Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Sven on vr 25/04/2014 at 18:04:55,99. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQG39EIG\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe C:\Windows\system32\dashost.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe C:\Program Files\McAfee\AppStats\MfeASUM.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Windows Defender\MsMpEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Windows\system32\DllHost.exe C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\dwm.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Acer\Acer Launch Manager\LMTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Acer\Acer Power Management\ePowerTray.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQG39EIG\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 25/04/2014 18:07:34 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\arrow_000\AppData\Local\CrashDumps deleted successfully C:\Users\arrow_000\AppData\Local\VirtualStore deleted successfully C:\Users\Sven\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== clear.fi SDK- Movie 2 clear.fi SDK - Video 2 Acer Device Fast-lane Acer Docs Acer Docs Office AddIn Acer Launch Manager Acer Media Acer Photo Acer Portal Acer Power Management Acer Recovery Management ALPS Touch Pad Driver Bejeweled 3 CCleaner Delicious: Emily's Childhood Memories Premium Edition Game Channels Governor of Poker 2 Premium Edition Identity Card Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client Jewel Match 3 John Deere Drive Green Live Updater Magic Academy McAfee SiteAdvisor Microsoft Office Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime More Games from WildTangent Games Nero BackItUp Nero BackItUp 12 Essentials OEM.a01 Nero BackItUp Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Launcher Nero RescueAgent Nero RescueAgent Help (CHM) Nero Update Norton Online Backup Norton Online Backup ARA Office Addin Plants vs. Zombies - Game of the Year Prerequisite installer Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Qualcomm Atheros WLAN and Bluetooth Client Installation Program Realtek High Definition Audio Driver Realtek PCIE Card Reader Shared C Run-time for x64 SkypeT 6.13 Spotify Tales of Lagoona Update Installer for WildTangent Games App Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\arrow_000\AppData\Local\Software deleted C:\Users\Default\AppData\Local\Pokki deleted C:\Users\Sven\AppData\Local\Software deleted ==== Folders Found ====================== 2014-04-25 16:13:25 2014-04-25 16:13:25 -------- d---a-w- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki 2014-04-25 16:13:18 2014-04-25 16:13:23 -------- d---a-w- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki 2014-04-25 16:13:25 2014-04-25 16:13:25 -------- d---a-w- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies 2014-04-25 16:13:23 2014-04-25 16:13:23 -------- d---a-w- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies ==== Files Found ====================== --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Engine\libPokki.dll --- Company: The Chromium Authors File Description: Chromium File Version: 23.0.1271.64 Product Name: Chromium Copyright: Copyright (C) 2006-2010 The Chromium Authors. All Rights Reserved. Original Filename: other_test_file File type: ----a-w- File size: 49329152 Created time: 2014-04-25 16:13:25 Modified time: 2013-07-03 02:20:30 MD5: 94E26FCD7CCD5D86B3E7700BCC652153 SHA1: 7120D4EB7A9594E5D2D0D2ECA21FC99203B485E8 --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Engine\pokki.exe --- Company: Pokki File Description: Pokki File Version: 0.263.14.78 Product Name: Pokki Copyright: Copyright (C) 2010-2012 - SweetLabs, Inc Original Filename: pokki.exe File type: ----a-w- File size: 10937672 Created time: 2014-04-25 16:13:25 Modified time: 2013-07-03 02:22:58 MD5: 2932786C8722D1CECC111ABD9D32A83A SHA1: 33A0201A642EA0A0D1B5CB6D08FFBD03574FFF26 --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\03d432a7e610c3e908213e7689d4342ce2111caf\assets\js\GAPokki.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 16931 Created time: 2014-04-25 16:13:25 Modified time: 2013-07-02 18:00:00 MD5: B78B826BF5E2D7B204FE3105BC0752CB SHA1: 5814FADCA06B6D0C770D0128DCE12A6299D736C1 --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\ga_pokki.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13436 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: 58CBCED67CF677DBCEBCA2A4D5DC538F SHA1: 8220380BD9455DC9E57145CF3EAB7AD7F85DF7E6 --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\PokkiWebSheet.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1237 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: BFF37E7C5398BE8D131D2F9901EF45E8 SHA1: 78FA530A5D3D519E88839593B3840BD0B37035B4 --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\OAuth\PokkiFacebook.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2466 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: 73CBCFFD604DDDBB992AD41D1E484D77 SHA1: 67A16F3F197D7826BEE3EEB0C76C4D521546C30A --- C:\zoek_backup\C_Users_Default User_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\OAuth\PokkiOAuth.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 10030 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: 9165EDE95243991C4B83534AF9A69069 SHA1: DFFD51D1B2D495F2D4A18B5009BC6F02C4F80C3B --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Engine\libPokki.dll --- Company: The Chromium Authors File Description: Chromium File Version: 23.0.1271.64 Product Name: Chromium Copyright: Copyright (C) 2006-2010 The Chromium Authors. All Rights Reserved. Original Filename: other_test_file File type: ----a-w- File size: 49329152 Created time: 2014-04-25 16:13:19 Modified time: 2013-07-03 02:20:30 MD5: 94E26FCD7CCD5D86B3E7700BCC652153 SHA1: 7120D4EB7A9594E5D2D0D2ECA21FC99203B485E8 --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Engine\pokki.exe --- Company: Pokki File Description: Pokki File Version: 0.263.14.78 Product Name: Pokki Copyright: Copyright (C) 2010-2012 - SweetLabs, Inc Original Filename: pokki.exe File type: ----a-w- File size: 10937672 Created time: 2014-04-25 16:13:19 Modified time: 2013-07-03 02:22:58 MD5: 2932786C8722D1CECC111ABD9D32A83A SHA1: 33A0201A642EA0A0D1B5CB6D08FFBD03574FFF26 --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\03d432a7e610c3e908213e7689d4342ce2111caf\assets\js\GAPokki.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 16931 Created time: 2014-04-25 16:13:23 Modified time: 2013-07-02 18:00:00 MD5: B78B826BF5E2D7B204FE3105BC0752CB SHA1: 5814FADCA06B6D0C770D0128DCE12A6299D736C1 --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\ga_pokki.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13436 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: 58CBCED67CF677DBCEBCA2A4D5DC538F SHA1: 8220380BD9455DC9E57145CF3EAB7AD7F85DF7E6 --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\PokkiWebSheet.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1237 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: BFF37E7C5398BE8D131D2F9901EF45E8 SHA1: 78FA530A5D3D519E88839593B3840BD0B37035B4 --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\OAuth\PokkiFacebook.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2466 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: 73CBCFFD604DDDBB992AD41D1E484D77 SHA1: 67A16F3F197D7826BEE3EEB0C76C4D521546C30A --- C:\zoek_backup\C_Users_Default_AppData_Local_Pokki\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\store\lib\OAuth\PokkiOAuth.js --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 10030 Created time: 2014-04-25 16:13:25 Modified time: 2013-05-31 23:51:28 MD5: 9165EDE95243991C4B83534AF9A69069 SHA1: DFFD51D1B2D495F2D4A18B5009BC6F02C4F80C3B ==== Registry Search Results for "pokki" ====================== No instances of string "pokki" found. ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3915 MB CPU Info: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz CPU Speed: 2461,0 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR956x Wireless Network Adapter | Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GT90N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 444,0GB Hard Disks - Free: C: 406,0GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer EA70_HC Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 10.0.9200.16863 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Sven\AppData\Local\Temp ==== 2014-04-16 16:14:23 E83B541C71965CFA1DEFF846CD6E9ECD 604552 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\npGoogleUpdate3.dll 2014-04-16 16:14:23 E093151047BBFFC0CD78D52F36490206 51080 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleUpdateOnDemand.exe 2014-04-16 16:14:23 B68EA43FFD5B7290749D500923A442B9 884712 ----a-w- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleUpdateSetup.exe 2014-04-16 16:14:23 7E6B107120108B3A15BFECE0DE3201DB 228744 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleCrashHandler.exe 2014-04-16 16:14:23 7DA05F2CD5C1F41EFB7FFBA3DCBD8C2B 189320 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\psuser_64.dll 2014-04-16 16:14:23 74D1953F791F4F07B1BADEBE96F81AE0 189320 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\psmachine_64.dll 2014-04-16 16:14:23 725CCC67C2C70D3BCCB0617609DE9366 166792 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\psuser.dll 2014-04-16 16:14:23 6EFC5F64258FE0D9DA3CCFA7FF4D84BD 114568 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleUpdateComRegisterShell64.exe 2014-04-16 16:14:23 5B371C3304C06AE62729236F98A2DD20 26112 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleUpdateHelper.msi 2014-04-16 16:14:23 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleUpdate.exe 2014-04-16 16:14:23 398F40FAE5ADA9521544393F1F67A17E 51080 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleUpdateBroker.exe 2014-04-16 16:14:23 0DDCADC31B0191CE083519A974989474 166792 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\psmachine.dll 2014-04-16 16:14:23 0D5CE0E5AEC3ACC7930AB955334B8533 281480 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\GoogleCrashHandler64.exe 2014-04-16 16:14:23 0928B9C3F2193EE265AA5E9B163D96EB 1698184 ----atw- C:\Users\Sven\AppData\Local\Temp\{67BF86CD-64BD-4C2F-B91A-276648AD177A}\goopdate.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-04-13 06:42:57 DA90FBE37A73383BD12B472452C543EE 14357504 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-04-13 06:42:56 BFDD0C5F3E435596F197F003609989C4 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-13 06:42:56 517011B4E624200765091E10DE1E3056 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-13 06:42:52 D48A2A3D69423F0B80375783F971F235 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-13 06:42:50 ADE7AE4478D5B2095FDE6FAB86B300E6 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-13 06:42:49 89986727E56709064C219C8B47A20F82 1766400 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-13 06:42:48 831ABFFC06225911BD847E08335D9F9D 2877952 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-04-13 06:42:48 4F8C8721C6B80B4921C5F0514D2AC5C4 2049536 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-13 06:42:48 3FA7F736B877B46EDF1EE6BE6051848D 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-13 06:42:47 CC0063D95273352BD705EC5C80025051 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-13 06:42:47 717DBE5465A62674DCB3FD3706D2B3E6 1140736 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-13 06:42:47 07DC124F157B4C07B4E693EB63ED1050 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2014-04-12 09:43:46 184272AA46BEAA9C990700051BE869A1 17561088 ----a-w- C:\Windows\SysWOW64\shell32.dll 2014-04-12 09:43:43 4B27341B7B839E61503F0F99DC4D141B 365568 ----a-w- C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-04-12 09:43:43 33B9E17F3B1E6EAD7F7CCEC6B8A37BF1 5092352 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-04-12 09:43:41 F4DFD83775C51960CAEDCEC98704E695 564736 ----a-w- C:\Windows\SysWOW64\WSShared.dll 2014-04-12 09:43:41 C9CA8652D3659A7B387BAB2C591CCAE1 485888 ----a-w- C:\Windows\SysWOW64\WSDApi.dll 2014-04-12 09:43:41 319959AB944F14C9D0AB38A7112F0E89 143872 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-13 06:43:11 194125E7839D4902F2490A70049E8F78 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-13 06:43:10 4BCADB6D3A03A690EC7F6B8AA7D3C5E4 19273216 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-04-13 06:42:56 E80F66239BCA6CDECC360CA78CECAE61 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-13 06:42:56 8DDC529CA9B78432A2B98C062E6646D9 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-13 06:42:55 9BFFDF83AC4AC6B6B60F01884219BB50 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-13 06:42:53 AD5DA3B81E7E1BFCBEC52C99504736B8 3959808 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-04-13 06:42:53 2B7920C7885AC45FD0E27DD860F095A1 2240000 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-13 06:42:52 06AD334AE44F5566ADF7AB4673F72D16 2648576 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-13 06:42:51 CF1B571D1395369CE94D4D5D3B679E26 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-13 06:42:51 AD00E5D3B748150CF1A53A1ABB52E320 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll 2014-04-13 06:42:51 A8F212959F505216737EC281509B8A4A 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll 2014-04-13 06:42:50 F827BD7A09F9FCDF76AB2C3E27650E71 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-13 06:42:50 0DD10F3E989E68FD23930D04965ED0E8 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2014-04-13 06:42:49 0670CF740B9D387451C938EFA6E8DC81 197120 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-13 06:42:48 547FFE0E4C267FAB1299F2334C728F59 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-13 06:42:48 3A417F81D4E4428B9A8B5AA6D07A8244 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-13 06:42:48 38BEBBC4CF9FE6566262F0037DF843BF 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2014-04-12 09:43:47 B4C5E797CE7E6F815D2020F739DD71F6 19752448 ----a-w- C:\Windows\Sysnative\shell32.dll 2014-04-12 09:43:44 A892732A2216DC3B101E2B61F1F465FF 599040 ----a-w- C:\Windows\Sysnative\WSDApi.dll 2014-04-12 09:43:44 A8705398E9A28627FC6EA239DAF3CB08 523264 ----a-w- C:\Windows\Sysnative\XpsGdiConverter.dll 2014-04-12 09:43:44 4A145BF2F46167C894F933E0CB9A9D9B 5979648 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-04-12 09:43:42 7B5F21E78EC2B7739A9E29FDCED6BCED 209712 ----a-w- C:\Windows\Sysnative\NotificationUI.exe 2014-04-12 09:43:42 282CF0FBFE300345945D63F81446B399 690688 ----a-w- C:\Windows\Sysnative\WSShared.dll 2014-04-12 09:43:39 110BE5198A63D3FF3CE9C30F1DC12EC3 386722 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2014-04-11 17:46:35 29AC6C651BA2DB18C4B04F2FE94189AC 281240 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT ====== C:\Windows\Sysnative\drivers ===== 2014-04-12 09:43:49 B23882881EFD9404B62993906BC38709 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-04-12 09:43:45 7BE3EDFFA3216F989A6BDCB14795DD08 1939288 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-04-12 09:43:42 E6530FD4F61B40F338BF4355A21B9A09 278872 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-12 09:43:41 431141C6859990824D17F71C30A78728 118784 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys 2014-04-12 09:43:41 0EF7ABB612F7270DD5ABB7C66F1774AA 332632 ----a-w- C:\Windows\Sysnative\drivers\storport.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Sven\AppData\Roaming ====== 2014-04-16 16:22:55 -------- d-----w- C:\Users\Sven\AppData\Local\CrashDumps 2014-04-16 16:10:39 -------- d-----w- C:\Users\Sven\AppData\Local\Deployment 2014-04-16 16:10:39 -------- d-----w- C:\Users\Sven\AppData\Local\Apps ====== C:\Users\Sven ====== ====== C: exe-files == 2014-04-22 15:50:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3E7REQ9\RSITx64.exe 2014-04-22 15:47:07 B06712BF5643BB55600A040F210DC218 20586496 ----a-w- C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Sven\Downloads\SkypeSetup [1].exe 2014-04-20 17:41:03 FE8FF1C462CCFA27B97543C89E9A1CFC 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1678010181-4120838532-3394036514-1001\$ICJPDDC.exe === C: other files == 2014-04-23 16:07:26 F5B285246DAFA459FDEA34F6C4458777 4176 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.3_all_livetriCAEFE2QQ.zip 2014-04-20 17:22:18 F5B285246DAFA459FDEA34F6C4458777 4176 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.3_all_livetriCAKPCV1O.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1678010181-4120838532-3394036514-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe] "C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\Windows\SysNative\tasks\Norton Online Backup ARA" [C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe] "C:\Windows\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [16/04/2014 18:12] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[02/02/2014 09:58] Google Docs - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - arrow_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{2F393D12-3619-41E1-805E-B4885C5BCAE4}" {2F393D12-3619-41E1-805E-B4885C5BCAE4} Google Url="http://www.google.com/search?q={searchTerms}" {2F393D12-3619-41E1-805E-B4885C5BCAE4} Google Url="http://www.google.com/search?q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {9182694D-FEB0-4E61-B03D-2F322D02B75A} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1678010181-4120838532-3394036514-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9182694D-FEB0-4E61-B03D-2F322D02B75A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O23 - Service: McAfee Application Installer Cleanup (0286991397664783) (0286991397664783mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\028699~1.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe O23 - Service: McAfee Application Statistics Service (MfeASUM) - McAfee, Inc. - C:\Program Files\McAfee\AppStats\MfeASUM.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\arrow_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\arrow_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQG39EIG will be deleted at reboot C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMATNYHF will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\arrow_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=968 folders=95 234539819 bytes) ==== Empty Temp Folders ====================== C:\Users\arrow_000\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Sven\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Sven\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQG39EIG" not found "C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QMATNYHF" not found ==== EOF on vr 25/04/2014 at 18:21:24,26 ======================