Zoek.exe v5.0.0.0 Updated 14-07-2014 Tool run by Gina on di 15-07-2014 at 14:57:32,18. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gina\Downloads\zoek.exe [Scan all users] [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 15-7-2014 15:00:39 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Mad Scientist Productions deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Origin Games deleted successfully C:\Program Files\Symantec deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\WinZip deleted successfully C:\Users\Gina\AppData\Roaming\HpUpdate deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-274440433-1281756902-1481230371-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully HKEY_USERS\S-1-5-21-274440433-1281756902-1481230371-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-274440433-1281756902-1481230371-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully HKEY_USERS\S-1-5-21-274440433-1281756902-1481230371-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gina\AppData\Roaming\Mozilla\Firefox\Profiles\weejhwtb.default user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_15-07-2014_1512_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~3\spds90.txt deleted C:\Users\Gina\Searches deleted C:\Users\Gina\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\Gina\Downloads\SoftonicDownloader_voor_java-runtime-environment.exe deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Windows\Installer\7a072b.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Gina\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-07-15 12:14:16 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll 2014-07-09 22:18:46 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 22:18:46 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 22:18:46 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 22:18:45 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-07-09 22:18:44 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 22:18:44 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-07-09 22:18:44 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 22:18:44 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 22:18:44 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-07-09 22:18:43 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-07-09 22:18:43 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 22:18:42 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 22:18:42 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 22:18:42 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-07-09 22:18:41 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-07-09 22:18:41 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-07-09 22:18:41 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 22:18:41 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 22:18:38 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 22:18:38 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-07-09 22:18:38 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 22:18:38 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-07-09 22:18:37 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-07-09 22:18:37 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-07-09 22:18:37 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 22:18:37 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 18:43:14 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-07-09 18:42:17 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-07-09 18:41:00 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-07-09 18:41:00 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-07-09 18:41:00 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-07-09 18:41:00 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 18:41:00 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 18:41:00 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 18:41:00 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-07-09 18:37:56 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-07-09 18:37:56 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2014-07-08 19:56:18 35D77ACF3C14DCE6BADA47143FD641DB 11204096 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-07-09 22:18:46 FC50DF22550C565DD096ACFAF18A37ED 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-07-09 22:18:46 DA5BAC4C5BDB22BBC6771534EA95AD33 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-07-09 22:18:44 C2F62DF01E3552DB0571FEF4D514675B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-07-09 22:18:44 C0F9F52C36E584C0339406ABF6DA1FBA 266424 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-07-09 22:18:44 5E646AD50848A409291418B5759595B9 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-07-09 22:18:42 73C7D1FCF6F58F3BF077FB42B0214BC0 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-07-09 22:18:42 391D68668CFC061F26BE593A61F745E0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-07-09 22:18:41 D8E6706AECD7AA50764E126CE3F36555 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-07-09 22:18:41 7176CB0FFAAC3E54ABB2014E821120F9 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-07-09 22:18:41 2E40D5E11BCC597352EE0314AF629A0F 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-07-09 22:18:40 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-07-09 22:18:40 7469D4E046BD7D155CAC2697BD28B58B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-07-09 22:18:39 A21C6231459F4CAC212676A9367A1A68 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-07-09 22:18:39 1685AA234852657C4A6D253CCBBE84E0 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-07-09 22:18:37 8B2ADE09864BF3F7AA6D395DAFEC41B5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-07-09 22:18:35 415DF2B045167D6D85223CFFF00FCFC7 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-07-09 22:18:34 854C5F171F5CEE272232AC0286F3B3B9 598016 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-07-09 22:18:34 366FA6D38406DC8BED62825C196144D1 13527040 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-07-09 22:18:33 CD76B3D60D28634A67B0AD7CB2E45929 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-07-09 22:18:33 945FA19B388FCF0FEA6124B5FD71C72F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-07-09 22:18:33 50FF2DD806CC6CF3B3F98F9A1A711603 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-07-09 22:18:33 4EC7738394D2BC7BCB5F7A3657F57252 5721088 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-07-09 22:18:33 1FD6C2F6AC489C271565730F6E9E1A05 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-07-09 22:18:32 BDD4A74421B023C81DA63168BD10C01B 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-07-09 22:18:32 2EE102DF0EDD8A1EDD3D1E9B99A91BEC 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-07-09 22:18:32 00401347C3BC466E5F2516387EBBCA7D 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-07-09 22:18:31 F876957CA193B20A21D52F91418657D7 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-07-09 22:18:31 89A53CDE0DA5680AF48A181D82C752CA 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-07-09 22:18:31 52012C83F7E9AF65D13F04415F0508F5 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-07-09 22:18:30 FEC19C351EF1B2C998A85D1BFD765675 23464448 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-07-09 18:48:58 03282D1ADC4F64D27D697CBB63F972C2 519168 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-07-09 18:48:57 980394E1FF94E460C4D71C1B098A0B4F 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-07-09 18:43:14 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-07-09 18:43:14 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe 2014-07-09 18:42:18 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-07-09 18:41:00 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-07-09 18:41:00 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-07-09 18:41:00 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-07-09 18:41:00 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-07-09 18:41:00 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-07-09 18:41:00 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-07-09 18:41:00 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-07-09 18:37:56 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-07-09 18:41:37 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== 2014-07-04 20:14:32 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{EB6DC899-E7AD-411D-AB22-D20008A27807} 2014-07-04 20:07:58 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{597A124B-CECF-49BC-8164-B6BB21822C1F} 2014-07-04 20:00:36 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{0D6845FC-5F54-42B0-8713-A45924AF0F8F} 2014-07-04 19:52:30 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{B7251EC9-CFBC-4329-9247-BD86E70EEBC9} 2014-06-24 20:56:48 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{D50775B9-B194-4EB6-8787-8B8CC80E14C7} 2014-06-24 20:55:44 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{C8B5776A-23C3-4B3C-8E55-873A39FCF9AA} 2014-06-23 18:00:14 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{BF1377EE-DEEB-4D1B-B49F-26658E8D68EE} 2014-06-23 17:58:52 7C0EF86954F7E4DADC141DF50EF2F19F 3038 ----a-w- C:\Windows\Sysnative\Tasks\{37311FCD-7866-4510-9211-BD1B91524DC4} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== 2014-06-22 11:35:27 A6799D0F42122C0D1E28655C10DB2707 30 ----a-w- C:\AVScanner.ini ====== C:\Users\Gina\AppData\Roaming ====== 2014-06-26 10:03:42 -------- d-----w- C:\Users\Gina\AppData\Local\Adobe ====== C:\Users\Gina ====== 2014-07-15 12:11:30 DB95B03031E66AC45495EDF1D16B8887 1348263 ----a-w- C:\Users\Gina\Downloads\adwcleaner_3.215.exe 2014-07-15 10:24:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gina\Downloads\RSITx64 (2).exe 2014-07-14 20:50:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gina\Downloads\RSITx64 (1).exe 2014-07-14 20:50:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gina\Downloads\RSITx64.exe ====== C: exe-files == 2014-07-15 12:11:30 DB95B03031E66AC45495EDF1D16B8887 1348263 ----a-w- C:\Users\Gina\Downloads\adwcleaner_3.215.exe 2014-07-15 10:24:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gina\Downloads\RSITx64 (2).exe 2014-07-14 20:50:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gina\Downloads\RSITx64 (1).exe 2014-07-14 20:50:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gina\Downloads\RSITx64.exe 2014-07-09 22:18:46 24868C9D422EDB5B249C0C81B01A0C19 810160 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-07-09 22:18:45 61FF1A9683EDD471797FE0F56057FD09 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-07-09 22:18:43 CD900EFB4F8946A2BB1950D9F45915C2 812216 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-07-09 22:18:43 65D0ECD485C8605B07C8338708224818 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-07-09 22:18:42 2168067C03FADB690B77633104A2E64B 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-07-09 22:18:39 8395829B1CE9E11C6441753257DC7591 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-07-09 18:43:14 89D2706FCD45E33CECFBD46BCBAD7E16 10240 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe 2014-07-09 18:43:14 20235ED4653CFDDCDEF721F5126A1C47 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe === C: other files == 2014-07-09 18:43:14 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\System32\win32k.sys 2014-07-09 18:41:37 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2014-07-08 20:35:09 F718A57D946EAC76EFCB351D74E269F4 875736 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\srtsp64.sys 2014-07-08 20:35:09 B18CE01B9C09C59422BA7C7064248B35 36952 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\srtspx64.sys 2014-07-08 20:35:09 9F31630D7FC2DD9D5DA1CE359AAD1F46 1148120 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\symefa64.sys 2014-07-08 20:35:09 5C9EE2303CA7F267665D75237862B39C 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\symds64.sys 2014-07-08 20:35:09 5570A74FF9B1EFBC5154DD1E2F05C517 593112 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\symnets.sys 2014-07-08 20:35:09 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\symelam.sys 2014-07-08 20:35:08 48C2934683CBD06F662B088EEF49EF6A 264280 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\ironx64.sys 2014-07-08 20:35:08 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NISx64\1504000.00D\ccsetx64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-274440433-1281756902-1481230371-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Gina\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe -h -k" "NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Gina\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Gina\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Gina\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" ==== Startup Folders ====================== 2010-09-30 05:39:50 2067 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoWebCamera.exe.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-07-2014 22:55] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-274440433-1281756902-1481230371-1001Core.job --a------ C:\Users\Gina\AppData\Local\Facebook\Update\FacebookUpdate.exe [20-01-2014 22:17] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-274440433-1281756902-1481230371-1001UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-06-2011 19:20] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-06-2011 19:20] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-274440433-1281756902-1481230371-1001Core" [C:\Users\Gina\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-274440433-1281756902-1481230371-1001UA" [C:\Users\Gina\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe"] "C:\Windows\SysNative\tasks\{09571229-53C0-41D4-9074-E9516E464FCD}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{0D6845FC-5F54-42B0-8713-A45924AF0F8F}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{0E63B693-31DD-4E05-A1E4-F447E707697F}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{0EB36783-686D-42C9-99DD-A33CB49A28BC}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{12B2697D-A414-4412-8064-950F21535E2B}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{148110C4-822D-4A3A-B30F-D44E40F71EF1}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Beestenbende\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{1E6C05F6-5269-4EE4-8FE1-076C2CB04381}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{2AB55629-C6BC-4601-9384-6A54F870250E}" [msiexec.exe] "C:\Windows\SysNative\tasks\{370A7318-48E4-45E4-91D4-12C6597816B7}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{37311FCD-7866-4510-9211-BD1B91524DC4}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{3B3C11EF-C045-40B1-AF50-5C9600E6F4E9}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{40880D92-5F4D-4B47-899A-83A3FD856C4D}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{442D54A7-9885-4A6C-8E4B-09036DF3B8B5}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{465F21B5-0397-4C1E-8808-FB00910C8DE6}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{4695A62B-5DE8-4482-88E6-72682F814DB0}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{47D3C7B0-2F38-4637-B586-42ADBF83E4F0}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{4C8F1983-A3C3-4894-A37C-CED0199E2092}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{5016F1B6-A64F-40D1-9033-CFD932C3F878}" [C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe] "C:\Windows\SysNative\tasks\{597A124B-CECF-49BC-8164-B6BB21822C1F}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{62360091-E5B8-4C0D-A930-0AEC8A92C50F}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{6269621C-F93E-42FB-9496-2282621B6FA7}" [C:\Users\Gina\Desktop\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{6B01FD79-E13C-42C6-8E92-BEE145D98617}" [C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe] "C:\Windows\SysNative\tasks\{6E23C9E2-5EC6-446F-8582-5376AE118E8D}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{7524B68A-9DC1-48C4-8782-24A9B7D2CCF4}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Levensweg\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{7C1F122E-2CB7-4CF8-8D84-A2D9ED57B067}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Beestenbende\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{889F9728-6218-457B-962F-975C0277FE6F}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{88EEA419-B421-4BE3-9507-E87F4AEB8C33}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{8E3A9AA3-6D26-4922-AA90-B737EA080A6B}" [msiexec.exe] "C:\Windows\SysNative\tasks\{8E654D8F-F9DD-40F0-9B28-98095F1A8978}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{8F1591D5-35DB-4C11-9F35-F66C30602BFA}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{933AF78B-23D0-4233-A463-880416C91E06}" [E:\Java\jre7\bin\java.exe] "C:\Windows\SysNative\tasks\{95F42AB2-8D70-489E-AD4B-F0008BF2D35D}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{974F931B-83AA-4E3B-8C6E-ABE08536A3DC}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{9A3E44EB-FE39-442D-B351-3F72AAE9E799}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{A815276D-A436-4569-BB2C-F8175C2DA761}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{ABBACF30-4C73-4CF6-B6D1-632728C93AD6}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{B0E62DF0-75B7-47EB-8D60-C0E6F138F194}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{B7251EC9-CFBC-4329-9247-BD86E70EEBC9}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{B76C8B3F-504A-4000-937E-A46B273F4C33}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{B8144A50-5A0B-47E3-AA68-37FC10EC79AE}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Studententijd\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{BF1377EE-DEEB-4D1B-B49F-26658E8D68EE}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{C0A337F6-EEB3-43FB-B2E5-38A0206CEA15}" [C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe] "C:\Windows\SysNative\tasks\{C173498A-8D99-4019-8DE8-7E651459E605}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{C32E549F-F356-4E7C-9529-6DF82F6A2926}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{C8B5776A-23C3-4B3C-8E55-873A39FCF9AA}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{D38F9845-05D7-4B07-ACE5-1E2F58527B49}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{D50775B9-B194-4EB6-8787-8B8CC80E14C7}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{DB7EFCF5-6836-4DE3-9AED-2E6D5A217889}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{E45FDD38-362A-415B-9C0C-409185D226DF}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{EB3FB450-2B1C-4DCF-A052-86CD56C9CF1C}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{EB6DC899-E7AD-411D-AB22-D20008A27807}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{F21FD26B-2E5C-4024-9D1D-1932007C140C}" [C:\Program Files (x86)\Electronic Arts\De Sims 3 Jaargetijden\Game\Bin\Sims3Launcher.exe] "C:\Windows\SysNative\tasks\{F542C21D-AF24-43F3-A917-4435B57073A3}" [msiexec.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF" [14-07-2014 18:27] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gina\AppData\Roaming\Mozilla\Firefox\Profiles\weejhwtb.default - leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gina\AppData\Roaming\Mozilla\Firefox\Profiles\weejhwtb.default 4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Gina\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx[26-06-2014 12:22] Norton Identity Protection - Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda FREE TV - Gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbcjohbic ==== Chrome Fix ====================== C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driverfindertool.com_0.localstorage deleted successfully C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driverfindertool.com_0.localstorage-journal deleted successfully C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mysweetdeals.org_0.localstorage deleted successfully C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mysweetdeals.org_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com" "CustomizeSearch"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com" "CustomizeSearch"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_nlNL434NL434" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gina\AppData\Local\Mozilla\Firefox\Profiles\weejhwtb.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=456 folders=110 127783922 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gina\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Gina\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 15-07-2014 at 15:25:17,68 ======================