Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Cindy on wo 26-03-2014 at 11:53:53,40. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Cindy\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-25-230646.log 327 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\BitComet deleted successfully C:\PROGRA~2\onlinetracks deleted successfully C:\PROGRA~2\YouWave_Android deleted successfully C:\Program Files\BitComet deleted successfully C:\Program Files\mcafee deleted successfully C:\PROGRA~3\boost_interprocess deleted successfully C:\PROGRA~3\PCDr deleted successfully C:\PROGRA~3\SupportSoft deleted successfully C:\PROGRA~3\{EFEE9A83-B088-419F-B1A2-BCAFEA14C21A} deleted successfully C:\Users\Cindy\AppData\Local\Dell Edoc Viewer deleted successfully C:\Users\Cindy\AppData\Local\SupportSoft deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_CLASSES_ROOT\CLSID\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SpyHunter 4 Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsgScanner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EsgScanner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\esgiguard deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\esgiguard deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CINDY-PC"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\50COupoons not found c:\progra~3\filtel~1 not found C:\ProgramData\UTUbEroAdBlockker not found C:\ProgramData\JoniCouppone not found C:\PROGRA~3\{EFEE9A83-B088-419F-B1A2-BCAFEA14C21A} not found "C:\Users\Cindy\AppData\Roaming\Computer.exe" not found C:\Program Files\Enigma Software Group deleted C:\sh4ldr deleted C:\ProgramData\DownSave deleted C:\PROGRA~3\ocianfbjdoijlgcpfkekmhejgjppfdho deleted C:\Users\Cindy\AppData\LocalLow\{048C6A7B-3D0C-6F8E-8FDB-F6199697BB04} deleted C:\Users\Cindy\AppData\LocalLow\{4C6B045B-4658-7758-8BFB-B99FDFBF9389} deleted C:\Users\Cindy\AppData\LocalLow\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Users\Cindy\AppData\LocalLow\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{048C6A7B-3D0C-6F8E-8FDB-F6199697BB04} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{4C6B045B-4658-7758-8BFB-B99FDFBF9389} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted C:\PROGRA~3\cea2cad3caee4f45 deleted C:\PROGRA~2\SopCast deleted C:\PROGRA~3\InstallMate deleted C:\Users\Cindy\AppData\Local\CRE deleted C:\Users\Cindy\AppData\LocalLow\uTorrentControl_v2 deleted C:\Users\Cindy\Downloads\Mannenharten Movie NL 2013 BluRay 1080p x264 NL Subs.exe deleted "C:\windows\SysNative\drivers\EsgScanner.sys" deleted "C:\Users\Cindy\AppData\Local\0x35t381ja6w6cmcd2r" deleted "C:\Users\Cindy\AppData\Local\300v0hrfj2i4" deleted "C:\ProgramData\0x35t381ja6w6cmcd2r" deleted "C:\ProgramData\300v0hrfj2i4" deleted "C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm\gamiipnagaakobenbkakbpgeaeacglbm.crx" deleted "C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm\update.xml" deleted "C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Cindy\AppData\Local\Temp ==== 2014-03-21 13:24:44 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Cindy\AppData\Local\Temp\ESGScanner.sys 2014-03-21 12:49:15 5C28E508C83A3B0DDBB224B04B1418B9 47329360 ----a-w- C:\Users\Cindy\AppData\Local\Temp\SHSetup.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-03-25 19:42:14 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-03-25 19:41:30 EF3B71BD5920BD4C02302AFBABE210A6 88280 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-03-25 19:41:30 92008BFC4A409AD92DFBB50AF392AECC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-03-25 19:41:30 5F779F8A5599F2DDA479157088E3836E 63192 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys ====== C:\Windows\Tasks ====== 2014-03-25 23:14:24 6C545E3CD7F69DB54554D61AD5A4A483 3120 ----a-w- C:\Windows\Sysnative\Tasks\{229C6AAE-9962-4CFC-8B67-4E104EAB5D96} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-03-25 20:07:08 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-03-14 11:31:33 -------- d-----w- C:\PROGRA~2\Anvisoft ======= C: ===== 2014-03-21 13:25:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Cindy\AppData\Roaming ====== 2014-03-21 13:24:36 -------- d-----w- C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-03-09 02:53:22 -------- d-----w- C:\Users\Cindy\AppData\Local\Microsoft Games ====== C:\Users\Cindy ====== 2014-03-25 20:06:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Cindy\Downloads\RSITx64.exe 2014-03-25 19:39:57 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Cindy\Downloads\mbam-setup-2.0.0.1000.exe 2014-03-22 15:11:59 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner (2).exe 2014-03-21 12:49:05 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Cindy\Downloads\SpyHunter-Installer.exe 2014-03-21 12:38:33 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner (1).exe 2014-03-14 11:35:49 2075EBB7954277A05193412881EC8FDE 1037734 ----a-w- C:\Users\Cindy\Downloads\JRT.exe 2014-03-14 11:35:41 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner.exe 2014-03-14 11:30:46 28439C70930F79686EA27924CAFAFF1A 1381864 ----a-w- C:\Users\Cindy\Downloads\AnviUnIns.exe 2014-03-09 11:10:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst ====== C: exe-files == === C: other files == 2014-03-21 13:25:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Mega Manager"="C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray" "BitComet"="C:\Program Files\BitComet\BitComet.exe /tray" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "FLV Player"="C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "Spotify"="C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "Spotify Web Helper"="C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" "uTorrent"="C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" "SuperAdBlocker"="C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"="C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "adblock pro"="C:\Program Files (x86)\Adblock Pro\abpmain.exe -m" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" "STToasterLauncher"="C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe" "20131224"="C:\Program Files\AVAST Software\Avast\setup\emupdate\4e90784d-6117-436e-8071-ad5552bbca8a.exe /check" "Launcher"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Mega Manager"="C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray" "BitComet"="C:\Program Files\BitComet\BitComet.exe /tray" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "FLV Player"="C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "Spotify"="C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "Spotify Web Helper"="C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe" "uTorrent"="C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe" "SuperAdBlocker"="C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\FILTEL~1\\FILTEL~2.DLL" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellComms] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellComms" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dell\\DellComms\\bin\\sprtcmd.exe\" /P DellComms" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupportCenter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellSupportCenter" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter" ==== Startup Folders ====================== 2010-09-28 23:12:00 829 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk 2010-09-28 23:10:12 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk 2010-09-28 23:12:00 829 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk 2010-09-28 23:10:12 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{0CA5549F-A442-40B2-870D-8E1570E0F515}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=5.1.0.104&LastError=12002] "C:\Windows\SysNative\tasks\{50420F0B-4848-0EA7-E14B-1F50CF08F162}" [C:\Users\Cindy\AppData\Roaming\adobe\acrobat\10.0\forms\lawynpt.exe] "C:\Windows\SysNative\tasks\{730B3EC6-48EE-490F-9AC3-F620BFB00032}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.120/en/go/help.faq.installer?LastError=1618] "C:\Windows\SysNative\tasks\{AFDD0997-E364-49D2-B3BC-D1C38383AF12}" ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"] "C:\Windows\SysNative\tasks\{D2497C30-31FD-4A98-B2C2-8B4F00059DFA}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17-02-2014 14:37] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10-10-2011 17:09] UTUbEroAdBlockker - Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm Skype Click to Call - Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl uTorrentBar_NL - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb uTorrentControl_v2 - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda UTUbEroAdBlockker - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm Skype Click to Call - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Chrome Fix ====================== C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdn.adbabylon.com_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdn.adbabylon.com_0.localstorage-journal deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage deleted successfully C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage-journal deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage-journal deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {62E2CB12-1D8A-463B-BE20-673039477F6E} Bing Url="http://www.bing.com/search?FORM=DLCBDF&PC=MDDC&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6E598DAC-23B3-4126-B44E-B36AAD02AF04} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6E598DAC-23B3-4126-B44E-B36AAD02AF04} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9A4BF4A-BA35-29C0-36A3-7BE82BE1FB2A} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-5902107913 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2452 folders=503 112129130 bytes) ==== Empty Temp Folders ====================== C:\Users\Cindy\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Cindy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda" deleted "C:\Users\Cindy\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\K73XLLJC\club777.com" not found ==== EOF on wo 26-03-2014 at 12:40:42,72 ======================