Zoek.exe v5.0.0.1 Updated 03-November-2015 Tool run by Kathleen on wo 04/11/2015 at 13:25:21,27. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kathleen\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-11-03-073226.log 20957 bytes C:\zoek-results2015-11-03-151133.log 21198 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Kathleen\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\eBay.lnk deleted "C:\windows\Installer\109af.msi" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3684 MB CPU Info: AMD E1-1200 APU with Radeon(tm) HD Graphics CPU Speed: 1417,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon HD 7310 Graphics | AMD Radeon HD 7310 Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Realtek RTL8723AE Wireless LAN 802.11n PCI-E-netwerkinterfacekaart | Realtek PCIe FE Family-controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 454,6GB Hard Disks - Free: C: 401,5GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | TOSASU - 100 Time Zone: Romance (standaardtijd) Motherboard *: AMD PLCBX8 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} Default Browser: Firefox 41.0.2 Internet Explorer Version: 11.0.9600.18053 Mozilla Firefox version: 41.0.2 (x86 nl) Google Chrome version: 46.0.2490.80 Adobe Reader version: 11.0.0.379 Flash Player version: 19.0.0.226 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Kathleen\AppData\Local\Temp ==== 2015-10-22 17:46:00 76E6FD35E44C715E5DA9F99982E7513D 43326544 ----a-w- C:\Users\Kathleen\AppData\Local\Temp\{57658A9C-1CC0-4593-8E5E-7A252C59435F}-46.0.2490.80_chrome_installer.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-11-02 08:00:09 BED089B6342C9BE1301F7F08F6DC520F 176632 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-02 08:00:09 3072B4085C62EDB812BAA7F471C692BC 810488 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-01 20:40:44 92F70A87793C9CE2F8D9B8141B10E2DF 4068352 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2015-11-01 20:40:33 9064FD3D77F14A8ECD285086E4DE05E8 507176 ----a-w- C:\WINDOWS\SysWOW64\advapi32.dll 2015-11-01 20:40:33 39D7164FA89DC59C4E496121F6025D6F 862720 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2015-11-01 20:36:06 E3ED5B5BA03A80952DCB253587762DE3 536576 ----a-w- C:\WINDOWS\SysWOW64\hhctrl.ocx 2015-11-01 17:23:50 3B26DCAB842C280FA7271FF2B58D3293 28352 ----a-w- C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-11-01 16:45:22 0C0F9AAF13415DE6C9F73FF7BEF88314 230912 ----a-w- C:\WINDOWS\SysWOW64\InkEd.dll 2015-11-01 16:29:20 895197BBB5C853DC32FCCD3363A75E1B 19795904 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2015-11-01 16:29:01 883F9FC9D1DD691735836EA401058333 20358144 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-01 16:27:43 855A5699F3CD811E4F6ED5F4782EC9C8 4527616 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-11-01 16:27:41 692C7911F467791AB45E930F538972E6 12853760 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-01 16:27:38 7A9DF699F10E4C5799708E6E4280EC5C 2279936 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-01 16:27:37 D798AD4968F64AC7D80FFC1A7580ACD5 2011136 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-11-01 16:27:37 07162147A9E290509CB32B5FF70653CE 416256 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-11-01 16:27:36 22AEF01F7AB7F2986DEFEE1295C5361E 279040 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2015-11-01 16:27:35 8E3FB47B47250CEEBBE77E6FDC9E947C 480256 ----a-w- C:\WINDOWS\SysWOW64\ieui.dll 2015-11-01 16:27:35 37A5FE965CFD11CD6436C9C8B3019514 663552 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-11-01 16:27:34 5772D63218A4170200BC31F6004DBF44 504832 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-11-01 16:27:34 1870F854115C287C23159758F65994FD 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-11-01 16:27:33 F65069B6D8C8B1C871502FB86BE26D48 1311232 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-01 16:27:32 E0DA55A029898A312D707CA402B535A7 327168 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-11-01 16:27:32 C68B3DAA18016CCE7787AF528CD9327B 76288 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2015-11-01 16:27:31 6E871B08D8C9D1653FAF0FCA8E264A89 689152 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-11-01 16:27:30 AB251CEC342A7802C95E9EE003A4CBB2 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll 2015-11-01 16:27:29 0656A9A8CCFDB835DE6F87C575EE47BA 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2015-11-01 16:27:25 4C5943F7A754783A6D1E4FB52DFDD2E3 64000 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-11-01 16:27:24 9BFE3EBCA9C1D84580E89425DF2FA305 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-11-01 16:25:50 F895850807E42A73F3C3791DF841C479 1499920 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-10-21 16:53:53 BBE5A264EC689E8693D92F624A56968E 721920 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2015-10-21 16:53:52 E2BF2ACE61D6B40E735162B1A1ED380B 124928 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2015-10-21 16:53:52 852A226B3AA2FEEF188C40C4B4FE65DA 29696 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe 2015-10-21 16:53:52 2870426C645C2973309D817787790E94 81920 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2015-10-21 16:53:20 9F9FE5F52E9B2AD655C896B849883B1A 12128 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-21 16:53:20 9D66FCC681389EC619D4E801F1DDBB2F 17760 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-21 16:53:20 8E534F49C77D787DB69BABFF931A497A 12640 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-21 16:53:20 85CEBA9A21CE5D51B35EF2DE9EBFBAC4 12128 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-21 16:53:20 39F9D0F1B698D53D78C79576C7C60526 14176 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-21 16:53:20 00A0A24BB2E9AADE11494B627EB164C4 12640 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-21 16:53:19 CBF3CFC9EE1FD29707D95C63A5E7A78B 19808 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-21 16:53:19 C1096DA4634AD3356A10C00B24F53393 22368 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-21 16:53:19 B23936CF83DAC4B64660A88711B5234A 12128 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-21 16:53:19 94FEB4417CF3E39C8C58A1B73620687E 66400 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-21 16:53:19 73CED8B30963E54D262DAE2559116E46 13664 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-21 16:53:19 6C7F782FDBF9AEFFE7663FA1579A610E 17760 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-21 16:53:19 5B55E9A1360A6C52CC988DA6804D6CA2 901264 ----a-w- C:\WINDOWS\SysWOW64\ucrtbase.dll 2015-10-21 16:53:19 4669249FB01EA369C7FD40A530966FA1 12640 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-21 16:53:19 408019E57D3D2DA62A9F28389EED0AC1 16224 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-21 16:53:19 33E8CCBE05123C8146CD16293B688417 15712 ----a-w- C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-21 16:51:17 F3FE4F9CFF9E82DC66963988F8FBC4F1 1097216 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2015-10-21 16:51:09 FE5CDD0986F845684E866C8A00ABF5B9 749568 ----a-w- C:\WINDOWS\SysWOW64\tdh.dll 2015-10-21 16:51:01 2D2C20DF59F51A8EEA12F3D6DE2E7D9B 1903848 ----a-w- C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-21 16:50:59 7A88A2F50CC53DF2DDCA544B4A58F95C 1556992 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-11-01 20:40:42 7E573742DFD7452474D8113DD2BB8C47 4710400 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2015-11-01 20:40:34 DA28CCE042932C653E392DBF5E355BA8 686960 ----a-w- C:\WINDOWS\Sysnative\advapi32.dll 2015-11-01 20:40:34 AE3054F207A35B6C6C7E291F40B54077 1134752 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2015-11-01 20:40:14 FDFD6F97FFD79445EA7D42BFFD9E4BF0 1290752 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-11-01 20:40:13 700A81436C00B7C7A2BE8B2BF3DD600C 699904 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2015-11-01 20:40:13 527BB306CCC4BBD873C501E0E180C60B 1163776 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2015-11-01 20:40:13 4ECB4507DED2657E28E658D979E3EEA3 503296 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2015-11-01 20:40:13 3801B0126D4A7DE544460F7FB14C03F4 766464 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2015-11-01 20:40:12 F939D6F1A6D8C8BF8836F9CD167971CE 35384 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2015-11-01 20:40:12 9DF6707ACDC4A0A9C43919063B3BF8C4 73216 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2015-11-01 20:36:06 0ADF17C3A81FDB3DE666B872349C4CCE 669184 ----a-w- C:\WINDOWS\Sysnative\hhctrl.ocx 2015-11-01 17:23:55 9BC00C5608BF75BEAE893814A3AEC2AD 29888 ----a-w- C:\WINDOWS\Sysnative\aspnet_counters.dll 2015-11-01 16:45:22 5AA5D3EE2A87385B6E567D6B48B13A84 268288 ----a-w- C:\WINDOWS\Sysnative\InkEd.dll 2015-11-01 16:29:22 D1C92BBE9B56E571674B836FB78F4911 22372152 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2015-11-01 16:29:03 A1F1CD9450409656BCC77F615AC24D16 25851392 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-11-01 16:27:52 210800D6BB1A96F05F3F2AF1ADA0502C 5990400 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-11-01 16:27:47 30C49568AC1107CADB6BAE0474E119B0 14456832 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-11-01 16:27:39 DAEB57771C3495DB31BC044A2B3BFF5C 2886656 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-11-01 16:27:38 F6A075F2D69D9AFD14C6B79DF5C717D6 2487808 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-11-01 16:27:37 8DC455C2D19B8D832F6AA5C614149D19 489984 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2015-11-01 16:27:37 104EBD97A407C907AECB3C2B6A80BB45 616960 ----a-w- C:\WINDOWS\Sysnative\ieui.dll 2015-11-01 16:27:36 BA3C9D7DD26AE837E84236C1EEB9B242 1546752 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-11-01 16:27:36 10D27882E605C364547EDD82EF533452 315392 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2015-11-01 16:27:34 423764F8C923118C56D1A1230EAD8296 817664 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-11-01 16:27:33 A838B9FE1C181187FA9F1EEAF981102D 720896 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2015-11-01 16:27:33 A5564D430E3C8743D0DABD70496C5272 374784 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-11-01 16:27:33 21D92D60703E3FCA95AB6EC61A3A87B2 585728 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-11-01 16:27:32 D23574539CF0B8E482DB0A70A9F6BA31 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-11-01 16:27:32 2EA54C26ECAFA2E8666D6592D440FB4A 2126336 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-11-01 16:27:31 15D954BECC3583BD68AC53F1C0F4EC03 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-11-01 16:27:29 99A8FD1C0EEE5ED7E6F839DA1EE40607 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-11-01 16:27:29 1B2315BE6CACE96269F570A13D0B9164 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-11-01 16:27:25 DCD5F6070FCB8139AC7257714C3E6CCA 88064 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll 2015-11-01 16:27:25 B41F8CC71239094859D5C0CC5F08AF76 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-11-01 16:26:55 D2B6D2C64B74277FC27756F9C02FFB5F 63488 ----a-w- C:\WINDOWS\Sysnative\tzsync.exe 2015-11-01 16:25:54 EDB8DE74E38F1B6E4A9B8B8000334DF7 7457624 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-11-01 16:25:52 FA39174DFFD9B46D8F9D8377D4A3BBFC 1658536 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2015-11-01 16:25:52 AE9079631ABE7CDA0A286F77D9EFB442 1487008 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2015-11-01 16:25:52 7CDD78051E66B7CB2D882956D859A36A 1519592 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2015-11-01 16:25:52 4CA31F84172F6B5D6C43D6DDFF29E92C 1355848 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2015-11-01 16:25:51 A2BA40C2ECCFE8281C608F65303AFBF9 1736520 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-11-01 16:25:50 54B0AF42725840E789FB98B257403B55 737280 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2015-11-01 16:25:50 4B6F61BD394DCEDA9B06D702836531C2 348672 ----a-w- C:\WINDOWS\Sysnative\bdesvc.dll 2015-10-21 16:54:02 0813B71EAF097208DC76CE0605B48AF0 74752 ----a-w- C:\WINDOWS\Sysnative\NcdAutoSetup.dll 2015-10-21 16:53:54 FA2F8EA0DFACE3B3E935B106EDEF4150 3705344 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2015-10-21 16:53:54 EE440A76AEA3F4CC8EBD6307F335635C 891904 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2015-10-21 16:53:53 E977212A8CF8B7C7D52E61FB74EE59AD 35840 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2015-10-21 16:53:53 C65356C0C50957FEB4F4E29E82F5A8D0 409088 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2015-10-21 16:53:53 B5268453F7913811ED96DD8591EE0641 2243072 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2015-10-21 16:53:53 2E0B86E1775F5B25BCF1D811D204F514 136904 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2015-10-21 16:53:52 83CA9A4C26EB5190D77D32CCD447AC19 95744 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2015-10-21 16:53:52 7E6736BF2B2164BB862A36D0AB299E91 140288 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2015-10-21 16:53:20 CC337898E64D9078CB697AC19F995C7F 12128 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-utility-l1-1-0.dll 2015-10-21 16:53:20 BBAE7B5436D6D1B0FC967FF67E35415F 16224 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-21 16:53:20 AF851DFD0D9FECB76FF2B403F3C30F5B 12128 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-environment-l1-1-0.dll 2015-10-21 16:53:20 761DDD8669A661D57D9CF9C335949C06 12128 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-locale-l1-1-0.dll 2015-10-21 16:53:20 6631C212F79350458589A5281374B38B 12640 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-process-l1-1-0.dll 2015-10-21 16:53:20 653CB5DF3CEC6A4A0E402B33D8AA5C08 63840 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-private-l1-1-0.dll 2015-10-21 16:53:20 53E9526AF1FDCE39F799BFE9217397A8 17760 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-21 16:53:20 1908861649E67CDC20C563C234A89914 15712 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-convert-l1-1-0.dll 2015-10-21 16:53:19 F97E7878A2B372291B1269D80327BBF6 12640 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-heap-l1-1-0.dll 2015-10-21 16:53:19 ED14B64C94F543974B7FDC592FA0594B 12640 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-conio-l1-1-0.dll 2015-10-21 16:53:19 ECCF5973B80D771A79643732017CEA9A 17760 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-string-l1-1-0.dll 2015-10-21 16:53:19 E9F6D776545843A9817D8ACF38D06D09 19808 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-21 16:53:19 56556659C691DD043DBE24B0A195D64C 20832 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-math-l1-1-0.dll 2015-10-21 16:53:19 2381E189321EAD521FF71E72D08A6B17 984448 ----a-w- C:\WINDOWS\Sysnative\ucrtbase.dll 2015-10-21 16:53:19 0F143310FADE4DE116070A3917A79C18 13664 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-21 16:53:19 090DD0BB2BDDEE3EAAE5B6FF15FAE209 14176 ----a-w- C:\WINDOWS\Sysnative\api-ms-win-crt-time-l1-1-0.dll 2015-10-21 16:51:21 E559586B7EA3E1902E6C123098BDBE5B 2819072 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll 2015-10-21 16:51:20 08079E76DD10DDEC6FA4F92AFF1CD38D 118616 ----a-w- C:\WINDOWS\Sysnative\consent.exe 2015-10-21 16:51:19 6E409D818C6B342544EAE741B1422B85 228864 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2015-10-21 16:51:18 1BC82B720076C30643CB04AAEE649A79 1380056 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2015-10-21 16:51:11 484E3AD4E215A7850B4197A4A6D97134 41984 ----a-w- C:\WINDOWS\Sysnative\UtcResources.dll 2015-10-21 16:51:10 21EDAD8188372C912B7BB9B1C6CB0D38 1633792 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2015-10-21 16:51:09 D6457C727572BF4E4189FE04CD49A589 951296 ----a-w- C:\WINDOWS\Sysnative\tdh.dll 2015-10-21 16:51:01 C2840E77C27B5F90F60F5C3CAE8787A7 2531400 ----a-w- C:\WINDOWS\Sysnative\msxml6.dll 2015-10-21 16:51:00 54FCD2135049B5121BD8879E220E773A 2345472 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2015-10-21 16:50:04 C437FBED45D3F2AEBA19CA3A9BA2348D 411455 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml ====== C:\WINDOWS\Sysnative\drivers ===== 2015-10-21 16:49:59 FEA8FC81431AD93F44D5FBFBBF096AA7 118272 ----a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-11-01 20:31:10 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Kathleen\AppData\Roaming ====== ====== C:\Users\Kathleen ====== 2015-11-01 20:27:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Kathleen\Desktop\RSITx64.exe ====== C: exe-files == 2015-11-02 08:00:09 3072B4085C62EDB812BAA7F471C692BC 810488 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-01 20:40:12 F939D6F1A6D8C8BF8836F9CD167971CE 35384 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2015-11-01 20:36:10 A9F67EA817C9FC10B055455B18DC30C0 706560 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe 2015-11-01 20:36:09 DCF0C18D13BFF1D310DD860013C530F0 445440 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe 2015-11-01 20:36:09 D9686D4B89C949E6B210B35A9B1E814B 522752 ----a-w- C:\Windows\System32\GWX\GWX.exe 2015-11-01 20:36:09 D008D59876CC4431927911833BAF2C67 418304 ----a-w- C:\Windows\System32\GWX\GWXUX.exe 2015-11-01 20:36:09 7E925A9A931C8AE2B15EC801BE0183D6 388400 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe 2015-11-01 20:36:09 03ED40D937CE35172AB1E42A84A5D81C 360960 ----a-w- C:\Windows\System32\GWX\GWXDetector.exe 2015-11-01 20:31:11 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Kathleen.exe 2015-11-01 20:27:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Kathleen\Desktop\RSITx64.exe 2015-11-01 16:46:37 76E6FD35E44C715E5DA9F99982E7513D 43326544 ----a-w- C:\Program Files (x86)\Google\Update\Install\{DE2D65A8-26AF-4677-984F-F86500926641}\46.0.2490.80_chrome_installer.exe 2015-11-01 16:46:23 76E6FD35E44C715E5DA9F99982E7513D 43326544 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_chrome_installer.exe 2015-11-01 16:45:21 09BF7018D659795EDFA5A7BEE4E26586 2138112 ----a-w- C:\Program Files\Windows Journal\Journal.exe 2015-11-01 16:27:33 A838B9FE1C181187FA9F1EEAF981102D 720896 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-11-01 16:26:55 D2B6D2C64B74277FC27756F9C02FFB5F 63488 ----a-w- C:\Windows\System32\tzsync.exe 2015-11-01 16:25:54 EDB8DE74E38F1B6E4A9B8B8000334DF7 7457624 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-11-01 16:25:52 7CDD78051E66B7CB2D882956D859A36A 1519592 ----a-w- C:\Windows\System32\winload.exe 2015-11-01 16:25:52 7CDD78051E66B7CB2D882956D859A36A 1519592 ----a-w- C:\Windows\System32\Boot\winload.exe 2015-11-01 16:25:52 4CA31F84172F6B5D6C43D6DDFF29E92C 1355848 ----a-w- C:\Windows\System32\winresume.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2361787456-3962976259-3508606636-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "TPUReg"="C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes" "TPUReg(x86)"="C:\Program Files\TOSHIBA\Password Utility\TosPU.exe /Retimes" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "SRS Premium Sound HD"="C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f=C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip /h" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "TCrdMain"="%ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe " "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2013-10-06 13:12:25 1281 ----a-w- C:\Users\Kathleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21/10/2015 17:19] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 19:04] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 19:04] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{D244EF9E-46A3-49BB-AC6D-2E7AFDE85588}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\Toshiba\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe] "C:\WINDOWS\SysNative\tasks\Toshiba\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/06/2015 22:35] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Kathleen\AppData\Roaming\Mozilla\Firefox\Profiles\kzksxgey.default 863AF0003392FEBC2667A8A790DED955 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06/06/2015 22:34] Chrome Web Store Payments - Kathleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://toshiba13.msn.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{042B85EC-7D31-49AA-BE64-EB72591A0F4B}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://toshiba13.msn.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {042B85EC-7D31-49AA-BE64-EB72591A0F4B} Unknown Url="Not_Found" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2361787456-3962976259-3508606636-1001\Software\Microsoft\Internet Explorer\SearchScopes\{042B85EC-7D31-49AA-BE64-EB72591A0F4B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{042B85EC-7D31-49AA-BE64-EB72591A0F4B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{042B85EC-7D31-49AA-BE64-EB72591A0F4B} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes O4 - HKLM\..\Run: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kathleen\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Kathleen\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Kathleen\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Kathleen\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Kathleen\AppData\Local\Mozilla\Firefox\Profiles\kzksxgey.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Kathleen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5 folders=1 7504993 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Kathleen\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Kathleen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on wo 04/11/2015 at 15:28:37,46 ======================