Zoek.exe v5.0.0.0 Updated 24-12-2014 Tool run by robke on wo 24/12/2014 at 15:09:26,07. Microsoft® Windows Vista™ Home Premium 6.0.6001 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\robke\Desktop\zoek.exe.com [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-23-210443.log 22255 bytes ==== Empty Folders Check ====================== C:\Users\robke\AppData\Roaming\WinRAR deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "bProtectTabs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\BetterSurf not found C:\Program Files\Web Assistant\Firefox not found C:\Program Files\WebexpEnhancedV1 not found C:\Program Files\VideoPlayerV3 not found C:\Program Files\MediaPlayerV1 not found C:\Program Files\MediaViewerV1 not found C:\Program Files\MediaViewV1 not found C:\Program Files\MediaWatchV1 not found C:\Program Files\MediaBuzzV1 not found C:\Program Files\RichMediaViewV1 not found C:\Users\robke\AppData\Roaming\Mozilla\Firefox\Profiles\yr4xnxgp.default\extensions\staged deleted C:\PROGRA~2\jdgnchnnnoafblkkfljbcbepoiddljhc deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217} deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\{BDC3570D-C78C-6F18-705D-553B87AF548B} deleted C:\Users\robke\AppData\Local\1372 deleted C:\PROGRA~2\AppetoU deleted C:\Program Files\Microsoft SQL Server Compact Edition deleted C:\awh382F.tmp deleted C:\awh388D.tmp deleted C:\awh3B99.tmp deleted C:\awh3C54.tmp deleted C:\awh3F41.tmp deleted C:\awh3FFC.tmp deleted C:\awh40B7.tmp deleted C:\awh427B.tmp deleted C:\awh4559.tmp deleted C:\awh4817.tmp deleted C:\awh4845.tmp deleted C:\awh6E33.tmp deleted C:\awhAB4C.tmp deleted C:\user.js deleted C:\Users\robke\AppData\Roaming\WB.CFG deleted C:\Users\robke\AppData\Local\avgchrome deleted C:\Users\robke\AppData\LocalLow\SkwConfig.bin deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted C:\Windows\System32\mjcm deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\robke\AppData\Roaming\Mozilla\Firefox\Profiles\yr4xnxgp.default\GoogleToolbarData deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\robke\AppData\Roaming\Mozilla\Firefox\Profiles\yr4xnxgp.default user_pref("browser.search.defaulturl", "http://www.bing.com/search?FORM=IEFM1&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03/09/2009 19:45] ==== Firefox Extensions ====================== ProfilePath: C:\Users\robke\AppData\Roaming\Mozilla\Firefox\Profiles\yr4xnxgp.default - Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com - Undetermined - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org - Undetermined - C:\Program Files\Web Assistant\Firefox - Undetermined - C:\Program Files\BetterSurf\BetterSurfPlus\ff - Undetermined - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha339\ff - Undetermined - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta780\ff - Undetermined - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha479\ff - Undetermined - C:\Program Files\MediaViewerV1\MediaViewerV1alpha389\ff - Undetermined - C:\Program Files\MediaViewV1\MediaViewV1alpha3055\ff - Undetermined - C:\Program Files\MediaWatchV1\MediaWatchV1home269\ff - Undetermined - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4266\ff - Undetermined - C:\Program Files\RichMediaViewV1\RichMediaViewV1release895\ff - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} AppDir: C:\Program Files\Mozilla Firefox - Google Toolbar for Firefox - %AppDir%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 31.0.1650.63 (Possible outdated, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions egfgmbllafpinfecganbahogjnldadcj - C:\Program Files\MediaViewV1\MediaViewV1alpha4886\ch\MediaViewV1alpha4886.crx[] haifakggmdlhncdggandfpcghgdkejpg - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4266\ch\MediaBuzzV1mode4266.crx[] ifgoponfhhihabhighlhojbbjolannan - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta780\ch\VideoPlayerV3beta780.crx[] ijbhbgkeoakomobdpmcgocpgpbhbmfck - C:\Program Files\RichMediaViewV1\RichMediaViewV1release895\ch\RichMediaViewV1release895.crx[] jifgcmmokfojhjnbgoghcgdoocehicod - C:\Program Files\MediaViewV1\MediaViewV1alpha3055\ch\MediaViewV1alpha3055.crx[] kemcahcfhhpjdpmhpomeapnpchhkmpmp - C:\Program Files\MediaWatchV1\MediaWatchV1home269\ch\MediaWatchV1home269.crx[] mkmnphjgmfonpinfdilppmdjlachbdpg - C:\Program Files\MediaViewerV1\MediaViewerV1alpha389\ch\MediaViewerV1alpha389.crx[] ogeadhccfcpadbmmeppfmidcamgcamph - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha339\ch\WebexpEnhancedV1alpha339.crx[] Google Docs - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Media Player - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbgfcigceilkjdnbkoehmmeggibdjah Last updated at time on date - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AppetoU - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocokhkddobepbdlfgngakekamojjedj Google Wallet - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Preferences "urls_to_restore_on_startup": [ "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.google.com" ] ==== Chromium Fix ====================== C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.incredibar-search.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adultfriendfinder.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_our.amplifinder.biz_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.2mdn.net_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.adbutter.net_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.addtoany.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.belgianfootball.be_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.es.groupon-content.net_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.eu.criteo.net_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.funnygames.be_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.funnygames.nl_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.groupon.fr_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.thefind.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.ask.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_t.goadservices.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_prizedeals.net_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.enhanced-search.com_0.localstorage deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbgfcigceilkjdnbkoehmmeggibdjah deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocokhkddobepbdlfgngakekamojjedj deleted successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hocokhkddobepbdlfgngakekamojjedj_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP" "Secondary Start Pages"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Page_URL"="http://format.packardbell.com/cgi-bin/redirect/?country=BENL&range=AD&phase=8&key=IESTART" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP" "Secondary Start Pages"="http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_nl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=2Ptl7vgAfzmJU5zw-WWfL0HODTc?q={searchTerms}" {9D5BD211-422C-4164-9298-BB4186A30F31} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" ==== Reset Google Chrome ====================== C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\robke\Desktop\CCleaner - Snelkoppeling.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\robke\Desktop\E-mail - Snelkoppeling.lnk - C:\Users\robke\Desktop\Google Desktop.lnk - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Users\robke\Desktop\Prullenbak - Snelkoppeling.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Belgacom e-Services.lnk - C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk - C:\Program Files\Emsisoft Anti-Malware\a2start.exe C:\Users\Public\Desktop\Gebruikershandleiding (Packard Bell InfoCentre).lnk - C:\Program Files\Packard Bell\Infocentre\InfoCtr.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\Windows\System32\browserchoice.exe /launch C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Packard Bell registratie.lnk - C:\Windows\Installer\{6372DAC4-7E35-48A6-B216-79415ACD34B3}\_4BFBC4FFE7118EF884BC35.exe C:\Users\Public\Desktop\PBUpdator.lnk - C:\Program Files\Packard Bell\Updator\PBUpdator.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\Windows\system32\control.exe /name Microsoft.EaseOfAccessCenter C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\Windows\system32\control.exe /name Microsoft.EaseOfAccessCenter C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk - C:\Users\robke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\robke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk - C:\Program Files\Windows Mail\WinMail.exe C:\Users\robke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk - C:\Program Files\Windows Mail\WinMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk - C:\Windows\system32\mspaint.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk - C:\Windows\System32\mobsync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk - C:\Program Files\Windows NT\Accessories\wordpad.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk - C:\Windows\system32\dfrgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk - C:\Windows\system32\msinfo32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk - C:\Windows\system32\compmgmt.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Reliability and Performance Monitor.lnk - C:\Windows\system32\perfmon.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk - C:\Windows\system32\services.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk - C:\Windows\system32\WF.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -NoExit -ImportSystemModules C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Deïnstalleer.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Anti-Malware.lnk - C:\Program Files\Emsisoft Anti-Malware\a2start.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Emsisoft Homepage.lnk - C:\Program Files\Emsisoft Anti-Malware\Emsisoft.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware\Help.lnk - C:\Program Files\Emsisoft Anti-Malware\en-us.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades\Windows Marketplace.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades\Windows Web.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Windows Media Encoder.lnk - C:\Program Files\Windows Media Components\Encoder\wmenc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Encoding Script.lnk - C:\Program Files\Windows Media Components\Encoder\WMEncUtil.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media File Editor.lnk - C:\Program Files\Windows Media Components\Encoder\wmeditor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Profile Editor.lnk - C:\Program Files\Windows Media Components\Encoder\WMProEdt.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Stream Editor.lnk - C:\Program Files\Windows Media Components\Encoder\wmstreamedt.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\robke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\robke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\robke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\robke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ulead Photo Explorer 8.5 SE Basic.lnk - C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.5 SE Basic\Pex.exe C:\Users\robke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\robke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\egfgmbllafpinfecganbahogjnldadcj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\haifakggmdlhncdggandfpcghgdkejpg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ifgoponfhhihabhighlhojbbjolannan deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ijbhbgkeoakomobdpmcgocpgpbhbmfck deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jifgcmmokfojhjnbgoghcgdoocehicod deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kemcahcfhhpjdpmhpomeapnpchhkmpmp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mkmnphjgmfonpinfdilppmdjlachbdpg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogeadhccfcpadbmmeppfmidcamgcamph deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\robke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\robke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=148 folders=36 33760495 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\robke\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\robke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\robke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on wo 24/12/2014 at 16:27:40,75 ======================