 3EA5DA3F459F6ED19E10166965F6892F 70656 ----a-w- C:\Windows\Sysnative\appinfo.dll 2015-09-10 19:11:03 FDE5C7F271A8424B019EEFDAFD8CBD75 2004480 ----a-w- C:\Windows\Sysnative\msxml6.dll 2015-09-10 19:11:03 F06A3A6A49F6E059D6727A215A8FAA70 1887232 ----a-w- C:\Windows\Sysnative\msxml3.dll 2015-09-10 19:11:02 A25E5E8A16E0BA2A74390EA63319BE1D 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2015-09-10 19:11:02 3940461513FE8C7D94D76CCDBC783B93 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2015-08-29 07:12:16 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\Windows\Sysnative\d3dx10_42.dll 2015-08-29 07:11:03 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\Windows\Sysnative\d3dx9_32.dll ====== C:\Windows\Sysnative\drivers ===== 2015-08-23 19:11:19 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-08-23 19:11:06 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-08-23 19:11:06 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-08-23 19:11:06 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-08-23 18:01:57 552FA62B0EFECD22D8D52499324BCA4F 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-08-23 18:01:57 522A1595D5701800DD41B2D472F5AAED 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-08-23 18:01:56 97687971F9CB30E2633DE0F1296B9F61 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-08-23 18:01:55 B2081803D510DCE174992BA880EDCA70 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-08-23 18:01:55 67A1743377EBB5D9A370A8C2086CFDCC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-08-23 18:01:55 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-08-23 17:33:10 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-08-23 17:31:30 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2015-08-23 17:31:26 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-08-23 17:28:18 065F79543D7999EC28B687F87E96B803 20992 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2015-08-23 17:28:12 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys 2015-08-23 17:28:11 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2015-08-19 09:53:56 87AC702B45501609BE76F703A73FD558 297904 ----a-w- C:\Windows\Sysnative\drivers\avgidsha.sys 2015-08-19 09:52:30 9A4E5B1673F15F2339733D7C4ACFD85A 313264 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-09-10 19:14:15 -------- d-----w- C:\Program Files\Speccy 2015-08-29 04:51:30 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-08-28 07:04:12 -------- d-----w- C:\Program Files\Windows Live 2015-08-22 12:41:10 -------- d-----w- C:\Program Files\trend micro 2015-08-21 14:16:53 -------- d-----w- C:\Program Files\Common Files\AV ======= C:\PROGRA~2 ===== 2015-09-02 05:14:16 -------- d-----w- C:\PROGRA~2\Mozilla Thunderbird 2015-08-30 11:43:12 -------- d-----w- C:\PROGRA~2\Microsoft 2015-08-28 07:07:31 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition 2015-08-28 07:00:20 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2015-08-28 06:44:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Windows Live 2015-08-21 16:57:43 -------- d-----w- C:\PROGRA~2\trend micro ======= C: ===== 2015-09-09 04:49:22 61F39CF09D799BCF5234619C05712446 1336 ----a-w- C:\DelFix.txt ====== C:\Users\User1\AppData\Roaming ====== 2015-09-03 05:02:30 -------- d-----w- C:\Users\User1\AppData\Roaming\Wise Registry Cleaner 2015-09-02 07:14:53 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2015-09-02 05:14:30 -------- d-----w- C:\Users\User1\AppData\Roaming\Thunderbird 2015-09-02 05:14:30 -------- d-----w- C:\Users\User1\AppData\Local\Thunderbird 2015-09-01 06:23:51 -------- d-----w- C:\Users\User1\AppData\Roaming\ImgBurn 2015-08-29 12:29:21 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-08-29 12:29:21 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-08-29 12:29:21 -------- d-----w- C:\Users\User1\AppData\Local\Temp 2015-08-29 12:29:21 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-08-29 12:29:21 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-08-28 07:25:22 -------- d-----w- C:\Users\User1\AppData\Local\Windows Live Writer 2015-08-28 06:44:50 -------- d-----w- C:\Users\User1\AppData\Local\Windows Live 2015-08-27 18:44:45 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-08-26 11:25:29 -------- d-----w- C:\Users\User1\AppData\Roaming\vlc 2015-08-22 07:06:08 -------- d-----w- C:\Users\User1\AppData\Local\GWX ====== C:\Users\User1 ====== 2015-09-05 07:26:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-28 07:23:55 -------- d-----w- C:\Users\User1\Tracing 2015-08-28 07:00:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-27 18:44:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG ====== C: exe-files == 2015-09-10 19:13:26 7405A1D2E87A372590E4651F65FD51CF 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe 2015-09-10 19:13:25 4DD6093F5264724B7AF5C9F7B4826327 51200 ----a-w- C:\Program Files\Windows Journal\PDIALOG.exe 2015-09-10 19:12:02 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOA9SQNU\spsetup128[1].exe 2015-09-10 19:11:26 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1U05OQCN\spsetup128[1].exe 2015-09-10 19:11:26 2E0A046F24D89C807B10FE3D202F1238 115136 ----a-w- C:\Windows\System32\consent.exe 2015-09-09 04:04:43 03899E103F5E8EC9CC9B0AD7C7D99E98 1064736 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe === C: other files == 2015-09-07 10:55:59 52F195C955989D08D002BD6EA60CDE6E 632961 ----a-w- C:\ProgramData\AVG2015\IDS\outbox\tmp_530c8084-4b55-47cd-a303-41b2e049a34c.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1701775280-1332481620-2837527582-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_8DFDA4EDF67BEB42A85E8A6D92071EEF"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_8DFDA4EDF67BEB42A85E8A6D92071EEF"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/08/2015 13:25] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/01/2015 08:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/01/2015 08:10] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Application Starter - f1375f225883e83d52e8db9690775c3c" [C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\User1\AppData\Roaming\Thunderbird\Profiles\emf6cnvr.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Chrome Web Store Payments - User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1701775280-1332481620-2837527582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8DFDA4EDF67BEB42A85E8A6D92071EEF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7Q95FTS will be deleted at reboot C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01LGW18U will be deleted at reboot C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QZJIPG1T will be deleted at reboot C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\User1\AppData\Local\Mozilla\Firefox\Profiles\vbjrry1t.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=12 folders=8 1716792 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\User1\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\User1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7Q95FTS" not found "C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01LGW18U" not found "C:\Users\User1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QZJIPG1T" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on vr 11/09/2015 at 9:46:26,30 ======================