
Zoek.exe v5.0.0.0 Updated 23-09-2015
Tool run by Rita on za 26/09/2015 at 10:49:21,09.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rita\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

26/09/2015 10:51:02 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Ath_CopyHook {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\337 deleted successfully
C:\Program Files\Google deleted successfully
C:\Users\Rita\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Rita\AppData\Local\EmieSiteList deleted successfully
C:\Users\Rita\AppData\Local\EmieUserList deleted successfully
C:\Users\Rita\AppData\Local\MusicPlayer deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Rita\AppData\Roaming\337 deleted
C:\Users\Rita\AppData\Roaming\337 Wallpaper deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\wininit.ini deleted
"C:\windows\Installer\3fe61.msi" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Rita\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-09-24 16:19:15	3B26DCAB842C280FA7271FF2B58D3293	28352	----a-w-	C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-09-24 15:44:41	FE5CDD0986F845684E866C8A00ABF5B9	749568	----a-w-	C:\WINDOWS\SysWOW64\tdh.dll
2015-09-24 15:44:41	F3FE4F9CFF9E82DC66963988F8FBC4F1	1097216	----a-w-	C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-24 15:44:40	7A88A2F50CC53DF2DDCA544B4A58F95C	1556992	----a-w-	C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-24 15:44:40	2D2C20DF59F51A8EEA12F3D6DE2E7D9B	1903848	----a-w-	C:\WINDOWS\SysWOW64\msxml6.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-09-24 17:34:48	617E96241DC3E7B298E70DE699CA9839	23848	----a-w-	C:\WINDOWS\Sysnative\.crusader
2015-09-24 16:19:18	9BC00C5608BF75BEAE893814A3AEC2AD	29888	----a-w-	C:\WINDOWS\Sysnative\aspnet_counters.dll
2015-09-24 15:44:43	E559586B7EA3E1902E6C123098BDBE5B	2819072	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers.dll
2015-09-24 15:44:41	D6457C727572BF4E4189FE04CD49A589	951296	----a-w-	C:\WINDOWS\Sysnative\tdh.dll
2015-09-24 15:44:41	C2840E77C27B5F90F60F5C3CAE8787A7	2531400	----a-w-	C:\WINDOWS\Sysnative\msxml6.dll
2015-09-24 15:44:41	484E3AD4E215A7850B4197A4A6D97134	41984	----a-w-	C:\WINDOWS\Sysnative\UtcResources.dll
2015-09-24 15:44:41	21EDAD8188372C912B7BB9B1C6CB0D38	1633792	----a-w-	C:\WINDOWS\Sysnative\diagtrack.dll
2015-09-24 15:44:41	1BC82B720076C30643CB04AAEE649A79	1380056	----a-w-	C:\WINDOWS\Sysnative\gdi32.dll
2015-09-24 15:44:41	08079E76DD10DDEC6FA4F92AFF1CD38D	118616	----a-w-	C:\WINDOWS\Sysnative\consent.exe
2015-09-24 15:44:40	54FCD2135049B5121BD8879E220E773A	2345472	----a-w-	C:\WINDOWS\Sysnative\msxml3.dll
2015-09-24 15:44:34	C437FBED45D3F2AEBA19CA3A9BA2348D	411455	----a-w-	C:\WINDOWS\Sysnative\ApnDatabase.xml
2015-09-24 15:44:34	6E409D818C6B342544EAE741B1422B85	228864	----a-w-	C:\WINDOWS\Sysnative\profsvc.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-09-24 19:46:49	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2015-09-24 19:46:38	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2015-09-24 19:46:38	85CFE7AB85B43B6B7AC7961AA3983A9F	64216	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2015-09-24 19:46:37	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2015-09-24 19:17:17	69ADCDE70F7C2DB97BFCCB421E5A0DBD	4410304	----a-w-	C:\WINDOWS\Sysnative\drivers\kgpcpy.cfg
2015-09-24 17:25:20	30CDA699EA6C114DF49894CEB6EA8599	41080	----a-w-	C:\WINDOWS\Sysnative\drivers\hitmanpro37.sys
2015-09-24 15:44:33	FEA8FC81431AD93F44D5FBFBBF096AA7	118272	----a-w-	C:\WINDOWS\Sysnative\drivers\bthpan.sys
====== C:\WINDOWS\Tasks ======
2015-09-24 18:56:46	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Safer-Networking
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-09-25 19:58:28	--------	d-----w-	C:\Program Files\trend micro
2015-09-24 19:07:33	--------	d-----w-	C:\Program Files\Common Files\AV
======= C:\PROGRA~2 =====
======= C: =====
2015-09-24 15:43:24	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
====== C:\Users\Rita\AppData\Roaming ======
2015-09-24 18:59:28	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Programs
2015-09-24 18:56:45	--------	d-s---w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
====== C:\Users\Rita ======
2015-09-25 19:57:41	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rita\Downloads\RSITx64.exe
2015-09-25 19:54:36	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2015-09-24 17:24:54	--------	d-----w-	C:\ProgramData\HitmanPro
2015-09-24 15:43:04	--------	d-----w-	C:\Users\Rita\Start Menu

====== C: exe-files ==
2015-09-25 19:58:29	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Rita.exe
2015-09-25 19:57:41	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rita\Downloads\RSITx64.exe
2015-09-24 18:19:29	84BD2148EE4A476E54C1014D1A005BE3	1304392	----a-w-	C:\Users\Rita\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.1\software_reporter_tool.exe
2015-09-24 15:49:08	CAEC6968CF88AA8FE67AFA236024B18F	10647632	----a-w-	C:\Program Files (x86)\Google\Update\Install\{509F7842-3388-4EC4-8917-3A612469BFBD}\45.0.2454.99_44.0.2403.157_chrome_updater.exe
2015-09-24 15:49:08	CAEC6968CF88AA8FE67AFA236024B18F	10647632	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.99\45.0.2454.99_44.0.2403.157_chrome_updater.exe
2015-09-24 15:44:43	FAC17E42199598C0352B9F5DC2EFFC85	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe
2015-09-24 15:44:43	77352A5A0833B1CA3B771148DA535CB6	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe
2015-09-24 15:44:43	61A77DDEF5E8D85E8B0955C4E5127B39	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe
2015-09-24 15:44:41	08079E76DD10DDEC6FA4F92AFF1CD38D	118616	----a-w-	C:\Windows\System32\consent.exe
2015-09-24 15:44:28	D9A15F83CB6E5901A63F24CD7D58DBAF	929872	----a-w-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe
2015-09-24 15:43:31	E337785DA1958E9AB02DDB2369EF46E8	307016	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
2015-09-24 15:43:31	BFDCC0375C492C524E78647CEED3F77D	130888	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe
2015-09-24 15:43:16	A72BB48D9014A7D7C05F02F595F52D60	245576	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
2015-09-24 15:42:53	053EEEE1ABAE53F044F1E386E22AE525	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe
2015-09-24 15:42:39	D9A15F83CB6E5901A63F24CD7D58DBAF	929872	----a-w-	C:\Program Files (x86)\Google\Update\Install\{418C934D-2AB0-4CC1-87A5-30F7868C6CD7}\GoogleUpdateSetup.exe
2015-09-24 15:42:37	D9A15F83CB6E5901A63F24CD7D58DBAF	929872	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe
=== C: other files ==
2015-09-24 19:46:49	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-09-24 19:46:38	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-09-24 19:46:38	85CFE7AB85B43B6B7AC7961AA3983A9F	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-09-24 19:46:37	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-09-24 17:25:20	30CDA699EA6C114DF49894CEB6EA8599	41080	----a-w-	C:\Windows\System32\drivers\hitmanpro37.sys
2015-09-24 15:44:33	FEA8FC81431AD93F44D5FBFBBF096AA7	118272	----a-w-	C:\Windows\System32\drivers\bthpan.sys
2015-09-24 15:43:24	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-295760202-3936470170-3150341136-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="C:\Dolby PCEE4\pcee4.exe -autostart"
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"BtPreLoad"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Folders ======================

2012-12-20 04:31:29	2171	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\WINDOWS\SysNative\tasks\4581" [wscript.exe C:\Users\Rita\AppData\Local\Temp\launchie.vbs //B]
"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe]
"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\WINDOWS\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\iuBrowserIEAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"]
"C:\WINDOWS\SysNative\tasks\iuEmailOutlookAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"]
"C:\WINDOWS\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1D0CB480-7F39-4253-8433-8A606E80D6F5}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-08-25 11:59:46	--------	d-----w-	C:\PROGRA~3\Malwarebytes
2015-09-24 17:24:54	--------	d-----w-	C:\PROGRA~3\HitmanPro
2015-09-24 18:56:34	--------	d-----w-	C:\PROGRA~3\Spybot - Search & Destroy

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" []

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.99

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]

SiteAdvisor - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Chrome Web Store Payments - Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{514FCB7E-56A2-4E01-891B-39AD521419C7} Unknown  Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-295760202-3936470170-3150341136-1002\Software\Microsoft\Internet Explorer\SearchScopes\{514FCB7E-56A2-4E01-891B-39AD521419C7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{514FCB7E-56A2-4E01-891B-39AD521419C7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{514FCB7E-56A2-4E01-891B-39AD521419C7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Rita\Desktop\HiJackThis.lnk - C:\Users\Rita\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 
C:\Users\Rita\Desktop\Schooljaar 2015-2016.lnk - C:\Users\Rita\Documents\Schooljaar 2015-2016 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Rita\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\WINDOWS\system32\calc.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -  
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=TOSHIBAXMQ01ABD075_Y25SP0IOTXXY25SP0IOT&ts=1369843579
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe 
C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Rita\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=56 folders=19 14799706 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rita\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Rita\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 26/09/2015 at 11:06:57,41 ======================