Zoek.exe v5.0.0.0 Updated 06-August-2014 Tool run by Daan on wo 13/08/2014 at 11:37:58,78. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: F:\zoek.exe [Scan all users] [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 13/08/2014 11:39:44 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Apple deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\trend micro deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Daan\AppData\Roaming\IrfanView deleted successfully C:\Users\Daan\AppData\Roaming\YourFileDownloader deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141308_1148_.backup ProfilePath: C:\Users\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141308_1148_.backup ProfilePath: C:\Users\Daan\AppData\Roaming\TomTom\HOME\Profiles\fzijek1q.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141308_1148_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\TornTV.com deleted C:\PROGRA~2\Mozilla Firefox\user.js deleted C:\PROGRA~2\BabylonToolbar deleted C:\PROGRA~2\Vuze_Remote deleted C:\PROGRA~2\Yontoo deleted C:\PROGRA~2\Incredibar.com deleted C:\PROGRA~2\BittorrentBar_NL deleted C:\Program Files\IB Updater deleted C:\PROGRA~2\Linkey deleted C:\PROGRA~2\Gophoto.it deleted C:\PROGRA~2\BrowserCompanion deleted C:\PROGRA~2\Conduit deleted C:\user.js deleted C:\Users\Daan\AppData\Roaming\Babylon deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\OberonGameConsole deleted C:\PROGRA~3\SweetIM deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\systemk deleted C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted C:\Users\Daan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Users\Daan\Downloads\iLividSetup-r420-n-bc.exe deleted C:\Users\Daan\Searches deleted C:\Users\Daan\Downloads\SoftonicDownloader_voor_apowersoft-free-audio-recorder.exe deleted C:\Users\Daan\Downloads\SoftonicDownloader_voor_ibm-spss-statistics.exe deleted C:\Users\Daan\Downloads\SoftonicDownloader_voor_spss.exe deleted C:\Users\Daan\AppData\LocalLow\Vuze_Remote deleted C:\Users\Daan\AppData\LocalLow\BittorrentBar_NL deleted C:\Users\Daan\AppData\LocalLow\DataMngr deleted C:\Users\Daan\AppData\LocalLow\Conduit deleted C:\END deleted C:\windows\SysNative\ljkb deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\jmdp deleted C:\Windows\Syswow64\ARFC deleted C:\Windows\Syswow64\WNLT deleted C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted "C:\Windows\Installer\1ff0694.msi" deleted "C:\Windows\Installer\1ff0694.msi" deleted "C:\Windows\Installer\1b7cfc7f.msi" deleted "C:\Windows\Installer\1b7cfc9a.msi" deleted "C:\Windows\Installer\1b7cfc94.msi" deleted "C:\Windows\Installer\1b7cfc1a.msi" deleted "C:\Users\Daan\AppData\Local\psppirerc" deleted "C:\Users\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted "C:\windows\SysNative\dmwu.exe" deleted "C:\PROGRA~2\Settings Manager\systemk\del_DM_LL_nsfED45.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\favicon.ico" not deleted "C:\PROGRA~2\Settings Manager\systemk\Helper.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\Internet Explorer Settings.exe" not deleted "C:\PROGRA~2\Settings Manager\systemk\smdmf.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\smdmfldr.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\smdmfldr_u.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\sysapcrt.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\systemkbho.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\systemkmgrc2.cfg" not deleted "C:\PROGRA~2\Settings Manager\systemk\SystemkService.exe" not deleted "C:\PROGRA~2\Settings Manager\systemk\systemku.exe" not deleted "C:\PROGRA~2\Settings Manager\systemk\tbicon.exe" not deleted "C:\PROGRA~2\Settings Manager\systemk\Uninstall.exe" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\del_DM_LL_nsfED45.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\Internet Explorer Settings.exe" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\smdmf.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\smdmfldr.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\smdmfldr_u.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\sysapcrt.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\systemkbho.dll" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64\systemkmgrc2.cfg" not deleted "C:\PROGRA~2\SweetIM\Communicator\mgcommon.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgcommunication.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgsimcommon.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\mgxml_wrapper.dll" deleted "C:\PROGRA~2\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted "C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgsimcommon.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted "C:\PROGRA~2\Settings Manager" not deleted "C:\PROGRA~2\SweetIM" not deleted "C:\PROGRA~2\Settings Manager\systemk" not deleted "C:\PROGRA~2\Settings Manager\systemk\x64" not deleted "C:\PROGRA~2\SweetIM\Communicator" not deleted "C:\PROGRA~2\SweetIM\Messenger" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Daan\AppData\Local\Temp ==== 2014-08-13 09:42:10 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Daan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmyb9r0.dll 2014-08-08 20:03:26 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Daan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr1z_6w.dll 2014-08-06 15:48:25 42EC539D183CB43BCFF89E72585902D5 384485 ----a-w- C:\Users\Daan\AppData\Local\Temp\Quarantine.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Daan\AppData\Roaming ====== ====== C:\Users\Daan ====== 2014-08-11 08:33:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Daan\Desktop\RSITx64.exe ====== C: exe-files == 2014-08-11 08:33:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Daan\Desktop\RSITx64.exe 2014-08-06 15:48:25 42EC539D183CB43BCFF89E72585902D5 384485 ----a-w- C:\Users\Daan\AppData\Local\Temp\Quarantine.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Daan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe " "Spotify"="C:\Users\Daan\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart " "Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup" "Google Update"="C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Facebook Update"="C:\Users\Daan\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "BitTorrent"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "Sweetpacks Communicator"="C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" "SweetIM"="C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" "SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" "Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Daan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe " "Spotify"="C:\Users\Daan\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart " "Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup" "Google Update"="C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Facebook Update"="C:\Users\Daan\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "BitTorrent"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 " "Persistence"="C:\Windows\system32\igfxpers.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2013-12-26 11:26:24 1055 ----a-w- C:\Users\Daan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-12-26 11:26:24 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk 2013-12-26 11:26:24 2617 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk 2013-12-26 11:26:24 2669 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scrybe.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/07/2014 14:53] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001Core.job --a------ C:\Users\Daan\AppData\Local\Facebook\Update\FacebookUpdate.exe [25/10/2013 17:55] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001UA.job --a------ C:\Users\Daan\AppData\Local\Facebook\Update\FacebookUpdate.exe [25/10/2013 17:55] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/12/2012 13:08] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/12/2012 13:08] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001Core.job --a------ C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe [03/07/2012 15:43] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001UA.job --a------ C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe [03/07/2012 15:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Laptop_Daan-Daan" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001Core" [C:\Users\Daan\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001UA" [C:\Users\Daan\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001Core" [C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2547576824-2822473822-575604738-1001UA" [C:\Users\Daan\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\SysNative\tasks\{1E51CDA4-BB6A-42E8-B8F7-577844F8101E}" [C:\Users\Daan\Desktop\Photoshop.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Daan\AppData\Roaming\TomTom\HOME\Profiles\fzijek1q.default - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ExtDir: C:\Users\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[] ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\SysWOW64\mjcm\SweetNT.crx[24/06/2014 15:09] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[] Torntv - Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf SweetIM for Facebook - Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn SweetPacks Chrome Extension - Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj GoPhoto.it - Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk ==== Chromium Startpages ====================== C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.default-search.net?sid=476&aid=135&itype=a&ver=13337&tm=335&src=hmp", "startup_urls": [ "http://www.default-search.net?sid=476&aid=135&itype=a&ver=13337&tm=335&src=hmp" ], ==== Chrome Fix ====================== C:\Windows\SysWOW64\mjcm\SweetNT.crx deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jbpkiefagocgkmemidfngdkamloieekf_0.localstorage deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.default-search.net?sid=476&aid=135&itype=a&ver=13337&tm=335&src=hmp" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2547576824-2822473822-575604738-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6EF34C0188ECFA43B48A4BE9C00748E deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B6EF34C0188ECFA43B48A4BE9C00748E deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Daan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Daan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Daan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=407 folders=118 109200458 bytes) ==== Empty Temp Folders ====================== C:\Users\Daan\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Daan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Settings Manager\systemk\del_DM_LL_nsfED45.dll" not found "C:\PROGRA~2\Settings Manager\systemk\favicon.ico" not found "C:\PROGRA~2\Settings Manager\systemk\Helper.dll" not found "C:\PROGRA~2\Settings Manager\systemk\Internet Explorer Settings.exe" not found "C:\PROGRA~2\Settings Manager\systemk\smdmf.dll" not found "C:\PROGRA~2\Settings Manager\systemk\smdmfldr.dll" not found "C:\PROGRA~2\Settings Manager\systemk\smdmfldr_u.dll" not found "C:\PROGRA~2\Settings Manager\systemk\sysapcrt.dll" not found "C:\PROGRA~2\Settings Manager\systemk\systemkbho.dll" not found "C:\PROGRA~2\Settings Manager\systemk\systemkmgrc2.cfg" not found "C:\PROGRA~2\Settings Manager\systemk\SystemkService.exe" not found "C:\PROGRA~2\Settings Manager\systemk\systemku.exe" not found "C:\PROGRA~2\Settings Manager\systemk\tbicon.exe" not found "C:\PROGRA~2\Settings Manager\systemk\Uninstall.exe" not found "C:\PROGRA~2\Settings Manager\systemk\x64\del_DM_LL_nsfED45.dll" not found "C:\PROGRA~2\Settings Manager\systemk\x64\Internet Explorer Settings.exe" not found "C:\PROGRA~2\Settings Manager\systemk\x64\smdmf.dll" not found "C:\PROGRA~2\Settings Manager\systemk\x64\smdmfldr.dll" not found "C:\PROGRA~2\Settings Manager\systemk\x64\smdmfldr_u.dll" not found "C:\PROGRA~2\Settings Manager\systemk\x64\sysapcrt.dll" not found "C:\PROGRA~2\Settings Manager\systemk\x64\systemkbho.dll" not found "C:\PROGRA~2\Settings Manager\systemk\x64\systemkmgrc2.cfg" not found "C:\windows\SysNative\dmwu.exesearch" deleted "C:\PROGRA~2\Settings Manager" not found "C:\PROGRA~2\SweetIM" not found ==== EOF on wo 13/08/2014 at 12:12:51,59 ======================