Zoek.exe v5.0.0.0 Updated 29-07-2014 Tool run by Andy on wo 30/07/2014 at 18:35:43,34. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Andy\Mijn documenten\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 30/07/2014 18:37:48 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\D-Link deleted successfully C:\Program Files\Oce deleted successfully C:\Program Files\Realtek Sound Manager deleted successfully C:\Program Files\Common Files\Spigot deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip deleted successfully C:\Documents and Settings\Andy\Application Data\Contex deleted successfully C:\Documents and Settings\Andy\Application Data\Malwarebytes deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1993962763-261478967-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_USERS\S-1-5-21-1993962763-261478967-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_USERS\S-1-5-21-1993962763-261478967-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9CC8F121-1455-439E-A9FD-23DAA40E10D0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1993962763-261478967-725345543-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Program Files\pdfforge Toolbar deleted C:\Program Files\Application Updater deleted C:\Program Files\ComPlus Applications deleted C:\Program Files\Wise\Wise Registry Cleaner deleted C:\Documents and Settings\Andy\Application Data\GetRightToGo deleted C:\Documents and Settings\Andy\Application Data\Search Settings deleted C:\Documents and Settings\Andy\Application Data\pdfforge deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallMate deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Package Cache deleted C:\WINDOWS\002555_.tmp deleted C:\WINDOWS\SET3.tmp deleted C:\WINDOWS\SET4.tmp deleted C:\WINDOWS\SET8.tmp deleted C:\WINDOWS\tasks\At1.job deleted C:\WINDOWS\tasks\At2.job deleted C:\WINDOWS\tasks\At3.job deleted C:\WINDOWS\tasks\At4.job deleted C:\END deleted F:\Mijn documenten\HANDIGE PROGS\COLORTRAC SCANNER\SmartWorksEZ105\Smartworks Ez-Setup.exe deleted "C:\WINDOWS\Installer\582fd4.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\Andy\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-07-28 19:29:36 7F26D694BC7E78958BE38D1D9AAFC2B9 272808 ----a-w- C:\WINDOWS\System32\javaws.exe 2014-07-28 19:29:36 3E5D0F25A7DE68B4241986AA2C095A16 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl 2014-07-28 19:29:28 FFAECE8AEC1D9CCDCEC1C55C2CA450BA 175528 ----a-w- C:\WINDOWS\System32\java.exe 2014-07-28 19:29:28 F98096A7E805CAE52BE582BF1318182F 96680 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll 2014-07-28 19:29:28 67BE34FBF29E783691C713517102E67E 175528 ----a-w- C:\WINDOWS\System32\javaw.exe ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-07-30 14:44:15 -------- d-----w- C:\Program Files\trend micro 2014-07-28 19:29:42 -------- d-----w- C:\Program Files\Common Files\Java ======= C: ===== ====== C:\Documents and Settings\Andy\Application Data ====== ====== C:\Documents and Settings\Andy ====== 2014-07-28 19:05:25 F9E5395DC309A822839A309325CB2056 237568 ----a-w- C:\Documents and Settings\LocalService\NTUSER.rhk 2014-07-28 19:05:25 66F3DE043EE172DA2C424A0ADE03739B 237568 ----a-w- C:\Documents and Settings\NetworkService\NTUSER.rhk 2014-07-28 19:05:25 43298629583BFCEF11E07E0EE5C270B5 12337152 ----a-w- C:\Documents and Settings\Andy\ntuser.rhk ====== C: exe-files == 2014-07-30 14:44:15 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Andy.exe 2014-07-30 14:44:02 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\Andy\Mijn documenten\Downloads\RSIT.exe 2014-07-28 19:29:36 7F26D694BC7E78958BE38D1D9AAFC2B9 272808 ----a-w- C:\WINDOWS\system32\javaws.exe 2014-07-28 19:29:28 FFAECE8AEC1D9CCDCEC1C55C2CA450BA 175528 ----a-w- C:\WINDOWS\system32\java.exe 2014-07-28 19:29:28 67BE34FBF29E783691C713517102E67E 175528 ----a-w- C:\WINDOWS\system32\javaw.exe 2014-07-28 19:28:11 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Documents and Settings\Andy\Application Data\Sun\Java\jre1.7.0_65\lzma.exe 2014-07-28 19:24:12 E5B19F06B5105B110255C7A4A87DB307 41272 ----a-w- C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exe 2014-07-28 19:24:12 35DA92670C06C15CF6F5C10708788554 59160 ----a-w- C:\Program Files\SUPERAntiSpyware\SUPERDelete.exe 2014-07-28 18:13:34 88F161F0976B37F3FF0EDF9FFFC93837 353912 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe 2014-07-28 18:13:10 40E22871111BEA363BF3C8269A61ABC5 3138912 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\ConvertIFD\ConvertIFD.exe 2014-07-28 18:13:09 C0248DD2A41CAB363150CAF7212AE8CB 816480 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\ConvertIP.exe 2014-07-28 18:13:09 87133E82941F54B2CBCB23E62BF623AD 869728 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\ConvertWord.exe 2014-07-28 18:13:09 7266F229B78EC31558BE4B9946BB34BC 71008 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\ConvertPDF.exe 2014-07-28 18:13:09 64D1FD7422E6EE3FC99865C6B725C29B 62816 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\ConvertIFDShell.exe 2014-07-28 18:13:08 36B52F8B369107FBF32F4C42B515FFB3 457216 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\ConvertXF\ConvertXF.exe 2014-07-28 18:13:00 B7B08053BAAAA66E3CE1B0FBD9C075E6 143360 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\GuideBuilder.exe 2014-07-28 18:12:58 B08CCE3317C06D9A341D12F82B9D1A26 172032 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\plugins\GuideBuilder\PluginLauncher.exe 2014-07-28 18:12:39 F42DFCE80FE238CFBC5682D2A13F0534 253512 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\A3DUtility.exe 2014-07-28 18:12:39 09AE02BADC8B2086B93BF9A8E6E571D9 93048 ----a-w- C:\Program Files\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe 2014-07-28 18:12:38 BBE8AC52195A540D536C62896AA535E7 29264 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTextExtractor.exe 2014-07-28 18:12:37 7A33B69FD8D616F75E2A8F88D9278BA5 179840 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Scan\AcroScanBroker.exe 2014-07-28 18:12:34 A6FE9F1CD374205DE0A510079B3FC13F 2641520 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\Acrobat Elements.exe 2014-07-28 18:12:15 48BE298F7FD1BEF4D8FBACB04D8D95C4 958576 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 2014-07-28 18:12:15 25DB8AB613EDA31FCD71D29B0D042312 19048 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe 2014-07-28 18:12:13 A7DBC65E3132A2569AE5B428D2AA5273 282248 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroBroker.exe 2014-07-28 18:12:13 47F3940758C46FB8F6B1DF2E7A4CCA44 19866976 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe 2014-07-28 18:12:10 7CFD590987D2BB33D5D56D98093D2E76 2521464 ----a-w- C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe 2014-07-28 18:12:09 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-r- C:\Program Files\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe 2014-07-28 18:12:09 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-r- C:\Program Files\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe 2014-07-28 18:11:20 B07CD640028F7D3190A89551D94A0960 560768 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AdobeCollabSync.exe 2014-07-28 18:11:17 DBE470A368A7887DA8F4FBE06ED252A4 364128 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe 2014-07-28 18:11:03 77F0C6C68FE917A10B56CADF6D57CDA0 151152 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrodist.exe 2014-07-28 18:10:50 9E6AF5DCE0983D9104667ADAAD1009C7 118384 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\PDFPrevHndlrShim.exe 2014-07-28 18:10:48 AEB3E8A6308604C3490A36D06D6685DC 44128 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe === C: other files == 2014-07-30 07:12:54 5A39B4CD2498014D8C03EDBC60726CD2 66489227 ----a-w- C:\Documents and Settings\Andy\Mijn documenten\Downloads\Filemail.com files 2014-7-30 gfepfxmbobcqjah.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1993962763-261478967-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "Akamai NetSession Interface"="C:\Documents and Settings\Andy\Local Settings\Application Data\Akamai\netsession_win.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" "AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin" "Adobe Acrobat Speed Launcher"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe -hide" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume" "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "CnwiDeviceAgent"="C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe" "WD Quick View"="C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "Akamai NetSession Interface"="C:\Documents and Settings\Andy\Local Settings\Application Data\Akamai\netsession_win.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Reader_sl" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google+ Auto Backup" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IMJPMIG" "hkey"="HKLM" "command"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Kies" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TINTSETP" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TINTSETP" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SOUNDMAN" "hkey"="HKLM" "command"="SOUNDMAN.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WD Quick View] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WDDMStatus" "hkey"="HKLM" "command"="C:\\Program Files\\Western Digital\\WD Quick View\\WDDMStatus.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/12/2013 09:52] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/12/2013 09:52] C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [23/10/2013 16:01] C:\WINDOWS\tasks\____Volume_cd0d5dae_082a_11e0_a646_00508d690a7a__dropbox_ce60718a_6bd1_4667_ad6e_e2ea37627a50_dropbox_.job --a------ C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe [02/06/2014 10:47] C:\WINDOWS\tasks\____Volume_cd0d5dae_082a_11e0_a646_00508d690a7a__uuid_73656761_7465_7375_636b_0090a93aaa18_SmartWare_.job --a------ C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe [02/06/2014 10:47] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension" [21/08/2012 10:26] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Andy\Application Data\KompoZer\Profiles\omlh9ab9.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ProfilePath: C:\Documents and Settings\Andy\Application Data\kompozer.net\KompoZer\Profiles\0bwmeex5.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Docs - Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{506A877D-293C-4FC3-B0C4-CFA5CCD27278}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=UP09DF&PC=UP09&q={searchTerms}&src=IE-SearchBox" {1AD1F491-8008-4299-8C38-67D32056A94F} Unknown Url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC" {506A877D-293C-4FC3-B0C4-CFA5CCD27278} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="127.0.0.1:9421;;*.local" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B1AD32AAF0D5DDA408EFC28FF184B835 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1C50328D-651E-4843-BD7D-B0342FA429AC} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AA23DA1B-5D0F-4ADD-80FE-2CF81F488B53} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B1AD32AAF0D5DDA408EFC28FF184B835 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=127 folders=29 48288689 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Andy\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Andy\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies" not found "C:\Documents and Settings\LocalService\Local Settings\Temp\History" not found "C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files" not found ==== EOF on wo 30/07/2014 at 19:28:20,23 ======================