Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by 2830023 on vr 24/07/2015 at 12:46:31,55. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: D:\users\2830023\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BLRVIMO6\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== D:\zoek-results2015-06-15-073627.log 61483 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\Enigma Software Group not found C:\ProgramData\ParetoLogic not found C:\Program Files\ParetoLogic not found C:\FileRecovery.log deleted C:\PROGRA~2\Package Cache deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== D:\users\2830023\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-07-15 12:45:24 2C3C0504898A5293D88D169AAF30B02B 147512 ----a-w- C:\Windows\System32\BgGamingMonitor.dll 2015-07-15 12:45:16 9F6603A67B5A6E35EFB4CE5BCC244834 61736 ----a-w- C:\Windows\System32\BGLsp.dll ====== C:\Windows\system32\drivers ===== 2015-07-14 08:11:06 739164A8B8FB2F1B50A498F20AF7B21E 98520 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-07-14 08:10:33 B4CD87E78A01562E3DA67FE1C2779204 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-07-14 08:10:33 A1E3A332E76F48410CF403FDF85FAFE0 94936 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-07-14 08:10:33 490F0F3ED8A970E2BAA38F719242B8F7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys ====== C:\Windows\Tasks ====== 2015-07-15 12:55:45 F64A2D5E9C1762DEAFBEB4978044D22B 3874 ----a-w- C:\Windows\system32\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-07-17 19:14:46 -------- d-----w- C:\Program Files\9-lab 2015-07-15 13:01:07 -------- d-----w- C:\Program Files\ShadowExplorer 2015-07-15 12:55:08 -------- d-----w- C:\Program Files\Adobe 2015-06-29 20:12:32 -------- d-----w- C:\Program Files\Common Files\AV ======= D: ===== ====== D:\users\2830023\AppData\Roaming ====== 2015-07-22 14:08:07 -------- d-----w- D:\users\2830023\AppData\Local\CEF 2015-07-17 19:14:51 -------- d-----w- D:\users\2830023\AppData\Roaming\9-lab 2015-07-15 13:01:17 -------- d-----w- D:\users\2830023\AppData\Roaming\www.shadowexplorer.com ====== D:\users\2830023 ====== 2015-07-17 19:14:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool 2015-07-17 19:14:47 -------- d-----w- C:\ProgramData\9-lab 2015-07-15 13:01:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer 2015-07-14 09:05:59 70B7C30947167C4F2AC7D7785BCD5C09 40840 ----a-w- D:\users\2830023\log RSIT.txt 2015-07-14 08:51:49 -------- d-----w- D:\users\2830023\Start Menu 2015-07-14 07:52:34 3F7A236A4C6CF9B1C11B0EDA6838900A 4119 ----a-w- D:\users\2830023\log infectie moeder.txt 2015-07-14 07:47:04 09B6F6FCCC35DBAFCB38CB3751FA7C2F 2248704 ----a-w- D:\users\2830023\Desktop\adwcleaner_4.208.exe ====== C: exe-files == 2015-07-24 10:36:40 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\32788R22FWJFW\License\IEXPLORE.EXE 2015-07-24 10:36:40 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\32788R22FWJFW\License\FIREFOX.EXE 2015-07-24 10:36:40 ABC6379205DE2618851C4FCBF72112EB 1536 ----a-w- C:\32788R22FWJFW\EN-US\IEXPLORE.EXE 2015-07-24 10:36:40 753BC16326FEE4A421ACB636CCD602F4 60416 ----a-w- C:\32788R22FWJFW\IEXPLORE.EXE 2015-07-24 10:36:40 753BC16326FEE4A421ACB636CCD602F4 60416 ----a-w- C:\32788R22FWJFW\FIREFOX.EXE === C: other files == 2015-07-24 10:36:41 D9CD4C12EAD06670E6B2E3099971B716 587 ----a-w- C:\32788R22FWJFW\RESTORE_PT.VBS 2015-07-24 10:36:41 4D642F5E71B97878FC80108D808E5AAD 1127 ----a-w- C:\32788R22FWJFW\WMI_REM.VBS 2015-07-24 10:36:41 39863A8B3FE3C6A2E0670340CCE45013 17606 ----a-w- C:\32788R22FWJFW\SETENVMT.BAT 2015-07-24 10:36:41 30E8CD0D91BE83699EC87B36BEF3E07C 2176 ----a-w- C:\32788R22FWJFW\SVCDRV.VBS 2015-07-24 10:36:40 EE4F5DF5FF87DFD72CF4C6B1C9FECB8F 39183 ----a-w- C:\32788R22FWJFW\License\PV_5_2_2.ZIP 2015-07-24 10:36:40 E62DF2695B9C450BA2B03518755484D0 2862 ----a-w- C:\32788R22FWJFW\MOVEIT.BAT 2015-07-24 10:36:40 AE3EF2B9F6469E8B6FC6547920D82681 954 ----a-w- C:\32788R22FWJFW\HISTORY.BAT 2015-07-24 10:36:40 92BD80F82FE8A28385B7D9D3F215E8B3 73728 ----a-w- C:\32788R22FWJFW\PV.COM 2015-07-24 10:36:40 9227E19A769F87D824B0245E8D770D0B 18996 ----a-w- C:\32788R22FWJFW\ND_64.BAT 2015-07-24 10:36:40 9218B62DD118C16DACB2C6F5D065EBE9 67554 ----a-w- C:\32788R22FWJFW\ND_.BAT 2015-07-24 10:36:40 8863A7F6B7533D16F1386CED6F2A14FE 2556 ----a-w- C:\32788R22FWJFW\LNKREAD.VBS 2015-07-24 10:36:40 7D1DC643C3F97F6E396331035B704AB6 10802 ----a-w- C:\32788R22FWJFW\FL0.BAT 2015-07-24 10:36:40 5CB1815653F3EEE5EBA3E470B6BBFF84 65746 ----a-w- C:\32788R22FWJFW\C.BAT 2015-07-24 10:36:40 43C7228B35D17DB840F2254B92E00D8B 8543 ----a-w- C:\32788R22FWJFW\NCMD.COM 2015-07-24 10:36:40 3FB9CFF6A8AF4AEF46A6AAFD4C6519A4 977 ----a-w- C:\32788R22FWJFW\OSID.VBS 2015-07-24 10:36:40 306C4A0F4ECEA81CD27076B35B2B0CEB 144 ----a-w- C:\32788R22FWJFW\License\UNXUTILSDIST.COM 2015-07-24 10:36:40 30239751E1A815696BB2C123AFD9C650 2933 ----a-w- C:\32788R22FWJFW\AV.VBS 2015-07-24 10:36:40 0EA6A0D2E1106F0424E05732544E328B 75425 ----a-w- C:\32788R22FWJFW\License\STREAMTOOLS.ZIP 2015-07-17 20:39:46 5EC296CD50043C242186E5E822429F39 3304142 ----a-w- C:\32788R22FWJFW\LIST.BAT ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1123561945-484061587-1801674531-65625\Software\Microsoft\Windows\CurrentVersion\Run] "F.lux"="D:\users\2830023\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" "hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "F.lux"="D:\users\2830023\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\PROGRA~1\\BULLGU~1\\BULLGU~1\\BgAgent.dll" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beid" "hkey"="HKLM" "command"="\"C:\\Program Files\\Belgium Identity Card\\beid35gui.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Officejet Pro 8620 (NET)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Officejet Pro 8620 (NET)" "hkey"="HKCU" "command"="\"C:\\Program Files\\HP\\HP Officejet Pro 8620\\Bin\\ScanToPCActivationApp.exe\" -deviceID \"CN4ADD40YK:NW\" -scfn \"HP Officejet Pro 8620 (NET)\" -AutoStart 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MaxMenuMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MaxMenuMgr" "hkey"="HKLM" "command"="\"C:\\Program Files\\Seagate\\SeagateManager\\FreeAgent Status\\StxMenuMgr.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WatchDog] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WatchDog" "hkey"="HKLM" "command"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] "item"="DVD Check" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\DVD Check.lnk" "backup"="C:\\Windows\\pss\\DVD Check.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\INTERV~1\\DVDCHE~1\\DVDCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EQMsgClient.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\EQMsgClient.lnk" "backup"="C:\\Windows\\pss\\EQMsgClient.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\Equitrac\\Express\\Client\\EQMSGC~1.EXE " "item"="EQMsgClient" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "item"="HP Digital Imaging Monitor" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TP-LINK Wireless Configuration Utility.lnk" "backup"="C:\\Windows\\pss\\TP-LINK Wireless Configuration Utility.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\TP-LINK\\TP-LIN~1\\TWCU.exe -nogui" "item"="TP-LINK Wireless Configuration Utility" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^users^2830023^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] "path"="D:\\users\\2830023\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk" "backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office12\\ONENOTEM.EXE /tsr" "item"="OneNote 2007 Schermopname en Snel starten" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AEADIFilters] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ATService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BsBhvScan] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BsScanner] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BsUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\btwdins] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Com4QLBEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EQSharedEngine] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FreeAgentGoNext Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hpqwmiex] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hpsrv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IviRegMgr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LightScribeService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\lxcz_device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RoxMediaDB10] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RunSwUSB] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\stllssvr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VMCService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\XAudioService] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\SmartDefrag_Startup" [C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe] "C:\Windows\system32\tasks\{8DDBE052-C1DE-494D-8D0A-6258577F186E}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.5.59.124/nl/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled] "C:\Windows\system32\tasks\{9036E901-425D-42DB-A7F6-44C93DC2B8E8}" [C:\Program Files\Steam\Steam.exe] "C:\Windows\system32\tasks\{BF7BCC09-8A10-45BE-AE71-A9ADF91DFBF5}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "antiphishing@bullguard"="C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard" [01/08/2014 10:00] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [04/04/2010 22:46] ==== Firefox Extensions ====================== ProfilePath: D:\users\2830023\AppData\Roaming\Mozilla\Firefox\Profiles\rn9auo7e.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ExtDir: D:\users\2830023\AppData\Roaming\Mozilla\Firefox\Profiles - Undetermined - %ExtDir%\HELP_DECRYPT.URL - Undetermined - %ExtDir%\HELP_DECRYPT.URL - Undetermined - %ExtDir%\HELP_DECRYPT.URL - Undetermined - %ExtDir%\HELP_DECRYPT.URL AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: D:\users\2830023\AppData\Roaming\Mozilla\Firefox\Profiles\rn9auo7e.default 129BAF0CD31D42675BFA8476A5209E11 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 9291708CCD967887AF94BE708B43D64D - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 073A22FDCDAFD513DAD0D972BD2DF76E - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll - Silverlight Plug-In D31C4608FDCD9CEB756F45E91DCF64F8 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U45 66F9ADD8A2335EF9870AFDA4F35F492B - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.450.14 1F8FFDE82C52353906244AFDC6BAF2AB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 6D23BB87BCF88731959BF79082D442E6 - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{36377DD7-B3EB-42f5-986F-680BAF59BA9D}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {36377DD7-B3EB-42f5-986F-680BAF59BA9D} bing Url="http://start.msn.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam deleted successfully ==== Empty IE Cache ====================== D:\users\2830023\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully D:\users\pcvo9117\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully D:\users\pcvo9117\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully D:\users\2830023\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BLRVIMO6 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8 folders=8 6678892 bytes) ==== Empty Temp Folders ====================== D:\users\2830023\AppData\Local\temp will be emptied at reboot D:\users\Default\AppData\Local\temp emptied successfully D:\users\Default User\AppData\Local\temp emptied successfully D:\users\latitude\AppData\Local\temp emptied successfully D:\users\pcvo9117\AppData\Local\temp emptied successfully D:\users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "D:\users\2830023\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BLRVIMO6" not found ==== EOF on vr 24/07/2015 at 13:17:58,42 ======================