Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Sabine on zo 03/01/2016 at 15:41:02,66. Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\Sabine\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== Failed to create System Restore Point ==== Empty Folders Check ====================== C:\PROGRA~2\MyFree Codec deleted successfully C:\PROGRA~2\COMMON~1\LWS deleted successfully C:\PROGRA~3\PCDr deleted successfully C:\Users\Sabine\AppData\Roaming\HpUpdate deleted successfully C:\Users\Sabine\AppData\Roaming\Nokia Suite deleted successfully C:\Users\Sabine\AppData\Roaming\WiseUpdate deleted successfully C:\Users\Sabine\AppData\Local\Sparta deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B6DBC306-4ADB-11E3-9205-AC3C9A63E460} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{203FCD5A-AC5A-48DD-84C4-D89EFD72BE3B} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5CF9F59-8210-4B92-B497-64B63E9758B} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9427F1-6CEC-411E-9093-7EB61C64E74} deleted successfully HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3189086-2C5F-442D-AADB-E910F347F145} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Sabine\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "5AA925DA85B61350510758FE8217FEBCC767372B._service_run"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\MyFree Codec not found C:\Users\Sabine\AppData\Roaming\1O1L1I1PtF1F1C1N deleted C:\Users\Sabine\AppData\Local\SwvUpdater deleted C:\PROGRA~2\File Type Assistant deleted C:\PROGRA~2\GreenTree Applications deleted C:\install.exe deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\eSafe deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\systemk deleted C:\Users\Sabine\AppData\Local\Softonic deleted C:\Users\Sabine\AppData\Local\FileTypeAssistant deleted C:\Users\Sabine\AppData\Local\cache deleted C:\Users\Sabine\AppData\Local\CrashRpt deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\FileTypeAssistant deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic deleted C:\Users\Sabine\AppData\LocalLow\Unitech LLC deleted "C:\Users\Sabine\AppData\Roaming\ViberPC\config.db" deleted "C:\Users\Sabine\AppData\Roaming\ViberPC" deleted "C:\PROGRA~2\Windows Collaboration" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition (64-bit) Service Pack 2 (Build 6002) Memory (RAM): 4056 MB CPU Info: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz CPU Speed: 2043,0 MHz Sound Card: Not detected Display Adapters: | RDP Encoder Mirror Driver Monitors: 1x; Screen Resolution: 1024 X 768 - 32 bit Network: Network Present Network Adapters: Dell Wireless 1397 WLAN Mini-Card CD / DVD Drives: 1x (E: | ) E: TSSTcorpDVD+-RW TS-L633C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 218,2GB | D: 14,6GB Hard Disks - Free: C: 84,6GB | D: 5,9GB Manufacturer *: BIOS Info: AT/AT COMPATIBLE | 07/17/09 | DELL - 27d90711 Time Zone: Romance (standaardtijd) Motherboard *: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Default Browser: Google Chrome 47.0.2526.106 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 47.0.2526.106 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 20.0.0.267 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Sabine\AppData\Local\Temp ==== 2015-12-30 12:02:45 DD40DDFAE58C293F07D5C2A310727D04 195032 ----a-w- C:\Users\Sabine\AppData\Local\Temp\HYDCBF8.tmp.1451476945\HTA\3rdparty\OCComSDK.dll 2015-12-20 18:21:26 B44A2353FE2594958043E7883A3D94CC 3000208 ----a-w- C:\Users\Sabine\AppData\Local\Temp\UNINSTALL.EXE 2015-12-20 17:31:11 E94D039653C73B7E719C81BE17303915 778240 ----a-w- C:\Users\Sabine\AppData\Local\Temp\5.1.2.24\msvcr100.dll 2015-12-20 17:31:11 D3406F8758FFE4F9C651C08BA0D3E0A8 64299008 ----a-w- C:\Users\Sabine\AppData\Local\Temp\5.1.2.24\ViberSetup.exe 2015-12-20 17:31:11 4B1CC3AB16BB26B5F5B5D7EE365C6C92 425984 ----a-w- C:\Users\Sabine\AppData\Local\Temp\5.1.2.24\msvcp100.dll 2015-12-20 17:29:47 ECA8159FC4C9F4613565015199B1A44B 7504952 ----a-w- C:\Users\Sabine\AppData\Local\Temp\SpotifyUninstall.exe 2015-12-20 17:19:35 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Sabine\AppData\Local\Temp\1238445.Uninstall\uninstaller.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-12-20 17:15:19 3B290CF7DB3505114A390A61FF999358 14848 ----a-w- C:\Windows\SysWOW64\wshrm.dll 2015-12-20 17:14:47 B2E0D2445FC1AE2354E24649A32CC3BF 179200 ----a-w- C:\Windows\SysWOW64\els.dll 2015-12-20 17:12:04 EF615B351E8EFA1416F7331CA0E14F6F 160768 ----a-w- C:\Windows\SysWOW64\d3d10_1.dll 2015-12-20 17:12:04 B501DAA15E6BD35EAF8CDBC9B2711CD4 1029120 ----a-w- C:\Windows\SysWOW64\d3d10.dll 2015-12-20 17:12:04 A27CFFE4A1E007101E58FC48E57059B0 682496 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2015-12-20 17:12:03 F48AB8E79BB571BF8B6C4361673850B0 219648 ----a-w- C:\Windows\SysWOW64\d3d10_1core.dll 2015-12-20 17:12:03 D10CBDF37CA457D34A3FF1D9FE83E3D1 486400 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll 2015-12-20 17:12:03 98FD032A1F825B27B8C6218C7415C203 1172480 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2015-12-20 17:12:03 57F17A2F4DF193C85FDD2EFC25A2A862 189952 ----a-w- C:\Windows\SysWOW64\d3d10core.dll 2015-12-20 17:12:02 F52CD4A817695842FC48F9B0AA8026AD 1073152 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-12-20 17:12:02 980283B72BE7D401B8050FC30C69DD6B 648704 ----a-w- C:\Windows\SysWOW64\user32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-12-20 17:15:19 0B5A1B30593D5865BF9628BCE30A1158 17408 ----a-w- C:\Windows\Sysnative\wshrm.dll 2015-12-20 17:14:47 33747BC229939AFDBEDD7A778F9FA2BA 241152 ----a-w- C:\Windows\Sysnative\els.dll 2015-12-20 17:12:04 F066B62D4E1C7AF81798471D13952A55 327680 ----a-w- C:\Windows\Sysnative\d3d10_1core.dll 2015-12-20 17:12:04 911A99890904FD3198D115BD1F90951D 287232 ----a-w- C:\Windows\Sysnative\d3d10core.dll 2015-12-20 17:12:04 40C4300F2CEA1E6199967A1AE0C6316A 196096 ----a-w- C:\Windows\Sysnative\d3d10_1.dll 2015-12-20 17:12:04 0AB7F4CAB9E0A4681EF8055D3D461E81 834048 ----a-w- C:\Windows\Sysnative\d2d1.dll 2015-12-20 17:12:03 CBB354FCBEF3A5D01E7CA9558AD3AA48 566272 ----a-w- C:\Windows\Sysnative\d3d10level9.dll 2015-12-20 17:12:03 1957972EDF2BE039D98C04E63D4A5A10 1268224 ----a-w- C:\Windows\Sysnative\d3d10.dll 2015-12-20 17:12:02 DE26C43A170809645297C1B479B7F791 1154560 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-12-20 17:12:02 6C24ED2CCC3950C54DBEF75ADCCDB8B9 2002944 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2015-12-20 17:12:02 62E3A64D22E38C95A3DC6AE53CABEB25 1561600 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-12-20 17:12:01 FC395BDC394A8A10EFDACB0F292C69DD 820224 ----a-w- C:\Windows\Sysnative\user32.dll 2015-12-20 17:12:01 7149DDAF837C26A1AB315AAD0FC8E4EE 2799104 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-12-20 17:15:19 3891BF6C67F6B6E5B43A9353ACECD888 140800 ----a-w- C:\Windows\Sysnative\drivers\rmcast.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-01-02 09:30:33 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Sabine\AppData\Roaming ====== 2015-12-21 18:02:57 -------- d-----w- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten 2015-12-15 18:47:06 -------- d-----w- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Sabine ====== 2016-01-03 14:21:06 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\Users\Sabine\Downloads\chromeinstall-8u66.exe 2016-01-02 09:21:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Sabine\Downloads\RSITx64.exe 2016-01-01 21:28:14 -------- d-----w- C:\ProgramData\WindowsSearch 2015-12-30 12:02:05 8FE478638E87F790EF1BBE01BD60D22C 1873952 ----a-w- C:\Users\Sabine\Downloads\BitTorrent.exe ====== C: exe-files == 2016-01-03 14:22:19 FA348A6D882C022C1365959AB9BABC5A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2906991370-2046935745-3015941662-1000\$IHWOOYI.exe 2016-01-03 14:22:07 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\$Recycle.Bin\S-1-5-21-2906991370-2046935745-3015941662-1000\$RHWOOYI.exe 2016-01-03 14:21:06 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\Users\Sabine\Downloads\chromeinstall-8u66.exe 2016-01-02 09:30:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Sabine.exe 2016-01-02 09:27:05 B1AF76913F773A0D79C1C196B797967B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2906991370-2046935745-3015941662-1000\$IHHI8SA.exe 2016-01-02 09:27:05 05BEF64C500ADCAD8A353B6E05EB3988 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2906991370-2046935745-3015941662-1000\$IKENLSC.exe 2016-01-02 09:23:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$Recycle.Bin\S-1-5-21-2906991370-2046935745-3015941662-1000\$RKENLSC.exe 2016-01-02 09:21:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Sabine\Downloads\RSITx64.exe 2016-01-02 09:21:48 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$Recycle.Bin\S-1-5-21-2906991370-2046935745-3015941662-1000\$RHHI8SA.exe 2015-12-30 12:03:56 F293B373A655686501203FBE09D4F23F 336896 ----a-w- C:\Users\Sabine\AppData\Roaming\BitTorrent\updates\7.9.5_41373\utorrentie.exe 2015-12-30 12:03:56 8FE478638E87F790EF1BBE01BD60D22C 1873952 ----a-w- C:\Users\Sabine\AppData\Roaming\BitTorrent\updates\7.9.5_41373.exe 2015-12-30 12:03:52 8FE478638E87F790EF1BBE01BD60D22C 1873952 ----a-w- C:\Users\Sabine\AppData\Roaming\BitTorrent\BitTorrent.exe 2015-12-30 12:02:05 8FE478638E87F790EF1BBE01BD60D22C 1873952 ----a-w- C:\Users\Sabine\Downloads\BitTorrent.exe === C: other files == 2015-12-30 12:02:25 53A02613355AFED66D9B951EDEA7E04B 2192061 ----a-w- C:\Users\Sabine\AppData\Local\Temp\HYDCBF8.tmp.1451476945\HTA\install.1451476945.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2906991370-2046935745-3015941662-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Dropbox Update"="C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Kies3PDLR.exe"="C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe Run Kies3" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "Viber"="C:\Users\Sabine\AppData\Local\Viber\Viber.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "dellsupportcenter"="C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P dellsupportcenter" "LWS"="C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AgentMonitor"="C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "Dropbox Update"="C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Kies3PDLR.exe"="C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe Run Kies3" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "Viber"="C:\Users\Sabine\AppData\Local\Viber\Viber.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" "QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe" "Apoint"="C:\Program Files\DellTPad\Apoint.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "HP Software Update"="\"C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "F-Secure Manager"="\"C:\\Program Files (x86)\\Telenet Security Pack\\apps\\ComputerSecurity\\Common\\FSM32.EXE\" /splash" ==== Startup Folders ====================== 2015-10-17 16:33:09 1040 ----a-w- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-11-10 22:16:40 715 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2015-09-02 09:19:47 2002 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/12/2015 11:49] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2906991370-2046935745-3015941662-1000Core.job --a------ C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21/06/2015 10:15] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2906991370-2046935745-3015941662-1000UA.job --a------ C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21/06/2015 10:15] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 16:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 16:49] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\4Team updater" [C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2906991370-2046935745-3015941662-1000Core" [C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2906991370-2046935745-3015941662-1000UA" [C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\ProgramRefresh-ATFST" [C:\Program Files (x86)\File Type Assistant\tsasetup.exe] "C:\Windows\SysNative\tasks\ProgramUpdateCheck" [C:\Program Files (x86)\File Type Assistant\TSAssist.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02/09/2015 10:22] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ifohbjbgfchkkfhphahclmkpgejiplfo - No path found[] Google Docs - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={66E4AF5B-1BFC-4A94-8DBB-37EAD418EDB5}&mid=da9bc746c5214eba8302b29d69bc5016-e6866cb55d611abca17b32e68f796c95ae18b46d&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0615pit&pr=fr&d=2015-08-17 19:41:19&v=4.1.6.294&pid=wtu&sg=&sap=hp" "Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=hp&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.dosearches.com/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=hp&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286" "Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=hp&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286" "Default_Search_URL"="http://search.dosearches.com/web/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=ds&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286&type=default&q={searchTerms}" "Search Page"="http://search.dosearches.com/web/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=ds&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286&type=default&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.dosearches.com/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=hp&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286" "Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=hp&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286" "Default_Search_URL"="http://search.dosearches.com/web/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=ds&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286&type=default&q={searchTerms}" "Search Page"="http://search.dosearches.com/web/?utm_source=b&utm_medium=amt&utm_campaign=rg&utm_content=ds&from=amt&uid=ST9250315AS_5VC5FM6EXXXX5VC5FM6E&ts=1384180286&type=default&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.ividi.org/?q={searchTerms}&src=tbsp&id=4a154de600000000000000225ffc9937&affilt=1" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.ividi.org/?q={searchTerms}&src=tbsp&id=4a154de600000000000000225ffc9937&affilt=1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\129761F6-F2F3-4033-919B-014CCF0AD19F - http://search.ividi.org/?q={searchTerms}&src=tbsp&id=4a154de600000000000000225ffc9937&affilt=1 HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Reader Free Download Packages deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic for Windows deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AgentMonitor] "C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Sabine\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [Kies3PDLR.exe] C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe Run Kies3 O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [Viber] "C:\Users\Sabine\AppData\Local\Viber\Viber.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-21-2906991370-2046935745-3015941662-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-2906991370-2046935745-3015941662-1000\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User '?') O4 - HKUS\S-1-5-21-2906991370-2046935745-3015941662-1000\..\Run: [Viber] "C:\Users\Sabine\AppData\Local\Viber\Viber.exe" (User '?') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User '?') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - S-1-5-21-2906991370-2046935745-3015941662-1000 Startup: Dropbox.lnk = C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{9A555572-9999-4359-A352-429218686B45}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: F-Secure BlackLight Sensor - F-Secure Corporation - C:\Windows\TEMP\F-Secure\Anti-Virus\fsblsrv.exe O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\PROGRA~2\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=247 folders=120 231388468 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Sabine\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Sabine\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on zo 03/01/2016 at 16:46:30,95 ======================