Zoek.exe v5.0.0.1 Updated 08-November-2015 Tool run by DELL on zo 08-11-2015 at 19:56:45,87. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\DELL\Downloads\zoek (20).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-10-22-071909.log 49895 bytes ==== Empty Folders Check ====================== C:\Users\DELL\AppData\Roaming\AdobeUM deleted successfully C:\Users\DELL\AppData\Local\CrashDumps deleted successfully C:\Users\DELL\AppData\Local\kpn deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe C:\Windows\SysWOW64\brss01a.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Users\DELL\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\FastStone Capture\FSCapture.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Windows\SysWOW64\ENAgent.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Repair.exe C:\Program Files (x86)\Corel PaintShop Pro.exe C:\Users\DELL\Downloads\zoek (20).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\ComboFix not found "C:\Windows\zoek-delete.exe" not found C:\ProgramData\{6351EB86-F5EC-45DD-A03C-315F8B4091AD} deleted C:\zoek_backup deleted "C:\DelFix.txt" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 1910 MB CPU Info: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz CPU Speed: 2652,5 MHz Sound Card: Luidsprekers (High Definition A | Luidsprekers (WsAudioDevice_383 | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Intel(R) Centrino(R) Advanced-N 6200 AGN | Bluetooth-apparaat (Personal Area Network) | Broadcom NetXtreme Gigabit Ethernet CD / DVD Drives: 1x (D: | ) D: TSSTcorpDVD+-RW TS-L633J Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 149,0GB Hard Disks - Free: C: 53,8GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 11/18/10 | DELL - 6222004 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 023HKR Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AV: Emsisoft Anti-Malware *Enabled/Updated* {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9} SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7} SP: Emsisoft Anti-Malware *Enabled/Updated* {9425001D-A331-13F4-34E6-D05C71B96A74} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Google Chrome 46.0.2490.80 Internet Explorer Version: 11.0.9600.17843 Opera Browser version: 31.0.1889.174 Google Chrome version: 46.0.2490.80 Adobe Reader version: 7.0.5.2005092300 Sun Java version: 1.8.0_65 (32-bit) Sun Java version: 1.8.0_65 (64-bit) Flash Player version: 19.0.0.226 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\DELL\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-10-14 06:46:48 C6330F7C2E92A00E6773E82F79078AFC 157016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-10-14 06:46:48 3A8C03156C3E31E70EF84E48CA179B46 97112 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-10-14 06:46:47 ACB6782973BD93760D597FC7BB37E692 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-10-14 06:46:40 8C0376974AA28398FF501E78C04ACB30 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-10-14 06:46:40 262BF7BB7D0E44CFAA9B12A1E0A6EDF1 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-10-14 06:42:26 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys ====== C:\Windows\Tasks ====== 2015-10-13 10:18:11 CB39AD6C03ADF72BABF099BDD48067FA 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-13 10:18:11 5157A97DD28E2DF43EF13A88E18B290B 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-10-13 10:18:10 4B944426DF4E6F301E4697B641139CEA 3796 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-10-13 10:18:09 95AFCEA53C381F5B5CB42EB661D6FCDD 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-11-04 18:16:53 -------- d-----w- C:\PROGRA~2\Setup 2015-11-04 18:05:49 -------- d-----w- C:\PROGRA~2\ShareMyTrip 2015-11-04 18:05:15 -------- d-----w- C:\PROGRA~2\LensProfiles 2015-11-04 18:05:07 -------- d-----w- C:\PROGRA~2\ja-JP 2015-11-04 18:05:07 -------- d-----w- C:\PROGRA~2\Icons 2015-11-04 18:05:07 -------- d-----w- C:\PROGRA~2\fio 2015-11-04 18:05:07 -------- d-----w- C:\PROGRA~2\en-US 2015-11-04 18:04:59 -------- d-----w- C:\PROGRA~2\ColorProfile 2015-11-04 18:04:58 -------- d-----w- C:\PROGRA~2\CameraCurve 2015-11-04 18:04:42 -------- d-----w- C:\PROGRA~2\Python Libraries 2015-11-04 18:04:42 -------- d-----w- C:\PROGRA~2\PlugIns 2015-11-04 18:04:42 -------- d-----w- C:\PROGRA~2\Languages 2015-11-04 18:04:42 -------- d-----w- C:\PROGRA~2\HDR 2015-11-04 18:04:42 -------- d-----w- C:\PROGRA~2\Data 2015-11-04 18:04:42 -------- d-----w- C:\PROGRA~2\Commands 2015-11-03 17:37:07 -------- d-----w- C:\PROGRA~2\PSPX8 2015-10-24 07:13:17 -------- d-----w- C:\PROGRA~2\ESET 2015-10-22 07:33:20 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\DELL\AppData\Roaming ====== 2015-10-22 07:15:45 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-10-22 07:15:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-10-22 07:15:45 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-10-22 07:15:45 -------- d-----w- C:\Users\Eye Candy 4000\AppData\Local\temp 2015-10-22 07:15:45 -------- d-----w- C:\Users\DELL\AppData\Local\Temp 2015-10-22 07:15:45 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-10-22 07:15:45 -------- d-----w- C:\Users\Default User\AppData\Local\temp ====== C:\Users\DELL ====== 2015-11-08 15:08:19 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64.exe 2015-11-08 14:37:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64 (2).exe 2015-11-08 14:36:55 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64 (1).exe 2015-11-04 18:05:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X8 2015-11-03 14:51:39 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (11).exe 2015-11-03 14:51:38 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (10).exe 2015-11-03 14:51:28 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (9).exe 2015-11-03 14:48:24 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (8).exe 2015-11-03 14:46:18 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (7).exe 2015-11-03 14:45:54 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (6).exe 2015-11-03 12:03:17 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (5).exe 2015-11-03 12:03:15 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (4).exe 2015-11-03 11:50:54 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (3).exe 2015-11-03 11:50:52 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (2).exe 2015-11-03 11:50:06 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (1).exe 2015-11-01 11:20:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-10-18 08:13:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs 2015-10-13 10:18:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C: exe-files == 2015-11-08 15:08:19 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64.exe 2015-11-08 14:37:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64 (2).exe 2015-11-08 14:36:55 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\DELL\Downloads\RSITx64 (1).exe 2015-11-03 17:38:20 3E619600153AC74837898A215F1B92BE 15160 ----a-w- C:\Program Files (x86)\PSPX8\WpfLoader.exe 2015-11-03 17:38:19 B6C0AEFF4BEE170065302140BB2081A3 1481536 ----a-w- C:\Program Files (x86)\PSPX8\PUA.EXE 2015-11-03 17:38:19 710EFE8D8CD928264369E4BBD806C35F 1128760 ----a-w- C:\Program Files (x86)\PSPX8\ResetDB.exe 2015-11-03 17:38:18 8E9C4EB90ED262772FD21D0DB5D54CD5 93496 ----a-w- C:\Program Files (x86)\PSPX8\IPMUpdate.exe 2015-11-03 17:38:18 56F26FEB1D2320F08100F6D0971652F7 537400 ----a-w- C:\Program Files (x86)\PSPX8\MediabookLauncherApp.exe 2015-11-03 17:38:17 76AB156E0E0BB5F7B723E3FCE18C508B 433952 ----a-w- C:\Program Files (x86)\PSPX8\DIM.EXE 2015-11-03 17:38:17 656745CBDF8F5F41D283ADCA88960F98 83256 ----a-w- C:\Program Files (x86)\PSPX8\CrashReport.exe 2015-11-03 17:38:17 1892AEA8F89978511797B2425E558BD4 43832 ----a-w- C:\Program Files (x86)\PSPX8\Email.exe 2015-11-03 17:38:16 879BD2D6ED9598CB8728C3DE9167E852 7617336 ----a-w- C:\Program Files (x86)\PSPX8\Corel PaintShop Merge.exe 2015-11-03 17:38:16 1B15BBED0C5DACD7BA4FB2A466BA0060 8968504 ----a-w- C:\Program Files (x86)\PSPX8\Corel PaintShop Pro.exe 2015-11-03 14:51:39 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (11).exe 2015-11-03 14:51:38 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (10).exe 2015-11-03 14:51:28 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (9).exe 2015-11-03 14:48:24 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (8).exe 2015-11-03 14:46:18 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (7).exe 2015-11-03 14:45:54 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (6).exe 2015-11-03 12:14:11 E16E6D68CE1949C9721656390F47CE07 461400 ------w- C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe 2015-11-03 12:10:13 2335AB0C0E19C0EF416D07DF66FEE649 461368 ----a-w- C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe 2015-11-03 12:03:17 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (5).exe 2015-11-03 12:03:15 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (4).exe 2015-11-03 11:50:54 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (3).exe 2015-11-03 11:50:52 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (2).exe 2015-11-03 11:50:06 288034FB24776E56F746AC28847BC734 686768 ----a-w- C:\Users\DELL\Downloads\CreativeCloudSet-Up (1).exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus Office BX535WD" [HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\DELL\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" "Simple Sticky Notes"="C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Spotify"="C:\Users\DELL\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "GoogleChromeAutoLaunch_4061A3059D27C63A84FB99ECD0D22755"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "EPLTarget\P0000000000000003"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000003 /M Epson Stylus Office BX535WD /EF HKCU" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus Office BX535WD" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Servicetool"="C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe /d=60" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\DELL\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" "Simple Sticky Notes"="C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Spotify"="C:\Users\DELL\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "GoogleChromeAutoLaunch_4061A3059D27C63A84FB99ECD0D22755"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "EPLTarget\P0000000000000003"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000003 /M Epson Stylus Office BX535WD /EF HKCU" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Folders ====================== 2015-08-06 09:20:18 1125 ----a-w- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk 2014-11-26 08:16:57 1256 ----a-w- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-01-10 21:05:31 2048 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-10-2015 15:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-10-2015 11:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-10-2015 11:18] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000UA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000Core" [C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000UA" [C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1441048020" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E2B66428-3488-47AF-9D6A-866863E1C636}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\NCH Software\PixillionSevenDays" [C:\Program Files (x86)\NCH Software\Pixillion\Pixillion.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default - chineseperakungmailcom - %ProfilePath%\extensions\chineseperakun@gmail.com ProfilePath: C:\Users\DELL\AppData\Roaming\Thunderbird\Profiles\yee9j9v7.default - Undetermined - %ProfilePath%\extensions\staged-xpis - Statusbar Date - %ProfilePath%\extensions\statusbardate@webspirited.com.xpi - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 Comodo Web Inspector - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn Comodo Share Page Service - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Cricwaves - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ogkedgpbfenekaceibcobmmgdbokmndm Chrome Web Store Payments - DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://google.nl/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5eeaeb92&q={searchTerms} HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE HKLM\SearchScopes\{fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE HKLM\Wow6432Node\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} - No_Url_Value HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5eeaeb92&q={searchTerms} HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\Wow6432Node\SearchScopes "DefaultScope"="" HKCU\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==== Reset Google Chrome ====================== C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Servicetool] C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\DELL\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe O4 - HKCU\..\Run: [Simple Sticky Notes] C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Spotify] "C:\Users\DELL\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4061A3059D27C63A84FB99ECD0D22755] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [EPLTarget\P0000000000000003] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000003" /M "Epson Stylus Office BX535WD" /EF "HKCU" O4 - HKUS\S-1-5-18\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX535WD" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX535WD" (User 'Default user') O4 - Startup: FastStone Capture.lnk = C:\Program Files (x86)\FastStone Capture\FSCapture.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft Ltd - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Epson Redirect Agent (ENAgent) - SEIKO EPSON CORPORATION - C:\Windows\SysWOW64\ENAgent.exe O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DELL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\DELL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\DELL\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3 folders=0 77270 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\DELL\AppData\Local\Temp will be emptied at reboot C:\Users\Eye Candy 4000\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\DELL\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 08-11-2015 at 21:30:36,37 ======================