
Zoek.exe Version 4.0.0.4 Updated 30-07-2013
Tool run by carla's pc on wo 31-07-2013 at 17:22:37,39.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\carla's pc\Downloads\zoek.exe [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results31-07-2013-0832.log	25133 bytes
C:\zoek-results31-07-2013-1720.log	1066 bytes

==== Creating Sample_31-07-2013_1734.zip ======================
 
Copied file C:\Users\carla's pc\AppData\Roaming\nl_setup5Final.exe to sample\nl_setup5Final.exe
Copied file C:\Users\carla's pc\AppData\Roaming\TU_2012_v12.2110.7_GER_INS.exe to sample\TU_2012_v12.2110.7_GER_INS.exe
sample\nl_setup5Final.exe renamed to D91725C5EFBDB21485CDB64D8AA57DB5
sample\TU_2012_v12.2110.7_GER_INS.exe renamed to B4CA66A7E880B1DEE3096C1804C1D42C

C:\Users\Public\Desktop\sample_31-07-2013_1734.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{31A75037-FEC1-0FF7-2DBD-04CE8505D99E} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\carla's pc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\carla's pc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\carla's pc\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- Lines yq0k63y62@yaixcmeed.com removed from prefs.js ----


---- Lines yq0k63y62@yaixcmeed.com modified from prefs.js ----


---- Lines lxrftvrb@h-.com removed from prefs.js ----


---- Lines lxrftvrb@h-.com modified from prefs.js ----


---- Lines lxrftvrb@h-.com removed from prefs.js ----


---- Lines lxrftvrb@h-.com modified from prefs.js ----


---- FireFox user.js and prefs.js backups ---- 


==== Deleting Files \ Folders ======================

"C:\Windows\Sysnative\Tasks\Desk 365 RunAsStdUser" not found 
"C:\Windows\Sysnative\Tasks\PC Optimizer Pro Updates" not found 
"C:\Program Files (x86)\TornTV.com" not found 
"C:\users\carla's pc\AppData\Roaming\eIntaller" not found 
"C:\users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" not found 
"C:\ProgramData\PC Optimizer Pro" not found 
"C:\Users\carla's pc\AppData\Local\Temp\Desk365\eInstall" not found 
"C:\Users\carla's pc\AppData\Roaming\eIntaller\D91B0B41AFD9421c8C0604149422C93C" not found 
"C:\ProgramData\Tarma Installer" not found 
"C:\Windows\SysNative\roboot64.exe" deleted
"C:\windows\SysNative\Tasks\Express FilesUpdate" deleted
"C:\Windows\tasks\PC Optimizer Pro Updates.job" deleted
"C:\Windows\syswow64\roboot.exe" deleted
"C:\Windows\sysWoW64\sasnative32.exe" deleted
"C:\Users\carla's pc\Desktop\items bureablad\diverse downloads\SoftonicDownloader_voor_hitman.exe" deleted
"C:\Users\carla's pc\Desktop\items bureablad\diverse downloads\SoftonicDownloader_voor_vlc-media-player.exe" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchvsl.xml" deleted
"C:\Users\carla's pc\AppData\Roaming\nl_setup5Final.exe" deleted
"C:\Users\carla's pc\AppData\Roaming\TU_2012_v12.2110.7_GER_INS.exe" deleted
"C:\Users\carla's pc\AppData\Roaming\Winamp\amp" deleted
"C:\Users\carla's pc\AppData\Roaming\Winamp" deleted
"C:\ProgramData\BeRowsuE2saaVee" deleted
"C:\ProgramData\EbookBBrowsse" deleted
"C:\Program Files (x86)\BrowseToSave" deleted
"C:\Program Files (x86)\Common Files\337" deleted
"C:\found.000" deleted
"C:\found.001" deleted
"C:\found.002" deleted
"C:\Users\carla's pc\AppData\Roaming\ExpressFiles" deleted
"C:\Users\carla's pc\AppData\Roaming\ParetoLogic" deleted
"C:\Users\carla's pc\AppData\Roaming\DriverCure" deleted
"C:\Users\carla's pc\AppData\Roaming\Babylon" deleted
"C:\Users\carla's pc\AppData\Roaming\Systweak" deleted
"C:\Users\carla's pc\AppData\Roaming\PerformerSoft" deleted
"C:\ProgramData\Systweak" deleted
"C:\ProgramData\Partner" deleted
"C:\ProgramData\boost_interprocess" deleted
"C:\ProgramData\ParetoLogic" deleted
"C:\ProgramData\SoftSafe" deleted
"C:\ProgramData\InstallMate" deleted
"C:\ProgramData\Premium" deleted
"C:\ProgramData\Babylon" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeRowsuE2saaVee" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EbookBBrowsse" deleted
"C:\Users\carla's pc\AppData\Local\CRE" deleted
"C:\Users\carla's pc\AppData\Local\Bundled software uninstaller" deleted
"C:\Users\carla's pc\AppData\Local\PackageAware" deleted
"C:\Users\carla's pc\AppData\Local\Babylon" deleted
"C:\Users\carla's pc\AppData\LocalLow\mediabarbs" deleted
"C:\Users\carla's pc\AppData\LocalLow\facemoods.com" deleted
"C:\Users\carla's pc\AppData\LocalLow\DataMngr" deleted
"C:\Users\carla's pc\AppData\LocalLow\searchquband" deleted
"C:\Users\carla's pc\AppData\LocalLow\Conduit" deleted

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[]
ihflimipbcaljfnojhhknppphnnciiif - No path found[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[05-07-2012 18:44]
meinjhkhgaalhfbinmclpmjikccbplkf - C:\Users\carla's pc\AppData\Local\CRE\meinjhkhgaalhfbinmclpmjikccbplkf.crx[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx[31-05-2013 03:49]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\CARLA'~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[12-05-2013 09:05]
meinjhkhgaalhfbinmclpmjikccbplkf - C:\Users\carla's pc\AppData\Local\CRE\meinjhkhgaalhfbinmclpmjikccbplkf.crx[]

Google Drive - carla's pc - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - carla's pc - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - carla's pc - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Weerplaza - carla's pc - Default\Extensions\djakjaebiehcbcjclfgifnhipfcobpaa
Gmail - carla's pc - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\carla's pc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Unknown  Url="Not_Found"

==== Reset Google Chrome ======================

C:\users\carla's pc\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\carla's pc\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully
HKEY_USERS\S-1-5-21-1598719281-464911274-594154728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\carla's pc\Desktop\AppData - Snelkoppeling.lnk - C:\Users\carla's pc\AppData 
C:\Users\carla's pc\Desktop\ASO3 - Snelkoppeling.lnk - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe 
C:\Users\carla's pc\Desktop\Breaking Bad - Season 5 (Ep. 1-8) [HDTV] + EXTRAS - Snelkoppeling.lnk - C:\Users\carla's pc\Documents\BitLord\Breaking Bad - Season 5 (Ep. 1-8) [HDTV] + EXTRAS 
C:\Users\carla's pc\Desktop\Downloads - Snelkoppeling.lnk - C:\Users\carla's pc\Downloads 
C:\Users\carla's pc\Desktop\HiJackThis.lnk - C:\Users\carla's pc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 
C:\Users\carla's pc\Desktop\MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe 
C:\Users\carla's pc\Desktop\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe 
C:\Users\carla's pc\Desktop\Programma's - Snelkoppeling.lnk -  
C:\Users\carla's pc\Desktop\The Good Wife Season 4 Complete 720p HD [CARG] - Snelkoppeling.lnk - C:\Users\carla's pc\Documents\BitLord\The Good Wife Season 4 Complete 720p HD [CARG] 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 
C:\Users\Public\Desktop\Slim pc-onderhoud.lnk - C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe C:\Program Files\Advanced System Optimizer 3\ASO3.exe -spc
C:\Users\Public\Desktop\Spotnet.lnk - C:\Program Files (x86)\Spotnet\Spotnet.exe 
C:\Users\Public\Desktop\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9320325AS_6VD2BWFYXXXX6VD2BWFY&ts=1374926005
C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9320325AS_6VD2BWFYXXXX6VD2BWFY&ts=1374926005
C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9320325AS_6VD2BWFYXXXX6VD2BWFY&ts=1374926005
C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\carla's pc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk - C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9320325AS_6VD2BWFYXXXX6VD2BWFY&ts=1374926005
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe 

==== shortcuts in Quick Launch ======================

C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\DigitalEditions.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9320325AS_6VD2BWFYXXXX6VD2BWFY&ts=1374926005
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST9320325AS_6VD2BWFYXXXX6VD2BWFY&ts=1374926005
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -  
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\carla's pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [HDDefrag] wscript "C:\Users\carla's pc\AppData\Roaming\Adobe\Flash Player\File Cache\file.vbs" "C:\Users\carla's pc\AppData\Roaming\Adobe\Flash Player\File Cache\hddef.bat"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASO3DiskOptimizer - Systweak Software, (www.systweak.com) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\carla's pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\carla's pc\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\carla's pc\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\carla's pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\carla's pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\CARLA'~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\carla's pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on wo 31-07-2013 at 17:43:26,54 ======================