
Zoek.exe Version 4.0.0.4 Updated 19-08-2013
Tool run by Nadia on zo 25/08/2013 at 20:37:37,64.
Microsoft® Windows Vista™ Home Basic  6.0.6001 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nadia\Desktop\zoek.exe [Script inserted] 

==== System Restore Info ======================

25/08/2013 20:41:22 Zoek.exe System Restore Point Created Succesfully.

==== Creating Sample_20132508_2044.zip ======================
 
Process rundll32.exe killed
Copied file C:\Users\Nadia\AppData\Roaming\msm.exe to sample\msm.exe
sample\msm.exe renamed to 8F689E294556D4FAC32C91C7919D406B

C:\Users\Public\Desktop\sample_20132508_2044.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-2930031397-4211016526-1814507338-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119586&babsrc=NT_ss&mntrId=8801f4de0000000000000025644979b0");

---- Lines BabylonToolbar modified from prefs.js ----


---- Lines BabylonToolbar removed from user.js ----


---- Lines delta removed from prefs.js ----

user_pref("browser.search.order.1", "Delta Search");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.id", "8801f4de0000000000000025644979b0");
user_pref("extensions.delta.instlDay", "15772");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.10.0");
user_pref("extensions.delta.vrsni", "1.8.10.0");
user_pref("extensions.delta.vrsnTs", "1.8.10.022:35:49");
user_pref("searchreset.backup.browser.newtab.url", "http://www.delta-search.com/?affID=119586&babsrc=NT_ss&mntrId=8801f4de0000000000000025644979b0");

---- Lines delta modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1340793226406,\"rdfTime\":1213270470000},\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1362263172439,\"rdfTime\":1362040392000},\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1348678227726,\"rdfTime\":1256182198000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1376739920990,\"rdfTime\":1376739920581}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"mtime\":1348678227726,\"rdfTime\":1256182198000}}},{\"name\":\"app-profile\",\"addons\":{\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1342549502737},\"en-US@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\en-US@dictionaries.addons.mozilla.org\",\"mtime\":1364062714924,\"rdfTime\":1364062714483},\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1362778547288,\"rdfTime\":1352283188000},\"firefox@ghostery.com\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\firefox@ghostery.com.xpi\",\"mtime\":1376765191041},\"fr-dicollecte@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\fr-dicollecte@dictionaries.addons.mozilla.org\",\"mtime\":1371981693535,\"rdfTime\":1371467200000},\"nl-NL@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\nl-NL@dictionaries.addons.mozilla.org\",\"mtime\":1358771073651,\"rdfTime\":1358200370000},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Nadia\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\snvftpmv.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1375270658511}}}]");

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "8801f4de0000000000000025644979b0");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15772");
user_pref("extensions.delta.vrsn", "1.8.10.0");
user_pref("extensions.delta.vrsni", "1.8.10.0");
user_pref("extensions.delta.vrsnTs", "1.8.10.022:35:49");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);

---- Lines search.com removed from prefs.js ----


---- Lines search.com modified from prefs.js ----


---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 0);

---- Lines browser.startup.page modified from prefs.js ----


---- FireFox user.js and prefs.js backups ---- 

user_20132508_2045_.backup
prefs_20132508_2045_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\searchplugins\delta.xml" deleted
"C:\Users\Nadia\AppData\Roaming\msm.exe" deleted
"C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted
"C:\Users\Nadia\Downloads\SoftonicDownloader_voor_coreldraw.exe" deleted
"C:\Users\Nadia\Downloads\SoftonicDownloader_voor_windows-live-messenger-2009.exe" deleted
"C:\Users\Public\all.exe" deleted
"C:\Users\Nadia\AppData\Roaming\msm.exe" deleted
"C:\Users\Nadia\AppData\Roaming\Delta" deleted
"C:\Program Files\Hotspot Shield" deleted
"C:\Users\Nadia\AppData\Roaming\Babylon" deleted
"C:\Users\Nadia\AppData\Roaming\Delta" deleted
"C:\ProgramData\Babylon" deleted
"C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\jetpack" deleted
"C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\extensions\ffxtlbr@delta.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-08-21 19:02:16	45B53FA83947F7AC4F91AE6151EE6A59	5	----a-w-	C:\Windows\scrss
====== C:\Users\Nadia\AppData\Local\Temp ====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2013-08-24 11:37:11	9E0655DA20EDE1A1D710194EE50AD813	510	----a-w-	C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 313e7243-90a0-4163-8dc8-cec8a58ddedb.job
2013-08-24 11:37:11	4E2D77B9DF93668FBB67D1D11977441B	3432	----a-w-	C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task 313e7243-90a0-4163-8dc8-cec8a58ddedb
2013-08-24 11:37:10	3D80F52EDCC9D502A05BCD5461EE3207	510	----a-w-	C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task cad3d793-05d6-4a37-a319-59253e1b2ca4.job
2013-08-24 11:37:10	0B90A6B4AEBE18A9A972497537A9E1A5	3506	----a-w-	C:\Windows\system32\Tasks\SUPERAntiSpyware Scheduled Task cad3d793-05d6-4a37-a319-59253e1b2ca4
2013-08-21 18:59:24	84EFB2F1B56BCF77E612C0CB45A808AF	3068	----a-w-	C:\Windows\system32\Tasks\{6171205A-506A-4B47-827C-B614CB436CFC}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-08-24 12:07:00	--------	d-----w-	C:\Program Files\Trend Micro
2013-08-24 11:36:11	--------	d-----w-	C:\Program Files\SUPERAntiSpyware
======= C: =====
====== C:\Users\Nadia\AppData\Roaming ======
2013-08-24 11:36:51	--------	d-----w-	C:\users\Nadia\AppData\Roaming\SUPERAntiSpyware.com
2013-08-22 17:27:13	45B53FA83947F7AC4F91AE6151EE6A59	5	----a-w-	C:\users\Nadia\AppData\Roaming\scrss
2013-08-09 19:28:29	6E88BF7A73BAA46C0584EF7F30B17303	22646	----a-w-	C:\users\Nadia\AppData\Roaming\Microsoft Excel 97-2003.ADR
====== C:\Users\Nadia ======
2013-08-24 11:36:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2013-08-24 11:36:11	--------	d-----w-	C:\ProgramData\SUPERAntiSpyware.com
2013-08-24 11:30:45	4980EEE06E08A3CF5F6BC160DE8C552E	27208496	----a-w-	C:\Users\Nadia\Downloads\SUPERAntiSpyware.exe
2013-08-21 18:51:13	96FC722178BE8016B0BCA3363C2272A4	1492834	----a-w-	C:\Users\Nadia\Downloads\Firefox Setup 23.0.exe

====== C: exe-files ==
2013-08-25 17:53:24	EF3B988191D2828C3943BD89CBEA2EDF	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2930031397-4211016526-1814507338-1000\$IYMQ6M4.exe
2013-08-24 11:30:45	4980EEE06E08A3CF5F6BC160DE8C552E	27208496	----a-w-	C:\Users\Nadia\Downloads\SUPERAntiSpyware.exe
2013-08-22 17:06:36	96FC722178BE8016B0BCA3363C2272A4	1492834	----a-w-	C:\$Recycle.Bin\S-1-5-21-2930031397-4211016526-1814507338-1000\$RYMQ6M4.exe
2013-08-21 18:51:13	96FC722178BE8016B0BCA3363C2272A4	1492834	----a-w-	C:\Users\Nadia\Downloads\Firefox Setup 23.0.exe
2013-08-21 16:09:22	0841ACB9892FAF2635D927557468DB9A	7906144	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.57\29.0.1547.57_28.0.1500.95_chrome_updater.exe
=== C: other files ==
2013-08-25 18:44:38	BCD767437D4891B2A43DF1E64AD6E353	1443754	----a-w-	C:\Users\Public\Desktop\sample_20132508_2044.zip
2013-08-25 18:39:52	04208CF8D16CC6A3EEEF191C412CA52C	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2930031397-4211016526-1814507338-1000\$I3MYZH3.zip
2013-08-25 18:15:22	FBB7BCD6D9B70A3D34EF35331F530415	2500288	----a-w-	C:\$Recycle.Bin\S-1-5-21-2930031397-4211016526-1814507338-1000\$R3MYZH3.zip
2013-08-25 18:15:07	2913E2ED98BEE8B0A1EE1DE56512F66E	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2930031397-4211016526-1814507338-1000\$IB6WPKX.zip
2013-08-25 18:11:31	76CDB2BAD9582D23C1F6F4D868218D6C	22	----a-w-	C:\$Recycle.Bin\S-1-5-21-2930031397-4211016526-1814507338-1000\$RB6WPKX.zip

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default
- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org
- Dictionnaires franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org
- Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org
- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi
- Ghostery - %ProfilePath%\extensions\firefox@ghostery.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default
0C8597DBC74AAF5179471BA013E3C6B4	- C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll -	Shockwave Flash
101700E93EB905992B518256CB441829	- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll -	Google Update
8F24103AB984847AA2939F58F19CCC98	- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 7 U21
ADC539F67D3198679F480974EE203678	- C:\Windows\system32\npDeployJava1.dll -	Java Deployment Toolkit 7.0.210.11
C548328E9DE5EB73350EF292D7140662	- C:\Program Files\Google\Picasa3\npPicasa3.dll -	Picasa
637839AC6ED995510A411327C5C2DA61	- C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll -	AdobeAAMDetect
A5C14075B571AF1C9592595BE724D9D2	- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll -	Silverlight Plug-In
0132218093298D7F72A40222F4FBF04F	- C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.2
A7DA4A3F6E86E55E25F60D2BA46B24D0	- C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.2
CE1411064661AFB6DC4E18BACB50BF61	- C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.2
052575195474BA9646272680BF993D64	- C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.2
A8CD2D78D83C1466BB81BBC94A6C96A3	- C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.2
136ECFCBEA4FBFF8918D3B4AE2729C7F	- C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.2
1E17EB861D4EAD9CAC51C246B5E3426A	- C:\Program Files\QuickTime\Plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.2
AEA69AF0E4F27AABA1A4DF66B43179A3	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
B502C8BC301556EC6B3723ACC427933C	- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll -	WacomTabletPlugin
D28AD1CB902AC6D228532812D3850C7D	- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -	iTunes Application Detector
6F120933F87E7DEC972476170288A267	- C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
0BD343C45B4ECCF8D6AF94D6C3ADC310	- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
1C8124B6A03A620EB0CBCA615666D2AE	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live® Photo Gallery
99F97C9FE748C37528C338A423577FCB	- C:\Users\Nadia\AppData\Roaming\Mozilla\plugins\np-mswmp.dll -	Microsoft® Windows Media Player Firefox Plugin
AB87EEFFD18F2BAAFC274E7075EA6C67	- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
DFCAB29E8FD38F95650CC1E203E8D318	- C:\Windows\system32\npmproxy.dll -	Microsoft® Windows® Operating System
2AA3703D87E1327A2290C9D416D89A28	- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll -	Microsoft® Silverlight
4E31DE484AD120894D0D3E7740979108	- C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll -	AdobeAAMDetect


==== Deleting Files \ Folders ======================

"C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\snvftpmv.default\extensions\firefox@ghostery.com.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28/02/2013 10:33]

avast WebRep - Nadia - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.delta-search.com/?affID=119586&babsrc=HP_ss&mntrId=8801f4de0000000000000025644979b0"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Nadia\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nadia\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JDF8K8P0 will be deleted at reboot
C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Nadia\AppData\Local\Mozilla\Firefox\Profiles\snvftpmv.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nadia\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JDF8K8P0" not found

==== EOF on zo 25/08/2013 at 20:57:41,14 ======================