Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by lionel on za 16/01/2016 at 11:06:08,09. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\lionel\Downloads\zoek (2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 16/01/2016 11:09:16 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Advanced System Protector deleted successfully C:\Program Files\glindorus deleted successfully C:\Program Files\Malwarebytes' Anti-Malware deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Systweak Support Dock deleted successfully C:\Program Files\Common Files\FotoNation deleted successfully C:\PROGRA~2\APN deleted successfully C:\PROGRA~2\BrowserDefender deleted successfully C:\PROGRA~2\PhotoStitch deleted successfully C:\PROGRA~2\ZoomBrowser deleted successfully C:\PROGRA~2\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\lionel\AppData\Roaming\Malwarebytes deleted successfully C:\Users\lionel\AppData\Roaming\ZoomBrowser EX deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Installed Programs ====================== Adobe Flash Player 20 ActiveX Adobe Photoshop Elements 7.0 Adobe Reader X (10.1.16) - Nederlands Adobe Refresh Manager AVG AVG 2016 AVG Protection AVG SafeGuard toolbar Basissoftware voor HP Deskjet 3050 J610 series Belgium e-ID middleware 4.0.7 (build 7466) Bing Bar Platform Bluesoleil2.7.0.35 VoIP Release 080317 CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner CDBurnerXP Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibiliteitspakket voor het 2007 Microsoft Office system D3DX10 Dropbox Dropbox Update Helper FMW 1 Glary Utilities 5.42 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Deskjet 3050 J610 series Haelp HP Update HPDiagnosticAlert HPDiagnosticCoreDll IncrediMail IncrediMail 2.5 Java 8 Update 60 Java 8 Update 66 Java Auto Updater Junk Mail filter update LightScribe System Software Malwarebytes Anti-Malware versie 2.2.0.1024 Mesh Runtime Messenger Companion Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Picture It Photo Standard 9 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Works Microsoft Works 6-9 Converter Microsoft Works Suite-invoegtoepassing Microsoft Word Mozilla Firefox 43.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyDriveConnect 4.0.7.2442 Nero 7 Essentials neroxml NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Display Control Panel NVIDIA Grafisch stuurprogramma 311.06 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenOffice 4.1.0 Paint Shop Pro 7 Anniversary Edition Photo Notifier and Animation Creator Picasa 3 PIXresizer Productverbeteringonderzoek HP Deskjet 3050 J610 series PVSonyDll Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista RealWorld Photos Safari Packages Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3048077) Security Update for Microsoft .NET Framework 4.5.2 (KB3072310) Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft .NET Framework 4.5.2 (KB3099869) Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085616) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114541) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114457) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114546) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114540) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687406) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114549) 32-Bit Edition Segoe UI Sitecom WiFi USB adapter N300 Driver and Utility Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Surfing Protection Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TomTom HOME TomTom HOME Visual Studio Merge Modules TP-LINK TL-WN823N Driver Update Detector 5.10.1.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114544) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.6195 VIA Platform apparaatbeheer VisiPics V1.31 Visual Studio 2012 x86 Redistributables Visual Studio C++ 10.0 Runtime VLC media player Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files\AVG SafeGuard toolbar\vprot.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\AVG\Av\avgui.exe C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Dropbox\Client\Dropbox.exe C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe C:\Program Files\AVG\Av\avgwdsvcx.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe C:\Program Files\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWlan.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\loggingserver.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Windows\system32\ctfmon.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_270_ActiveX.exe C:\Windows\system32\conime.exe C:\Users\lionel\Downloads\zoek (2).exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\mobsync.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater19.1.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater19.1.0 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ""=- ==== Deleting Files \ Folders ====================== C:\Program Files\Advanced System Protector not found C:\Program Files\glindorus not found C:\Program Files\Systweak Support Dock not found C:\PROGRA~2\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found C:\Users\lionel\AppData\Roaming\0F1F1C2Y1H1P1C0I0T deleted C:\PROGRA~2\DivX deleted C:\Program Files\AVG Security Toolbar deleted C:\Users\lionel\AppData\Roaming\Lavasoft\Web Companion deleted C:\Users\lionel\AppData\Roaming\DriverFinder deleted C:\Users\lionel\AppData\Roaming\ProductData deleted C:\Users\lionel\AppData\Roaming\systweak deleted C:\PROGRA~2\Avg_Update_0215tb deleted C:\PROGRA~2\Avg_Update_0814tb deleted C:\PROGRA~2\Avg_Update_1114tb deleted C:\PROGRA~2\Avg_Update_1214tb deleted C:\PROGRA~2\Lavasoft\Web Companion deleted C:\PROGRA~2\Allmyapps deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\AVG Secure Search deleted C:\PROGRA~2\AVG SafeGuard toolbar deleted C:\PROGRA~2\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted C:\PROGRA~2\Package Cache deleted C:\Users\lionel\AppData\Local\AVG Secure Search deleted C:\Users\lionel\AppData\Local\IAC deleted C:\Users\lionel\AppData\Local\Lollipop deleted C:\Users\lionel\AppData\Local\AVG SafeGuard toolbar deleted C:\Users\lionel\AppData\Local\CrashRpt deleted C:\Users\lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender deleted C:\Users\lionel\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\lionel\AppData\LocalLow\IAC deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\InstallUtil.InstallLog deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted "C:\Program Files\AVG SafeGuard toolbar\vprot.exe" deleted "C:\Program Files\AVG SafeGuard toolbar\vprot.exe" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\19.1.0\avgdttbx.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\19.1.0\SiteSafety.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\log4cplusU.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\19.1.0\avgdttbx.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\19.1.0\SiteSafety.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\log4cplusU.dll" deleted "C:\Program Files\AVG SafeGuard toolbar" deleted "C:\Program Files\Common Files\AVG Secure Search" deleted "C:\Program Files\AVG SafeGuard toolbar" deleted "C:\Program Files\Common Files\AVG Secure Search" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\19.1.0" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\19.1.0" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\19.1.0" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\19.1.0" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0" deleted ==== Registry Search Results for "{B658800C-F66E-4EF3-AB85-6C0C227862A9}" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\Programmable] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol] "CLSID"="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE\CLSID] @="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1\CLSID] @="{B658800C-F66E-4EF3-AB85-6C0C227862A9}" ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 2047 MB CPU Info: Intel(R) Core(TM)2 CPU E8400 @ 3.00GHz CPU Speed: 2995,6 MHz Sound Card: Luidsprekers (VIA High Definiti | SPDIF-interface (VIA High Defin | Luidsprekers (Bluetooth SCO Aud | Luidsprekers (Bluetooth AV Audi | Display Adapters: NVIDIA GeForce 8400 GS | NVIDIA GeForce 8400 GS | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 16 bit Network: Network Present Network Adapters: Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter | Bluetooth PAN Network Adapter | Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (E: | ) E: ATAPI iHAS220 6 Ports: COM3 | COM4 | COM5 | COM6 | COM7 | COM8 | COM9 | COM10 | COM11 | COM1 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 156,2GB | D: 76,6GB | J: 298,0GB Hard Disks - Free: C: 90,7GB | D: 73,1GB | J: 245,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/28/08 | 052808 - 20080528 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer INC. P5KPL/1600 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} Default Browser: Firefox 43.0.1 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 43.0.1 (x86 en-US) Adobe Reader version: 10.1.16.13 Sun Java version: 1.8.0_66 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\lionel\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2016-01-16 09:27:14 4F0024B6ED05D3395C00FE4AA364E7A1 399080 ----a-w- C:\Windows\System32\FNTCACHE.DAT 2016-01-15 09:55:06 F21E7190324B1FB3446444CC15EE9E68 606208 ----a-w- C:\Windows\System32\MFWMAAEC.DLL 2016-01-15 09:55:06 EB51BD6B398A8A32A17E5E0039B2C84D 867328 ----a-w- C:\Windows\System32\wmpmde.dll 2016-01-15 09:55:06 CF7EFEC5BE294C50B7D89027FED7BC20 80896 ----a-w- C:\Windows\System32\MP3DMOD.DLL 2016-01-15 09:55:06 CB2CD6D57F79BC9760DB0B1B8E334508 158208 ----a-w- C:\Windows\System32\COLORCNV.DLL 2016-01-15 09:55:06 C0CF1B2D280CFDBDD41DCE77F7FFD6BC 613888 ----a-w- C:\Windows\System32\MSMPEG2VDEC.DLL 2016-01-15 09:55:06 B8DC7F53D40C16DB717E159187E006A8 144384 ----a-w- C:\Windows\System32\ksproxy.ax 2016-01-15 09:55:06 B34C1A6AFF66D1672857B8765D8AB12B 243200 ----a-w- C:\Windows\System32\VIDRESZR.DLL 2016-01-15 09:55:06 AF573C789CEBFA81DE84BF67A4EFBA97 254976 ----a-w- C:\Windows\System32\MP43DECD.DLL 2016-01-15 09:55:06 A841FF3B585E498AA32B557C375BCF74 208896 ----a-w- C:\Windows\System32\qasf.dll 2016-01-15 09:55:06 A4D00BEA0DA97C480C427647B4515F29 212992 ----a-w- C:\Windows\System32\RESAMPLEDMO.DLL 2016-01-15 09:55:06 930EBC760AF6FF88BE138F94A9886D3D 314880 ----a-w- C:\Windows\System32\MP4SDECD.DLL 2016-01-15 09:55:06 7454408529D129D67565C1B477DAC8E9 391680 ----a-w- C:\Windows\System32\MSMPEG2ADEC.DLL 2016-01-15 09:55:06 738060F0CB4D4EBB64ACCF4EB020FD5C 209920 ----a-w- C:\Windows\System32\mfplat.dll 2016-01-15 09:55:06 09F294D71A8C58E0E90F013A1EFC5430 59392 ----a-w- C:\Windows\System32\mfvdsp.dll 2016-01-15 09:55:06 09E65D51912A9217CB1D9AFC3DE04A49 254976 ----a-w- C:\Windows\System32\MPG4DECD.DLL 2016-01-15 09:55:06 042A07E2E9CDD291E980712D35607E9A 506880 ----a-w- C:\Windows\System32\MSMPEG2ENC.DLL 2016-01-15 09:55:05 FBD7D82B5762B46F3FE9C0C76A0D9F73 1314816 ----a-w- C:\Windows\System32\quartz.dll 2016-01-15 09:55:05 F5E16E2B07A17C2E0B68E06EB0DA884C 605184 ----a-w- C:\Windows\System32\WMSPDMOD.DLL 2016-01-15 09:55:05 D19BF1FB560F448132EF87987950994E 767488 ----a-w- C:\Windows\System32\WMVSENCD.DLL 2016-01-15 09:55:05 BDAD59FF487668972F0FBEE3605B4CDF 497152 ----a-w- C:\Windows\System32\qdvd.dll 2016-01-15 09:55:05 B5E69942E2AE8F854F9C5ABEA3CCC3B2 1114624 ----a-w- C:\Windows\System32\WMADMOE.DLL 2016-01-15 09:55:05 A80F675055BF0D9D771A66A0698BBF21 1326080 ----a-w- C:\Windows\System32\WMSPDMOE.DLL 2016-01-15 09:55:05 94B80D7CC9D3BFE274D3EE628DDB7BF0 759296 ----a-w- C:\Windows\System32\WMADMOD.DLL 2016-01-15 09:55:05 1DD9B6DE3BD0744D3DC82D63DF369322 2873344 ----a-w- C:\Windows\System32\mf.dll 2016-01-15 09:55:05 18F252A78A482CB10D6AA6D6AD66C979 853504 ----a-w- C:\Windows\System32\mcmde.dll 2016-01-15 09:55:05 0FE0077E4416ADF2E57CA504F7E1A7F5 480256 ----a-w- C:\Windows\System32\evr.dll 2016-01-15 09:55:04 AFBE47FDB5772FB0716EF6871D57F8A3 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2016-01-15 09:55:04 7906A2D091223DCBBF23A068DEA11EF8 1377792 ----a-w- C:\Windows\System32\WMVSDECD.DLL 2016-01-15 09:55:04 52DF7725DA15034E3964F31A09A6648D 650240 ----a-w- C:\Windows\System32\WMVXENCD.DLL 2016-01-15 09:55:04 11AE2AE7C69273AB42A79A02DFC36BB1 1567744 ----a-w- C:\Windows\System32\WMVENCOD.DLL 2016-01-15 09:54:56 F82F6B6DE88EEE6FB5D6BFA420B50F8C 506880 ----a-w- C:\Windows\System32\qedit.dll 2016-01-15 09:54:56 52DB95417E8983ED636BFD7D03696CAB 64000 ----a-w- C:\Windows\System32\devenum.dll 2016-01-15 09:53:58 CD65EF6EAD2ED9F2848B87134375D528 13824 ----a-w- C:\Windows\System32\fixmapi.exe 2016-01-15 09:53:58 31596F5BBE993D30F9155B28EAA0057B 66560 ----a-w- C:\Windows\System32\mapistub.dll 2016-01-15 09:53:58 31596F5BBE993D30F9155B28EAA0057B 66560 ----a-w- C:\Windows\System32\mapi32.dll 2016-01-15 09:52:49 D8FFE805832904876FD604B4F7270F5C 2068480 ----a-w- C:\Windows\System32\win32k.sys 2016-01-15 09:52:33 C1BF6AC1FAD30FB30B48EA7214FD6371 801280 ----a-w- C:\Windows\System32\advapi32.dll 2016-01-15 09:45:14 B2226ED78179C56E32D4A64C5BFC0340 298496 ----a-w- C:\Windows\System32\gdi32.dll 2016-01-15 09:44:37 B997907229EE2C9EE391828E75DEB078 3556800 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-01-15 09:44:37 445046D27A0981157C653D8351868B1B 3609024 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2016-01-14 08:25:37 DA17E7FB3593883264009A48AAD49EF1 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2016-01-14 08:25:37 C5551E5A67E88B71F4B47BC80E4831C6 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2016-01-14 08:25:37 C0CF84A661329472C004F425C5D9DBE4 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2016-01-14 08:25:37 6EA13DD5C48CDF3FA1473C4AF7CBA3A3 1140224 ----a-w- C:\Windows\System32\urlmon.dll 2016-01-14 08:25:37 618FBAB49EB3111EFD6E66559AC1E5D4 718848 ----a-w- C:\Windows\System32\jscript.dll 2016-01-14 08:25:37 50687854862FF6FD3A3527677B7C5AA6 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2016-01-14 08:25:37 336AEB5CFD2C1195FD64D994A21E61B7 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2016-01-14 08:25:37 2FBE91EBF8E0F6D7E4E289D96214F7C7 11776 ----a-w- C:\Windows\System32\mshta.exe 2016-01-14 08:25:37 26D8612EA9F17536879AEACD9DB4143E 424960 ----a-w- C:\Windows\System32\vbscript.dll 2016-01-14 08:25:36 C2BA4E3F311806D3B892589E5AD80588 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2016-01-14 08:25:36 98EA2BB35E905F6037FA8341CB0B1278 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2016-01-14 08:25:36 97D53A06B38F490F083E155B1D50ED77 1804800 ----a-w- C:\Windows\System32\iertutil.dll 2016-01-14 08:25:36 536F03C13F9447269C1B7B5C6D4BD021 231936 ----a-w- C:\Windows\System32\url.dll 2016-01-14 08:25:36 0FDC7765BA35C95C66C2F2B41A21BB08 1129472 ----a-w- C:\Windows\System32\wininet.dll 2016-01-14 08:25:36 0DF9D2D624C6886FAE27DA2C49612D2B 1814528 ----a-w- C:\Windows\System32\jscript9.dll 2016-01-14 08:25:36 096F8D812C1EE9E18CE6FF3295EE9291 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-01-14 08:25:35 68801FAADF20CE4522EDD6B93113B872 9753088 ----a-w- C:\Windows\System32\ieframe.dll 2016-01-14 08:25:33 A69CE614C105EC05DCB0B839B4E0917E 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2016-01-14 08:25:33 43C968CE6F0ADF6C5577969ED0FE518D 176640 ----a-w- C:\Windows\System32\ieui.dll 2016-01-14 08:25:32 EDA762C6526A2BD7C3AE31C8E5664D4A 367616 ----a-w- C:\Windows\System32\html.iec 2016-01-14 08:25:32 9969D9EA2394CEE9671888730D771892 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2016-01-14 08:25:31 3099DEB36C0F52C123D556D487341D44 12388864 ----a-w- C:\Windows\System32\mshtml.dll ====== C:\Windows\system32\drivers ===== 2016-01-15 09:55:06 672850B63B45CA3B05E66D09FBE54D10 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys ====== C:\Windows\Tasks ====== 2015-12-21 10:36:02 D04702EAC1350BE55C41BE3CB691CA2D 3676 ----a-w- C:\Windows\system32\Tasks\Java Platform SE Auto Updater ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-01-15 10:10:03 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\lionel\AppData\Roaming ====== 2016-01-16 09:30:20 33A1F4F3E36001AD022D2EB7E4108F00 109184 ----a-w- C:\Users\lionel\AppData\Local\GDIPFONTCACHEV1.DAT ====== C:\Users\lionel ====== 2016-01-15 10:09:14 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lionel\Downloads\RSIT (2).exe 2016-01-15 10:07:33 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lionel\Downloads\RSIT (1).exe 2016-01-15 10:00:10 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lionel\Downloads\RSIT.exe 2016-01-13 17:30:23 53064AFA14D0A476CE5365132FFBD1CF 15300128 ----a-w- C:\Users\lionel\Downloads\Glary_Utilities_v5.42.0.62.exe ====== C: exe-files == 2016-01-15 10:10:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\lionel.exe 2016-01-15 10:09:14 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lionel\Downloads\RSIT (2).exe 2016-01-15 10:07:33 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lionel\Downloads\RSIT (1).exe 2016-01-15 10:00:10 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lionel\Downloads\RSIT.exe 2016-01-15 09:53:58 CD65EF6EAD2ED9F2848B87134375D528 13824 ----a-w- C:\Windows\System32\fixmapi.exe 2016-01-15 09:44:37 B997907229EE2C9EE391828E75DEB078 3556800 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-01-15 09:44:37 445046D27A0981157C653D8351868B1B 3609024 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2016-01-14 08:25:37 DD0715A52A68D7325DC035D60F883273 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-01-14 08:25:37 C0CF84A661329472C004F425C5D9DBE4 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2016-01-14 08:25:37 B0CA2E51E3AB0D1BB825509D697D8BF1 474624 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-01-14 08:25:37 2FBE91EBF8E0F6D7E4E289D96214F7C7 11776 ----a-w- C:\Windows\System32\mshta.exe 2016-01-14 08:25:37 2C1FA9D95B469555715C9DF3BD9C7EC2 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2016-01-14 08:25:36 E561A888BE1FBE758CF4E2B956CD7E68 758000 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-01-14 08:25:36 096F8D812C1EE9E18CE6FF3295EE9291 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-01-13 17:30:23 53064AFA14D0A476CE5365132FFBD1CF 15300128 ----a-w- C:\Users\lionel\Downloads\Glary_Utilities_v5.42.0.62.exe === C: other files == 2016-01-15 09:55:06 672850B63B45CA3B05E66D09FBE54D10 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_1dee99f6\drmk.sys 2016-01-15 09:55:06 672850B63B45CA3B05E66D09FBE54D10 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2016-01-15 09:52:49 D8FFE805832904876FD604B4F7270F5C 2068480 ----a-w- C:\Windows\System32\win32k.sys ==== Orphaned Tasks deleted from Registry ====================== GlaryInitialize deleted GlaryInitialize 4 deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-4210861826-744597554-2720867244-1000\Software\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe" "GUDelayStartup"="C:\Program Files\Glary Utilities 5\StartupManager.exe -delayrun" "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files\AVG\Av\avgui.exe /TRAYONLY" "Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume" "SecurDisc"="C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe" "InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" "AvgUi"="C:\Program Files\AVG\Framework\Common\avguix.exe /fmw.trayonly" "Dropbox"="C:\Program Files\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe" "GUDelayStartup"="C:\Program Files\Glary Utilities 5\StartupManager.exe -delayrun" "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AVG_UI" "hkey"="HKLM" "command"="\"C:\\Program Files\\AVG\\AVG2014\\avgui.exe\" /TRAYONLY" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverFinder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DriverFinder" "hkey"="HKCU" "command"="C:\\Program Files\\DriverFinder\\DriverFinder.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ehTray.exe" "hkey"="HKCU" "command"="C:\\Windows\\ehome\\ehTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InCD" "hkey"="HKLM" "command"="C:\\Program Files\\Nero\\Nero 7\\InCD\\InCD.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightScribe Control Panel" "hkey"="HKCU" "command"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyDriveConnect.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MyDriveConnect.exe" "hkey"="HKCU" "command"="C:\\Program Files\\MyDrive Connect\\MyDriveConnect.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SecurDisc] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SecurDisc" "hkey"="HKLM" "command"="C:\\Program Files\\Nero\\Nero 7\\InCD\\NBHGui.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Defender" "hkey"="HKLM" "command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TP-LINK Wireless Configuration Utility.lnk" "backup"="C:\\Windows\\pss\\TP-LINK Wireless Configuration Utility.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\TP-LINK\\TP-LIN~1\\TWCU.exe -nogui" "item"="TP-LINK Wireless Configuration Utility" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^lionel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\lionel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\lionel\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^lionel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^wkcalrem.LNK] "path"="C:\\Users\\lionel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\wkcalrem.LNK" "backup"="C:\\Windows\\pss\\wkcalrem.LNK.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\WORKSS~1\\WkCalRem.exe " "item"="wkcalrem" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2014-02-27 09:04:16 1112 ----a-w- C:\Users\lionel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WKCALREM.LNK ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/01/2016 10:50] C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files\Dropbox\Update\DropboxUpdate.exe [27/10/2015 14:47] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files\Dropbox\Update\DropboxUpdate.exe [27/10/2015 14:47] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\4824" [wscript.exe C:\Users\lionel\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\Driver Booster SkipUAC (lionel)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\system32\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\system32\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\system32\tasks\GlaryInitialize 5" [C:\Program Files\Glary Utilities 5\Initialize.exe] "C:\Windows\system32\tasks\GU5SkipUAC" [C:\Program Files\Glary Utilities 5\Integrator.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\hpUrlLauncher.exe" [C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\utils\hpUrlLauncher.exe] "C:\Windows\system32\tasks\Java Platform SE Auto Updater" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [13/12/2015 10:07] ==== Firefox Extensions ====================== ProfilePath: C:\Users\lionel\AppData\Roaming\Thunderbird\Profiles\tqkdnywb.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\lionel\AppData\Roaming\TomTom\HOME\Profiles\pvqn3gcl.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\lionel\AppData\Roaming\Mozilla\Firefox\Profiles\nnqp82dx.default F169116C1BA501AB4D0D66D41FF496B5 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat FC5D7AF1FC3A63782E19B375E2312D1C - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 07A722522C5CB75AEBF837E0411415C0 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision 75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery D6015DB8EA402753421FF62CA3909B62 - C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U66 776C6B8D53C56500BC355D513F11A105 - C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.660.18 C63C3E4DFC05BAD9B34C0F884150547C - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 8BA469072B5A692B659F856C7E97A230 - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll - NPCIG.dll ==== Chromium Look ====================== Google Drive - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - lionel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - https://www.google.com/search?q={searchTerms} ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Safari Packages deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverFinder deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe" O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: WKCALREM.LNK = C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.webcompanion.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\Skype4COM.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\19.1.0\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: RealtekCU - Realtek Semiconductor Corp. - C:\Program Files\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\lionel\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NRADA0B will be deleted at reboot C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HLJLC7RQ will be deleted at reboot C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RPHS11C4 will be deleted at reboot C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEMX3P5G will be deleted at reboot C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\lionel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=525 folders=255 280296601 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\lionel\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\lionel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NRADA0B" not found "C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HLJLC7RQ" not found "C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RPHS11C4" not found "C:\Users\lionel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WEMX3P5G" not found ==== EOF on za 16/01/2016 at 12:08:57,42 ======================