Zoek.exe v5.0.0.0 Updated 15-November-2014 Tool run by Anne on zo 16-11-2014 at 11:34:26,34. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Anne\Downloads\zoek (5).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-09-13-175807.log 78613 bytes ==== Empty Folders Check ====================== C:\Program Files\Freemake deleted successfully C:\Program Files\FreeTime deleted successfully C:\PROGRA~2\2308189059 deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\Users\Anne\AppData\Roaming\Systweak deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B} deleted successfully HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{601469c6-eae1-425e-95c9-9f03a4e41674} deleted successfully HKEY_CLASSES_ROOT\CLSID\{601469c6-eae1-425e-95c9-9f03a4e41674} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601469c6-eae1-425e-95c9-9f03a4e41674} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully ==== Installed Programs ====================== ęTorrent Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X - Nederlands Albelli Fotoboeken AVG 2011 AVG 2015 Canon MP Navigator EX 3.0 Canon MP550 series MP Drivers Canon Utilities Easy-PhotoPrint EX Canon Utilities My Printer Canon Utilities Solution Menu CEWE FOTOBOEK Cisco Network Magic ConvertXtoDVD 3.3.4.106e D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Driver Whiz Dropbox Extensie voor Windows Live Toolbar (Windows Live Toolbar) Facebook Video Calling 3.1.0.521 Gebruikersregistratie voor Canon MP550 series GOM Player Google Chrome Google Update Helper Google+ Auto Backup InstaCodecs Interenet Optimizer Java 7 Update 67 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 7.0.0 (Standard) Kaspersky Security Scan Kruidvat fotoservice Markeringviewer (Windows Live Toolbar) McAfee Security Scan Plus Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Picasa 3 Pixlr-o-matic Pure Networks Platform savinshop Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Smart Menu's (Windows Live Toolbar) ss helper 1.74 Synaptics Pointing Device Driver Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Visual Studio 2012 x86 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Favorites voor Windows Live Toolbar Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 5.01 (32-bit) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\System32\spoolsv.exe C:\Program Files\AVG\AVG10\avgfws.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\ctfmon.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\DllHost.exe C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG2015\avgwdsvc.exe C:\Program Files\AVG\AVG2015\avgui.exe C:\Program Files\Microsoft Office\Office14\WINWORD.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Office\Office14\MSTORDB.EXE C:\Windows\system32\NOTEPAD.EXE C:\Users\Anne\Downloads\zoek (5).exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0c632643 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostService deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601469c6-eae1-425e-95c9-9f03a4e41674}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MediaGet2"=- "AppInit_DLLs"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MediaGet2"=- "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\savinshop deleted C:\Program Files\McAfee SECURITY SCAN deleted C:\Program Files\Kaspersky Security Scan deleted C:\PROGRA~2\4ef89a2f5d857ff5 deleted C:\Users\Anne\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\Avg_Update_0914avt deleted C:\PROGRA~2\UAB deleted C:\Users\Anne\AppData\Local\PC_Drivers_Headquarters deleted C:\Users\Anne\Downloads\ReimageRepair.exe deleted C:\Users\Anne\Downloads\SoftonicDownloader_voor_format-factory.exe deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\roboot.exe deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Users\Anne\Documents\Optimizer Pro deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Security Scan.lnk" deleted "C:\PROGRA~2\Interenet Optimizer" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 2940 MB CPU Info: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz CPU Speed: 541,3 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Atheros AR5007EG Wireless Network Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ880AS Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 148,9GB | D: 147,7GB Hard Disks - Free: C: 60,3GB | D: 45,7GB Manufacturer *: INSYDE BIOS Info: AT/AT COMPATIBLE | 09/23/09 | TOSINV - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA Portable PC Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus 2015 disabled (Outdated) Firewall: AVG Firewall disabled Default Browser: Google Chrome 37.0.2062.103 Internet Explorer Version: 11.0.9600.17358 Google Chrome version: 37.0.2062.103 Adobe Reader version: 10.0.0.396 Sun Java version: 1.7.0_67 (32-bit) Flash Player version: 11.6.602.171 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Anne\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2014-10-20 20:25:48 7B625C0B70F4E508AD5113521F0468FB 3898 ----a-w- C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000UA 2014-10-20 20:25:48 7441157612EA5A36BFCA2EB49A150AB9 924 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000UA.job 2014-10-20 20:25:46 D7B0B4ECC1DC7A455E722F7F2233F9BB 902 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000Core.job 2014-10-20 20:25:46 CF03A05BE8826033BCD66D674BA7BC02 3530 ----a-w- C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000Core ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-05 10:24:29 -------- d-----w- C:\Program Files\Fotoservice ======= C: ===== ====== C:\Users\Anne\AppData\Roaming ====== 2014-10-26 21:39:13 -------- d-----w- C:\Users\Anne\AppData\Local\FreemakeVideoConverter 2014-10-26 21:36:15 -------- d-----w- C:\Users\Anne\AppData\Roaming\RHEng 2014-10-20 20:25:27 -------- d-----w- C:\Users\Anne\AppData\Local\Facebook 2014-10-19 12:43:49 -------- d-----w- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ====== C:\Users\Anne ====== 2014-11-16 10:17:19 78672C6A43F8076A834BC85461F2D467 399224 ----a-w- C:\Users\Anne\Downloads\setup.exe 2014-11-16 09:54:11 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Anne\Downloads\RSIT (1).exe 2014-11-05 10:27:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kruidvat fotoservice 2014-11-05 10:24:14 18E2289DD18DC102CDFF3DA871586440 1557288 ----a-w- C:\Users\Anne\Downloads\setup_Kruidvat_fotoservice.exe 2014-10-19 12:43:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ====== C: exe-files == 2014-11-16 10:17:19 78672C6A43F8076A834BC85461F2D467 399224 ----a-w- C:\Users\Anne\Downloads\setup.exe 2014-11-16 09:54:11 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Anne\Downloads\RSIT (1).exe 2014-11-12 20:28:44 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Anne\AppData\Local\Google\Chrome\User Data\recovery\101.3.21.141\GoogleUpdateSetup.exe 2014-11-12 20:28:44 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Anne\AppData\Local\Google\Chrome\User Data\recovery\101.3.21.141\ChromeRecovery.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-74716692-3808151042-2833116917-1000\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" "Rim.DesktopHelper.exe"="C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe" "Facebook Update"="C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" "nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe -autorun -nosplash" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "SpUninstallCleanUp"="REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" "Rim.DesktopHelper.exe"="C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe" "Facebook Update"="C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"="c:\\progra~2\\intere~1\\intere~1.dll" ==== Startup Folders ====================== 2012-10-26 08:53:33 1055 ----a-w- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000Core.job --a------ C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe [20-10-2014 22:05] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000UA.job --a------ C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe [20-10-2014 22:05] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000Core" [C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-74716692-3808151042-2833116917-1000UA" [C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Torch deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Anne\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Anne\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Anne\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Gast\AppData\Local\Torch deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gast\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted ==== Chromium Look ====================== Google Docs - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Chromium Updater - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl Last updated at time on date - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd MyWebFace - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj Google Wallet - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - Anne\AppData\Local\Torch\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Anne\AppData\Local\Torch\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Anne\AppData\Local\Torch\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo DropToS - Anne\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo Torch Music - Anne\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad Chromium Updater - Anne\AppData\Local\Torch\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl iMesh New Tabs - Anne\AppData\Local\Torch\User Data\Default\Extensions\ijbjbpmhcemdbplaiccloimaedacmjdo Torch Helper - Anne\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Torch Music - Anne\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed Gmail - Anne\AppData\Local\Torch\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M8FBA8EB9-C81D-4580-BBBD-BC508B7A84E7&SearchSource=55&CUI=&UM=6&UP=SPFC25C334-B130-4246-A488-0024A01026BD&SSPV=", "startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M8FBA8EB9-C81D-4580-BBBD-BC508B7A84E7&SearchSource=55&CUI=&UM=6&UP=SPFC25C334-B130-4246-A488-0024A01026BD&SSPV=" ], ==== Chromium Fix ====================== C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl deleted successfully C:\Users\Anne\AppData\Local\Torch\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hcmicnfbmcjhlbdohdmdhfjlbigkcddl_0.localstorage deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hcmicnfbmcjhlbdohdmdhfjlbigkcddl_0.localstorage-journal deleted successfully C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njienacjggibaeolcbbjfnigbojkcggj_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M8FBA8EB9-C81D-4580-BBBD-BC508B7A84E7&SearchSource=55&CUI=&UM=6&UP=SPFC25C334-B130-4246-A488-0024A01026BD&SSPV=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {1A866EC3-7772-4F78-B742-2C383110ABC9} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {3F4BEA38-8DC4-4323-A18E-1BAE57FBA088} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {65814380-6CF5-47AD-909A-B1B77262A410} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{70BD2558-27DA-8B02-02D0-D8704ECD2EDF} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643} deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Rim.DesktopHelper.exe] C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~2\intere~1\intere~1.dll O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe ==== Empty IE Cache ====================== C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Anne\AppData\Local\Torch\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1929 folders=569 112608584 bytes) ==== Empty Temp Folders ====================== C:\Users\Anne\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Anne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj" deleted ==== EOF on zo 16-11-2014 at 13:48:39,25 ======================