Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by JEAN on wo 16/03/2016 at 18:00:45,77. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JEAN\DOWNLOADS\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-02-15-145521.log 73894 bytes C:\zoek-results2016-03-14-205554.log 105705 bytes C:\zoek-results2016-03-15-135639.log 66960 bytes C:\zoek-results2016-03-16-090328.log 69541 bytes C:\zoek-results2016-03-16-165146.log 6370 bytes ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D48C815-6FDD-496B-BC60-05546BE5AB61}] "AppName"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC73968A-7EEA-4D47-8314-063D41D784A4}] "AppName"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\IncrediMail_TSA28XQR3.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\ProgramData\\IncrediMail\\Data\\"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\ProgramData\\IncrediMail\\"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\ProgramData\\IncrediMail\\Data\\Licenses\\"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\065EFC441E38F9C47AE53FD0108F15DE] "00000000000000000000000000000000"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\286FB5A04FCEF1D4DB63DA74A77F000A] "00000000000000000000000000000000"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C9DF4B668FE918488AC070320498756] "00000000000000000000000000000000"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\617379C0DBC9761499BF26900208E6F7] "00000000000000000000000000000000"=- [-HKEY_USERS\.DEFAULT\Software\IncrediMail] [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\304946d4_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\319615a9_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\396592e_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\47ab7e5a_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5d562397_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\825bc952_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b2d0a585_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\df83932b_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\e2039603_0] @=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f166d079_0] @=- [-HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\IncrediMail] [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Users\\JEAN\\DOWNLOADS\\su_8263.exe"=- [HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Users\\JEAN\\DOWNLOADS\\su_8263.exe"=- [-HKEY_USERS\S-1-5-18\Software\IncrediMail] ==== Deleting Files \ Folders ====================== C:\Users\JEAN\AppData\Local\Temp\Low\IM not found "C:\Users\JEAN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail.lnk" not found C:\IncrediMail deleted C:\Local\Temp\IncrediMail deleted C:\ProgramData\IncrediMail deleted C:\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.incredimail.com deleted C:\Users\JEAN\Documents\IncrediMail deleted C:\Users\JEAN\Documents\Local\Temp\IncrediMail deleted C:\Users\JEAN\Documents\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.incredimail.com deleted C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Temp\IncrediMail deleted C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\QYWSF62R\www.incredimail.com deleted C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.incredimail.com deleted C:\Users\JEAN\Documents\Users\JEAN GELELEENS\Documents(269)\IncrediMail Transferred Data deleted C:\Users\JEAN\Documents\Local\IM deleted C:\Local\IM deleted C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\IM deleted C:\Windows\Installer\{C8842F80-0E07-4424-916D-9F6B6A9968E4} deleted "C:\Users\JEAN\\DOWNLOADS\su_8263.exe" deleted "C:\Desktop\IncrediMail.lnk" deleted "C:\PhotoMail Maker\flash interface\InstallIncrediMailDialog.swf" deleted "C:\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk" deleted "C:\Roaming\Software Informer\cache\icons\IncrediMail.ico" deleted "C:\Users\JEAN\IncrediMail_TSA1XDVDJ.exe.cj2u1yr.partial" deleted "C:\Users\JEAN\AppData\Roaming\IObit\IObit Uninstaller\Log\IncrediMail 2.5.history" deleted "C:\Users\JEAN\AppData\Roaming\IObit\IObit Uninstaller\Log\IncrediMail.history" deleted "C:\Users\JEAN\AppData\Roaming\Software Informer\cache\icons\IncrediMail.ico" deleted "C:\Users\JEAN\AppData\Roaming\Software Informer\cache\icons\IncrediMail_MediaBar_Nederlands_2 Toolbar.ico" deleted "C:\Users\JEAN\Documents\PhotoMail Maker\flash interface\InstallIncrediMailDialog.swf" deleted "C:\Users\JEAN\Documents\Roaming\Software Informer\cache\icons\IncrediMail.ico" deleted "C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Roaming\Software Informer\cache\icons\IncrediMail.ico" deleted "C:\DelFix.txt" deleted "C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.35.exe" deleted "C:\Users\JEAN\DOWNLOADS\seamonkey.exe" deleted "C:\Users\JEAN\DOWNLOADS\SeaMonkey Setup 2.39.exe" deleted "C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default\extensions\inspector@mozilla.org.xpi" deleted "C:\Users\JEAN\AppData\Roaming\Mozilla\SeaMonkey\Profiles\c7nw367x.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi" deleted "C:\Windows\tasks\pc-dis-upd.job" deleted "C:\Windows\tasks\RMAutoUpdate.job" deleted "C:\Windows\system32\tasks\Driver Booster Scheduler" deleted "C:\Windows\system32\tasks\Driver Booster SkipUAC (JEAN)" deleted "C:\Windows\system32\tasks\RMAutoUpdate" deleted "C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3405 folders=1947 5982410671 bytes) ==== EOF on wo 16/03/2016 at 18:15:35,14 ======================