
Zoek.exe v5.0.0.0 Updated 04-September-2014
Tool run by Dave on do 04-09-2014 at 21:02:46,14.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dave\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

4-9-2014 21:16:25 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handle within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\Program Files\iMesh Applications deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\TornTV.com deleted successfully
C:\Program Files\Windows Searchqu Toolbar deleted successfully
C:\Program Files\Zylom Games deleted successfully
C:\PROGRA~2\Babylon deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\Users\Dave\AppData\Roaming\337Games deleted successfully
C:\Users\Dave\AppData\Roaming\Nafeyv deleted successfully
C:\Users\Dave\AppData\Roaming\Uwyhx deleted successfully
C:\Users\Dave\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Dave\AppData\Local\PackageAware deleted successfully
C:\Users\Loressa\AppData\Local\VirtualStore deleted successfully
C:\Users\Loressa\AppData\Local\{0B1FB7CA-7186-4F34-8341-B60534CAD7EE} deleted successfully
C:\Users\Loressa\AppData\Local\{0DA4A482-7CD9-474B-A6AD-14D9568B937F} deleted successfully
C:\Users\Loressa\AppData\Local\{0E953F8E-6672-41F4-AA46-B1778886189F} deleted successfully
C:\Users\Loressa\AppData\Local\{0F271E06-66D2-4C85-9AA6-15DD7DD60C99} deleted successfully
C:\Users\Loressa\AppData\Local\{12D19276-E874-478F-9634-6E79F1FCE63D} deleted successfully
C:\Users\Loressa\AppData\Local\{13A48A46-4539-48F1-BC6B-4055071AF79A} deleted successfully
C:\Users\Loressa\AppData\Local\{147CB123-713C-46D4-909E-BF1AD5BE0FE8} deleted successfully
C:\Users\Loressa\AppData\Local\{1590CBC3-8859-4410-9CAE-C54E62485CC4} deleted successfully
C:\Users\Loressa\AppData\Local\{1D65989E-D6C1-4F31-AFD2-F2FA9DB3EF0D} deleted successfully
C:\Users\Loressa\AppData\Local\{25CEC9BD-1ACB-465F-AEDB-A5B11F47770B} deleted successfully
C:\Users\Loressa\AppData\Local\{261BA426-4ACA-4E48-9AA1-4C7939037E6D} deleted successfully
C:\Users\Loressa\AppData\Local\{2901EE62-DCF1-417D-BCF2-8A1A5799819D} deleted successfully
C:\Users\Loressa\AppData\Local\{29CC111D-A67C-4A85-9DF1-ECE75DE587E5} deleted successfully
C:\Users\Loressa\AppData\Local\{29F8D391-751A-4186-9EAD-CAEEDFA94241} deleted successfully
C:\Users\Loressa\AppData\Local\{2C160DAB-087C-4513-A233-84AB6710429A} deleted successfully
C:\Users\Loressa\AppData\Local\{30A2D369-B56B-40CE-98B5-B09C1C158734} deleted successfully
C:\Users\Loressa\AppData\Local\{3384E1B5-0F1E-4578-B3D5-B2C39D342531} deleted successfully
C:\Users\Loressa\AppData\Local\{440BF11F-B005-4E55-BBCD-C14CC2984BB1} deleted successfully
C:\Users\Loressa\AppData\Local\{4668C959-4175-49AE-A65B-B9AE26CE5E22} deleted successfully
C:\Users\Loressa\AppData\Local\{4C6F85FC-DD72-4226-8173-16A4781F848E} deleted successfully
C:\Users\Loressa\AppData\Local\{4EEB38F7-820B-4B0C-B988-209B9A6CB84B} deleted successfully
C:\Users\Loressa\AppData\Local\{53F8BC35-220C-419A-8DB4-492B95209019} deleted successfully
C:\Users\Loressa\AppData\Local\{55E364B2-2546-4829-8DFC-35135BA63EEC} deleted successfully
C:\Users\Loressa\AppData\Local\{574B0AEE-EB5B-4810-BB5C-0178128E47A3} deleted successfully
C:\Users\Loressa\AppData\Local\{5A2204EB-F3AC-497B-A03F-51471D805E77} deleted successfully
C:\Users\Loressa\AppData\Local\{5BCF58C3-36DA-4A9C-AC41-B4ED9B146FC3} deleted successfully
C:\Users\Loressa\AppData\Local\{61C89B10-D4FD-47D0-8CE7-63E36EC3FD5A} deleted successfully
C:\Users\Loressa\AppData\Local\{63230BF8-609C-44F4-AB95-0C00564BA533} deleted successfully
C:\Users\Loressa\AppData\Local\{69C6ACEF-2A8A-4898-9E1C-EAF51FD1669C} deleted successfully
C:\Users\Loressa\AppData\Local\{6C01E293-C344-4658-B6C5-1975BA86AB25} deleted successfully
C:\Users\Loressa\AppData\Local\{6DC10854-6155-4138-87DD-64FCCB339BBA} deleted successfully
C:\Users\Loressa\AppData\Local\{762CF42C-CFBA-4AFE-B952-EAC6BA855114} deleted successfully
C:\Users\Loressa\AppData\Local\{7C9FB087-3C65-48D6-9FE1-4F64758B386D} deleted successfully
C:\Users\Loressa\AppData\Local\{7D3059E8-E3FC-4537-B4D5-BE24C68B6303} deleted successfully
C:\Users\Loressa\AppData\Local\{810741D4-609D-47E9-AACF-3BBEB69E3FB1} deleted successfully
C:\Users\Loressa\AppData\Local\{81DA6978-4E0A-4AFB-A39C-24CB06DC2563} deleted successfully
C:\Users\Loressa\AppData\Local\{82F41FF0-5AE3-4118-A6D7-EFB19BBEBF0C} deleted successfully
C:\Users\Loressa\AppData\Local\{8888352B-DE9B-4A68-B185-73E4C75EBB3E} deleted successfully
C:\Users\Loressa\AppData\Local\{8AE27C41-0146-4863-B309-A80956828D19} deleted successfully
C:\Users\Loressa\AppData\Local\{934D8A9F-E428-438A-99DB-63B476EAD807} deleted successfully
C:\Users\Loressa\AppData\Local\{94CC0137-60D3-4956-B21A-8109AD6CB008} deleted successfully
C:\Users\Loressa\AppData\Local\{A04DB229-2CC5-4939-B1F1-B71D1ED3B8A9} deleted successfully
C:\Users\Loressa\AppData\Local\{A2E2BF95-0B07-46F2-BDA8-D8CF65B58D76} deleted successfully
C:\Users\Loressa\AppData\Local\{A4431140-2442-4B40-AB4C-21D250612AB7} deleted successfully
C:\Users\Loressa\AppData\Local\{A8FBE91D-1A27-412A-B605-454D4E043CF1} deleted successfully
C:\Users\Loressa\AppData\Local\{A9FD57CF-BD01-405D-BE32-3BC3305EE98F} deleted successfully
C:\Users\Loressa\AppData\Local\{AA6BFDB8-B2E0-4297-BD3C-92915BFA9880} deleted successfully
C:\Users\Loressa\AppData\Local\{AC23AAD8-2AC7-4AD8-A5D5-82383BBDBE6E} deleted successfully
C:\Users\Loressa\AppData\Local\{AC93F28E-24EB-4FCD-A7EC-6741E3B25643} deleted successfully
C:\Users\Loressa\AppData\Local\{B795A0D2-5407-4E94-BEC7-1249DF69DBA4} deleted successfully
C:\Users\Loressa\AppData\Local\{B8BE084A-3244-4702-881C-7E8523E12660} deleted successfully
C:\Users\Loressa\AppData\Local\{BB473BE9-92FD-4D1A-B846-68D69E2A1A32} deleted successfully
C:\Users\Loressa\AppData\Local\{C13F77B8-8B86-4788-96C5-4278F320E628} deleted successfully
C:\Users\Loressa\AppData\Local\{CF401C56-168A-4CB7-A343-CC9714C6ECA1} deleted successfully
C:\Users\Loressa\AppData\Local\{D7AB92D4-F9EB-4237-A3CB-4BDD4BBB867B} deleted successfully
C:\Users\Loressa\AppData\Local\{D88A52FC-C25A-4728-94FA-CEFBA3E4D86F} deleted successfully
C:\Users\Loressa\AppData\Local\{D939DC86-CC11-4D54-9F36-36C63DD2DB6A} deleted successfully
C:\Users\Loressa\AppData\Local\{DA5EFBAB-884A-4C14-AEFB-070FCB00CFD6} deleted successfully
C:\Users\Loressa\AppData\Local\{E78DBAB7-1B95-445F-BFE6-DC5C83265ECE} deleted successfully
C:\Users\Loressa\AppData\Local\{E9D1E88A-3365-423B-B50C-ECEE86BB563B} deleted successfully
C:\Users\Loressa\AppData\Local\{EE13EA07-5E6F-4172-B5F1-ABD9D3A6EB0F} deleted successfully
C:\Users\Loressa\AppData\Local\{F11C46D9-1260-4F3E-96B0-0EFD57A23ECB} deleted successfully
C:\Users\Loressa\AppData\Local\{F199C6FA-A337-45D5-8CE7-201ABF2929B9} deleted successfully
C:\Users\Loressa\AppData\Local\{F3252782-1856-4B4B-AF37-9186E30C40C4} deleted successfully
C:\Users\Loressa\AppData\Local\{F3542BF7-1C44-4983-88C0-05F4FDED81D8} deleted successfully
C:\Users\Loressa\AppData\Local\{FC58E433-53CA-4FDE-AB1B-E589A01DAAF4} deleted successfully
C:\Users\Loressa\AppData\Local\{FFD3DD80-CADA-4DA1-962C-5B3E863E8754} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\ProgramData\IePluginService\PluginService.exe
C:\Windows\system32\atieclxx.exe
C:\ProgramData\IePluginServices\PluginService.exe
C:\ProgramData\WPM\wprotectmanager.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\ToolbarUpdater.exe
C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\BitLord 2\Bitlord files\bitlord.exe
C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\PROGRA~1\mcafee\msc\mcshell.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Users\Dave\Downloads\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.8 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.8 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wajam Internet Enhancer Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Wajam Internet Enhancer Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Wpm deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Loressa\AppData\Roaming\Mozilla\Firefox\Profiles\wrid2cuz.default

user.js not found
---- Lines ask.com removed from prefs.js ----
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.selectedEngine", "Ask.com");
---- Lines asktb removed from prefs.js ----
user_pref("extensions.asktb.ff-original-keyword-url", "");
---- FireFox user.js and prefs.js backups ---- 

prefs_04-09-2014_2150_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 
""=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Users\\Dave\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

C:\Program Files\Claro LTD deleted
C:\Program Files\AVG SafeGuard toolbar deleted
C:\ProgramData\IePluginServices deleted
C:\ProgramData\IePluginService deleted
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater deleted
C:\Program Files\Wajam deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\DTToolbar@toolbarnet.com deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\faststartff@gmail.com deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\ffxtlbr@claro.com deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\ffxtlbra@softonic.com deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\shortcutff@gmail.com deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\torntv@torntv.com deleted
C:\3e614fddcfc56a1174fc22091fea9b deleted
C:\Program Files\SearchProtect deleted
C:\Users\Dave\appdata\locallow\Claro LTD deleted
C:\PROGRA~2\6117 deleted
C:\PROGRA~2\RightClick deleted
C:\Program Files\GUT7DEF.tmp deleted
C:\Program Files\GUM7DBF.tmp deleted
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml deleted
C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml deleted
C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml deleted
C:\Program Files\DAEMON Tools Toolbar deleted
C:\Program Files\BearShare Applications\MediaBar deleted
C:\Program Files\SupTab deleted
C:\Program Files\Gophoto.it deleted
C:\Program Files\Ask.com deleted
C:\Program Files\Common Files\AVG Secure Search deleted
C:\install.exe deleted
C:\Users\Dave\AppData\Roaming\Uniblue deleted
C:\Users\Dave\AppData\Roaming\Smiley.ico deleted
C:\Users\Dave\AppData\Roaming\sweet-page deleted
C:\Users\Dave\AppData\Roaming\Babylon deleted
C:\Users\Dave\AppData\Roaming\Systweak deleted
C:\PROGRA~2\Browser Manager deleted
C:\PROGRA~2\Ask deleted
C:\PROGRA~2\WPM deleted
C:\PROGRA~2\IBUpdaterService deleted
C:\PROGRA~2\AVG Secure Search deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\Tarma Installer deleted
C:\Users\Dave\AppData\Local\GLF3036.tmp deleted
C:\Users\Dave\AppData\Local\CRE deleted
C:\Users\Dave\AppData\Local\Softonic deleted
C:\Users\Dave\AppData\Local\SearchProtect deleted
C:\Users\Dave\AppData\Local\BearShare deleted
C:\Users\Dave\AppData\Local\CrashRpt deleted
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx deleted
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx deleted
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx deleted
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam deleted
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\Dave\Downloads\SoftonicDownloader_voor_coreldraw.exe deleted
C:\Users\Dave\AppData\LocalLow\searchquband deleted
C:\Users\Dave\AppData\LocalLow\Delta deleted
C:\Users\Dave\AppData\LocalLow\Softonic deleted
C:\Users\Loressa\AppData\LocalLow\Claro LTD deleted
C:\Users\Loressa\AppData\LocalLow\mediabarbs deleted
C:\Users\Loressa\AppData\LocalLow\searchquband deleted
C:\Users\Loressa\AppData\LocalLow\searchqutoolbar deleted
C:\Users\Loressa\AppData\LocalLow\Delta deleted
C:\Windows\wininit.ini deleted
C:\end deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\roboot.exe deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\Dave\Desktop\SoftonicDownloader_voor_daemon-tools.exe deleted
"C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\askcom.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\babylon.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\BearShareWebSearch.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\daemon-search.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\delta.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\SearchquWebSearch.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\searchplugins\trovi-search.xml" deleted
"C:\Users\Dave\AppData\Roaming\Feer\hiry.deo" deleted
"C:\Program Files\BitLord 2\Bitlord files\atk.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\bitlord.exe" deleted
"C:\Program Files\BitLord 2\Bitlord files\cairo._cairo.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\freetype6.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\gio._gio.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\glib._glib.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\gobject._gobject.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\gtk.glade.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\gtk._gtk.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\icudt.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\intl.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libatk-1.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libcairo-2.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libcef.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\LIBEAY32.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libexpat-1.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libfontconfig-1.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgdk-win32-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgdk_pixbuf-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgio-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libglade-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libglib-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgmodule-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgobject-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgthread-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libgtk-win32-2.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libpango-1.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libpangocairo-1.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libpangoft2-1.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libpangowin32-1.0-0.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libpng14-14.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libtorrent.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\libvlc.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libvlccore.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\libxml2-2.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\lxml.etree.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\OpenSSL.crypto.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\OpenSSL.rand.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\OpenSSL.SSL.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\pango.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\pangocairo.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\pyexpat.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\pyHook._cpyHook.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\python26.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\pythoncom26.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\pywintypes26.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\select.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\SSLEAY32.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\twisted.python._initgroups.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\win32api.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\win32com.shell.shell.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\win32event.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\win32file.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\win32gui.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\win32process.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\winxpgui.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\zlib1.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\_ctypes.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\_hashlib.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\_socket.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\_ssl.pyd" deleted
"C:\Program Files\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines\libclearlooks.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines\libpixmap.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\plugins\audio_output\libaout_directx_plugin.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\plugins\video_output\libdirectx_plugin.dll" deleted
"C:\Program Files\BitLord 2\Bitlord files\zope.interface-4.0.1-py2.6-win32.egg\zope\interface\_zope_interface_coptimizations.pyd" deleted
"C:\Users\Dave\AppData\Roaming\BitLord\BrowserCache\Cookies" deleted
"C:\Users\Dave\AppData\Roaming\BitLord\BrowserCache\Local Storage\https_www.youtube-nocookie.com_0.localstorage" deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \DMT NFO, Read before Playing.txt" not deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \dmt4.png" not deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \jojo.png" not deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \The.Blacklist.S01E15.avi" not deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 16 HDTV (XviD) NL Subs DMT \The Blacklist 1x16.avi" not deleted
"C:\Users\Dave\AppData\Roaming\Feer" deleted
"C:\Program Files\BitLord 2" deleted
"C:\Users\Dave\AppData\Roaming\BitLord" deleted
"C:\Users\Dave\Documents\BitLord" deleted
"C:\Program Files\BitLord 2\Bitlord files" deleted
"C:\Program Files\BitLord 2\Bitlord files\lib" deleted
"C:\Program Files\BitLord 2\Bitlord files\plugins" deleted
"C:\Program Files\BitLord 2\Bitlord files\zope.interface-4.0.1-py2.6-win32.egg" deleted
"C:\Program Files\BitLord 2\Bitlord files\lib\gtk-2.0" deleted
"C:\Program Files\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0" deleted
"C:\Program Files\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines" deleted
"C:\Program Files\BitLord 2\Bitlord files\plugins\audio_output" deleted
"C:\Program Files\BitLord 2\Bitlord files\plugins\video_output" deleted
"C:\Program Files\BitLord 2\Bitlord files\zope.interface-4.0.1-py2.6-win32.egg\zope" deleted
"C:\Program Files\BitLord 2\Bitlord files\zope.interface-4.0.1-py2.6-win32.egg\zope\interface" deleted
"C:\Users\Dave\AppData\Roaming\BitLord\BrowserCache" deleted
"C:\Users\Dave\AppData\Roaming\BitLord\BrowserCache\Local Storage" deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT " deleted
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 16 HDTV (XviD) NL Subs DMT " deleted

==== System Specs ======================

Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601)
Memory (RAM): 1791 MB
CPU Info: AMD Athlon(tm) X2 Dual-Core QL-65
CPU Speed: 2132,1 MHz
Sound Card: Luidsprekers (High Definition A | 
Digitale audio (S/PDIF) (High D | 
Display Adapters: ATI Radeon HD 3200 Graphics  | ATI Radeon HD 3200 Graphics  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR5B91 Wireless Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet
CD / DVD Drives: 3x (D: | E: | F: | ) D: TSSTcorpCDDVDW TS-L633B  | E: QFOX    GHMZ8TIF8P       | F: EZBSYS  ISO CDVD DRIVE
Ports: COM3 LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  139,3GB
Hard Disks - Free: C:  10,6GB
Manufacturer *: Phoenix Technologies LTD
BIOS Info: AT/AT COMPATIBLE | 06/22/09 | ACRSYS - 6040000
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer            JM70PU
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: McAfee VirusScan On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: McAfee VirusScan disabled (Outdated)
Firewall: McAfee Personal Firewall disabled
Default Browser: Google Chrome	36.0.1985.143
Internet Explorer Version: 11.0.9600.17239 
Mozilla Firefox version: 25.0 (x86 nl)
Google Chrome version: 36.0.1985.143
Adobe Reader version: 10.1.8.24
Flash Player version: 14.0.0.145

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-09-04 12:34:28	6461C8FA72DB3E00633233508424C6AA	262492104	----a-w-	C:\Windows\MEMORY.DMP
====== C:\Users\Dave\AppData\Local\Temp ====
2014-09-03 19:14:40	18184AA21F0A2BF0E4A2681A362B00B3	503	----a-w-	C:\Users\Dave\AppData\Local\Temp\{79756138-71A2-45E7-8C7D-338A98C0C60A}-37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-01 18:17:45	949AF3E92B8ADF423A222F4A27A41A30	115137	----a-w-	C:\Users\Dave\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-08-28 15:20:16	DBF9369D554A229DB0D554BB95A4B0AA	305152	----a-w-	C:\Windows\System32\gdi32.dll
2014-08-28 15:20:16	7DA17C38F8B8F2E89F52C1A08FD447EB	2352640	----a-w-	C:\Windows\System32\win32k.sys
2014-08-22 08:03:52	FB034DE7F0D706EBA9513D8ED7478ACB	580712	------w-	C:\Windows\System32\HPDiscoPM5D12.dll
====== C:\Windows\system32\drivers =====
2014-08-15 17:24:24	3583A5A8CC2E682BFFBD4630D0FEC08B	730048	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-15 17:24:23	0EC652D17AB4607745FB4E6958E8FAB6	219072	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
====== C:\Windows\Tasks ======
2014-09-01 15:56:52	A19F1A7B2827D5F56893CFA45796F9A3	3136	----a-w-	C:\Windows\system32\Tasks\{27B5B695-7728-48E7-A1C3-FCF26B521AB5}
2014-08-22 08:05:09	5B4702A6C7A866B1AE29583C16957FDF	3612	----a-w-	C:\Windows\system32\Tasks\HPCustParticipation HP Officejet 6600
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-01 18:31:07	--------	d-----w-	C:\Program Files\Trend Micro
2014-08-22 08:03:01	--------	d-----w-	C:\Program Files\HP
======= C: =====
====== C:\Users\Dave\AppData\Roaming ======
2014-08-22 08:03:59	--------	d-----w-	C:\Users\Dave\AppData\Roaming\HpUpdate
2014-08-22 08:00:27	--------	d-----w-	C:\Users\Dave\AppData\Local\HP
====== C:\Users\Dave ======
2014-09-04 13:06:54	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Dave\Downloads\RSIT.exe
2014-08-22 08:03:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-22 08:03:05	--------	d-----w-	C:\ProgramData\HP
2014-08-22 08:01:36	365B8FF321522429EFCBCA645B1B1366	57	----a-w-	C:\ProgramData\Ament.ini

====== C: exe-files ==
2014-09-04 17:55:41	2FB742C226D0474202D28A5724E6CA4B	7235664	----a-w-	C:\Users\Dave\AppData\Local\Google\Update\Install\{D9FD8131-6858-49A0-9C37-F59B4704057A}\37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-04 17:55:41	2FB742C226D0474202D28A5724E6CA4B	7235664	----a-w-	C:\Users\Dave\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_36.0.1985.143_chrome_updater.exe
2014-09-04 13:07:30	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\Trend Micro\Dave.exe
2014-09-04 13:06:54	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Dave\Downloads\RSIT.exe
2014-09-03 19:14:40	18184AA21F0A2BF0E4A2681A362B00B3	503	----a-w-	C:\Users\Dave\AppData\Local\Temp\{79756138-71A2-45E7-8C7D-338A98C0C60A}-37.0.2062.103_36.0.1985.143_chrome_updater.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"Google Update"="C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"Google Update"="C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Badoo Desktop]
"hkey"="HKCU"
"command"="C:\\ProgramData\\Badoo\\Badoo Desktop\\1.6.55.1183\\Badoo.Desktop.exe"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Badoo Desktop"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ccleaner]
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /AUTO"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ccleaner"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"hkey"="HKCU"
"command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GameXN GO]
"hkey"="HKCU"
"command"="\"C:\\ProgramData\\GameXN\\GameXNGO.exe\" /startup"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GameXN GO"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Dave\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InCD"
"hkey"="HKLM"
"command"="C:\\Program Files\\Nero\\Nero 7\\InCD\\InCD.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"hkey"="HKCU"
"command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"hkey"="HKLM"
"command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroFilterCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCSpeedUp]
"hkey"="HKCU"
"command"="C:\\Program Files\\PC Speed Up\\PCSUNotifier.exe"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PCSpeedUp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sidebar"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
"path"="C:\\Users\\Dave\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\LimeWire On Startup.lnk"
"backup"="C:\\Windows\\pss\\LimeWire On Startup.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\LimeWire\\LimeWire.exe -startup"
"item"="LimeWire On Startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
"path"="C:\\Users\\Dave\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk"
"backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\MICROS~1\\Office12\\ONENOTEM.EXE /tsr"
"item"="OneNote 2007 Schermopname en Snel starten"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26-07-2014 22:13]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-120216411-2354588390-742622831-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-120216411-2354588390-742622831-1000UA.job --a------ C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [18-03-2010 20:52]
C:\Windows\tasks\McDefragTask.job --a------ C:\progra1\mcafee\mqc\QcConsol.exe []
C:\Windows\tasks\McQcTask.job --a------ C:\progra1\mcafee\mqc\QcConsol.exe []
C:\Windows\tasks\SDMsgUpdate (TE).job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AdobeFlashPlayerUpdate" [C:\Windows\system32\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\system32\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-120216411-2354588390-742622831-1000Core" [C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-120216411-2354588390-742622831-1000UA" [C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HPCustParticipation HP Officejet 6600" ["C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe"]
"C:\Windows\system32\tasks\McDefragTask" [c:\progra~1\mcafee\mqc\QcConsol.exe]
"C:\Windows\system32\tasks\McQcTask" [c:\progra~1\mcafee\mqc\QcConsol.exe]
"C:\Windows\system32\tasks\SDMsgUpdate (TE)" [C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\{192A83A5-B047-4FA2-88CE-EC0D040FAC4F}" [C:\Program Files\Skype\\Phone\Skype.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"shortcutff@gmail.com"="C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default\extensions\shortcutff@gmail.com" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 12:36]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\i7n7m5u6.default
4390CCD3790F8D9C427C0C29590C62D7	- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll -	Shockwave Flash
FB5621842FDABF9F8359775573498FBC	- C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll -	Google Update
785105A23650755A8F7A72405EB0D923	- C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll -	Google Update
0CA4180B21C6B728578F3B0433BB740E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
04ACC61B47857E779CD92D1D88770BF1	- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
77B09C2C6F407531447DA75E3ACD1C5B	- C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
C517E5EA7CEE783F3681F62D2A362E5B	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81	- C:\Program Files\Microsoft\Office Live\npOLW.dll -	Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
99F97C9FE748C37528C338A423577FCB	- C:\Users\Dave\AppData\Roaming\Mozilla\plugins\np-mswmp.dll -	Microsoft� Windows Media Player Firefox Plugin


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ainbkicbloikcngphmjfpjdemblcojdd - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx[]
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files\TornTV.com\torn11.crx[]
ogfjmhfnldnajmfaofeiaepghjenbgjo - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx[]
ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Dave\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[]
pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx[]
pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files\Gophoto.it\gophotoit14.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Dave\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[]

Show the YouTube Channel bar or the name. - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn
YouTube - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
MSS+ Extension - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Google Search - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Extended Protection - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Vuze Remote - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
GoPhoto.it - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Gmail - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Ask Toolbar - Dave\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne
DropToS - Dave\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo
Savings Sidekick - Dave\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Torntv - Dave\AppData\Local\Torch\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Torch Helper - Dave\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg
Torch Music - Dave\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed
Vuze Remote - Dave\AppData\Local\Torch\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
GoPhoto.it - Dave\AppData\Local\Torch\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

==== Chromium Startpages ======================

C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://mysearch.avg.com?cid={27C7E3FA-D424-409B-9FF8-DA2A2A3D8179}&mid=321579db0b0447d2a81fd156505aac32-ef4455af782fa72b28249ad9eed73c4771006a07&lang=en&ds=ft013&coid=avgtbdisft&cmpid=&pr=sa&d=2014-07-26 21:53:44&v=18.1.8.643&pid=safeguard&sg=&sap=hp",
"startup_urls": [ "https://www.google.nl/" ],

C:\Users\Dave\AppData\Local\Torch\User Data\Default\Preferences
"homepage": "http://home.torchbrowser.com/?systemid=448&appid=144&ua=Torch&clid={CD9E368C-0795-4571-9976-376B34367A96}",
"urls_to_restore_on_startup": [ "http://home.torchbrowser.com/?systemid=448&appid=144&ua=Torch&clid={CD9E368C-0795-4571-9976-376B34367A96}" ]


==== Chrome Fix ======================

C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.claro-search.com_0.localstorage-journal deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_jbpkiefagocgkmemidfngdkamloieekf_0.localstorage deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_jbpkiefagocgkmemidfngdkamloieekf_0.localstorage-journal deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ojpijjmpahflnipadmlpgbjmagmjchkk_0.localstorage deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_pfmopbbadnfoelckkcmjjeaaegjpjjbk_0.localstorage deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_pfmopbbadnfoelckkcmjjeaaegjpjjbk_0.localstorage-journal deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0.localstorage-journal deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0.localstorage deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0.localstorage-journal deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0 deleted successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.trovi.com/?gd=&ctid=CT3319597&octid=EB_ORIGINAL_CTID&ISID=bb73f1aa-85d6-4b57-9787-3aa5eb6ed26f&SearchSource=55&CUI=&UM=5&UP=&SSPV="
"Search Page"="http://search.delta-homes.com/web/?type=ds&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1397309158&from=cor&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX&q={searchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX"
"Start Page"="http://www.delta-homes.com/?type=hp&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX"
"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1397309158&from=cor&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX&q={searchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nl"
{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} Unknown  Url="Not_Found"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} Unknown  Url="Not_Found"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} deleted successfully
HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-120216411-2354588390-742622831-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\shortcutff@gmail.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Dave\Desktop\BitLord.lnk - C:\Program Files\BitLord 2\Bitlord files\bitlord.exe 
C:\Users\Dave\Desktop\Edraw Max.lnk - C:\Program Files\Edraw Max\Edraw.exe 
C:\Users\Dave\Desktop\HiJackThis.lnk - C:\Users\Dave\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 
C:\Users\Dave\Desktop\MPC-HC.lnk - C:\Program Files\MPC-HC\mpc-hc.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Benodigdheden kopen - HP Officejet 6600.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\hpqDTSS.exe 
C:\Users\Public\Desktop\HP Officejet 6600.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\HP Officejet 6600.exe -Start UDCDevicePage
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\Kies.exe 
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe 
C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files\Vuze\Azureus.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Dave\AppData\Local\Google\Chrome\Application\chrome.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Dave\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-registratie.lnk - C:\Program Files\HP\IrisOCR_12.3.4.0\regipe.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk - C:\Program Files\HP\HP Software Update\hpwucli.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\Benodigdheden kopen.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\hpqDTSS.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\Help.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\HelpViewer\hpqlpvwr.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\HP Officejet 6600.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\HP Officejet 6600.exe -Start UDCDevicePage
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\HP Onderzoek productverbetering.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe /changesettings /UA 9.5 /DDV 0x1000
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\HP Scan.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\HPScan.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\IP-adres bijwerken.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe /changeip ""
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\Online-Help voor draadloos afdrukken.lnk - C:\Program Files\HP\HP Officejet 6600\WirelessEasyShortcut.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\Printer instellen en software.lnk - C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetupLauncher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\Verwijderen.lnk - C:\Windows\System32\msiexec.exe /qb /x {2C8F33AF-1AAF-4BBA-A2B0-25DF8BAA113E}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\Website productondersteuning.lnk - C:\Program Files\HP\HP Officejet 6600\ProductSupportShortcut.url 

==== shortcuts in Quick Launch ======================

C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8  
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8  
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\Kies.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files\Vuze\Azureus.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Dave\AppData\Local\Google\Chrome\Application\chrome.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts=1402593258&from=wpm0612&uid=HitachiXHTS543216L9A300_090817FB2200VCGK5UAAX
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Nero Vision.lnk - C:\Program Files\Nero\Nero 7\Nero Vision\NeroVision.exe -ScParameter=8  
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe 
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe 
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\XPS Viewer.lnk - C:\Windows\system32\xpsrchvw.exe 
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Loressa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe 

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5595B33C-09D5-700B-1FAC-99B45166F374} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ainbkicbloikcngphmjfpjdemblcojdd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\claro deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp deleted successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.8\ViProtocol.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

==== Empty IE Cache ======================

C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Loressa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Loressa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Loressa\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Loressa\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\i7n7m5u6.default\Cache emptied successfully
C:\Users\Loressa\AppData\Local\Mozilla\Firefox\Profiles\wrid2cuz.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Dave\AppData\Local\Torch\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4281 folders=852 4392136259 bytes)

==== Empty Temp Folders ======================

C:\Users\Dave\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Loressa\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dave\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \DMT NFO, Read before Playing.txt"  not found
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \dmt4.png"  not found
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \jojo.png"  not found
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 15 HDTV (XviD) NL Subs DMT \The.Blacklist.S01E15.avi"  not found
"C:\Users\Dave\Documents\BitLord\The Blacklist. Seizoen1 Afl 16 HDTV (XviD) NL Subs DMT \The Blacklist 1x16.avi"  not found

==== EOF on do 04-09-2014 at 22:35:40,97 ======================