
Zoek.exe v5.0.0.0 Updated 16-November-2014
Tool run by Elvira on zo 16-11-2014 at 15:41:11,56.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Elvira\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

16-11-2014 15:42:55 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\HOYA CORPORATION deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\Pixum deleted successfully
C:\PROGRA~2\COMMON~1\EPSON deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Nalpeiron deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Product deleted successfully
C:\Users\Elvira\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Elvira\AppData\Roaming\WinRAR deleted successfully
C:\Users\pc.Elvira-PC\AppData\Roaming\Google deleted successfully
C:\Users\Elvira\AppData\Local\MigWiz deleted successfully
C:\Users\pc\AppData\Local\VirtualStore deleted successfully
C:\Users\pc.Elvira-PC\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2348353777-3636976346-1294709593-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully
HKEY_USERS\S-1-5-21-2348353777-3636976346-1294709593-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2348353777-3636976346-1294709593-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully
HKEY_USERS\S-1-5-21-2348353777-3636976346-1294709593-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully
HKEY_USERS\S-1-5-21-2348353777-3636976346-1294709593-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ad708c09-d51b-45b3-9d28-4eba2681febf} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\lab2xhr7.default-1415980736466

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 0);
---- FireFox user.js and prefs.js backups ---- 

prefs_16-11-2014_1606_.backup

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Download_Energy deleted
C:\Program Files (x86)\Common Files\BOONTY Shared deleted
C:\Users\Elvira\AppData\LocalLow\Download_Energy deleted
C:\Users\Elvira\AppData\LocalLow\FreeSoundRecorder deleted
C:\PROGRA~2\GUT43A1.tmp deleted
C:\PROGRA~2\GUM4362.tmp deleted
C:\PROGRA~2\SopCast deleted
C:\found.000 deleted
C:\Users\Elvira\AppData\Roaming\MAGIX deleted
C:\Users\Elvira\AppData\Roaming\ShiftN.ini deleted
C:\Users\Elvira\AppData\Roaming\Targus_Mouse_Suite.ini deleted
C:\Users\pc.Elvira-PC\AppData\Roaming\Targus_Mouse_Suite.ini deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\MAGIX deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Elvira\AppData\Local\cache deleted
C:\Users\Public\FSViewerSetup42.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Elvira\empressofthedeepthedarkestsecretdownload.exe deleted
C:\Users\Elvira\irfanview_lang_nederlands.exe deleted
C:\Users\Elvira\jre-6u23-windows-i586-iftw.exe deleted
"C:\Users\Elvira\AppData\Local\{1D5776AA-E17B-46E6-A3C2-CF02CE92AB24}" deleted
"C:\Users\Elvira\AppData\Local\{1EC6136C-2544-4312-8EFA-3F7678E98954}" deleted
"C:\Users\Elvira\AppData\Local\{3D733CA1-E43F-43CA-AD77-3BDB9859EF38}" deleted
"C:\Users\Elvira\AppData\Local\{3E77F583-ADED-4418-BE00-DAF9AE47D3A8}" deleted
"C:\Users\Elvira\AppData\Local\{3EB6403B-676A-4C7E-AA80-19D7E9495D41}" deleted
"C:\Users\Elvira\AppData\Local\{57EB1DD6-397D-47DD-988B-293A80B71D46}" deleted
"C:\Users\Elvira\AppData\Local\{7C0415EB-FFCF-4AEC-8FD7-8A0D5A9341F7}" deleted
"C:\Users\Elvira\AppData\Local\{8F91F764-C1B1-42C3-BD35-8F33B1DCABBB}" deleted
"C:\Users\Elvira\AppData\Local\{913B6D0D-5C54-4459-8DC7-AD392A52E240}" deleted
"C:\Users\Elvira\AppData\Local\{9BA43E39-216F-48E0-A1B9-D9653298F5CC}" deleted
"C:\Users\Elvira\AppData\Local\{B4E9B260-C706-4D07-8785-E23C6A85B80D}" deleted
"C:\Users\Elvira\AppData\Local\{BC173BFF-3107-487D-BFCF-F374F280D50F}" deleted
"C:\Users\Elvira\AppData\Local\{BD1DBC54-3545-4908-82CA-C77BFD3867F9}" deleted
"C:\Users\Elvira\AppData\Local\{CF817EA3-8259-4893-9545-A49CD3A40E27}" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-11-15 17:17:28	832977D7F809F4CD9700F13F72B4CF12	4320054	----a-w-	C:\Windows\FrameShow Wallpaper.BMP
====== C:\Users\Elvira\AppData\Local\Temp ====
2014-11-16 12:28:04	EB4686F6F4BE2B00AA40978D551F66C4	43008	----a-w-	C:\Users\Elvira\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxa8u8v.dll
2014-11-15 16:56:21	FBAB280D0CAC5E21C72F0A1A7B5B9608	455600	----a-w-	C:\Users\Elvira\AppData\Local\Temp\_is1825.exe
2014-11-08 08:47:13	5C73E64374D9BA37AC5569D1F7DE5C9B	665682	----a-w-	C:\Users\Elvira\AppData\Local\Temp\sqlite3.dll
2014-11-08 08:33:34	7AAB90847C56E6F7E922BB29D5B3EA8A	601088	----a-w-	C:\Users\Elvira\AppData\Local\Temp\Quarantine.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-11-15 09:06:51	EDA54D2E17C0271D2CDA946ABE344110	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2014-11-15 08:44:39	1116A6BC802EE28CE3DEBE4934C05D0D	17926832	----a-w-	C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-14 16:13:51	980EEEE8815DA7593708774D1225BD35	681984	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2014-11-14 16:13:46	9AB39ADD28C7C1A685B1EA8C6A25CF08	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2014-11-14 16:13:45	9216ABFD53F5EC1F35C3554AD1A175DE	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-11-14 16:13:45	13E5B1CD503A4B21E9F0A2D55A00198B	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2014-11-14 16:12:51	B6273619A3DF28F03B64E911E45A6AB2	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-11-14 16:12:51	5D5640C34C4A97467F77489DBB157568	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-14 16:12:49	A6E51BDCB8F4B84E874F918F0452763D	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-11-14 16:12:46	FB56C76FEA44693752BD99D7D9930ABA	341168	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-11-14 16:12:43	843BD9DAF03ABB6761DEE6D155301F28	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-14 16:12:43	4772DB007FFBD4BBE3F526704BCA67FE	1310208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-11-14 16:12:41	66F4FFDBCD501260ABC198317D2B0D10	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-11-14 16:12:41	26EE6C9780A8FC872C60F9E35D7EBD4B	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-11-14 16:12:27	93074C4FA92A8399404D032F6AF72C1B	19781632	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-11-14 16:12:26	5972510EF1C6097D9C14C17387A5EDB2	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-11-14 16:12:25	5E01004CBC35A78FE2AB4016CCAD4760	708096	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-11-14 16:12:25	19D68FDEE62519C5A0387EB4E88A01EF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-11-14 16:12:16	7748B3DDDC92C7FC11F7462DB872E8E7	2051072	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-11-14 16:12:13	FA310BD4A5DE904445DDDE54C5A654F2	2277376	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-11-14 16:12:07	8A46404AC1AEB22AA2D4C906D0FC86C2	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-11-14 16:12:06	6DDC0F44A70976C492CB1666BA9A7912	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-11-14 16:12:05	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-11-14 16:12:03	A1A2EE55A2C69F79AED00973E604B9C4	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-11-14 16:12:03	8585BC27224F97458C186AA085B754A7	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-11-14 16:11:58	36EE0A2A981617610F921BCBB997DB06	12819456	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-11-14 16:11:50	4169C6A6613856D69224498620F0C2B5	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-14 16:11:49	AE39939F1E25401B9A4952A7A8D372AC	4298240	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-11-14 16:11:48	9ED3132B7F0D36FA9911721E8B2CB968	501248	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-11-14 16:11:45	6DD7D61A8EF3DFEC4FAEFEB395E77424	1892864	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-11-14 16:11:43	755D0A90CFC4BCB178D7070B0351F0AE	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-14 16:11:43	139E85C4E5DF322AE1BF6544D8C32B0A	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-11-14 16:10:34	537184E7306E06BB22C5B93D2AFA4DF8	1237504	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2014-11-14 16:10:33	09FA271EE1F9AD68B2D1C1C210F4B71F	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2014-11-14 16:10:21	5FDBDEECA34E73325D87C5ACD16A3EEC	701440	----a-w-	C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-14 16:10:10	8D338464B851DDD76E2B876A3E09EB70	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-14 16:10:08	FD79B005E849DF3D7E9B5EB7A637C528	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2014-11-14 16:10:08	AA7325057A1E1CC401798C0B1238E182	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2014-11-14 16:08:43	8CFAEFCD7F1E004950FCAE870A501B3E	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-11-14 16:08:42	8FE6AB488ECDC60930CE973A7051B0D4	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2014-11-14 16:08:40	3B3B8BA16DC999EA17D075D2F1064DE4	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-11-14 16:08:39	B580A6B9932669DE703001AEE66D5BB1	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-11-14 16:08:39	37BC079204BF9B087D6DE6B728908B4B	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-11-14 16:08:38	9CEA80FFC617E6B6DD7B52E6225C0D38	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-11-14 16:08:37	8205E55DFB11809E5F2AAD1C48840535	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-11-14 16:07:17	0F39AC3274312EFFD03928291E8BA7CA	67584	----a-w-	C:\Windows\SysWOW64\packager.dll
2014-11-14 16:06:33	CB55B9AAB060C803BE4AD229AA0FEC28	2363904	----a-w-	C:\Windows\SysWOW64\msi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-11-15 09:06:51	B938AF16A521C913791C6F7AFF032757	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2014-11-14 16:13:53	008CD4EBFABCF78D0F19B3778492648C	683520	----a-w-	C:\Windows\Sysnative\termsrv.dll
2014-11-14 16:13:52	58F87BF5659C8EBC61EB439C916F2F9A	681984	----a-w-	C:\Windows\Sysnative\adtschema.dll
2014-11-14 16:13:50	C4C1B73FC2FF151BA08E1EAFDE2A2FAF	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-11-14 16:13:46	7184AEACDA13E64B10F84E9DD79C8A01	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2014-11-14 16:12:50	7293701905DF1F40760C851F20DDC9EC	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-11-14 16:12:50	1F3794CE1AEA5DA12ACF90210EAE4ECB	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-11-14 16:12:46	854B230F5D77486B67D809FFB8A10C7E	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-11-14 16:12:46	4E47ABA3C6C5032446A2AF7EFD026037	716800	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-11-14 16:12:46	26BC4EC95E363DD59171710E22108F15	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-11-14 16:12:41	33098C85B789630865CD3F5D22FB0DFC	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-11-14 16:12:17	1C216980E7D21100A357B52B3C45F78D	388272	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-11-14 16:12:15	56651A76C63DAF2C593F1F767FC8A856	1550336	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-11-14 16:12:07	E17C34BECCD1388E9B386A9F82F01222	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-11-14 16:12:04	C6A719FD0B07B2DD0ADACD07636F4BAD	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-11-14 16:12:03	2A1A7F17C906941334C6A67E935F214B	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-11-14 16:12:03	1E30BECF0DB35481588FB72C9CF97CA2	800768	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-11-14 16:11:58	6507CA9349500A535AF70670F248E525	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-11-14 16:11:57	BD708EBEDB35E474F1A19747154ACC47	799232	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-11-14 16:11:56	5C9D58591D0091630452B04F35527240	2124288	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-11-14 16:11:53	BA4EC6139B8830BBA9CC5D065CA5796C	2884096	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-11-14 16:11:45	31F2A5ECFD2C75F970A3007ACD5627C7	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-11-14 16:11:45	08BCDD6C9E23D00309F359620461DFE8	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-11-14 16:11:38	277A4735954F1BF29EE3D138A5251BFE	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-11-14 16:11:37	69602F6259598A7837CB83D3608FE293	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-11-14 16:11:30	154B8555A118BCFD95F358390E418B00	14390272	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-11-14 16:11:28	98088A13F65BE35DA3693F264740CEEC	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-11-14 16:11:28	7EE5FBD190BF5B27F7977EA6CBF0DCAC	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-11-14 16:11:27	7EC80DB959695D4F927D2D601DA59F35	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-11-14 16:11:25	F208D7FB40FD80EA9F123BABF687359C	6040064	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-11-14 16:11:25	B6DC4597FF946B0C8B29650A71F52D4E	580096	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-11-14 16:11:22	6FC2819A4F80AAB2DADEDFC1EFEE3C3F	2365440	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-11-14 16:11:21	4B6D9AB2ECD11AF5F6B1C42D938E0A85	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-11-14 16:11:20	EE3592B010E3F69D141323E592C01A1A	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-11-14 16:11:00	BBD6A636AAA65D874F3863280CD8373D	25110016	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-11-14 16:10:34	364ECFF4ABD9D575F4F7CF7EB7928EF3	1882624	----a-w-	C:\Windows\Sysnative\msxml3.dll
2014-11-14 16:10:33	D005697F0467BBDDAB7638496DA5DB52	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2014-11-14 16:10:23	1FEBD408F32DFC523882E7DA5AC57819	878080	----a-w-	C:\Windows\Sysnative\IMJP10K.DLL
2014-11-14 16:10:11	9383B21A4B77C130940262DDC5F3F49B	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2014-11-14 16:10:09	DE3E38431B00C2EA247C53675DCF01A0	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2014-11-14 16:10:08	FAFCB80D42A65964B6F4945283B8C10F	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2014-11-14 16:10:08	B1BB7B91C3C878FDB2874138CE81C4EF	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2014-11-14 16:10:08	A2C9E45F4069A002E985D1563D16813B	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2014-11-14 16:08:46	A71B81AC2C14ABA013CCF1225D9E3E36	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-11-14 16:08:43	109CC0DF72CC07A6CB59D2995255A1DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2014-11-14 16:08:39	DF30FC54FFF79BC744B22A4850A3CF92	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-11-14 16:08:39	55F0CF40479A1FC89CFA578909A540F2	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-11-14 16:08:39	47C48C705F4F1EFC99B50B43AE4301FE	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-11-14 16:08:39	028D99F83CBB31DB7995530B89EA13CF	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-11-14 16:08:38	336BA030AB7B05300CB0B5C6AFB27176	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-11-14 16:07:17	934735F508E297504460935B71E99F0B	77824	----a-w-	C:\Windows\Sysnative\packager.dll
2014-11-14 16:07:09	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-11-14 16:06:35	2720C94ADCC1727A66365CCB1CE456C4	3241984	----a-w-	C:\Windows\Sysnative\msi.dll
====== C:\Windows\Sysnative\drivers =====
2014-11-16 08:11:08	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-11-16 08:09:34	D3311B31C470E7681B14D9B014CBF9ED	93400	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-11-16 08:09:34	95EF63A7827D4E3A229CBBCB42619E93	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-11-16 08:09:34	5C3669B71657F22E67A1D4BD49D2CBE7	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-11-14 16:13:52	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
2014-11-15 17:19:53	9BA09AAE10D2AF6D13E4A99ED663A89B	3112	----a-w-	C:\Windows\Sysnative\Tasks\{91CC2E71-17B6-4A26-B1C2-7391073D1888}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-11-15 14:02:49	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-11-07 21:46:43	--------	d-----w-	C:\PROGRA~2\WinZip
======= C: =====
2014-11-16 12:38:02	7FC3BA3C914F58663DEC35F7437C4F50	442	----a-w-	C:\scan malw.txt
2014-11-16 11:21:43	2ACE43C909501AEAB347F38D0DA52FF1	260	----a-w-	C:\malware.txt
====== C:\Users\Elvira\AppData\Roaming ======
2014-11-14 12:06:27	--------	d-sh--w-	C:\Users\Elvira\AppData\Local\EmieBrowserModeList
2014-11-14 12:06:19	--------	d-sh--w-	C:\Users\Elvira\AppData\Locallow\EmieBrowserModeList
====== C:\Users\Elvira ======
2014-11-16 08:08:00	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Elvira\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-15 17:35:13	6504113C2218667814D4F54847BA046A	2140160	----a-w-	C:\Users\Elvira\Downloads\adwcleaner_4.101(2).exe
2014-11-15 14:00:30	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Elvira\Downloads\RSITx64.exe
2014-11-14 12:44:33	62FD8917AA5E45BD53653AA274980CEE	244280	----a-w-	C:\Users\Elvira\Downloads\Firefox Setup Stub 33.1.exe

====== C: exe-files ==
2014-11-16 08:08:00	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Elvira\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-16 05:32:22	87EB5AFD21E52CB08883E04605B55829	880784	----a-w-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
2014-11-16 05:32:22	5B4ED5734945619EE3BCDB9825D2F526	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
2014-11-16 05:32:22	06036279056145E0F08FC095CB789E6A	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
2014-11-16 05:32:14	EDD3E562684CB4C50704B471BEAB1F86	114568	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
2014-11-16 05:32:14	CB8C1CC4F46FBAC78150754D77460C73	230792	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
2014-11-16 05:32:14	7161E8E31B7FD3B1CE083C2CA5FD5F44	285064	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
2014-11-16 05:32:01	F172AD4E906D97ED8F071896FC6789DC	107912	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
2014-11-16 05:31:47	87EB5AFD21E52CB08883E04605B55829	880784	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
2014-11-15 17:35:13	6504113C2218667814D4F54847BA046A	2140160	----a-w-	C:\Users\Elvira\Downloads\adwcleaner_4.101(2).exe
2014-11-15 16:56:21	FBAB280D0CAC5E21C72F0A1A7B5B9608	455600	----a-w-	C:\Users\Elvira\AppData\Local\Temp\_is1825.exe
2014-11-15 14:03:01	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Elvira.exe
2014-11-15 14:00:30	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Elvira\Downloads\RSITx64.exe
2014-11-15 08:44:39	1116A6BC802EE28CE3DEBE4934C05D0D	17926832	----a-w-	C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-14 16:12:50	7293701905DF1F40760C851F20DDC9EC	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-11-14 16:12:46	B569522A58F9B53B20D16516D26E0DD8	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-11-14 16:12:46	4E47ABA3C6C5032446A2AF7EFD026037	716800	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-11-14 16:12:25	2E1CAA313AAE151B8D6E81C0075DE88C	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-11-14 16:12:17	B5724D61C7CB3FC9BACD9F8E58A77A03	468992	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-11-14 16:12:07	591C6FD1541BAFAEEE82B1F5831C8532	815280	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-11-14 16:12:05	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-11-14 16:12:04	C6A719FD0B07B2DD0ADACD07636F4BAD	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-14 16:11:57	0A2FA344ABBE0D160CE9773256A42B21	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-14 16:11:51	F00FC8AF1B04C4611F92BC3DA01A2F49	813744	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-11-14 16:11:45	08BCDD6C9E23D00309F359620461DFE8	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-11-14 16:10:23	73E0DAD52482E65C478EA46081C8785A	141312	----a-w-	C:\Windows\System32\IME\IMEJP10\imjpuexc.exe
2014-11-14 16:10:19	7EEB4D2A17421D337F970FB5C3B24410	106496	----a-w-	C:\Windows\SysWOW64\IME\IMEJP10\imjpuexc.exe
2014-11-14 12:44:33	62FD8917AA5E45BD53653AA274980CEE	244280	----a-w-	C:\Users\Elvira\Downloads\Firefox Setup Stub 33.1.exe
2014-11-13 07:01:52	2A92FD7F3B28186D1BF4140DE55696C7	262160	----a-w-	C:\Users\Elvira\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
2014-11-13 06:59:00	3DE922CE5A2D820DDA0585EA07E9BAC0	225232	----a-w-	C:\Users\Elvira\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
2014-11-13 06:58:58	AB0C872B1FFE283D20C91C8E575E2F67	35419192	----a-w-	C:\Users\Elvira\AppData\Roaming\Dropbox\bin\Dropbox.exe
=== C: other files ==
2014-11-16 08:11:08	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-16 08:09:34	D3311B31C470E7681B14D9B014CBF9ED	93400	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-16 08:09:34	95EF63A7827D4E3A229CBBCB42619E93	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2014-11-16 08:09:34	5C3669B71657F22E67A1D4BD49D2CBE7	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2014-11-15 12:54:50	A49A14C963382F441CABCA6D247B2954	36046	----a-w-	C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\lab2xhr7.default-1415980736466\extensions\{01c29d60-f7f0-416c-844a-ec8b2e1841d0}.xpi
2014-11-14 16:13:52	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-11-14 16:07:09	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\System32\win32k.sys
2014-11-14 15:59:10	A49A14C963382F441CABCA6D247B2954	36046	----a-w-	C:\Users\Elvira\Desktop\Snelkoppelingen\Oude Firefox-gegevens\6993z7nj.default\extensions\{01c29d60-f7f0-416c-844a-ec8b2e1841d0}.xpi
2014-11-14 15:59:10	A1B1BC6A14B437C82AC830116979E9F6	979699	----a-w-	C:\Users\Elvira\Desktop\Snelkoppelingen\Oude Firefox-gegevens\6993z7nj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2014-11-14 15:59:10	2C33327BA552A1429F6577AE7473EE7D	48852	----a-w-	C:\Users\Elvira\Desktop\Snelkoppelingen\Oude Firefox-gegevens\6993z7nj.default\extensions\{0248628d-e285-40dc-96cc-d6ffd303ab25}.xpi
2014-11-14 15:59:10	0881CE9B86346414CECC2B65A2E818FD	78359	----a-w-	C:\Users\Elvira\Desktop\Snelkoppelingen\Oude Firefox-gegevens\6993z7nj.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
2014-11-13 06:58:02	B3B7E9E398D909FA919BE73884662D86	1129317	----a-w-	C:\Users\Elvira\AppData\Roaming\Dropbox\bin\xui_resources.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2348353777-3636976346-1294709593-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"cfweatherStation"="C:\Program Files (x86)\Weather\Weather.exe"
"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"Akamai NetSession Interface"="C:\Users\Elvira\AppData\Local\Akamai\netsession_win.exe"
"Epson Stylus SX420W(Netwerk) (1 kopi�ren)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU C:\Windows\TEMP\E_S61D8.tmp /EF HKCU"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"ALLUpdate"="C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe sleep"
"Epson Stylus SX420W(Netwerk) (2 kopi�ren)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU C:\Windows\TEMP\E_SD27B.tmp /EF HKCU"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"PATHPILOT"="C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"F-Secure Hoster (45123)"="C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1"
"F-Secure Manager"="C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cfweatherStation"="C:\Program Files (x86)\Weather\Weather.exe"
"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"Akamai NetSession Interface"="C:\Users\Elvira\AppData\Local\Akamai\netsession_win.exe"
"Epson Stylus SX420W(Netwerk) (1 kopi�ren)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU C:\Windows\TEMP\E_S61D8.tmp /EF HKCU"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"ALLUpdate"="C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe sleep"
"Epson Stylus SX420W(Netwerk) (2 kopi�ren)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU C:\Windows\TEMP\E_SD27B.tmp /EF HKCU"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe"
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"MacroKeyManager"="WTMKM.exe"

==== Startup Folders ======================

2011-10-30 10:45:36	1053	----a-w-	C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2011-08-05 14:12:42	2071	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Targus_Mouse_Suite.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-11-2014 09:45]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-10-2014 19:33]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Elvira-PC-Elvira" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{12BE7B2B-3F3A-4154-BE34-0289A162F5A1}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{5A8CEA48-E683-4F67-BAF5-794B75257178}" [C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe]
"C:\Windows\SysNative\tasks\{CC8334EF-E768-45FC-B7CF-264698A0CDC1}" [C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE]
"C:\Windows\SysNative\tasks\{D8BCCAA2-13C5-402D-AC5D-57A7114CE212}" [C:\Users\Elvira\AppData\Local\Zylom Games\Big Kahuna Reef Deluxe\bigkahunareef.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\lab2xhr7.default-1415980736466
- Undetermined - {01c29d60-f7f0-416c-844a-ec8b2e1841d0}
- PhotoME Extension - %ProfilePath%\extensions\{01c29d60-f7f0-416c-844a-ec8b2e1841d0}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\lab2xhr7.default-1415980736466
67D325B5AEB28E381B84E8DE1A90C7A8	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll -	Shockwave Flash
99F97C9FE748C37528C338A423577FCB	- C:\Users\Elvira\AppData\Roaming\Mozilla\plugins\np-mswmp.dll -	Microsoft� Windows Media Player Firefox Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Elvira\AppData\Local\Temp\ccex.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://pentaxforum.nl/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://pentaxforum.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL392NL394"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="127.0.0.1:9421"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elvira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elvira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pc.Elvira-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pc.Elvira-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\pc.Elvira-PC\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Elvira\AppData\Local\Mozilla\Firefox\Profiles\lab2xhr7.default-1415980736466\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2271 folders=569 328554331 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Elvira\AppData\Local\Temp will be emptied at reboot
C:\Users\pc\AppData\Local\Temp emptied successfully
C:\Users\pc.Elvira-PC\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Elvira\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 16-11-2014 at 16:27:09,67 ======================