
Zoek.exe v5.0.0.0 Updated 08-November-2014
Tool run by DR Desplentere on zo 09/11/2014 at 19:10:49,81.
Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 WMI=failure
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DR Desplentere\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

9/11/2014 19:17:48 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\CouopEExtensaion deleted successfully
C:\PROGRA~2\EinjoyCouupuon deleted successfully
C:\PROGRA~2\ExstraSavings deleted successfully
C:\PROGRA~2\Gabest deleted successfully
C:\PROGRA~2\McAfee deleted successfully
C:\PROGRA~2\RoboSSaveri deleted successfully
C:\PROGRA~2\SaveShare deleted successfully
C:\PROGRA~2\SHoppDrOp deleted successfully
C:\PROGRA~2\YiOuTuuAodBBloocker deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\CouopEExtensaion deleted successfully
C:\PROGRA~3\EinjoyCouupuon deleted successfully
C:\PROGRA~3\ExstraSavings deleted successfully
C:\PROGRA~3\PDFC deleted successfully
C:\PROGRA~3\RoboSSaveri deleted successfully
C:\PROGRA~3\savenshare deleted successfully
C:\PROGRA~3\SHoppDrOp deleted successfully
C:\PROGRA~3\YiOuTuuAodBBloocker deleted successfully
C:\Users\DR Desplentere\AppData\Roaming\Lite deleted successfully
C:\Users\DR Desplentere\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\DR Desplentere\AppData\Local\Avg2013 deleted successfully
C:\Users\DR Desplentere\AppData\Local\PackageAware deleted successfully
C:\Users\DR Desplentere\AppData\Local\PDFC deleted successfully
C:\Users\DR Desplentere\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1713628948-2976628080-1367645279-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-1713628948-2976628080-1367645279-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5452EE91-1FA2-4BB0-B086-19DB383680A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\DRDESP~1\AppData\Roaming\Mozilla\Firefox\Profiles\oauhv6hi.default-1392104724169

user.js not found
---- Lines extensions.VL4hT0N5W8 removed from prefs.js ----
user_pref("extensions.VL4hT0N5W8.epoch", "1402422295");
user_pref("extensions.VL4hT0N5W8.url", "http://directwebfile.info/sync2/?q=hfZ9oeZJh7YMCyVUojaMg708BNmGWj8cmihGheDUojw9rdgErHw8rdYEpchIC7n0rjnEqTa4rjC
---- Lines extensions.ZEct removed from prefs.js ----
user_pref("extensions.ZEct.epoch", "1404888034");
user_pref("extensions.ZEct.url", "http://getjpi77.info/sync2/?q=hfZ9oelGDGhEAen0rchTB6lKDzt4oktxtNtVh7n0rjnEqHaHrdUErdwFtMFHhd9Fqda6rdYEqTr5qdUMDMlGoj
---- Lines extensions.lTLdSfR4O04 removed from prefs.js ----
user_pref("extensions.lTLdSfR4O04.epoch", "1404888035");
user_pref("extensions.lTLdSfR4O04.url", "http://skyfunnjobbest.info/sync2/?q=hfZ9ofhTgShEAen0rchTB6lKDzt4oktxtNtVh7n0rjnEqTs6rjYGqHaFtMFHhd9Fqda6rdYEq
---- Lines extensions.lX38mYZ65yAj removed from prefs.js ----
user_pref("extensions.lX38mYZ65yAj.epoch", "1393755140");
user_pref("extensions.lX38mYZ65yAj.url", "http://driverguidemy.ru/sync2/?q=hfZ9ofhThShEAen0rchTB6lKDzt4oktxtNtVh7n0rjnErTs6rTa8pjwGtMFHhd9FqdaHrdwFrdw
---- FireFox user.js and prefs.js backups ---- 

prefs_20140911_2029_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~3\aociblioniiccbpmfcalefckednpgfno deleted
C:\Users\DR Desplentere\AppData\LocalLow\{DE41E1A2-9124-785B-FBAA-FB0083A7A00B} deleted
C:\Users\DR Desplentere\AppData\LocalLow\{FBC4AD70-ED0A-54B4-778B-0FB25445113A} deleted
C:\Users\DR Desplentere\AppData\Local\Packages\windows_ie_ac_001\AC\{0905208F-2562-84E8-D345-E2C1A5ABC2A9} deleted
C:\Users\DR Desplentere\AppData\Local\Packages\windows_ie_ac_001\AC\{2196B75B-57E0-2FA6-24BD-6A14D5616BE5} deleted
C:\Users\DR Desplentere\AppData\Local\Packages\windows_ie_ac_001\AC\{6E3356C8-DF4C-EA7D-F6F6-3113C8D655B5} deleted
C:\Users\DR Desplentere\AppData\Local\Packages\windows_ie_ac_001\AC\{A3507EAC-7D07-5DD8-956A-324370D2DD6E} deleted
C:\Users\DR Desplentere\AppData\Local\Packages\windows_ie_ac_001\AC\{DE41E1A2-9124-785B-FBAA-FB0083A7A00B} deleted
C:\Users\DR Desplentere\AppData\Local\Packages\windows_ie_ac_001\AC\{FBC4AD70-ED0A-54B4-778B-0FB25445113A} deleted
C:\PROGRA~3\f104e22a76871c31 deleted
C:\PROGRA~3\StarApp deleted
C:\Users\DR Desplentere\AppData\Roaming\pdfforge deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Tarma Installer deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\RegistryHelperLM.ocx deleted
C:\windows\Syswow64\SearchProtect deleted
C:\windows\SysWow64\AI_RecycleBin deleted
"C:\PROGRA~3\okjfjjoikdklnocpfeijbhhbaopioobb\okjfjjoikdklnocpfeijbhhbaopioobb.crx" deleted
"C:\PROGRA~3\okjfjjoikdklnocpfeijbhhbaopioobb\update.xml" deleted
"C:\PROGRA~3\okjfjjoikdklnocpfeijbhhbaopioobb" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\DRDESP~1\AppData\Local\Temp ====
2014-11-09 18:01:31	4E566FEA83FCEEAF2873702806B55006	43008	----a-w-	C:\Users\DR Desplentere\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4i_tqt.dll
====== Java Cache =====
2014-11-07 15:28:27	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\DR Desplentere\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-136142ec
====== C:\windows\SysWOW64 =====
2014-11-09 10:25:45	75D477E868CA51EC1B09D730570F322B	176552	----a-w-	C:\windows\SysWOW64\javaw.exe
2014-11-09 10:25:45	691D49FB44EDE9788288CABE4F7E0DAF	272296	----a-w-	C:\windows\SysWOW64\javaws.exe
2014-11-09 10:25:44	AA3520FB0133A56BEE1DB34D74DBEF64	176552	----a-w-	C:\windows\SysWOW64\java.exe
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
====== C:\windows\Tasks ======
2014-11-09 18:08:32	271ECF4AAF4639AC4EBF32BC16B277F0	3240	----a-w-	C:\windows\Sysnative\Tasks\HPCeeScheduleForDR Desplentere
2014-11-09 18:08:32	1263EE7F2FF2EA5773E4E2415F521400	368	----a-w-	C:\windows\Tasks\HPCeeScheduleForDR Desplentere.job
====== C:\windows\Temp ======
======= C:\Program Files =====
2014-11-07 13:13:00	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-11-09 09:12:26	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\DR Desplentere\AppData\Roaming ======
====== C:\Users\DR Desplentere ======
2014-11-09 08:47:43	44933ED144874569EB5A43B613CBE88A	638888	----a-w-	C:\Users\DR Desplentere\Downloads\jxpiinstall(4).exe
2014-11-09 08:38:41	44933ED144874569EB5A43B613CBE88A	638888	----a-w-	C:\Users\DR Desplentere\Downloads\jxpiinstall(3).exe
2014-11-09 08:34:07	44933ED144874569EB5A43B613CBE88A	638888	----a-w-	C:\Users\DR Desplentere\Downloads\jxpiinstall(2).exe
2014-11-09 08:31:24	44933ED144874569EB5A43B613CBE88A	638888	----a-w-	C:\Users\DR Desplentere\Downloads\jxpiinstall(1).exe
2014-11-09 08:21:21	717CCD9C43E95BC3FB296DF529EF0850	1054912	----a-w-	C:\Users\DR Desplentere\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-11-07 13:16:06	12EFD5FA51597F188E5DB50BE20EE597	1375089	----a-w-	C:\Users\DR Desplentere\Downloads\adwcleaner_3.311.exe

====== C: exe-files ==
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1713628948-2976628080-1367645279-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"EPSON SX210 Series"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU C:\windows\TEMP\E_SAC77.tmp /EF HKCU"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start"
"TkBellExe"="C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -osboot"
"IsaKbcCertUpdate"="C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe"
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"EPSON SX210 Series"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU C:\windows\TEMP\E_SAC77.tmp /EF HKCU"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files\Motorola\Bluetooth\btmshell.dll,TrayApp"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\DR Desplentere\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""


==== Startup Folders ======================

2014-09-21 15:51:38	1058	----a-w-	C:\Users\DR Desplentere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20/10/2014 20:15]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:q6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/12/2011 13:08]
C:\windows\tasks\HPCeeScheduleForDR Desplentere.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14/09/2010 07:15]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\HPCeeScheduleForDR Desplentere" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\windows\SysNative\tasks\{0F5AAA2A-43F8-42AD-B287-802FCA0FF721}" [C:\PRO_DOC\prodoc32.exe]
"C:\windows\SysNative\tasks\{1C94FAC3-9BE2-4775-AFE6-7546300F12D6}" [C:\PRO_DOC\prodoc32.exe]
"C:\windows\SysNative\tasks\{34B0B547-6499-4DFB-ACB0-F6C71DA8639D}" [C:\PRO_DOC\prodoc32.exe]
"C:\windows\SysNative\tasks\{D507BF67-9999-40DC-A90E-3DE33C6ACEE3}" [C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18/07/2014 21:21]

==== Firefox Extensions ======================

ProfilePath: C:\Users\DRDESP~1\AppData\Roaming\Mozilla\Firefox\Profiles\oauhv6hi.default-1392104724169
- Undetermined - extension@hidemyass.com
- Undetermined - belgiumeid@eid.belgium.be
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Hide My Ass Proxy Extension - %ProfilePath%\extensions\extension@hidemyass.com.xpi
- Pinterest Pin Button - %ProfilePath%\extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\DR Desplentere\AppData\Roaming\Mozilla\Firefox\Profiles\oauhv6hi.default-1392104724169
DFC9460CC37E5C414DC4680B10C19E7A	- C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll -	Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18/07/2014 21:21]

AdviceAnimals Meme Strip - DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfjlhnknlgkafajdmceagmbddjcgndo
CNN News - DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlbmobpknbcilinljgcbogfcofhcbkem
Google Wallet - DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPC061F92F-7C96-4C05-9DCC-1A3C84CE8CA2&SSPV=",


==== Chromium Fix ======================

C:\Users\DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfjlhnknlgkafajdmceagmbddjcgndo deleted successfully
C:\Users\DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlfjlhnknlgkafajdmceagmbddjcgndo_0.localstorage deleted successfully
C:\Users\DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlbmobpknbcilinljgcbogfcofhcbkem deleted successfully
C:\Users\DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jlbmobpknbcilinljgcbogfcofhcbkem_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=AV01"
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{29868439-9DFA-4834-8165-6FD98A0FE43C} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox"
{39F79B01-5017-4717-AC11-E3A917BC566B} Google  Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{5963E2BF-3B65-4783-B9CC-B0C89CCB332C} Zoeken met Wittegids.be  (Visual Search) Url="http://truvo.reference.be/IE8/VisualSearch.aspx?search={searchTerms}&countryCode=BE&languagecode=nl&type=white"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3D7FAC70-ACBF-C5D7-1CDE-275E3963D919} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DR Desplentere\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\DR Desplentere\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Mcx1-PORTABLE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\DR Desplentere\AppData\Local\Mozilla\Firefox\Profiles\oauhv6hi.default-1392104724169\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\DR Desplentere\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=117 folders=50 4385314 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DR Desplentere\AppData\Local\Temp will be emptied at reboot
C:\Users\Mcx1-PORTABLE\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\DRDESP~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 10/11/2014 at  0:31:31,30 ======================