Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by sarah on ma 10/02/2014 at 21:02:25,13. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\sarah\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 10/02/2014 21:07:27 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\HappyLyrics deleted successfully C:\Program Files\WinZipper deleted successfully C:\ProgramData\\Babylon deleted successfully C:\ProgramData\\Oracle deleted successfully C:\ProgramData\\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Helen\AppData\Local\VirtualStore deleted successfully C:\Users\sarah\AppData\Local\Samsung deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1125447735-4089502551-2167045225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-1125447735-4089502551-2167045225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-1125447735-4089502551-2167045225-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D9A67B58-BD62-4C3F-85A4-5E9526369BB7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}] [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Users\sarah\AppData\Local\Rich Media Player not found C:\ProgramData\\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\Users\sarah\AppData\Roaming\OpenCandy deleted C:\Program Files\Common Files\337 deleted C:\Program Files\Desk 365 deleted C:\Program Files\Omiga Plus deleted C:\Users\Helen\AppData\Roaming\Omiga Plus deleted C:\Users\sarah\AppData\Roaming\eCyber deleted C:\Users\sarah\AppData\Roaming\iSafe deleted C:\Users\sarah\AppData\Roaming\Omiga Plus deleted C:\Users\sarah\AppData\Roaming\WinZipper deleted C:\Users\sarah\AppData\Roaming\Desk 365 deleted C:\Users\sarah\AppData\Roaming\337 deleted C:\Users\sarah\AppData\Roaming\337 Wallpaper deleted C:\Users\sarah\AppData\Roaming\eDownload deleted C:\Users\sarah\AppData\Roaming\eIntaller deleted C:\Users\sarah\AppData\Roaming\BabSolution deleted C:\Users\sarah\AppData\Roaming\Babylon deleted C:\ProgramData\\APN deleted C:\ProgramData\\eSafe deleted C:\ProgramData\\Uniblue\DriverScanner deleted C:\ProgramData\\Tarma Installer deleted C:\Users\sarah\AppData\LocalLow\BabylonToolbar deleted C:\Windows\system32\tasks\Omiga Plus RunAsStdUser deleted C:\Windows\system32\tasks\Desk 365 RunAsStdUser deleted C:\Windows\system32\Tasks\EPUpdater deleted C:\END deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\sarah\AppData\Local\Temp ==== ====== Java Cache ===== 2014-01-20 18:26:47 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\sarah\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7da85de2 2014-01-20 18:23:38 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\sarah\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1a5214eb 2014-01-20 18:23:38 A585B4DB3ED0FF493E090B2147E878B7 99 ----a-w- C:\Users\sarah\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap 2014-01-20 18:23:35 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\sarah\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-2cf1e3f9 2014-01-20 18:23:38 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\sarah\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-6e5d729e ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2014-01-15 07:09:25 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-15 07:09:22 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-15 07:09:22 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-15 07:09:22 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-15 07:09:22 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-15 07:09:22 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-15 07:09:22 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-15 07:09:22 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-09 10:21:39 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\sarah\AppData\Roaming ====== ====== C:\Users\sarah ====== 2014-02-09 10:19:04 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\sarah\Downloads\RSIT.exe 2014-01-29 06:47:42 9911EF198C1A01F11D8D6F777F9A9261 1070088 ----a-w- C:\Users\sarah\Downloads\install_flashplayer12x32axau_mssa_aaa_aih.exe 2014-01-20 18:20:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-02-09 10:21:44 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\sarah.exe 2014-02-09 10:19:04 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\sarah\Downloads\RSIT.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1125447735-4089502551-2167045225-1001\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" "PPort12reminder"="C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" "ControlCenter4"="C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch] "command"="\"C:\\Program Files\\Nuance\\PaperPort\\IndexSearch.exe\"" "hkey"="HKLM" "item"="IndexSearch" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD] "command"="\"C:\\Program Files\\Nuance\\PaperPort\\pptd40nt.exe\"" "hkey"="HKLM" "item"="PaperPort PTD" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller] "command"="C:\\Program Files\\Nuance\\PDF Viewer Plus\\RegistryController.exe" "hkey"="HKLM" "item"="PDF5 Registry Controller" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook] "command"="C:\\Program Files\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe" "hkey"="HKLM" "item"="PDFHook" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "swg"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" "msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" "KiesHelper"="C:\\Program Files\\Samsung\\Kies\\KiesHelper.exe /s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\4708" [wscript.exe C:\Users\sarah\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\HP-Online updateprogramma" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\system32\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\system32\tasks\User_Feed_Synchronization-{3BA31B02-A8E5-4983-A32E-1AE1687F05D3}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [16/10/2013 18:30] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[22/02/2013 13:53] hakdifolhalapjijoafobooafbilfakh - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[22/02/2013 13:53] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[16/10/2013 18:27] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[16/10/2013 18:27] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[22/02/2013 13:53] Google Docs - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj Virtual Keyboard - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Gmail - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman Kaspersky URL Advisor - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj Jurawa Design Wolf 1280x800 - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmdcbjhjccinfjcalchgkhimfkgpmem Safe Money - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Google Wallet - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Anti-Banner - sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Chrome Fix ====================== C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Search Page"="http://www.google.com" "Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250JI_S15YJDNQ909111&ts=1373753767" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250JI_S15YJDNQ909111&ts=1373753767" "Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250JI_S15YJDNQ909111&ts=1373753767" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="https://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1125447735-4089502551-2167045225-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\sarah\Desktop\log - Snelkoppeling.lnk - C:\rsit\log.txt C:\Users\sarah\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\sarah\Desktop\Veilig Bankieren.lnk - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\starter_avp.exe -hidden safebanking C:\Users\sarah\Desktop\Volledige Scan.lnk - C:\Windows\system32\rundll32.exe "C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ShellEx.dll",StartTask Scan_My_Computer C:\Users\sarah\Desktop\zoek - Snelkoppeling.lnk - C:\Users\sarah\Downloads\zoek.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Brother Creative Center.lnk - C:\Program Files\Brother\CreativeCenter\Brother Creative Center.url C:\Users\Public\Desktop\FreeFileSync.lnk - C:\Program Files\FileSync\FreeFileSync.exe C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\starter_avp.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files\Microsoft Security Client\msseces.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging Console.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -config C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging starten.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -userstart C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging stoppen.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -shutdown ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Helen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=SAMSUNGXHM250JI_S15YJDNQ909111&ts=1370611344 C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Users\sarah\Picasa3\Picasa3.exe C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\HP Update.lnk - C:\Program Files\HP\HP Software Update\HPWUCli.exe C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kaspersky PURE 3.0.lnk - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\starter_avp.exe C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== shortcuts After Repair ====================== C:\Users\sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Helen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Helen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Helen\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Helen\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Helen\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\sarah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\sarah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PQ00SU3 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Helen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=369 folders=111 155608746 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Helen\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\sarah\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\sarah\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\sarah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PQ00SU3" deleted ==== EOF on ma 10/02/2014 at 22:13:32,80 ======================