
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Acer on vr 15/05/2015 at 21:30:20,85.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Acer\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

15/05/2015 21:32:32 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\PokerStars.BE deleted successfully
C:\PROGRA~2\WinRAR deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\{89919604-6ac5-8f32-8991-196046ac5811} deleted successfully
C:\Users\Acer\AppData\Roaming\Nico Mak Computing deleted successfully
C:\Users\Acer\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1711BF8-086B-4553-9C06-4461C03CAC34} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ded3ea3-0581-455f-991d-5fa59ed2e406} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\atibtmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Acer\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\1ca156e3 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\1ca156e3 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ded3ea3-0581-455f-991d-5fa59ed2e406}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ded3ea3-0581-455f-991d-5fa59ed2e406}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b0f4df4-b99d-4b4c-ab19-3627dc2d36a6}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\PokerStars.BE not found
C:\PROGRA~2\WinRAR not found
C:\Program Files (x86)\bestadblocker not found
C:\Program Files (x86)\SalePlus not found
C:\ProgramData\{89919604-6ac5-8f32-8991-196046ac5811} not found
C:\PROGRA~3\{89919604-6ac5-8f32-8991-196046ac5811} not found
C:\PROGRA~2\LibraryInstance deleted
C:\ProgramData\Supreme AdBlocker deleted
C:\ProgramData\17765354367022356907 deleted
C:\ProgramData\jndkhgmdjonfdpenppjilmmgphccchba deleted
C:\Users\Acer\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Acer\AppData\Roaming\OpenCandy deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== System Specs ======================

Operating System: Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 64-bits
Manufacturer: Acer            - Model: Aspire 7551                    
Install Date: 7/06/2014 10:33:54
Last Boot: 15/05/2015 17:10:36
Processor: AMD Athlon(tm) II P340 Dual-Core Processor
Number of Processors: 2
Work Station
Bootmode: Normal boot
Total RAM: 3838 MB (free 2516 MB - 65)
Computername: ACER-PC
Domain: WORKGROUP
User: Acer (Administrator account)
Local Disk:        C:\ - NTFS - 465 GB (free 397 GB)
CD \ DVD Drive:    D:\ 
Bootdevice: \Device\HarddiskVolume1
Windows update: 
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated)
Default Browser: Google Chrome	42.0.2311.152
Internet Explorer Version: 11.0.9600.17728 
Google Chrome version: 42.0.2311.152
Adobe Reader version: 11.0.10.32

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Acer\AppData\Local\Temp ====
2015-05-04 18:53:55	A6FCCC7B2DA67C5E0A1C9357672099D9	1120738	----a-w-	C:\Users\Acer\AppData\Local\Temp\OnlineBackup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2015-05-04 18:54:06	4B94F8FD585DCDB2467A4497FF8B5D2D	3980	----a-w-	C:\Windows\Sysnative\Tasks\LaunchPreSignup
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-05-14 15:40:57	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Acer\AppData\Roaming ======
2015-05-12 11:09:34	--------	d-----w-	C:\Users\Acer\AppData\Roaming\AVG2015
2015-05-12 11:08:45	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015
2015-05-12 11:08:20	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015
2015-05-12 11:08:16	--------	d-----w-	C:\Users\Acer\AppData\Roaming\TuneUp Software
2015-05-12 11:06:10	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015
2015-05-12 11:01:38	--------	d-----w-	C:\Users\Acer\AppData\Local\Avg2015
2015-05-04 18:54:03	--------	d-----w-	C:\Users\Acer\AppData\Local\Programs
====== C:\Users\Acer ======
2015-05-14 15:40:23	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Acer\Downloads\RSITx64.exe
2015-05-12 11:08:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-12 11:07:27	--------	d-----w-	C:\ProgramData\AVG2015

====== C: exe-files ==
2015-05-14 17:09:09	0122DC60AC2308F4979CBA2EC4942F97	7152488	----a-w-	C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe
2015-05-14 15:45:32	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Install\{2627646B-7589-48F5-A3EA-8959664C37A4}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-14 15:45:32	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.152\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-14 15:40:58	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Acer.exe
2015-05-14 15:40:23	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Acer\Downloads\RSITx64.exe
2015-05-10 16:27:50	4C54D1E66D90B7839FB8AF5D49B532A3	2241696	----a-w-	C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64T89VK0\InternetExplorerDefault.EXE
=== C: other files ==
2015-05-10 16:07:03	A9100DEF37E3F2A64AD468581FA5F0F9	95	----a-w-	C:\Users\Acer\AppData\Local\Temp\utt1AE1.tmp.bat
2015-05-10 16:06:46	CFA95D80D873D12726261AF452D4E5E0	16	----a-w-	C:\Users\Acer\AppData\Local\Temp\HYDD7E8.tmp.1431274006\HTA\install.1431274006.zip
2015-05-10 16:06:37	CFA95D80D873D12726261AF452D4E5E0	16	----a-w-	C:\Users\Acer\AppData\Local\Temp\HYDB413.tmp.1431273997\HTA\install.1431273997.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/04/2015 22:19]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2647928099-3706483548-3279025027-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2647928099-3706483548-3279025027-1000UA.job --a------ C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [02/08/2014 22:48]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/01/2015 23:07]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/01/2015 23:07]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2647928099-3706483548-3279025027-1000Core" [C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2647928099-3706483548-3279025027-1000UA" [C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\LaunchPreSignup" [C:\Program Files (x86)\OLBPre\OLBPre.exe]

==== Chromium Look ======================

Google Slides - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Bookmark Manager - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Play Cool Math Games Online - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahcciehdicgokkngjgabfeoekkagncp
Google Wallet - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://google.be/",
"startup_urls": [ "http://google.be/" ]


==== Chromium Fix ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.vi-view.com_0.localstorage deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.vi-view.com_0.localstorage-journal deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahcciehdicgokkngjgabfeoekkagncp deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iahcciehdicgokkngjgabfeoekkagncp_0.localstorage deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iahcciehdicgokkngjgabfeoekkagncp_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX"
"Start Page"="http://www.mystartsearch.com/?type=hp&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX"
"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX"
"Start Page"="http://www.mystartsearch.com/?type=hp&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX"
"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2647928099-3706483548-3279025027-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Acer\Desktop\bwinbe Poker.lnk - C:\Programs\bwinbe\bwinbe.exe -P=bwinbePoker
C:\Users\Acer\Desktop\Documenten - Snelkoppeling.lnk - C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe 
C:\Users\Public\Desktop\Golden Palace Poker.lnk - C:\GoldenPalace\StartGoldenPalace.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX

==== shortcuts in Quick Launch ======================

C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\bwinbe Poker.lnk - C:\Programs\bwinbe\bwinbe.exe -P=bwinbePoker
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1430765625&from=wpc&uid=HitachiXHTS545050B9SA00_110219PBN475M7FG6U0EX
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1ca156e3} deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64T89VK0 will be deleted at reboot
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91RT9POW will be deleted at reboot
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IIS3R2AP will be deleted at reboot
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWO38AYC will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=38 folders=13 52263646 bytes)

==== Empty Temp Folders ======================

C:\Users\Acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Acer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64T89VK0" not found
"C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91RT9POW" not found
"C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IIS3R2AP" not found
"C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWO38AYC" not found

==== EOF on vr 15/05/2015 at 21:57:51,53 ======================