Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Claudia on zo 24-11-2013 at 13:39:11,66. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Claudia\Downloads\zoek (4)\zoek.exe [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Program Files\CheckPoint\ZAForceField\ForceField.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\system32\RunDll32.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\BrowserCompanion\BCHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\DllHost.exe C:\Users\Claudia\Downloads\zoek (4)\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Users\Claudia\Downloads\HijackThis (1).exe C:\Windows\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 24-11-2013 14:27:45 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\ProgramData\Babylon deleted successfully C:\Users\Claudia\AppData\Roaming\.# deleted successfully C:\Users\Claudia\AppData\Roaming\Systweak deleted successfully C:\Users\Claudia\AppData\Roaming\TP deleted successfully C:\Users\Claudia\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Claudia\AppData\Local\Conduit deleted successfully ==== Creating Sample_24-11-2013_1438.zip ====================== Copied file C:\Users\Claudia\AppData\Roaming\BabMaint.exe to sample\BabMaint.exe sample\BabMaint.exe renamed to 0DAB3D8A519DD8DF791AB73F28B98440 C:\Users\Public\Desktop\sample_24-11-2013_1438.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91da5e8a-3318-4f8c-b67e-5964de3ab546} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CDD62253-DF3D-42B2-8803-C09D64EAD913} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{91da5e8a-3318-4f8c-b67e-5964de3ab546} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{91da5e8a-3318-4f8c-b67e-5964de3ab546} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) ęTorrent Aangifte inkomstenbelasting 2010 Aangifte inkomstenbelasting 2011 Acer Arcade Deluxe Acer Backup Manager Acer Crystal Eye webcam Ver:1.1.74.216 Acer ePower Management Acer eRecovery Management Acer GameZone Console Acer GridVista Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader 9.2 MUI Adobe Shockwave Player 11.6 Alice Greenfingers Amazonia ATI AVIVO64 Codecs ATI Catalyst Install Manager Backup Manager Basic Bejeweled 3 Broadcom Gigabit NetLink Controller BrowserCompanion Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chicken Invaders 2 Conduit Engine Curse Client D3DX10 Dairy Dash Download_Energy Toolbar Dream Day First Home eSobi v2 Google Chrome Google Toolbar for Internet Explorer Google Update Helper HP Photo Creations HP Photosmart 5520 series Basissoftware van het apparaat HP Photosmart 5520 series Help HP Photosmart 5520 series Productverbeteringsonderzoek HP Update Identity Card Intel© Matrix Storage Manager Java 7 Update 9 Java Auto Updater Java(TM) 6 Update 24 Junk Mail filter update Launch Manager LSI HDA Modem Merriam Websters Spell Jam Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office Home and Business 2010 - Nederlands Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Language Pack 2007 - Dutch/Nederlands Microsoft Office Live Add-in 1.5 Microsoft Office O MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office SharePoint Designer MUI (Dutch) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office X MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker Norton Online Backup NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 OpenOffice.org 3.2 Philips Songbird Picasa 3 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition Skype Web Plugin 1.9.10772.12905 SkypeT 6.3 swMSM Synaptics Pointing Device Driver TeamSpeak 2 RC2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for PDF Reader Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) uTorrentBar_NL Toolbar VC 9.0 Runtime Ventrilo Client Vodafone Mobile Broadband Lite Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources World of Warcraft ZoneAlarm Firewall ZoneAlarm Free ZoneAlarm LTD Toolbar ZoneAlarm Security ZoneAlarm Security Toolbar ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IswSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IswSvc deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Check Point Software Technologies LTD deleted C:\PROGRA~2\uTorrentBar_NL deleted C:\PROGRA~2\Download_Energy deleted C:\PROGRA~2\Conduit deleted C:\PROGRA~2\ConduitEngine deleted C:\extensions deleted C:\Users\Claudia\AppData\Roaming\BabSolution deleted C:\Users\Claudia\AppData\Roaming\Babylon deleted C:\Users\Claudia\AppData\Roaming\DSite deleted C:\ProgramData\Ask deleted C:\ProgramData\Partner deleted C:\ProgramData\Trymedia deleted C:\Users\Claudia\AppData\Local\Systweak deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\DSite deleted C:\Users\Public\sdelevURL.tmp deleted C:\Users\Claudia\Downloads\SoftonicDownloader_voor_microsoft-word.exe deleted C:\Users\Claudia\AppData\LocalLow\BabylonToolbar deleted C:\Users\Claudia\AppData\LocalLow\uTorrentBar_NL deleted C:\Users\Claudia\AppData\LocalLow\Download_Energy deleted C:\Users\Claudia\AppData\LocalLow\PriceGong deleted C:\Users\Claudia\AppData\LocalLow\bbrs_002.tb deleted C:\Users\Claudia\AppData\LocalLow\Conduit deleted C:\Users\Claudia\AppData\LocalLow\ConduitEngine deleted C:\windows\SysNative\tasks\RegClean Pro deleted C:\windows\SysNative\tasks\RegClean Pro_DEFAULT deleted C:\windows\SysNative\tasks\RegClean Pro_UPDATES deleted C:\Windows\tasks\RegClean Pro_DEFAULT.job deleted C:\Windows\tasks\RegClean Pro_UPDATES.job deleted C:\user.js deleted C:\Users\Claudia\AppData\Roaming\BabMaint.exe deleted "C:\Users\Claudia\AppData\Local\{1EE64D8B-4BC0-4D8C-AD0C-980323C8006C}" deleted "C:\Programdata\Windows\colu.dat" deleted "C:\Programdata\Windows\msxx.dat" deleted "C:\Programdata\Windows\vvve.dat" deleted "C:\PROGRA~2\BrowserCompanion\BCHelper.exe" deleted "C:\PROGRA~2\BrowserCompanion\sqlite3.dll" deleted "C:\PROGRA~2\BrowserCompanion\BCHelper.exe" deleted "C:\PROGRA~2\BrowserCompanion\sqlite3.dll" deleted "C:\Users\Claudia\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar\sites" not deleted "C:\Programdata\Windows" deleted "C:\PROGRA~2\BrowserCompanion" deleted "C:\PROGRA~2\BrowserCompanion" deleted "C:\Users\Claudia\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Claudia\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-11-14 11:53:39 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-11-14 11:53:27 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll 2013-11-14 11:53:27 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\SysWOW64\credui.dll 2013-11-14 11:53:27 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 11:53:13 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2013-11-14 11:53:12 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 11:53:12 42B924C5F3924C1EB2539F22C10D7DF1 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2013-11-14 11:53:12 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2013-11-14 11:53:10 56E3313690866F99CD17AA1342F64AE1 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2013-11-14 11:53:09 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 11:53:09 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\SysWOW64\nshwfp.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-11-14 11:53:39 780F6ECC4F55D76C9730E6B6C9B31913 1474048 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-11-14 11:53:27 8563BA40DF4F1E93A61B70E2C8B60CF8 190464 ----a-w- C:\Windows\Sysnative\SmartcardCredentialProvider.dll 2013-11-14 11:53:27 4403D5ECE7D8323CAF1207D1AA38FA01 197120 ----a-w- C:\Windows\Sysnative\credui.dll 2013-11-14 11:53:27 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\Windows\Sysnative\authui.dll 2013-11-14 11:53:13 31FFED18C7B836CEC1B559347E32E151 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2013-11-14 11:53:13 086F906B1D30C0A5D35FE0F6362DAB21 1447936 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2013-11-14 11:53:12 B08EA91C774AA734E0B9881F85CD9F42 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2013-11-14 11:53:12 7C46EC9CCDE6E793713FA01DB2EB918E 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2013-11-14 11:53:12 747B9BA5412422F27934CB21131F0A3E 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2013-11-14 11:53:12 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2013-11-14 11:53:12 208EAAFF40DA400190AA0605C797BEA2 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2013-11-14 11:53:11 56325BB1FF19F2A5AC8713756AC41140 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll 2013-11-14 11:53:09 D07EB640618F96490DB88C3CE58DB608 324096 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL 2013-11-14 11:53:09 660C06F663F27760F565FD567B57625C 830464 ----a-w- C:\Windows\Sysnative\nshwfp.dll 2013-11-14 11:53:09 344789398EC3EE5A4E00C52B31847946 859648 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL ====== C:\Windows\Sysnative\drivers ===== 2013-11-14 11:53:29 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-11-14 11:53:13 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-11-14 11:53:13 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2013-11-14 11:53:13 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-11-04 19:38:31 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-11-04 19:38:31 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-11-04 19:38:31 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-11-04 19:38:31 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2013-11-04 19:38:31 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-11-04 19:38:31 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-11-04 19:38:31 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys ====== C:\Windows\Tasks ====== 2013-11-24 12:17:58 AF36A384876FB87A1B373A869356A9A9 3176 ----a-w- C:\Windows\Sysnative\Tasks\{F16D04A8-A28F-4A70-9EE0-08522186A108} 2013-11-24 12:17:58 AF36A384876FB87A1B373A869356A9A9 3176 ----a-w- C:\Windows\Sysnative\Tasks\{5239D447-868D-4C60-A165-53F866FD7E2E} 2013-11-22 14:16:57 B424068F14E585D73DEE0C8F87F76438 3144 ----a-w- C:\Windows\Sysnative\Tasks\{589604BC-75D9-40DF-8933-AA6A3C147C44} 2013-11-22 14:07:37 06D9BEA87938160D639D2AC292D3302F 3152 ----a-w- C:\Windows\Sysnative\Tasks\{522A4792-9EB0-4987-8598-B63F79EC0C75} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Claudia\AppData\Roaming ====== ====== C:\Users\Claudia ====== 2013-11-22 11:29:51 2707ED7863D9076F0BF7D56B80A1D520 20755015 ----a-w- C:\Users\Claudia\Downloads\TuneUpUtilities2013_nl-NL.exe 2013-11-21 10:32:58 A688EE32C3D607BBFE934C57B2A00527 13079688 ----a-w- C:\Users\Claudia\Downloads\Silverlight_x64 (1).exe 2013-11-15 11:05:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2013-11-15 11:04:02 A0346BEA58F94EE31B029A50DCF80F28 14965064 ----a-w- C:\Users\Claudia\Downloads\picasa39-setup.exe ====== C: exe-files == 2013-11-22 11:29:51 2707ED7863D9076F0BF7D56B80A1D520 20755015 ----a-w- C:\Users\Claudia\Downloads\TuneUpUtilities2013_nl-NL.exe 2013-11-21 10:32:58 A688EE32C3D607BBFE934C57B2A00527 13079688 ----a-w- C:\Users\Claudia\Downloads\Silverlight_x64 (1).exe 2013-11-18 21:21:19 1A7C91AC6F14EBB22688704A13DC8D17 12598112 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_30.0.1599.101_chrome_updater.exe === C: other files == 2013-11-24 13:38:21 580E1E6AAF6824F2D511BBDD3426A38E 61703 ----a-w- C:\Users\Public\Desktop\sample_24-11-2013_1438.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "NortonOnlineBackup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "ZoneAlarm"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" "MobileBroadband"="C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Browser companion helper"="C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "uTorrent"="C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "PLFSetI"="C:\Windows\PLFSetI.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "ISW"="C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon=hidden" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2010-08-11 15:30:35 0 ----a-w- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip 2012-12-07 00:58:32 1954 ----a-w- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series.lnk 2010-11-19 14:36:33 1243 ----a-w- C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-10-2013 12:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-02-2010 19:43] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-02-2010 19:43] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [08-12-2012 02:55] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"="C:\Program Files\CheckPoint\ZAForceField\TrustChecker" [03-06-2012 23:28] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"="C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker" [03-06-2012 23:10] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[] Browser Companion Helper - Claudia - Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej AdBlock - Claudia - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Claudia - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal deleted successfully C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_clbfjfbnelcflpgpklppgplejolacbej_0.localstorage deleted successfully C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_clbfjfbnelcflpgpklppgplejolacbej_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012213" "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5738&r=27360210d926l0348z175t48j1v180" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012213" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL366NL369" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {FB628F7A-E68B-4762-80D7-35ADF6CEB795} Search By ZoneAlarm Url="http://search.zonealarm.com/search?Source=Browser&oemCode=ZLN18460389289116-1001&toolbarId=base&affiliateId=1600&Lan=en&utid=a43664880000000000000026c62ce9bd&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully HKEY_USERS\S-1-5-21-4140747089-2050613900-2172656074-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012213 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: CurseClientStartup.ccip O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 5520 series.lnk = ? O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{F03C7ABB-462C-43CC-BBD2-C43B821AC5C4}: NameServer = 62.140.140.250 62.140.138.237 O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing) O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing) O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Claudia\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Claudia\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNE5NDJ6 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Claudia\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Claudia\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar\sites" not found "C:\Users\Claudia\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar" not found "C:\Users\Claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNE5NDJ6" not found ==== EOF on zo 24-11-2013 at 14:51:37,10 ====================== ==== After Reboot ====================== ==== EOF on ma 25-11-2013 at 15:19:34,00 ======================