
Zoek.exe v5.0.0.0 Updated 02-Januari-2014
Tool run by Patrick on vr 03/01/2014 at 12:29:12,92.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Patrick\AppData\Local\Temp\Rar$EX00.023\zoek.exe [Scan all users]  [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-03-110813.log	13360 bytes

==== Running Processes ======================

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Patrick\AppData\Local\Temp\Rar$EX00.023\zoek.exe
C:\Windows\system32\conhost.exe

==== Creating Sample_20140301_1242.zip ======================
 
Process iexplore.exe killed
Copied file C:\Users\Patrick\AppData\Roaming\satoolbar.exe to sample\satoolbar.exe
Copied file C:\Users\Patrick\AppData\Roaming\vio_clean.exe to sample\vio_clean.exe
sample\satoolbar.exe renamed to 0EEC37DF948EC3C927EA1A8468FCA41C
sample\vio_clean.exe renamed to DA5481078C6FFFA59E9F52AA7D47E836

C:\Users\Public\Desktop\sample_20140301_1242.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Internet Explorer\SearchScopes\{384ED85B-6742-4C22-AAB7-C35F6B3E6CC2} deleted successfully
HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D81EC1E9-5D42-4F03-815F-236B07FF95C5} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958)  
Adobe AIR  
Adobe Flash Player 11 ActiveX  
Adobe Reader X (10.1.8) - Nederlands  
Adobe Shockwave Player 12.0  
AIMP3  
Ashampoo Burning Studio 2012 v.10.0.15  
BitTorrent  
Canon MP Navigator EX 2.0  
Canon MP540 series MP Drivers  
Canon Utilities Easy-PhotoPrint EX  
Canon Utilities My Printer  
Canon Utilities Solution Menu  
CCleaner  
EASEUS Partition Master 9.1.0 Home Edition  
Gebruikersregistratie voor Canon MP540 series  
iMesh  
Java 7 Update 45  
Java Auto Updater  
K-Lite Codec Pack 9.4.0 (Basic)  
MailWasher  
MailWasherPro  
Malwarebytes Anti-Malware versie 1.75.0.1300  
Microsoft .NET Framework 4 Client Profile  
Microsoft .NET Framework 4 Client Profile NLD Language Pack  
Microsoft .NET Framework 4 Extended  
Microsoft .NET Framework 4 Extended NLD Language Pack  
Microsoft Antimalware Service NL-NL Language Pack  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Access MUI (Dutch) 2007  
Microsoft Office Enterprise 2007  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office File Validation Add-In  
Microsoft Office Groove MUI (Dutch) 2007  
Microsoft Office InfoPath MUI (Dutch) 2007  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office OneNote MUI (Dutch) 2007  
Microsoft Office Outlook MUI (Dutch) 2007  
Microsoft Office PowerPoint MUI (Dutch) 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Publisher MUI (Dutch) 2007  
Microsoft Office Shared 64-bit MUI (Dutch) 2007  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Security Client  
Microsoft Security Client NL-NL Language Pack  
Microsoft Security Essentials  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ Run Time  Lib Setup  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
Nero 11 Mini Repack  
Nero Backup Drivers  
neroxml  
NVIDIA-configuratiescherm 311.06  
NVIDIA 3D Vision stuurprogramma 311.06  
NVIDIA Drivers  
NVIDIA Grafisch stuurprogramma 311.06  
NVIDIA Install Application  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 1.11.3  
NVIDIA Update Components  
Orbit Downloader  
Paragon Backup & RecoveryT 10 Suite  
Picasa 3  
Python 2.7.3  
Realtek High Definition Audio Driver  
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition   
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition   
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition   
SmartSound Common Data  
SmartSound Quicktracks 5  
Spybot - Search & Destroy  
swMSM  
System Ninja version 2.4.3  
TeamViewer 8  
TeamViewer 8.0.17292  
TuneUp Utilities 2012  
TuneUp Utilities Language Pack (nl-NL)  
Unlocker 1.9.2  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition  
VCRedistSetup  
Windows 7 Codec Pack 4.0.6  
WinRAR archiver  
Wondershare Video Converter Ultimate(Build 6.6.0.5)  

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Windows\Installer\5429c1.msi" not found
C:\Users\Patrick\daemonprocess.txt deleted
C:\Users\Patrick\.android deleted
C:\PROGRA~2\BrowseSmart deleted
C:\PROGRA~2\1ClickDownload deleted
C:\PROGRA~2\Orbitdownloader deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~2\Conduit deleted
C:\extensions deleted
C:\Users\Patrick\AppData\Roaming\Oxy deleted
C:\ProgramData\FreeRIP deleted
C:\ProgramData\boost_interprocess deleted
C:\ProgramData\iMesh deleted
C:\Users\Patrick\AppData\Local\Oxy deleted
C:\Users\Patrick\AppData\Local\Wondershare deleted
C:\Users\Patrick\AppData\Local\iMesh deleted
C:\Users\Patrick\AppData\Local\TempDIR deleted
C:\Users\Patrick\AppData\Local\Mobogenie deleted
C:\Users\Patrick\AppData\Local\cache deleted
C:\Users\wangzhisong\AppData\Local\Mobogenie deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\Patrick\AppData\LocalLow\PriceGong deleted
C:\Users\Patrick\AppData\LocalLow\Conduit deleted
C:\Users\Patrick\AppData\LocalLow\Toolbar4 deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\Users\wangzhisong deleted
C:\Users\Patrick\Documents\Mobogenie deleted
C:\Users\Patrick\AppData\Roaming\satoolbar.exe deleted
C:\Users\Patrick\AppData\Roaming\vio_clean.exe deleted
"C:\Windows\Installer\47cc59.msi" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Patrick\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-12-23 18:40:47	4017040D75EA2163A8895F433D66A418	48617	----a-w-	C:\Windows\SysWOW64\ExampleCodeGeneratedCS.skm
2013-12-23 18:40:47	3EC8A60CBDAEB321A15A3740DD582F5C	45710	----a-w-	C:\Windows\SysWOW64\ExampleCodeGeneratedVB.skm
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-12-11 08:21:34	E0D3CD5841E5C7BE7B94BA946AF1E498	116736	----a-w-	C:\Windows\Sysnative\drivers\drmk.sys
2013-12-11 08:21:34	1E0B4CBBA91C6B041A14ECC2186F7E24	230400	----a-w-	C:\Windows\Sysnative\drivers\portcls.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-06 16:15:44	--------	d-----w-	C:\Program Files\Unlocker
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Patrick\AppData\Roaming ======
2013-12-27 15:50:04	--------	d-----w-	C:\Users\Patrick\AppData\Roaming\Groovedown_Uninstall
2013-12-23 18:38:32	--------	d-----w-	C:\Users\Patrick\AppData\Roaming\Petrax Software
2013-12-11 09:39:26	--------	d-----w-	C:\Users\Patrick\AppData\Roaming\GetRightToGo
2013-12-06 16:15:44	--------	d-----w-	C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-12-06 14:39:45	--------	d-----w-	C:\Users\Patrick\AppData\Local\Chromium
====== C:\Users\Patrick ======
2014-01-02 17:08:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
2014-01-01 16:02:37	C584E90F3675E920B7035E24B3AFCF69	4539792	----a-w-	C:\Users\Patrick\Downloads\orbit-downloader-4.1.1.0(1).exe

====== C: exe-files ==
2014-01-01 16:02:37	C584E90F3675E920B7035E24B3AFCF69	4539792	----a-w-	C:\Users\Patrick\Downloads\orbit-downloader-4.1.1.0(1).exe
2013-12-27 15:50:05	AB8DACBF49D6FAF439C204F9C6958581	902656	----a-w-	C:\Users\Patrick\AppData\Roaming\Groovedown_Uninstall\Groovedown_Uninstall.exe
=== C: other files ==
2014-01-03 11:42:43	E91318712095C7565CFFCADD258C181A	6620990	----a-w-	C:\Users\Public\Desktop\sample_20140301_1242.zip
2013-12-31 16:06:42	30DE744AC7A34CC3C7C049881335DA65	101786	----a-w-	C:\Users\Patrick\AppData\Roaming\Orbit\AdConfig\TipsAd.zip
2013-12-31 16:06:41	B1F82EEDD24E43AAFC0241E1DEC4E964	108917	----a-w-	C:\Users\Patrick\AppData\Roaming\Orbit\AdConfig\LeftAd.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart"
"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe                                                                                                                                                                                                                          "
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe                                                                                                                                                                                                                            "
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Common Files\\Nero\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonMyPrinter"
"hkey"="HKLM"
"command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenu]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonSolutionMenu"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Canon\\SolutionMenu\\CNSLMAIN.exe /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Tray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EaseUs Tray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EaseUS\\Todo Backup\\bin\\TrayNotify.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Watch]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EaseUs Watch"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EaseUS\\Todo Backup\\bin\\EuWatch.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Eraser]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Eraser"
"hkey"="HKLM"
"command"="\"C:\\PROGRA~1\\Eraser\\Eraser.exe\" --atRestart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MIXTRAXSystemTray.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MIXTRAXSystemTray.exe"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Pioneer\\MIXTRAX\\MIXTRAXSystemTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NBKeyScan"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Patrick\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackTrayMenu.lnk]
"item"="CodecPackTrayMenu"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\CodecPackTrayMenu.lnk"
"backup"="C:\\Windows\\pss\\CodecPackTrayMenu.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\SysWOW64\\C2MP\\TrayMenu.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
"item"="CodecPackUpdateChecker"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\CodecPackUpdateChecker.lnk"
"backup"="C:\\Windows\\pss\\CodecPackUpdateChecker.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\SysWOW64\\C2MP\\UPDATE~1.EXE"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 10:10]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4899" [wscript.exe C:\Users\Patrick\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2012" [C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{545981D7-FB41-46E7-B4B3-EB3880D0449E}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.deredactie.be/cm/vrtnieuws"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.deredactie.be/cm/vrtnieuws"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214} deleted successfully
HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214} deleted successfully
HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3753318442-980422097-551917788-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Tray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUs Watch deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MIXTRAXSystemTray.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully

==== HijackThis Entries ======================

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.deredactie.be/cm/vrtnieuws
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://belgacom.extrafilm.be/ExtraFilmUploader6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Patrick\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2546 folders=284 378315681 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Patrick\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Patrick\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 03/01/2014 at 13:37:35,85 ======================