Zoek.exe v5.0.0.0 Updated 26-11-2014 Tool run by Anne Souwman on do 27-11-2014 at 8:26:28,85. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Anne Souwman\Downloads\zoek (1).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-11-26-080944.log 19250 bytes C:\zoek-results2014-11-26-084929.log 461059 bytes C:\zoek-results2014-11-26-154016.log 38736 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-765127378-1575408647-2922503194-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-765127378-1575408647-2922503194-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-765127378-1575408647-2922503194-1000\Software\Mozilla\Firefox\Extensions\{F0F70F08-6B2D-F1F0-5AF5-910F8B7B070D} deleted successfully ==== Installed Programs ====================== Acer Arcade Deluxe Acer Backup Manager Acer Crystal Eye webcam Ver:1.1.74.216 Acer eRecovery Management Acer GridVista Acer PowerSmart Manager Acer Product Registration Acer ScreenSaver Adobe Flash Player 10 ActiveX Adobe Reader 9 - Nederlands Agere Systems HDA Modem Airport Mania First Flight AVG 2015 Backup Manager Basic Basissoftware voor HP Deskjet 3050 J610 series Broadcom Gigabit NetLink Controller C:\\Program Files\\Acer GameZone\\GameConsole Cake Mania 2 Choice Guard ClipCnv Compatibiliteitspakket voor het 2007 Microsoft Office system Cooking Dash Cradle of Rome Dairy Dash Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition Dream Day Honeymoon eSobi v2 Galapago GemistDownloader Google Chrome Google Desktop Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Deskjet 3050 J610 series Haelp HP Update Jewel Quest Solitaire Junk Mail filter update K-Lite Codec Pack 10.6.5 Basic Launch Manager Luxor 2 Mahjong Escape Ancient China Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Program version 1.5 MyWinLocker Norton 360 NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 NVIDIA Drivers Ocean Express Orion Parking Dash Popcorn Time Puzzle Express Rainbow Web Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader RegClean-Pro Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition shopwithme SkypeT 6.18 Spotify Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Tradewinds 2 Tri-Peaks Solitaire To Go Turbo Pizza Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition VideoCnv Visual Studio 2012 x86 Redistributables VLC media player Wedding Dash Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Writer WinZip Malware Protector Zuma Deluxe ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\agrsmsvc.exe C:\Program Files\AVG\AVG2015\avgwdsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Popcorn Time\Updater.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\AVG\AVG2015\avgui.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe C:\Windows\system32\DllHost.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\ANNESO~1\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\ctfmon.exe C:\Windows\system32\wuauclt.exe C:\Users\Anne Souwman\Downloads\zoek (1).exe C:\Windows\system32\conime.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{F0F70F08-6B2D-F1F0-5AF5-910F8B7B070D}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\ProgramData\fastncheap deleted C:\ProgramData\getit4cheaper deleted C:\ProgramData\dd43ae12fecbc105 deleted C:\Program Files\ver3Safer-Surf deleted C:\Program Files\Convesoft deleted C:\Program Files\VideoCnv deleted C:\Program Files\Reimage deleted C:\Users\Anne Souwman\AppData\Roaming\Nico Mak Computing\WinZip Malware Protector deleted C:\Users\Anne Souwman\AppData\Roaming\istartsurf deleted C:\Users\Anne Souwman\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\Nico Mak Computing\WinZip Malware Protector deleted C:\Users\Anne Souwman\AppData\Local\MaxiGet Download Manager deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector deleted C:\Users\Anne Souwman\Downloads\wzmp_8.exe deleted C:\Users\Anne Souwman\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted C:\Users\Anne Souwman\Downloads\ReimageRepair.exe deleted C:\Windows\Reimage.ini deleted C:\Windows\system32\tasks\WinZip Malware Protector_startup deleted C:\Windows\system32\wsusnative32.exe deleted C:\Windows\System32\00024802.tmp deleted "C:\Program Files\WinZip Malware Protector\aspsys.dll" deleted "C:\Program Files\WinZip Malware Protector\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\Program Files\WinZip Malware Protector\System.Data.SQLite.dll" deleted "C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe" deleted "C:\Program Files\WinZip Malware Protector\Xceed.Compression.dll" deleted "C:\Program Files\WinZip Malware Protector\Xceed.FileSystem.dll" deleted "C:\Program Files\WinZip Malware Protector\Xceed.Zip.dll" deleted "C:\Program Files\WinZip Malware Protector\aspsys.dll" deleted "C:\Program Files\WinZip Malware Protector\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\Program Files\WinZip Malware Protector\System.Data.SQLite.dll" deleted "C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe" deleted "C:\Program Files\WinZip Malware Protector\Xceed.Compression.dll" deleted "C:\Program Files\WinZip Malware Protector\Xceed.FileSystem.dll" deleted "C:\Program Files\WinZip Malware Protector\Xceed.Zip.dll" deleted "C:\Program Files\WinZip Malware Protector" not deleted "C:\Program Files\WinZip Malware Protector" not deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3066 MB CPU Info: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz CPU Speed: 1995,5 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce G 105M | NVIDIA GeForce G 105M | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Atheros AR5B91 Wireless Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet CD / DVD Drives: 1x (D: | ) D: SlimtypeDVD A DS8A3S Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 288,3GB Hard Disks - Free: C: 132,2GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 04/14/09 | ACRSYS - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer JV50 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus 2015 On-access scanning disabled (Outdated) Anti-Virus: Norton 360 On-access scanning disabled (Outdated) Anti-Spyware: Norton 360 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus 2015 disabled (Outdated) Firewall: Norton 360 disabled Default Browser: Google Chrome 38.0.2125.111 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 38.0.2125.111 Adobe Reader version: 9.0.0.2008061200 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ANNESO~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-11-22 19:46:14 FDF054202055B07E686EAC1C5A19F785 10134 ----a-w- C:\Windows\System32\ScanResults.xml 2014-11-22 19:37:18 406E76BE63C65E0BF4B263156320254E 464 ----a-w- C:\Windows\System32\ScannerSettings 2014-11-19 10:33:04 1DE1C07B256961012DCE0674EA488DE7 499200 ----a-w- C:\Windows\System32\kerberos.dll ====== C:\Windows\system32\drivers ===== 2014-10-29 20:34:52 5C238CDA802ECA79D7C05EEDDEA7001B 213784 ----a-w- C:\Windows\System32\drivers\avgidsdriverx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-25 13:26:46 -------- d-----w- C:\Program Files\trend micro 2014-11-20 10:46:52 -------- d-----w- C:\Program Files\WinZip Malware Protector 2014-11-20 08:56:26 -------- d-----w- C:\Program Files\AVG ======= C: ===== ====== C:\Users\Anne Souwman\AppData\Roaming ====== 2014-11-26 15:38:23 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-11-26 15:38:23 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-11-26 15:38:23 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-11-26 15:38:23 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-11-26 15:38:22 -------- d-----w- C:\Users\Anne Souwman\AppData\Local\Temp(23) 2014-11-20 10:47:21 -------- d-----w- C:\Users\Anne Souwman\AppData\Roaming\Nico Mak Computing 2014-11-20 09:00:08 -------- d-----w- C:\Users\Anne Souwman\AppData\Roaming\AVG2015 2014-11-20 08:59:39 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2015 2014-11-20 08:59:06 -------- d-----w- C:\Users\Anne Souwman\AppData\Roaming\TuneUp Software 2014-11-20 08:56:30 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2015 2014-11-20 08:44:16 -------- d-----w- C:\Users\Anne Souwman\AppData\Local\Avg2015 ====== C:\Users\Anne Souwman ====== 2014-11-26 19:00:52 -------- d-----w- C:\ProgramData\WindowsSearch 2014-11-26 18:45:06 -------- d-----w- C:\ProgramData\Nico Mak Computing 2014-11-26 18:43:06 -------- d-----w- C:\ProgramData\AVG2015 2014-11-26 10:16:22 -------- d-----w- C:\ProgramData\AVG2015(4) 2014-11-26 10:15:26 -------- d-----w- C:\ProgramData\Microsoft Help(11) 2014-11-26 10:03:41 -------- d-----w- C:\ProgramData\Adobe 2014-11-26 08:50:17 -------- d-----w- C:\ProgramData\NVIDIA 2014-11-26 08:49:44 -------- d-----w- C:\ProgramData\EgisTec 2014-11-26 08:49:43 -------- d-----w- C:\ProgramData\CyberLink(7) 2014-11-26 08:46:16 -------- d-----w- C:\ProgramData\HP(8) 2014-11-26 08:44:20 -------- d-----w- C:\ProgramData\Microsoft(10) 2014-11-25 13:36:13 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Anne Souwman\Downloads\RSIT (1).exe 2014-11-25 13:25:31 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Anne Souwman\Downloads\RSIT.exe 2014-11-20 09:12:36 -------- d-----r- C:\Windows\system32\config\systemprofile\Downloads 2014-11-20 09:12:36 -------- d-----r- C:\Windows\system32\config\systemprofile\Documents 2014-11-20 08:59:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-11-20 08:58:07 -------- d-----w- C:\ProgramData\AVG2015(95) ====== C: exe-files == 2014-11-26 19:01:19 7877D5EA7EB1994D6E9ABDC583CED9D7 659272 ----a-w- C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\SwReporter\1.4.1\software_reporter_tool.exe 2014-11-25 13:36:13 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Anne Souwman\Downloads\RSIT (1).exe 2014-11-25 13:26:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Anne Souwman.exe 2014-11-25 13:25:31 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Anne Souwman\Downloads\RSIT.exe 2014-11-21 14:20:50 1F2AFAB903C0D48480561F3BBD4539C2 739640 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleUpdateSetup_5CC4B0F53D73AD88.exe === C: other files == 2014-11-26 07:55:11 6D345477F9BA3562FC3D2D68D9A11C2A 104 ----a-w- C:\Users\Anne Souwman\AppData\Local\Temp\utt32D.tmp.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-765127378-1575408647-2922503194-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "LManager"="C:\Program Files\Launch Manager\LManager.exe" "BackupManagerTray"="C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -k" "Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe" "EgisTecLiveUpdate"="C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" "mwlDaemon"="C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL" ==== Startup Folders ====================== 2014-08-04 09:17:58 1105 ----a-w- C:\Users\Anne Souwman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-10-2014 14:03] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton 360\Engine\21.6.0.32\WSCStub.exe"] "C:\Windows\system32\tasks\Acer\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe] "C:\Windows\system32\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe] "C:\Windows\system32\tasks\Norton 360\Norton Error Processor" [C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [04-08-2014 10:36] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx[20-09-2014 09:52] Google Docs - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Security Toolbar - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnhomagjkoahcpildbcmoeanlapopkkf deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.istartsurf.com/?type=hp&ts=1407791441&from=epom&uid=hitachixhts545032b9a300_090404pb0c00qpg69y2ax" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1407791441&from=epom&uid=HitachiXHTS545032B9A300_090404PB0C00QPG69Y2AX" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.istartsurf.com/?type=hp&ts=1407791441&from=epom&uid=HitachiXHTS545032B9A300_090404PB0C00QPG69Y2AX" "Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1407791441&from=epom&uid=HitachiXHTS545032B9A300_090404PB0C00QPG69Y2AX&q={searchTerms}" "Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1407791441&from=epom&uid=HitachiXHTS545032B9A300_090404PB0C00QPG69Y2AX&q={searchTerms}" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1407791441&from=epom&uid=HitachiXHTS545032B9A300_090404PB0C00QPG69Y2AX" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{C5BFFC20-B356-4D6A-BDCD-5C2F23610ADD}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW" {C5BFFC20-B356-4D6A-BDCD-5C2F23610ADD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_nlNL599NL599" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{22c5205d} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1 deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Update service - Company - C:\Program Files\Popcorn Time\Updater.exe ==== Empty IE Cache ====================== C:\Users\Anne Souwman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Anne Souwman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Anne Souwman\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2325 folders=524 958772829 bytes) ==== Empty Temp Folders ====================== C:\Users\Anne Souwman\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ANNESO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Anne Souwman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\WinZip Malware Protector" not found "C:\Program Files\WinZip Malware Protector" not found ==== EOF on do 27-11-2014 at 9:02:52,03 ======================