Zoek.exe v5.0.0.0 Updated 26-09-2014 Tool run by Pelle Ladrak on vr 26-09-2014 at 15:04:46,07. Microsoft Windows 7 Starter 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Pelle Ladrak\Downloads\zoek (1).exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 26-9-2014 15:13:16 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Babylon C:\Users\Pelle Ladrak\AppData\Roaming\.minecraft C:\Users\Pelle Ladrak\AppData\Roaming\Download Manager C:\Users\Pelle Ladrak\AppData\Roaming\Windows Live Writer ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Internet Explorer\SearchScopes\{737BF2AF-335C-48CB-97F1-33493174E6BC} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ADCCA5AA-A792-4D26-B9EC-48108FD776AC} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BB184E6D-26D1-461A-9226-B93CA8DA2AF9} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BB184E6D-26D1-461A-9226-B93CA8DA2AF9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{BB184E6D-26D1-461A-9226-B93CA8DA2AF9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB184E6D-26D1-461A-9226-B93CA8DA2AF9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\PELLEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default ---- Lines Softonic removed from prefs.js ---- user_pref("browser.search.selectedEngine", "Search the web (Softonic)"); user_pref("browser.startup.homepage", "http://search.softonic.com/MON00087/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.admin", false); user_pref("extensions.Softonic.aflt", "SD"); user_pref("extensions.Softonic.autoRvrt", "false"); user_pref("extensions.Softonic.cntry", "NL"); user_pref("extensions.Softonic.cv", "cv5"); user_pref("extensions.Softonic.dfltLng", "nl"); user_pref("extensions.Softonic.dfltSrch", true); user_pref("extensions.Softonic.dfltlng", "nl"); user_pref("extensions.Softonic.dfltsrch", true); user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)"); user_pref("extensions.Softonic.dspOld", ""); user_pref("extensions.Softonic.envrmnt", "production"); user_pref("extensions.Softonic.excTlbr", false); user_pref("extensions.Softonic.hdrMd5", "3E4DF0D91942CC27C049E35452669B3B"); user_pref("extensions.Softonic.hmpg", true); user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/MON00087/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.hpOld", ""); user_pref("extensions.Softonic.hrdid", "d8f8b8ab000000000000002682f48112"); user_pref("extensions.Softonic.id", "d8f8b8ab000000000000002682f48112"); user_pref("extensions.Softonic.instlDay", "15559"); user_pref("extensions.Softonic.instlRef", "MON00087"); user_pref("extensions.Softonic.instlday", "15559"); user_pref("extensions.Softonic.instlref", "MON00087"); user_pref("extensions.Softonic.isdcmntcmplt", "false"); user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=2&cc=&q="); user_pref("extensions.Softonic.keywordurl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=2&cc=&q="); user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.421:12:30"); user_pref("extensions.Softonic.mntrvrsn", "1.3.0"); user_pref("extensions.Softonic.newTab", true); user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=15&cc="); user_pref("extensions.Softonic.newtab", true); user_pref("extensions.Softonic.newtaburl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=15&cc="); user_pref("extensions.Softonic.prdct", "Softonic"); user_pref("extensions.Softonic.propectorlck", 86351976); user_pref("extensions.Softonic.prtkhmpg", 1); user_pref("extensions.Softonic.prtnrId", "softonic"); user_pref("extensions.Softonic.prtnrid", "softonic"); user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings"); user_pref("extensions.Softonic.savedVrsnTs", "1"); user_pref("extensions.Softonic.sg", "tz"); user_pref("extensions.Softonic.smplGrp", "none"); user_pref("extensions.Softonic.smplgrp", "none"); user_pref("extensions.Softonic.srch", ""); user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)"); user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)"); user_pref("extensions.Softonic.tlbrId", "base"); user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=1&cc=&q="); user_pref("extensions.Softonic.tlbrid", "base"); user_pref("extensions.Softonic.tlbrsrchurl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=1&cc=&q="); user_pref("extensions.Softonic.vrsn", "1.6.7.4"); user_pref("extensions.Softonic.vrsnTs", "1.6.7.421:12:30"); user_pref("extensions.Softonic.vrsni", "1.6.7.4"); user_pref("extensions.Softonic.vrsnts", "1.6.7.421:12:30"); user_pref("extensions.Softonic_i.dnsErr", true); user_pref("extensions.Softonic_i.hmpg", true); user_pref("extensions.Softonic_i.newTab", true); user_pref("extensions.Softonic_i.smplGrp", "none"); user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.421:12:30"); user_pref("keyword.URL", "http://search.softonic.com/MON00087/tb_v1?SearchSource=2&cc=&q="); ---- Lines Softonic modified from prefs.js ---- user_pref("extensions.enabledAddons", "ffxtlbra@softonic.com:1.6.0,specialsavings@vshsolutions.com:2.0.0,plugin@yontoo.com:1.20.02,7go@7go.com:3.0.0.0 user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program ---- Lines Softonic removed from user.js ---- user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings"); user_pref("extensions.Softonic.autoRvrt", "false"); user_pref("extensions.Softonic_i.hmpg", true); user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.hpOld", ""); user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/MON00087/tb_v1?SearchSource=13&cc="); user_pref("extensions.Softonic.dfltSrch", true); user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)"); user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=2&cc=&q="); user_pref("extensions.Softonic.dspOld", ""); user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)"); user_pref("extensions.Softonic_i.dnsErr", true); user_pref("extensions.Softonic_i.newTab", true); user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=15&cc="); user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/MON00087/tb_v1?SearchSource=1&cc=&q="); user_pref("extensions.Softonic.id", "d8f8b8ab000000000000002682f48112"); user_pref("extensions.Softonic.instlDay", "15559"); user_pref("extensions.Softonic.vrsn", "1.6.7.4"); user_pref("extensions.Softonic.vrsni", "1.6.7.4"); user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.421:12:30"); user_pref("extensions.Softonic.prtnrId", "softonic"); user_pref("extensions.Softonic.prdct", "Softonic"); user_pref("extensions.Softonic.aflt", "SD"); user_pref("extensions.Softonic_i.smplGrp", "none"); user_pref("extensions.Softonic.tlbrId", "base"); user_pref("extensions.Softonic.instlRef", "MON00087"); user_pref("extensions.Softonic.dfltLng", "nl"); user_pref("extensions.Softonic.excTlbr", false); user_pref("extensions.Softonic.admin", false); ---- Lines y2layers removed from prefs.js ---- user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); user_pref("extentions.y2layers.installId", "67999f69-c66d-4a98-b9e9-524eb3a54cc1"); ---- Lines y2layers removed from user.js ---- user_pref("extentions.y2layers.installId", "67999f69-c66d-4a98-b9e9-524eb3a54cc1"); user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers"); ---- Lines yontoo modified from prefs.js ---- user_pref("extensions.enabledAddons", "ffxtlbra@disabled.com:1.6.0,specialsavings@vshsolutions.com:2.0.0,plugin@yontoo.com:1.20.02,7go@7go.com:3.0.0.0 user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program ---- Lines specialsavings removed from prefs.js ---- user_pref("extensions.special_savings_fx.dataBase", "{\"cc_dbfetch\":\"720\",\"cc_dburl\":\"http:\\/\\/www.specialsavings.com\\/couponc\\/addon.php\", user_pref("extensions.special_savings_fx.databaseLink", "http://www.specialsavings.com/couponc/addon.php"); user_pref("extensions.special_savings_fx.databaseLinkResult", "{\"cc_dbfetch\":\"10\",\"cc_dburl\":\"http:\\/\\/www.specialsavings.com\\/couponc\\/add ---- Lines specialsavings modified from prefs.js ---- user_pref("extensions.enabledAddons", "ffxtlbra@disabled.com:1.6.0,specialsavings@vshsolutions.com:2.0.0,plugin@disabled.com:1.20.02,7go@7go.com:3.0.0 user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program ---- Lines special_savings removed from prefs.js ---- user_pref("extensions.special_savings_fx.expiresAfter", "720"); user_pref("extensions.special_savings_fx.isFirstRun", "false"); user_pref("extensions.special_savings_fx.lastUpdated", 1370367406); ---- Lines SpeedAnalysis removed from prefs.js ---- user_pref("extensions.speedanalysis03@SpeedAnalysis.com.id", "\"7f620675-7951-9f34-b6b4-17c69a69df5f\""); user_pref("extensions.speedanalysis03@SpeedAnalysis.com.mzID", "81"); user_pref("extensions.speedanalysis03@SpeedAnalysis.com.uuid", "\"18343602-418b-11e4-a5f1-0025901ef77c\""); ---- Lines SpeedAnalysis modified from prefs.js ---- user_pref("extensions.enabledAddons", "ffxtlbra@disabled.com:1.6.0,disabled@vshsolutions.com:2.0.0,plugin@disabled.com:1.20.02,7go@7go.com:3.0.0.0,spe user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program ---- FireFox user.js and prefs.js backups ---- user_26-09-2014_1611_.backup prefs_26-09-2014_1611_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== C:\Program Files\BabylonToolbar deleted C:\Program Files\PC Performer deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer deleted C:\Program Files\Softonic deleted C:\Users\Pelle Ladrak\appdata\locallow\Softonic deleted C:\Program Files\7Go Games deleted C:\Program Files\SpecialSavings deleted C:\Program Files\Yontoo deleted C:\Program Files\Speed Analysis 3 deleted C:\Program Files\File Scout deleted C:\user.js deleted C:\Users\Pelle Ladrak\AppData\Roaming\7go deleted C:\Users\Pelle Ladrak\AppData\Roaming\speedanalysis.ico deleted C:\Users\Pelle Ladrak\AppData\Roaming\SpecialSavings deleted C:\Users\Pelle Ladrak\AppData\Roaming\SpeedAnalysis3 deleted C:\Users\Pelle Ladrak\AppData\Roaming\Babylon deleted C:\Users\Pelle Ladrak\AppData\Roaming\File Scout deleted C:\Users\Pelle Ladrak\AppData\Roaming\PerformerSoft deleted C:\PROGRA~2\BrowserDefender deleted C:\PROGRA~2\Tarma Installer deleted C:\PROGRA~2\Babylon deleted C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences deleted C:\Windows\System32\Tasks\PC Performer deleted C:\Windows\System32\Tasks\PC Performer_DEFAULT deleted C:\Windows\System32\Tasks\PC Performer_UPDATES deleted C:\Users\Pelle Ladrak\Downloads\iLividSetup-r338-n-bc.exe deleted C:\Users\Pelle Ladrak\Downloads\SoftonicDownloader_voor_ashampoo-home-designer-pro.exe deleted C:\Windows\tasks\PC Performer_DEFAULT.job deleted C:\Windows\tasks\PC Performer_UPDATES.job deleted C:\Windows\system32\roboot.exe deleted C:\Users\PELLEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\bProtector_extensions.sqlite deleted C:\Users\PELLEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\extensions\ffxtlbra@softonic.com deleted C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\extensions\plugin@yontoo.com.xpi deleted C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com deleted C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\extensions\speedanalysis03@SpeedAnalysis.com.xpi deleted "C:\Users\PELLEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\searchplugins\softonic.xml" deleted "C:\PROGRA~2\IBUpdaterService\ibsvc.exe" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\apache-mime4j-0.6.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\bdiff.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\commons-codec-1.3.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\commons-logging-1.1.1.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\fast-md5.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\gettext-commons-0.9.6.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\hsqldb.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\httpclient-4.0.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\httpcore-4.0.1.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\httpmime-4.0.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\jacob.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\jdic.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\jdic_stub.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\jetty-6.1.7.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\jetty-util-6.1.7.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\messages.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\servlet-api-2.5-6.1.7.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\snakeyaml-1.5.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\sqlitejdbc.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\stringtree-json-2.0.9.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\swt.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\windowsapi.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\windowsfolderwatcher.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\WindowsZFSJNI.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\zecter-desktop.jar" deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe" deleted "C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" deleted "C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe" deleted "C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.dll" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\LocalizeExtension.dll" deleted "C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe" deleted "C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe" deleted "C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe" deleted "C:\Program Files\Hewlett-Packard\Shared\hputils.dll" deleted "C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll" deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\NL\HPWA_Main.resources.dll" deleted "C:\Program Files\Java\jre6\bin\hpi.dll" deleted "C:\Program Files\Java\jre6\bin\java.dll" deleted "C:\Program Files\Java\jre6\bin\net.dll" deleted "C:\Program Files\Java\jre6\bin\nio.dll" deleted "C:\Program Files\Java\jre6\bin\sunmscapi.dll" deleted "C:\Program Files\Java\jre6\bin\verify.dll" deleted "C:\Program Files\Java\jre6\bin\zip.dll" deleted "C:\Program Files\Java\jre6\lib\jce.jar" deleted "C:\Program Files\Java\jre6\lib\jsse.jar" deleted "C:\Program Files\Java\jre6\lib\resources.jar" deleted "C:\Program Files\Java\jre6\lib\rt.jar" deleted "C:\Program Files\Java\jre6\bin\client\classes.jsa" deleted "C:\Program Files\Java\jre6\bin\client\jvm.dll" deleted "C:\Program Files\Java\jre6\lib\ext\dns_sd.jar" deleted "C:\Program Files\Java\jre6\lib\ext\QTJava.zip" deleted "C:\Program Files\Java\jre6\lib\ext\sunjce_provider.jar" deleted "C:\Program Files\Java\jre6\lib\ext\sunmscapi.jar" deleted "C:\Program Files\Hewlett-Packard" not deleted "C:\Program Files\Java" deleted "C:\PROGRA~2\IBUpdaterService" not deleted "C:\Program Files\Hewlett-Packard\HP CloudDrive" not deleted "C:\Program Files\Hewlett-Packard\HP Quick Launch" not deleted "C:\Program Files\Hewlett-Packard\HP Support Framework" not deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant" not deleted "C:\Program Files\Hewlett-Packard\Shared" not deleted "C:\Program Files\Hewlett-Packard\HP Support Framework\Resources" not deleted "C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger" not deleted "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\NL" deleted "C:\Program Files\Java\jre6" deleted "C:\Program Files\Java\jre6\bin" deleted "C:\Program Files\Java\jre6\lib" deleted "C:\Program Files\Java\jre6\bin\client" deleted "C:\Program Files\Java\jre6\lib\ext" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\PELLEL~1\AppData\Local\Temp ==== 2014-09-21 13:03:49 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Temp\6096_6894\GoogleUpdateSetup.exe 2014-09-21 13:03:49 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Temp\6096_6894\ChromeRecovery.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-22 18:57:18 -------- d-----w- C:\Program Files\trend micro 2014-09-22 18:02:34 -------- d-----w- C:\Program Files\Common Files\DESIGNER ======= C: ===== ====== C:\Users\Pelle Ladrak\AppData\Roaming ====== ====== C:\Users\Pelle Ladrak ====== ====== C: exe-files == 2014-09-26 13:03:08 71C14E9AF745997E22191855A011ADA2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-408470767-2149584084-2631582878-1000\$IRT2DSV.exe 2014-09-26 09:28:14 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Google\Update\Install\{29CCBD34-9EB4-4106-9A74-8A220ADA52A1}\37.0.2062.124_37.0.2062.120_chrome_updater.exe 2014-09-26 09:28:14 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe 2014-09-26 09:26:13 24388D5BF117C1B46FAABA36358EFEE6 1290752 ----a-w- C:\$Recycle.Bin\S-1-5-21-408470767-2149584084-2631582878-1000\$RRT2DSV.exe 2014-09-22 18:57:30 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Pelle Ladrak.exe 2014-09-21 15:50:57 E8A50A9E177661FA99EE0871C3B16FDB 39982160 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.120\37.0.2062.120_chrome_installer.exe 2014-09-21 13:03:49 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Temp\6096_6894\GoogleUpdateSetup.exe 2014-09-21 13:03:49 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Temp\6096_6894\ChromeRecovery.exe 2014-09-21 13:03:11 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Users\Pelle Ladrak\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe 2014-09-21 13:03:09 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Users\Pelle Ladrak\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateBroker.exe 2014-09-21 13:02:33 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Users\Pelle Ladrak\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateSetup.exe === C: other files == 2014-09-22 19:30:25 FEBE067EB3846752367EE05AF4243249 678840 ----a-w- C:\Users\Pelle Ladrak\Downloads\RSIT.zip 2014-09-22 18:56:43 3E8431BC715C36DBC342922D9A2A9F7E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-408470767-2149584084-2631582878-1000\$IE9M3TU.zip 2014-09-22 18:56:07 FEBE067EB3846752367EE05AF4243249 678840 ----a-w- C:\Users\Pelle Ladrak\Downloads\RSIT (1).zip 2014-09-22 18:53:55 FEBE067EB3846752367EE05AF4243249 678840 ----a-w- C:\$Recycle.Bin\S-1-5-21-408470767-2149584084-2631582878-1000\$RE9M3TU.zip 2014-09-21 12:26:51 4A1F2A7EF6E004BB15B8BE0673ACAC11 160605 ----a-w- C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\extensions\7go@7go.com.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Pelle Ladrak\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "AmIcoSinglun"="C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe" "HP Quick Launch"="C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "F-Secure Hoster (45329)"="C:\Program Files\UPC Smart Guard\fshoster32.exe -app -hosterid:1" "F-Secure Manager"="C:\Program Files\UPC Smart Guard\apps\ComputerSecurity\Common\FSM32.EXE /splash" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Pelle Ladrak\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Citrix\\ICACLI~1\\RSHook.dll" ==== Startup Folders ====================== 2012-01-08 16:01:45 1280 ----a-w- C:\Users\Pelle Ladrak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2010-08-22 14:51:46 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Media Suite.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-408470767-2149584084-2631582878-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-408470767-2149584084-2631582878-1000UA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-408470767-2149584084-2631582878-1000Core" [C:\Users\Pelle Ladrak\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-408470767-2149584084-2631582878-1000UA" [C:\Users\Pelle Ladrak\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\JavaUpdateSched" [%CommonProgramFiles%\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\RecoveryCDWin7" ["C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\system32\tasks\Registration" ["C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\system32\tasks\ServicePlan" ["C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "specialsavings@vshsolutions.com"="C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\PELLEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default - Undetermined - C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default\extensions\ffxtlbra@softonic.com - Undetermined - C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Extensions\specialsavings@vshsolutions.com - 7Go - %ProfilePath%\extensions\7go@7go.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Pelle Ladrak\AppData\Roaming\Mozilla\Firefox\Profiles\q5trjhzi.default FB5621842FDABF9F8359775573498FBC - C:\Users\Pelle Ladrak\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3 2034E977759F4EB2226914BFC58F2758 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3 B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3 3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3 C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3 45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3 9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3 472B98790B5A7A048C58BA728A5372AB - C:\Program Files\Citrix\ICA Client\npicaN.dll - Citrix ICA Client C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 31DA97B4682187C6639BBE2215814FDA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aidbbndgjnlaclnmhkdimcdjiebjpdel - C:\Users\Pelle Ladrak\AppData\Roaming\SpecialSavings\SpecialSavings_2.0.0.crx[] gjajpkikblccgefaibcafkfbanllpefi - C:\Users\Pelle Ladrak\AppData\Roaming\7go\7go.crx[] mbmpjbkgemhgalmeiigcdljkccfcafoj - C:\Users\Pelle Ladrak\AppData\Roaming\SpeedAnalysis3\SpeedAnalysis.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Program Files\Yontoo\YontooLayers.crx[] SpecialSavings.com - Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aidbbndgjnlaclnmhkdimcdjiebjpdel Speed Analysis 3 - Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj Google Wallet - Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aidbbndgjnlaclnmhkdimcdjiebjpdel deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aidbbndgjnlaclnmhkdimcdjiebjpdel_0.localstorage deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aidbbndgjnlaclnmhkdimcdjiebjpdel_0.localstorage-journal deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjajpkikblccgefaibcafkfbanllpefi_0.localstorage deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gjajpkikblccgefaibcafkfbanllpefi_0.localstorage-journal deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gjajpkikblccgefaibcafkfbanllpefi deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mbmpjbkgemhgalmeiigcdljkccfcafoj_0.localstorage deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mbmpjbkgemhgalmeiigcdljkccfcafoj_0.localstorage-journal deleted successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.softonic.com/MON00087/tb_v1?SearchSource=15&cc=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{ADCCA5AA-A792-4D26-B9EC-48108FD776AC}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ADCCA5AA-A792-4D26-B9EC-48108FD776AC}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {07754312-7BFB-425D-9050-0EE10CE069B5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" {9EC8BA8F-DAB7-447C-9447-7F1BE3BE86C6} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF103732-4528-4322-AA8B-F7849AB7776B} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF103732-4528-4322-AA8B-F7849AB7776B} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} deleted successfully HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{FF103732-4528-4322-AA8B-F7849AB7776B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF103732-4528-4322-AA8B-F7849AB7776B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-408470767-2149584084-2631582878-1000\Software\Mozilla\Firefox\Extensions\specialsavings@vshsolutions.com deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aidbbndgjnlaclnmhkdimcdjiebjpdel deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{09C14BAE-2D45-4133-B0FA-5EA4FE5CF978} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EAB41C9054D233140BAFE54AEFC59F87 deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pelle Ladrak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Pelle Ladrak\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pelle Ladrak\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Pelle Ladrak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Pelle Ladrak\AppData\Local\Mozilla\Firefox\Profiles\q5trjhzi.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Pelle Ladrak\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8745 folders=2174 1603439346 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Pelle Ladrak\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\PELLEL~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Pelle Ladrak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\Hewlett-Packard" not found "C:\PROGRA~2\IBUpdaterService" not found ==== EOF on vr 26-09-2014 at 19:30:49,51 ======================