Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by User on do 03-04-2014 at 19:23:05,27. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2013-04-01-135316.log 54375 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\ALLPlayer deleted successfully C:\PROGRA~2\Movies Toolbar deleted successfully C:\PROGRA~2\OnlineVault deleted successfully C:\PROGRA~2\SmartTweak deleted successfully C:\PROGRA~2\COMMON~1\Nero deleted successfully C:\PROGRA~2\COMMON~1\Sony Shared deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\Program Files\ATI Technologies deleted successfully C:\Program Files\PDFCreator deleted successfully C:\Program Files\Common Files\Sony Shared deleted successfully C:\PROGRA~3\Browser Manager deleted successfully C:\PROGRA~3\BrowserProtect deleted successfully C:\PROGRA~3\Conduit deleted successfully C:\PROGRA~3\Freemake deleted successfully C:\PROGRA~3\Wincert deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted successfully C:\Users\User\AppData\Roaming\defaulttab deleted successfully C:\Users\User\AppData\Roaming\Mozilla deleted successfully C:\Users\User\AppData\Roaming\TP deleted successfully C:\Users\User\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\User\AppData\Local\AppsHat Mobile Apps deleted successfully C:\Users\User\AppData\Local\Bundled software uninstaller deleted successfully C:\Users\User\AppData\Local\CrashDumps deleted successfully C:\Users\User\AppData\Local\MigWiz deleted successfully C:\Users\User\AppData\Local\Savings Vault deleted successfully C:\Users\User\AppData\Local\WMTools Downloaded Files deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{02230E58-B1B9-2196-E06C-1D858396805A} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E1C0AA06-83EF-4A2A-947F-B2351EA5FB52} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{f5827716-9540-492e-9e9a-9f18bb2e7912} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511111108} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{97ef77e6-97be-4204-a890-2485903c5624} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{97ef77e6-97be-4204-a890-2485903c5624} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0696f815-a3a9-490a-bb14-9ec3350b1276} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.3.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater15.3.0 deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "BrowserMngrDefaultScope"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} not found C:\Users\User\daemonprocess.txt deleted C:\PROGRA~2\Mozilla Firefox\user.js deleted C:\PROGRA~2\Mobogenie deleted C:\PROGRA~2\NCH Software\Components\NCHToolbars deleted C:\PROGRA~2\Yontoo deleted C:\PROGRA~2\mixidj deleted C:\PROGRA~2\MyPC Backup deleted C:\PROGRA~2\Conduit deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\User\AppData\Roaming\simplitec deleted C:\Users\User\AppData\Roaming\CRMixiDJTB deleted C:\Users\User\AppData\Roaming\ParetoLogic deleted C:\Users\User\AppData\Roaming\DriverCure deleted C:\Users\User\AppData\Roaming\BabSolution deleted C:\Users\User\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar deleted C:\Users\User\AppData\Roaming\AVG Secure Search deleted C:\Users\User\AppData\Roaming\Systweak deleted C:\PROGRA~3\simplitec deleted C:\PROGRA~3\ParetoLogic deleted C:\PROGRA~3\Uniblue\DriverScanner deleted C:\PROGRA~3\VisualBee deleted C:\PROGRA~3\Uniblue deleted C:\Users\User\AppData\Local\Ilivid Player deleted C:\Users\User\AppData\Local\ilividmoviestoolbardla deleted C:\Users\User\AppData\Local\ilividmoviestoolbarha deleted C:\Users\User\AppData\Local\CRE deleted C:\Users\User\AppData\Local\APN deleted C:\Users\User\AppData\Local\SearchProtect deleted C:\Users\User\AppData\Local\AVG Secure Search deleted C:\Users\User\AppData\Local\IAC deleted C:\Users\User\AppData\Local\blekkotb_031 deleted C:\Users\User\AppData\Local\WebPlayer\AppsHat deleted C:\Users\User\AppData\Local\WebPlayer deleted C:\Users\User\AppData\Local\Mobogenie deleted C:\Users\User\AppData\Local\cache deleted C:\Users\User\AppData\Local\Conduit deleted C:\Users\wangzhisong\AppData\Local\Mobogenie deleted C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat deleted C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\BackgroundContainer Startup Task deleted C:\Users\User\Downloads\MapsGalaxy.exe deleted C:\Users\User\AppData\LocalLow\store-pp.jbs deleted C:\Users\User\AppData\LocalLow\WhiteSmoke_New_V6 deleted C:\Users\User\AppData\LocalLow\Minibar deleted C:\Users\User\AppData\LocalLow\VideoDownloadConverter_4z deleted C:\Users\User\AppData\LocalLow\IAC deleted C:\Users\User\AppData\LocalLow\buenosearch LTD deleted C:\Users\User\AppData\LocalLow\searchqutoolbar deleted C:\Users\User\AppData\LocalLow\ilividmoviestoolbardla deleted C:\Users\User\AppData\LocalLow\ilividmoviestoolbarha deleted C:\Users\User\AppData\LocalLow\DataMngr deleted C:\Users\User\AppData\LocalLow\PriceGong deleted C:\Users\User\AppData\LocalLow\Conduit deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\END deleted C:\Users\wangzhisong deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\User\Documents\Mobogenie deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin\64brmon64.exe" deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin\64brstub64.dll" deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin\AppIntegrator64.exe" deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin\AppIntegratorStub64.dll" deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin\Hpg64.dll" deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin\T8RES.DLL" deleted "C:\PROGRA~2\TelevisionFanatic" not deleted "C:\PROGRA~2\TelevisionFanatic\bar" not deleted "C:\PROGRA~2\TelevisionFanatic\bar\1.bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-03-13 14:10:39 BACC59AC096364B32CDF4AFC69811B77 90 ----a-w- C:\Windows\magix.ini 2014-03-13 14:10:37 B2B6D555C8092A3AB7148032FC58AC27 1078 ----a-w- C:\Windows\mgxoschk.ini ====== C:\Users\User\AppData\Local\Temp ==== 2014-04-01 16:31:38 19E20551304A2D7E9031271DE198BD6D 14688512 ----a-w- C:\Users\User\AppData\Local\Temp\n7120\microsoft-office-2010-en.exe 2014-04-01 16:31:22 20612ACB94F364173094E91FD08D02DA 4624790 ----a-w- C:\Users\User\AppData\Local\Temp\n7120\systemspeedup_1203-72c8223c.exe 2014-04-01 15:46:14 4965B005492CBA7719E82B71E3245495 174440 ----a-w- C:\Users\User\AppData\Local\Temp\Setup000011f0\ose00000.exe 2014-04-01 15:45:44 EB84A9F59427CFDE0E9952C55AFDE600 7394472 ----a-w- C:\Users\User\AppData\Local\Temp\Setup000011f0\OSETUP.DLL 2014-04-01 15:45:44 119D8D9AA065A504A484FDB46D21609A 229496 ----a-w- C:\Users\User\AppData\Local\Temp\Setup000011f0\OSETUPUI.DLL ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== 2014-04-01 16:36:54 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\SysWOW64\drivers\mcdbus.sys ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-03-14 16:56:19 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys ====== C:\Windows\Tasks ====== 2014-04-01 17:08:10 BC6B67BA3A6C1D16A1173F8ED1CCED25 3116 ----a-w- C:\Windows\Sysnative\Tasks\{E7B13713-B51C-4849-8E1E-A5E441D92CDD} 2014-03-30 13:53:12 -------- d-----w- C:\Windows\Sysnative\Tasks\Apple 2014-03-14 16:09:54 8D64150C65691FBBC6455658FFD6E9B4 3124 ----a-w- C:\Windows\Sysnative\Tasks\{B67E443D-61D6-4624-AEB4-41606BBB2F83} 2014-03-13 15:04:04 41246487304A9356EBE13F4962DB963E 2948 ----a-w- C:\Windows\Sysnative\Tasks\{68626BBC-3A44-4955-886F-1EA176A24D88} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-02 16:01:07 -------- d-----w- C:\Program Files\trend micro 2014-04-01 16:42:51 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-04-01 16:42:08 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2014-04-01 16:41:36 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2014-04-01 16:39:26 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2014-03-30 13:53:03 -------- d-----w- C:\Program Files\Common Files\Apple 2014-03-30 13:52:57 -------- d-----w- C:\Program Files\Bonjour ======= C:\PROGRA~2 ===== 2014-04-01 16:40:22 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 8 2014-04-01 16:39:26 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services 2014-04-01 16:36:53 -------- d-----w- C:\PROGRA~2\MagicDisc 2014-03-30 13:53:10 -------- d-----w- C:\PROGRA~2\Apple Software Update 2014-03-30 13:52:57 -------- d-----w- C:\PROGRA~2\Bonjour 2014-03-30 13:52:46 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple 2014-03-14 16:45:55 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-03-14 16:32:44 -------- d-----w- C:\PROGRA~2\Lavalys 2014-03-13 14:03:06 -------- d-----w- C:\PROGRA~2\Movie Maker 2.6 2014-03-11 13:41:51 -------- d-----w- C:\PROGRA~2\COMMON~1\LightScribe 2014-03-11 13:36:15 -------- d-----w- C:\PROGRA~2\Nero 2014-03-11 13:36:15 -------- d-----w- C:\PROGRA~2\COMMON~1\Ahead 2014-03-05 15:59:59 -------- d-----w- C:\PROGRA~2\SPCA1528 2014-03-04 21:01:41 -------- d-----w- C:\PROGRA~2\TelevisionFanatic ======= C: ===== ====== C:\Users\User\AppData\Roaming ====== 2014-04-01 16:36:55 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc 2014-03-31 07:36:56 -------- d-----w- C:\Users\User\AppData\Roaming\Apple Computer 2014-03-30 13:53:12 -------- d-----w- C:\Users\User\AppData\Local\Apple 2014-03-30 13:53:08 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer 2014-03-22 15:36:16 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\exPressit S.E. 2.1 2014-03-17 11:48:51 -------- d-----w- C:\Users\User\AppData\Local\Garmin 2014-03-15 13:03:53 -------- d-----w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin 2014-03-14 16:46:02 -------- d-----w- C:\Users\User\AppData\Local\Skype 2014-03-11 13:41:26 -------- d-----w- C:\Users\User\AppData\Local\Ahead 2014-03-11 13:39:44 -------- d-----w- C:\Users\User\AppData\Roaming\Ahead 2014-03-04 21:02:19 -------- d-----w- C:\Users\User\AppData\Local\TelevisionFanatic 2014-03-04 21:01:46 -------- d-----w- C:\Users\User\AppData\Locallow\TelevisionFanatic ====== C:\Users\User ====== 2014-04-02 16:00:22 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\User\Downloads\RSITx64.exe 2014-04-01 16:43:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2014-04-01 16:43:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-04-01 16:36:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc 2014-04-01 16:36:39 22EAB34E639CF9596F62CA063486CAEF 1352435 ----a-w- C:\Users\User\Desktop\setup_magicdisc.exe 2014-04-01 12:19:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-03-30 14:15:03 ADACCDC99F8D4F2F96DE6C21337D84B0 137699152 ----a-w- C:\Users\User\Downloads\iTunesSetup.exe 2014-03-30 13:52:46 -------- d-----w- C:\ProgramData\Apple 2014-03-22 15:36:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\exPressit S.E. 2.1 2014-03-17 11:48:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-03-14 16:45:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-03-14 16:32:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2014-03-13 14:12:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-03-12 11:12:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack 2014-03-11 13:47:49 -------- d-----w- C:\ProgramData\LightScribe 2014-03-11 13:41:51 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling 2014-03-11 13:41:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials 2014-03-11 13:39:34 -------- d-----w- C:\ProgramData\Ahead 2014-03-05 17:00:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-03-05 16:17:03 -------- d-----w- C:\ProgramData\Pinnacle 2014-03-05 15:59:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPCA1528 PC Driver 2014-03-05 15:59:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Power ====== C: exe-files == 2014-04-02 16:01:07 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe 2014-04-02 16:00:22 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\User\Downloads\RSITx64.exe 2014-04-02 11:19:45 A16852B04C0A5654B0B8DFD5E1A25718 576000 ----a-w- C:\Program Files (x86)\MagicDisc\MagicDisc.exe 2014-04-02 10:11:39 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe 2014-04-02 10:11:35 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2014-04-02 10:11:30 4C401FCC6D0C95E1A5D989E403E18F2F 1072072 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe 2014-04-02 10:10:24 107A176FF25E2BA8016A92C301844839 532312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.5111.1712\GoogleToolbarInstaller_updater_signed.exe 2014-04-01 16:36:54 A03AE84660953220E522068DC5B486C2 9216 ----a-w- C:\Program Files (x86)\MagicDisc\mcdInst64.exe 2014-04-01 16:36:53 973567B98CDFC147DF4E60471D9DF072 153088 ----a-w- C:\Program Files (x86)\MagicDisc\UNWISE.EXE 2014-04-01 16:36:53 3DCAD928C3BB2163F989110B4C9962A2 36864 ----a-w- C:\Program Files (x86)\MagicDisc\muninst.exe 2014-04-01 16:36:39 22EAB34E639CF9596F62CA063486CAEF 1352435 ----a-w- C:\Users\User\Desktop\setup_magicdisc.exe 2014-04-01 16:31:38 19E20551304A2D7E9031271DE198BD6D 14688512 ----a-w- C:\Users\User\AppData\Local\Temp\n7120\microsoft-office-2010-en.exe 2014-04-01 16:31:22 20612ACB94F364173094E91FD08D02DA 4624790 ----a-w- C:\Users\User\AppData\Local\Temp\n7120\systemspeedup_1203-72c8223c.exe 2014-04-01 15:46:14 4965B005492CBA7719E82B71E3245495 174440 ----a-w- C:\Users\User\AppData\Local\Temp\Setup000011f0\ose00000.exe 2014-04-01 12:16:55 F11631852CD9D8C4F6ABFC64F30AE513 6089216 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe 2014-04-01 12:16:55 C3DB57444AF9384192A5ABAE556D67D9 6089216 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Avg2014\update\backup\avgmfapx.exe 2014-03-31 20:04:53 E093151047BBFFC0CD78D52F36490206 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe 2014-03-31 20:04:53 398F40FAE5ADA9521544393F1F67A17E 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe 2014-03-31 20:04:53 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe 2014-03-31 20:04:48 7E6B107120108B3A15BFECE0DE3201DB 228744 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe 2014-03-31 20:04:48 6EFC5F64258FE0D9DA3CCFA7FF4D84BD 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe 2014-03-31 20:04:48 0D5CE0E5AEC3ACC7930AB955334B8533 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe 2014-03-31 20:04:47 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe 2014-03-31 20:04:47 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe 2014-03-30 14:15:03 ADACCDC99F8D4F2F96DE6C21337D84B0 137699152 ----a-w- C:\Users\User\Downloads\iTunesSetup.exe === C: other files == 2014-04-01 16:36:54 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\SysWOW64\drivers\mcdbus.sys 2014-04-01 16:36:53 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Program Files (x86)\MagicDisc\mcdbus.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "BackgroundContainer"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\User\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll,DllRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "LifeCam"="C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" "LGODDFU"="C:\Program Files (x86)\lg_fwupdate\lgfw.exe blrun" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "BDRegion"="C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe" "InstantBurn"="C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" "RemoteControl"="C:\Program Files (x86)\Home Cinema\PowerDVD\PDVDServ.exe" "LanguageShortcut"="C:\Program Files (x86)\Home Cinema\PowerDVD\Language\Language.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "PackageTracer EPM Support"="C:\PROGRA~2\PACKAG~2\bar\1.bin\69medint.exe T8EPMSUP.DLL,S" "PackageTracer_69 Browser Plugin Loader 64"="C:\Program Files (x86)\PackageTracer_69\bar\1.bin\69brmon64.exe" "TelevisionFanatic EPM Support"="C:\PROGRA~2\TELEVI~2\bar\1.bin\64medint.exe T8EPMSUP.DLL,S" "TelevisionFanatic Browser Plugin Loader 64"="C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "BackgroundContainer"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\User\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll,DllRun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\wincert\\win32c~1.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "PackageTracer Home Page Guard 64 bit"="C:\PROGRA~2\PACKAG~2\bar\1.bin\AppIntegrator64.exe" "TelevisionFanatic Home Page Guard 64 bit"="C:\PROGRA~2\TELEVI~2\bar\1.bin\AppIntegrator64.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll C:\\PROGRA~3\\Wincert\\WIN64C~1.DLL C:\\PROGRA~2\\MOVIES~1\\Datamngr\\x64\\mgrldr.dll " ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "ALLUpdate"="\"C:\\Program Files (x86)\\ALLPlayer\\ALLUpdate.exe\" \"sleep\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apps Hat] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Apps Hat" "hkey"="HKCU" "command"="C:\\Users\\User\\AppData\\Local\\WebPlayer\\AppsHat\\WebPlayer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BDRegion" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Cyberlink\\Shared Files\\brs.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLMLServer" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hpqSRMon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstantBurn] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InstantBurn" "hkey"="HKLM" "command"="C:\\PROGRA~2\\CYBERL~1\\INSTAN~1\\Win2K\\IBurn.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ooVoo.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ooVoo.exe" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\ooVoo\\oovoo.exe /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\PDVDServ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YouCam Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="YouCam Service" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\YouCam\\YouCamService.exe\" /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk] "item"="MagicDisc" "path"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MagicDisc.lnk" "backup"="C:\\Windows\\pss\\MagicDisc.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\MAGICD~1\\MAGICD~1.EXE" ==== Startup Folders ====================== 2014-04-02 11:19:47 957 ----a-w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk 2013-06-29 18:14:25 2136 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\File-Extensions.org Search.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2014 16:49] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-06-2012 09:12] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-06-2012 09:12] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ALL Update" [C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Officejet 4620 series" ["C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{6F772914-F766-4FB0-9F91-4CFC24EEC0DB}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\VisualBeeRecovery" [C:\Users\User\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe] "C:\Windows\SysNative\tasks\{0D320D44-F5F3-420D-8D50-065EA9F0C290}" [C:\Program Files (x86)\MAGIX\Video deluxe 2013 Plus\Videodeluxe.exe] "C:\Windows\SysNative\tasks\{327B4549-B37E-4439-8749-57B3267367AA}" [C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE] "C:\Windows\SysNative\tasks\{46324CCD-47EE-47E4-A01A-0759D9D574EF}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.10.0.104/nl/abandoninstall?page=tsMain] "C:\Windows\SysNative\tasks\{68626BBC-3A44-4955-886F-1EA176A24D88}" [C:\MAGIX\Film_op_CD_DVD_4\homeDVD-Film4.exe] "C:\Windows\SysNative\tasks\{7D18D0FD-D809-4000-9EAB-FBE66A802CB6}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.1.73.129.457/nl/abandoninstall?page=tsWLM] "C:\Windows\SysNative\tasks\{DC86884F-10A0-4576-BCF7-0FC7F1B09503}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.6.0.106/nl/privacy?source=lightinstaller] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [17-09-2012 19:29] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [17-09-2012 19:29] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\User\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[] ibcgjcbeckcdemelifnledhihpaighfk - C:\Users\User\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx[] igjlknladlicmjmadchoplpdookielak - C:\Users\User\AppData\Local\CRE\igjlknladlicmjmadchoplpdookielak.crx[] kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03-03-2014 10:53] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\\ChromeExt\\avg.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Users\User\AppData\Local\Temp\YontooLayers.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ibcgjcbeckcdemelifnledhihpaighfk - C:\Users\User\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx[] igjlknladlicmjmadchoplpdookielak - C:\Users\User\AppData\Local\CRE\igjlknladlicmjmadchoplpdookielak.crx[] Plus-HD-9.0 - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpphaajncbmfohddbgnllfcmcjcbaced FromDocToPDF - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp WhiteSmoke New V6 - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk Systweak NL - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjlknladlicmjmadchoplpdookielak Skype Click to Call - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Movies Toolbar - User\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob Ask Toolbar - User\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne DropToS - User\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo Torch Shopping - User\AppData\Local\Torch\User Data\Default\Extensions\dmgjnkhnkblpmfjpdakehnaikgdjllic Torch Games - User\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp Torch Music - User\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad FaceLift - User\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk WhiteSmoke New V6 - User\AppData\Local\Torch\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk Systweark NL - User\AppData\Local\Torch\User Data\Default\Extensions\igjlknladlicmjmadchoplpdookielak Torch Helper - User\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Skype Click to Call - User\AppData\Local\Torch\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Torch Torrent - User\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc Google Wallet - User\AppData\Local\Torch\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Last updated at time on date - User\AppData\Local\Torch\User Data\Default\Extensions\ohgbnffmijlejkjkgehpgnddfkbgabde Torch Music - User\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed Hola for Torch - User\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh ==== Chrome Fix ====================== C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk deleted successfully C:\Users\User\AppData\Local\Torch\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjlknladlicmjmadchoplpdookielak deleted successfully C:\Users\User\AppData\Local\Torch\User Data\Default\Extensions\igjlknladlicmjmadchoplpdookielak deleted successfully C:\Users\User\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully C:\Users\User\AppData\Local\Torch\User Data\Default\Extensions\dmgjnkhnkblpmfjpdakehnaikgdjllic deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpphaajncbmfohddbgnllfcmcjcbaced deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpphaajncbmfohddbgnllfcmcjcbaced_0.localstorage deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cpphaajncbmfohddbgnllfcmcjcbaced_0 deleted successfully C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpphaajncbmfohddbgnllfcmcjcbaced deleted successfully C:\Users\User\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Backup.Old.Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Backup.Old.Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6D1F0E93-A4D3-47FF-84EB-B1493D501728}" {1F986A39-1795-40DC-8032-505CAFC48111} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393BE492" {68C88A5B-007E-4E74-8A64-4ED63198EF34} Bing Url="http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6D1F0E93-A4D3-47FF-84EB-B1493D501728} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_nlBE574" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} deleted successfully HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb41fc95-f1b3-4797-8bb6-1012ff62abba} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1111017600-2235470025-3945737096-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ibcgjcbeckcdemelifnledhihpaighfk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\igjlknladlicmjmadchoplpdookielak deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ibcgjcbeckcdemelifnledhihpaighfk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\igjlknladlicmjmadchoplpdookielak deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apps Hat deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\User\AppData\Local\Torch\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4251 folders=941 171568574 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\User\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\User\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\TelevisionFanatic" not found "C:\Users\User\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 03-04-2014 at 19:40:03,85 ======================