Zoek.exe Version 4.0.0.4 Updated 30-08-2013 Tool run by Alleman on vr 30/08/2013 at 21:32:47,00. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Alleman\AppData\Local\Temp\Rar$EX04.312\zoek.exe [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 30/08/2013 21:34:47 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1928870758-2907081458-2726709488-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1928870758-2907081458-2726709488-1000\Software\Microsoft\Internet Explorer\SearchScopes\{116B6410-0C31-4F88-972A-6BB09FDD3852} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserProtect deleted successfully ==== Deleting Files \ Folders ====================== "C:\Program Files\Mozilla Firefox\user.js" deleted "C:\Windows\system32\Tasks\BrowserProtect" deleted "C:\user.js" deleted "C:\END" deleted "C:\Users\Alleman\Desktop\Search the Web.url" deleted "C:\Users\Alleman\Desktop\BestVideoDownloaderSetup-Silent.exe" deleted "C:\Users\Alleman\AppData\Roaming\tuvaro\sqlite3.dll" deleted "C:\Users\Alleman\AppData\Roaming\temp" deleted "C:\Users\Alleman\AppData\Roaming\tuvaro" deleted "C:\Program Files\SweetIM" deleted "C:\Users\Alleman\AppData\Roaming\BrowserCompanion" deleted "C:\Users\Alleman\AppData\Roaming\ParetoLogic" deleted "C:\Users\Alleman\AppData\Roaming\DriverCure" deleted "C:\Users\Alleman\AppData\Roaming\Babylon" deleted "C:\Users\Alleman\AppData\Roaming\Registry Mechanic" deleted "C:\Users\Alleman\AppData\Roaming\Systweak" deleted "C:\ProgramData\BrowserProtect" deleted "C:\ProgramData\SweetIM" deleted "C:\ProgramData\ParetoLogic" deleted "C:\ProgramData\Babylon" deleted "C:\Windows\System32\searchplugins" deleted "C:\Windows\System32\Extensions" deleted "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-08-30 19:22:30 !HASH: COULD NOT OPEN FILE !!!!! 472576 ----a-w- C:\Windows\AutoKMS.exe ====== C:\Users\Alleman\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-08-28 21:01:21 2135FE487BA6023E02B2E12CCCB171DD 3833760 ----a-w- C:\Windows\System32\FNTCACHE.DAT ====== C:\Windows\system32\drivers ===== 2013-08-13 18:57:10 4E8B9BE71B807B3BAEDB7F4243F85E3C 1293760 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-08-13 18:56:53 B37B08F2E5EEB1A37E448E09BACE1101 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-29 21:24:19 -------- d-----w- C:\Program Files\trend micro 2013-08-19 22:33:26 -------- d-----w- C:\Program Files\iPod 2013-08-19 22:33:24 -------- d-----w- C:\Program Files\iTunes ======= C: ===== ====== C:\Users\Alleman\AppData\Roaming ====== 2013-08-28 21:31:05 6C04709A880E60F32308A626964D3973 120648 ----a-w- C:\users\Alleman\AppData\Local\GDIPFONTCACHEV1.DAT ====== C:\Users\Alleman ====== 2013-08-29 21:23:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Alleman\Downloads\RSIT (2).exe 2013-08-19 22:34:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-08-19 22:33:24 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 ====== C: exe-files == 2013-08-30 18:57:17 DC5C3A2292D011EF3BBF9D17BD28A54C 1194848 ----a-w- C:\Program Files\Google\Update\Install\{858296FC-BF7A-42C3-B5F4-2DA4E1694136}\29.0.1547.62_29.0.1547.57_chrome_updater.exe 2013-08-30 18:57:17 DC5C3A2292D011EF3BBF9D17BD28A54C 1194848 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe 2013-08-29 21:24:28 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Alleman.exe 2013-08-29 21:23:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Alleman\Downloads\RSIT (2).exe === C: other files == 2013-08-28 17:41:41 364DA3BD94D17D098723408ED6215545 2802014 ----a-w- C:\HattrickOrganizer\db\db_singleUser-2013-8-28.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1928870758-2907081458-2726709488-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Spotify Web Helper"="C:\Users\Alleman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" "atchk"="C:\Program Files\Intel\AMT\atchk.exe" "SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "APVXDWIN"="C:\Program Files\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE /s" "SCANINICIO"="C:\Program Files\Panda Security\Panda Global Protection 2013\Inicio.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Spotify Web Helper"="C:\Users\Alleman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge] "hkey"="HKCU" "command"="" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeBridge" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apoint] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Apoint" "hkey"="HKLM" "command"="%ProgramFiles%\\Apoint\\Apoint.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "item"="APSDaemon" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenuEx] "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\Solution Menu EX\\CNSEMAIN.EXE /logon" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonSolutionMenuEx" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConnectionCenter" "hkey"="HKLM" "command"="\"C:\\Program Files\\Citrix\\ICA Client\\concentr.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IJNetworkScannerSelectorEX] "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\IJ Network Scanner Selector EX\\CNMNSST.exe /FORCE" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IJNetworkScannerSelectorEX" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesAirMessage] "item"="KiesAirMessage" "command"="C:\\Program Files\\Samsung\\Kies\\KiesAirMessage.exe -startup" "hkey"="HKCU" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR] "item"="KiesPDLR" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" "hkey"="HKCU" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "item"="KiesPreload" "command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload" "hkey"="HKCU" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "item"="KiesTrayAgent" "command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" "hkey"="HKLM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LifeCam] "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe\"" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LifeCam" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NI Update Service] "hkey"="HKLM" "command"="\"C:\\Program Files\\National Instruments\\Shared\\Update Service\\NIUpdateService.exe\" -startupTask" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NI Update Service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "item"="Spotify" "command"="\"C:\\Users\\Alleman\\AppData\\Roaming\\Spotify\\spotify.exe\" /uri spotify:autostart" "hkey"="HKCU" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "item"="Spotify Web Helper" "command"="\"C:\\Users\\Alleman\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" "hkey"="HKCU" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "item"="SUPERAntiSpyware" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" "hkey"="HKCU" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] "item"="SweetIM" "command"="C:\\Program Files\\SweetIM\\Messenger\\SweetIM.exe" "hkey"="HKLM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sweetpacks Communicator] "item"="Sweetpacks Communicator" "command"="C:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe" "hkey"="HKLM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] "item"="McAfee Security Scan Plus" "command"="C:\\PROGRA~1\\MCAFEE~1\\307523~1.318\\SSSCHE~1.EXE " "backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup" "backupExtension"=".CommonStartup" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NI Error Reporting.lnk] "item"="NI Error Reporting" "backupExtension"=".CommonStartup" "command"="C:\\Program Files\\National Instruments\\Shared\\NI Error Reporting\\nierserver.exe" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\NI Error Reporting.lnk" "backup"="C:\\Windows\\pss\\NI Error Reporting.lnk.CommonStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Alleman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "item"="Dropbox" "command"="C:\\Users\\Alleman\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "path"="C:\\Users\\Alleman\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" ==== Startup Folders ====================== 2012-07-06 23:04:51 1388 ----a-w- C:\users\Alleman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [20/08/2013 20:10] C:\Windows\tasks\Basis-opruiming.job --a------ C:\Program Files\Panda Security\Panda Global Protection 2013\PlaTasks.exe [17/05/2012 10:36] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/07/2012 14:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/07/2012 14:18] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== Profilepath: C:\Users\Alleman\AppData\Roaming\Mozilla\Firefox\Profiles\xhgh768f.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update 9CD7CD8FD07718851DD8081CDF8CA3E7 - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll - AdobeExManDetect ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin AE7B288233C212C62CD544BF768C45E6 - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director F045DF7AF127DC4BCC53421850114E15 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In F833DD5D8F959819F44BC98F47B1B6BB - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 65D09D8BC91D74C8800725EB33D1EE1B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner + F00DA1A135FCA11D4426D9A5AB72CF0F - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect 3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 3F9F8E0F93D6FA7B7552077A3DF171DE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 9C06DBC403F91D518ED117E460F03F85 - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility for IJ 7D28153B7D586330678AD522B71D89CB - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 41561B8AE9E551BD08304D48DAA900FA - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bodddioamolcibagionmmobehnbhiakf - C:\Program Files\BrowserCompanion\blabbers-ch.crx[] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Alleman\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 13:14] omgjkafaoidbgamjoklhaiiciahohkbh - C:\Program Files\tuvaro\tuvaro\1.8.17.1\tuvaro.crx[31/03/2013 12:46] Google Docs - Alleman - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Alleman - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Alleman - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Alleman - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Alleman - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Card number - Alleman - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Tuvaro Chrome Toolbar - Alleman - Default\Extensions\omgjkafaoidbgamjoklhaiiciahohkbh Gmail - Alleman - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Program Files\tuvaro\tuvaro\1.8.17.1\tuvaro.crx deleted successfully C:\Users\Alleman\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgjkafaoidbgamjoklhaiiciahohkbh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully ==== Empty IE Cache ====================== C:\Users\Alleman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alleman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\Alleman\AppData\Local\Mozilla\Firefox\Profiles\xhgh768f.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Alleman\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Alleman\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 30/08/2013 at 22:04:11,80 ======================