Zoek.exe v5.0.0.0 Updated 11-October-2014 Tool run by Johan on zo 12/10/2014 at 18:17:39,51. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: D:\Data\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 12/10/2014 18:20:19 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Malwarebytes' Anti-Malware deleted successfully C:\Documents and Settings\Johan\Application Data\Malwarebytes deleted successfully C:\Documents and Settings\Johan\Application Data\Media Player Classic deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "InstalledTime"=- "UserFaultCheck"=- ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Application Data\APN deleted C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-09-28 11:54:59 027FD87605A59E4B46B90288D3D501BF 22 ----a-w- C:\WINDOWS\GPU-Z.INI ====== C:\DOCUME~1\Johan\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== 2014-09-21 07:29:23 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2014-09-21 07:25:56 AED25CDB09FB4E56F45DAF6C9A1D3ED3 53208 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-10-08 14:54:00 -------- d-----w- C:\Program Files\Sony Media Go Install 2014-09-28 12:22:30 -------- d-----w- C:\Program Files\GreenTree Applications ======= C: ===== ====== C:\Documents and Settings\Johan\Application Data ====== 2014-10-08 14:22:02 -------- d-----w- C:\Documents and Settings\Johan\Application Data\Sony ====== C:\Documents and Settings\Johan ====== 2014-09-21 11:01:56 -------- d--h--r- C:\Documents and Settings\Johan\Onlangs geopend ====== C: exe-files == 2014-10-10 12:11:35 A4E33DFE4EA5A3FFAF3A645B00B974C0 4141792 ----a-w- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\Packages\00006572\DAO.18959739.exe 2014-10-08 12:10:55 F9AC67F09676BE0D70C52012F6D8AC2F 4131072 ----a-w- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\Packages\000064fe\DAO.18949842.exe 2014-10-07 12:09:57 E5584A668D456367FAE1A386CB6C55B2 4082680 ----a-w- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\Packages\000064f6\DAO.18947111.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "Google Update"="C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "Google Update"="C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NeroHomeFirstStart"="C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe boot" "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "RTHDCPL"="RTHDCPL.EXE" "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" "D-Link D-Link Wireless N DWA-140"="C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe" "ControlCenter4"="C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN" "IndexSearch"="C:\Program Files\Nuance\PaperPort\IndexSearch.exe" "PaperPort PTD"="C:\Program Files\Nuance\PaperPort\pptd40nt.exe" "PPort12reminder"="C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe -r C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login" "nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet" "Nvtmru"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beid" "hkey"="HKLM" "command"="\"C:\\Program Files\\Belgium Identity Card\\beid35gui.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ExtraFilmManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ExtraFilmManager" "hkey"="HKLM" "command"="\"C:\\Program Files\\ExtraFilm Designer BE NL\\ExtraFilmManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleDriveSync" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\Drive\\googledrivesync.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gStart] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="gStart" "hkey"="HKCU" "command"="C:\\Program Files\\Garmin\\gStart.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPDJ Taskbar Utility] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPDJ Taskbar Utility" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb09.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ISUSPM" "hkey"="HKCU" "command"="C:\\Documents and Settings\\All Users\\Application Data\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\JMB36X IDE Setup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="JMB36X IDE Setup" "hkey"="HKLM" "command"="C:\\WINDOWS\\RaidTool\\xInsIDE.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDF5 Registry Controller" "hkey"="HKLM" "command"="C:\\Program Files\\Nuance\\PDF Viewer Plus\\RegistryController.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDFHook" "hkey"="HKLM" "command"="C:\\Program Files\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] "item"="Microsoft Office" "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Microsoft Office.lnk" "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Johan^Menu Start^Programma's^Opstarten^Dropbox.lnk] "item"="Dropbox" "path"="C:\\Documents and Settings\\Johan\\Menu Start\\Programma's\\Opstarten\\Dropbox.lnk" "backup"="C:\\WINDOWS\\pss\\Dropbox.lnkStartup" "command"="C:\\DOCUME~1\\Johan\\APPLIC~1\\Dropbox\\bin\\Dropbox.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Johan^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] "item"="OneNote 2007 Schermopname en Snel starten" "path"="C:\\Documents and Settings\\Johan\\Menu Start\\Programma's\\Opstarten\\OneNote 2007 Schermopname en Snel starten.lnk" "backup"="C:\\WINDOWS\\pss\\OneNote 2007 Schermopname en Snel starten.lnkStartup" "command"="C:\\PROGRA~1\\MICROS~2\\Office12\\ONENOTEM.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Johan^Menu Start^Programma's^Opstarten^Spoon Sandbox Manager 3.24.lnk] "item"="Spoon Sandbox Manager 3.24" "path"="C:\\Documents and Settings\\Johan\\Menu Start\\Programma's\\Opstarten\\Spoon Sandbox Manager 3.24.lnk" "backup"="C:\\WINDOWS\\pss\\Spoon Sandbox Manager 3.24.lnkStartup" "command"="C:\\DOCUME~1\\Johan\\LOCALS~1\\APPLIC~1\\Spoon\\3240~1.6\\SPOON-~2.EXE" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24/09/2014 08:53] C:\WINDOWS\tasks\expressripShakeIcon.job --a------ C:\Program Files\NCH Swift Sound\ExpressRip\expressrip.exe [11/02/2011 20:49] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job --a------ C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [08/02/2014 00:39] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job --a------ C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [08/02/2014 00:39] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] C:\WINDOWS\tasks\OGADaily.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 17:04] C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 17:04] C:\WINDOWS\tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job --ah----- C:\WINDOWS\system32\msfeedssynC:.exe [] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn" [12/10/2014 16:09] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Johan\Application Data\TomTom\HOME\Profiles\kqqesds2.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.061.576030@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\fq07ed6c.default-1411820388234 DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash 14D06C3796CE3F6BA8F43CDF3AD65D76 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U67 0A6E5E3BEF374AA2F47071E7374EAD7B - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.670.1 FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 56020318257475B33ECD4D7B71AC2544 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 2B4683530D5C852440FCA132BA927F1B - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 6A5514D088820307BD97F5A7B24007C0 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome 6AD7B1D887D26F06033280F4B5C2034B - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll - Shockwave Flash E87E216C7B839EA112FCD317DE642F47 - C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\npMozillaSpoonPlugin.dll - Spoon Plugin 1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat B18B7242761F8630BD8BC71325C7F16A - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 7D388990149D424EBDB31896C2A4ACC3 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx[20/09/2014 10:52] Google Docs - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 20-20 3D Viewer for IKEA - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp Gmail - Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {7D618D76-EE08-4F89-838F-E15B89A76510} Dealio Search Url="http://www.dealio.com/products.html?kwd={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2 folders=4 1299 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Johan\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\UpdatusUser\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Johan\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on zo 12/10/2014 at 18:35:46,51 ======================