
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Dave on wo 30-04-2014 at 12:15:03,99.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dave\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-04-29-134823.log	1034 bytes

==== Empty Folders Check ======================

\.felix
\1136_10863
\1188_4634
\1220_23682
\1360_11749
\1472_29668
\1656_23303
\1692_14299
\1720_26642
\1808_9862
\1848_27247
\1860_5416
\2068_10494
\2072_21859
\2184_21435
\2280_30543
\2300_6687
\2324_30435
\2356_18135
\2432_28593
\256_11452
\2728_21251
\2860_27822
\2948_23983
\3040_27272
\3164_15689
\316_23440
\3208_5053
\3236_11600
\3336_17304
\3472_17139
\3692_14728
\3720_13161
\3812_25431
\38fdaae5-8e0e-493c-88ec-e05c3be06e42
\3960_4313
\3980_29515
\4016_30739
\4072_16066
\4124_15454
\4132_4123
\4148_19807
\4164_6256
\4168_29237
\4200_26524
\4208_3668
\4224_24703
\4224_5942
\4256_24104
\4376_22633
\4412_14244
\4420_7618
\4440_14120
\4460_29912
\4484_6824
\4512_4562
\4544_24300
\4544_28150
\4552_32722
\4556_18810
\4564_8163
\4580_17761
\4612_29225
\4624_17444
\4656_7594
\4692_31811
\4720_13495
\4720_13633
\4720_21147
\4788_8480
\4804_14315
\4812_5302
\4860_23722
\4956_1374
\4984_11723
\4984_1903
\5012_13691
\5020_15293
\5036_5771
\5088_4359
\5108_15959
\5140_30653
\5148_21658
\5168_2972
\5180_24783
\5276_29369
\5280_12915
\5284_307
\5288_19682
\5392_22242
\5392_23083
\5412_7274
\5472_32514
\5488_14701
\5528_8201
\5540_9072
\5544_7275
\5604_11736
\5628_26043
\5712_3292
\5724_18051
\572_15953
\5736_31679
\588_17599
\5896_12378
\5924_20338
\5928_27400
\5932_29883
\6000_530
\6020_24513
\6092_24056
\6112_7773
\6444_31515
\908209415
\Adobe
\APNLogs
\avgnt.exe
\BatmanAC_Data_DFE
\Bunndle
\CC53.tmp
\comtypes_cache
\Cookies
\CRX_75DAF8CB7768
\Epic-a0648c9e-3e8a-4b1a-b044-7ea96074ed6d
\History
\hsperfdata_Dave
\jna
\lilo.5916
\MAPLE-17-EN-W7Ex86
\msdtadmin
\msohtmlclip
\msohtmlclip1
\OEI_IO
\Origin
\outlook logging
\RA3_1.12_Data_DFE
\scoped_dir4004_8769
\scoped_dir8923
\scoped_dir8926
\scoped_dir9005
\sketchup_install
\UCDebugger
\UnityWebPlayer
\VBE
\WPDNSE
\{0C148E04-9DAE-46F8-9E4D-3DEDED0150D9}
\{255F6B2B-D76E-4126-AEFA-CC7AB5CDD397}
\{3aa3a802-f61c-400b-8ebc-9e1840c57532}
\{4524882A-8C60-424F-9D6A-44C3CAF8DCA0}
\{70FF7DF1-E69E-47df-9AA6-F062FADD6146}
\{71BCED40-6010-44F2-8535-148CCCE275EA}
\{9CEEB525-3CE4-4D74-95E5-BF966DE82BB3}
\{B5C68623-7DB2-4897-872E-6F56E70DFF0D}
\{D2417D71-FF48-47F6-A272-56EC004319EB}
\{dd9477e7-e912-4246-95a2-f1e5e791cc26}
\{F23F73DB-4A49-40AB-8CED-367B99ECBA17}

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BA7482C2-94D9-4F28-B073-8CC0617FCCE2} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{BA7482C2-94D9-4F28-B073-8CC0617FCCE2} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IBUpdaterService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IBUpdaterService deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default

---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.claro-search.com/?affID=109220&tt=261112_clro_4812_6&babsrc=NT_ss&mntrId=e8bbb17c000000
---- Lines claro removed from user.js ----

user_pref("extensions.claro.tlbrSrchUrl", "");
user_pref("extensions.claro.id", "e8bbb17c00000000000000242105e5f3");
user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
user_pref("extensions.claro.instlDay", "15672");
user_pref("extensions.claro.vrsn", "1.8.3.10");
user_pref("extensions.claro.vrsni", "1.8.3.10");
user_pref("extensions.claro_i.vrsnTs", "1.8.3.1020:25:56");
user_pref("extensions.claro.prtnrId", "claro");
user_pref("extensions.claro.prdct", "claro");
user_pref("extensions.claro.aflt", "babsst");
user_pref("extensions.claro_i.smplGrp", "none");
user_pref("extensions.claro.tlbrId", "irhnew");
user_pref("extensions.claro.instlRef", "sst");
user_pref("extensions.claro.dfltLng", "en");
user_pref("extensions.claro.excTlbr", false);
user_pref("extensions.claro.admin", false);

---- FireFox user.js and prefs.js backups ---- 

user_30-04-2014_1234_.backup
prefs_30-04-2014_1234_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E8D6551-F9A4-6D01-4D4B-BFD7673C0E3E}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"Sweetpacks Communicator"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

C:\Program Files\SweetIM not found
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\Users\Dave\AppData\Roaming\settings.ini deleted
C:\Users\Dave\AppData\Roaming\Babylon deleted
C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever deleted
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted
C:\Users\Dave\AppData\LocalLow\SweetIM deleted
C:\Windows\wininit.ini deleted
C:\Windows\System32\ARFC deleted
C:\Windows\System32\WNLT deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\mngr.xml deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\askcomsearch.xml deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\daemon-search.xml deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\MyStart Search.xml deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\Sweetpacks Search.xml deleted
C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\jetpack deleted
C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted
C:\Program Files\Mozilla Firefox\components\AskSearch.js deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\MyStart.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\searchplugins\sweetim.xml" deleted
"C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default\extensions\torntv@torntv.com.xpi" deleted
"C:\Windows\System32\dmwu.exe" deleted
"C:\Windows\system32\ImHttpComm.dll" deleted
"C:\Windows\system32\dmwu.exe" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCall.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla17.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla18.exe" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla19.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla2.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla20.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.dll" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseCustomCalla22.exe" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP\WiseData.ini" deleted
"C:\Windows\System32\jmdp\ImHttpComm.dll" deleted
"C:\Windows\System32\jmdp\lmrn.dll" deleted
"C:\Windows\System32\jmdp\stij.exe" deleted
"C:\Windows\455F074C814E4520B69B5584BD90400C.TMP" deleted
"C:\Windows\System32\jmdp" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-04-17 12:02:27	26666C7B0F25124ED5A847A5E07A89F4	2554	----a-w-	C:\Windows\WAVEMIX.INI
====== C:\Users\Dave\AppData\Local\Temp ====
2014-04-27 13:46:23	D7878764D0C7344E8EFA5F964288E892	2048	------w-	C:\Users\Dave\AppData\Local\Temp\msdtadmin\_A12103C2-FA95-438A-928C-2D74C15B7794_\cabpkg\DiagPackage.dll
2014-04-27 13:46:15	B1CD3050F7241E4A238F1C08766DF4C8	50480	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\Lts.dll
2014-04-27 13:46:15	07D1E74E876A75BFA650F72246035959	1373336	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSWiz.exe
2014-04-27 13:44:13	FFBD40DE462BD468C73556CD4CDD3F18	65184	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSShim.dll
2014-04-27 13:44:13	DD0DCB969A6D0FB6833296AB02AFBC58	17656	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\Microsoft.Support.Diagnosis.Commands.UpdateDiagReport.dll
2014-04-27 13:44:13	C3A298EA59A88106C4F49306F61AD5C0	16128	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\Microsoft.Support.Diagnosis.Commands.UpdateDiagRootcause.dll
2014-04-27 13:44:13	BD5FAB3A18FCC1179B69A59613548285	46752	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSHost.exe
2014-04-27 13:44:13	9BAAE0B15C9FE5BBAC1761EDB49FC26E	14592	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\Microsoft.Support.Diagnosis.Commands.WriteDiagProgress.dll
2014-04-27 13:44:13	9AC0A2BD70A580A1EC63C14C28C8C4E9	16624	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\Microsoft.Support.Diagnosis.Commands.GetDiagInput.dll
2014-04-27 13:44:13	8F329F698C2FC57250C6E3D2ACC60C77	278168	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSEng.dll
2014-04-27 13:44:13	65503800CF76FF6402A465C2F7D6B287	20128	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSEvent.dll
2014-04-27 13:44:13	209B904C73EE1DBBB22A0B3D6B1A1632	26328	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\Microsoft.Support.Diagnosis.MatsHost.dll
2014-04-27 10:55:49	2E05B0FF87D1ED10834333F35C064915	398608	----a-w-	C:\Users\Dave\AppData\Local\Temp\{4524882A-8C60-424F-9D6A-44C3CAF8DCA0}\setup.exe
2014-04-27 10:43:05	6EDDFB8F8D629AFB310E7053A947603E	86016	----a-w-	C:\Users\Dave\AppData\Local\Temp\SimCity 4 Deluxe_uninst.exe
2014-04-27 10:42:56	30382F875D0140EBEBF466C2EC648DDE	700416	----a-w-	C:\Users\Dave\AppData\Local\Temp\SC4_uninst.exe
2014-04-27 10:42:54	3A6498E0F3C4832D45B051401210B6E0	286720	----a-w-	C:\Users\Dave\AppData\Local\Temp\eauninstall.exe
====== Java Cache =====
2014-04-15 08:27:51	14DFAF0FE8534D032DB7E0C5D288FA0B	661	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\49ed9400-4a606819
2014-04-15 08:27:49	A979591994E70509171297BDFCC5A5BA	344	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\7cf65100-56de488a
2014-04-15 08:27:50	284E3D333132CB0E069A9F79B5EED403	943	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7316448f-16e22d97
2014-04-15 08:27:30	61372B07FFF4141ED2099FAD20BB8127	555179	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\159e75d0-5f259cb5
2014-04-15 08:27:49	CB0263760B4FB76A11BFE6101FAB8E66	438	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\3e2541d3-5bc0e9c9
2014-04-15 08:27:50	9F57B464A5959EB4380CAED1E0B286B3	633	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\7b329102-3a251649
2014-04-15 08:27:50	35EDDB1A7F05668C15E9E60AB1203038	396	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\636f8614-42385bba
2014-04-15 08:27:24	D562AFF8F69A2FC1C777C48C03B8B2EC	88	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\6ac1de14-6.0.lap
2014-04-15 08:27:50	4BD56556F42B582F58892B07C56BA981	755	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\1c8df557-3b0f52dd
2014-04-15 08:27:44	14497E5734EFB9E601CBB863CDF30996	4133	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\49d0c057-30dc5ea1
2014-04-15 08:27:45	0D40EE3FDCD90359FA44C6FF89C2FAB5	391	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4d8bd799-500e3631
2014-04-15 08:27:49	9AAA7BCD608F1F2CADEA739CF2DB94E0	591	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\4c4add9a-652d16ab
2014-04-15 08:27:46	589C8934D7D7E54676C13711F55B5A05	120	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\7419a11f-3481871c
2014-04-15 08:27:45	9045620E10EA98432BA3A81E123627AB	515	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\7761c4a0-24f15ab6
2014-04-15 08:27:48	F6414D059BBFEACC836DA7A0C1E5149A	796	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\3a434d64-73c77783
2014-04-15 08:27:47	65A63E3FDF761782D8EBCE6205B6D37C	1005	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\3d0a4ce5-73f46248
2014-04-15 08:27:46	31F60EA960D99AC85FE32C0207F13D02	924	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\50298d04-77b8ae7b
2014-04-15 08:27:47	E9AFAEFC3AD80A1E135AC66CBC8B6F4E	529	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\24a3c6c-5d121308
2014-04-15 08:27:52	5DF4A1275533FCF32D1E2CA1C4E4CF37	919	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6209c42d-51667b6a
2014-04-15 08:27:50	272993B608A5967968D7D0C2EE22EEAB	1163	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\61124e30-7377144f
2014-04-15 08:27:52	D48CF616BFEE640234EEFAA58B72B3A6	1056	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\7086ba32-439a0c82
2014-04-15 08:27:47	0256AC7D382ADAF18EEB1C083F348E5D	1198	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\eee7d33-420dc655
2014-04-15 08:27:47	B278FBA9D38FD880CF9982C2931EA42C	1145	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\1e5cc775-158e002f
2014-04-15 08:27:49	267AF53F565A645E9FC7F331A85F55A7	315	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\8e3e4be-32462209
2014-04-15 08:27:48	906CCF0BEABC72138159B67F7F9FF694	475	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\32a06e7f-16714b46
2014-04-15 08:27:48	83BBE76487E428AFE1A18AC118D6E94B	461	----a-w-	C:\Users\Dave\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\703668ff-54cf0a4f
====== C:\Windows\system32 =====
2014-04-17 11:37:08	6EA69D2312F3571F6F8BEADD224165E8	264616	----a-w-	C:\Windows\System32\javaws.exe
2014-04-17 11:36:54	B42338F92D3BDADA79B6BE553E72587C	94632	----a-w-	C:\Windows\System32\WindowsAccessBridge.dll
2014-04-17 11:36:54	9533FE0A942E00114047140B42DF8E3D	175016	----a-w-	C:\Windows\System32\java.exe
2014-04-17 11:36:54	37C15684482B4D596316735DCEEE939A	175528	----a-w-	C:\Windows\System32\javaw.exe
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2014-04-17 12:02:39	40A628A5F4DAAB39990743C266B4AAA0	3186	----a-w-	C:\Windows\system32\Tasks\{DC7AB819-9D5A-4841-9813-DBCA937E4905}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-04-28 18:52:16	--------	d-----w-	C:\Program Files\trend micro
2014-04-27 13:44:18	--------	d-----w-	C:\Program Files\Microsoft ATS
2014-04-04 10:36:57	--------	d-----w-	C:\Program Files\Enigma Software Group
======= C: =====
====== C:\Users\Dave\AppData\Roaming ======
2014-04-17 12:02:27	--------	d-----w-	C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2014-04-08 16:52:50	--------	d-----w-	C:\Users\Dave\AppData\Roaming\Unity
2014-04-08 08:04:38	--------	d-----w-	C:\Users\Dave\AppData\Local\Unity
2014-04-08 08:04:37	--------	d-----w-	C:\Users\Dave\AppData\Locallow\Unity
====== C:\Users\Dave ======
2014-04-28 18:55:19	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Dave\Desktop\RSIT.exe
2014-04-28 18:51:23	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Dave\Downloads\RSIT.exe
2014-04-27 13:43:57	61DC865DADF9E7933136D5565113F7B8	1329501	----a-w-	C:\Users\Dave\Downloads\adwcleaner.exe
2014-04-27 13:42:27	A0844C730F1091B491A8737404F4C914	347816	----a-w-	C:\Users\Dave\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.196322025397157523.1.1.Run.exe
2014-04-27 11:31:48	55BC08E32879A3DE7386A2695D668304	4745984	----a-w-	C:\Users\Dave\Downloads\ccsetup413.exe
2014-04-27 10:35:27	8CB4D724AF10C68642435D2BC916E72E	6204496	----a-w-	C:\Users\Dave\Downloads\disk-defrag-setup.exe
2014-04-09 08:59:21	--------	d-----w-	C:\ProgramData\Ricoh

====== C: exe-files ==
2014-04-29 13:35:29	926B25DE4D9BC9657844E1DC7599EAC9	3610400	----a-w-	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNCZIE2E\SkywalkerSetup[3].exe
2014-04-29 13:34:03	CA64AA2D2225150424EC193FD0923F03	4343872	----a-w-	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4B0QDG45\WSSetup[4].exe
2014-04-28 18:55:19	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Dave\Desktop\RSIT.exe
2014-04-28 18:52:17	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Dave.exe
2014-04-28 18:51:23	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Dave\Downloads\RSIT.exe
2014-04-27 13:54:01	0A573D2DC3C540C5BE6D4CCB7F69DCE8	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1543618908-3239661144-1903902135-1000\$I8P1FOY.exe
2014-04-27 13:46:15	07D1E74E876A75BFA650F72246035959	1373336	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSWiz.exe
2014-04-27 13:44:13	BD5FAB3A18FCC1179B69A59613548285	46752	----a-w-	C:\Users\Dave\AppData\Local\Temp\MATS-Temp\CAByw0ubgol.ysp\MATSHost.exe
2014-04-27 13:43:57	61DC865DADF9E7933136D5565113F7B8	1329501	----a-w-	C:\Users\Dave\Downloads\adwcleaner.exe
2014-04-27 13:42:27	A0844C730F1091B491A8737404F4C914	347816	----a-w-	C:\Users\Dave\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.196322025397157523.1.1.Run.exe
2014-04-27 11:31:48	55BC08E32879A3DE7386A2695D668304	4745984	----a-w-	C:\Users\Dave\Downloads\ccsetup413.exe
2014-04-27 10:55:49	2E05B0FF87D1ED10834333F35C064915	398608	----a-w-	C:\Users\Dave\AppData\Local\Temp\{4524882A-8C60-424F-9D6A-44C3CAF8DCA0}\setup.exe
2014-04-27 10:43:05	6EDDFB8F8D629AFB310E7053A947603E	86016	----a-w-	C:\Users\Dave\AppData\Local\Temp\SimCity 4 Deluxe_uninst.exe
2014-04-27 10:42:56	30382F875D0140EBEBF466C2EC648DDE	700416	----a-w-	C:\Users\Dave\AppData\Local\Temp\SC4_uninst.exe
2014-04-27 10:42:54	3A6498E0F3C4832D45B051401210B6E0	286720	----a-w-	C:\Users\Dave\AppData\Local\Temp\eauninstall.exe
2014-04-27 10:35:27	8CB4D724AF10C68642435D2BC916E72E	6204496	----a-w-	C:\Users\Dave\Downloads\disk-defrag-setup.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="C:\Program Files\Steam\steam.exe -silent"
"Google Update"="C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"RGSC"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Spotify Web Helper"="C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"
"BitTorrent DNA"="C:\Users\Dave\Program Files\DNA\btdna.exe"
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="C:\Program Files\Steam\Steam.exe -silent"
"Google Update"="C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"RGSC"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Spotify Web Helper"="C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="C:\Program Files\Steam\steam.exe -silent"
"Google Update"="C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"RGSC"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Spotify Web Helper"="C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Folders ======================

2011-04-15 21:44:17	954	----a-w-	C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2011-09-14 06:41:06	964	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SanDisk Media Manager.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2014 17:39]
C:\Windows\tasks\Google Software Updater.job --a------ C:GC:\ProgramC:Files\Google\Common\GoogleC:Updater\GoogleUpdaterService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22-03-2012 15:53]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22-03-2012 15:53]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1543618908-3239661144-1903902135-1000Core.job --a------ C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [08-01-2012 23:23]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1543618908-3239661144-1903902135-1000UA.job --a------ C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [08-01-2012 23:23]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\Google Software Updater" [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1543618908-3239661144-1903902135-1000Core" [C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1543618908-3239661144-1903902135-1000UA" [C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [23-05-2011 01:20]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tqsc1q79.default
025BBEF5A248B09BDC6684747F6EB5BC	- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 7 U55
AF87C7A3D391F5F5534167546D7DDE30	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.3
2034E977759F4EB2226914BFC58F2758	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.3
B14417814FCA3A5D4AB170E1823D5484	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.3
3EFF190EC0E333DFBD2F5499858044B6	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.3
C4EB1B18B39BD2F76A64F75D01DEAB61	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.3
45CC6EFE643FCB97D986BBE2D21E2491	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.3
9FCA15CC38F2E2C6F5E722ED0E1A9E7A	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.3
D7EFF0B98C370E03D7E2593399D9B669	- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll -	NVIDIA 3D Vision
75A1232EAC640B782CDD2132B5271AA8	- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll -	NVIDIA 3D VISION
5B92CB0A3EEE50F6B9AE036B4F9B0F0C	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
358878E398AB0FB8B1EE176C2E3EDF48	- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll -	Google Updater
6F120933F87E7DEC972476170288A267	- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll -	Adobe Acrobat
8CA06052CB0ED27701F345E9F87BAF07	- C:\Program Files\DNA\plugins\npbtdna.dll -	DNA Plug-in
F37D10E2A9A025D50D5CD0C9C58D456E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Multimedia Plug-in
758B17677E64AE8361F76778FE2123F9	- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll -	Windows Genuine Advantage
9317118077072C08CD84597D2925249A	- C:\Windows\system32\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director
5DB82B8C515C875AE58E1B8B5997416B	- C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll -	RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
2CDA67C1309CA966D8EFEE4EE0D6CA92	- C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll -	RealPlayer Version Plugin
625D0A824F513CE1CABB8861E97F2142	- C:\Program Files\Picasa2\npPicasa2.dll -	Picasa
AB87EEFFD18F2BAAFC274E7075EA6C67	- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
99F97C9FE748C37528C338A423577FCB	- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll -	Microsoft® Windows Media Player Firefox Plugin
9A6101F29E2E9D41B99CBCC8F106E8FE	- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL -	2007 Microsoft Office system
AF87C7A3D391F5F5534167546D7DDE30	- C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.3
2034E977759F4EB2226914BFC58F2758	- C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.3
B14417814FCA3A5D4AB170E1823D5484	- C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.3
3EFF190EC0E333DFBD2F5499858044B6	- C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.3
C4EB1B18B39BD2F76A64F75D01DEAB61	- C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.3
45CC6EFE643FCB97D986BBE2D21E2491	- C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.3
9FCA15CC38F2E2C6F5E722ED0E1A9E7A	- C:\Program Files\QuickTime\Plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.3
6F120933F87E7DEC972476170288A267	- C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
0BD343C45B4ECCF8D6AF94D6C3ADC310	- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
2D5E502371E736EB033AB0C5C6795674	- C:\Program Files\Picasa2\npPicasa3.dll -	Picasa
FF030B5F429A1A8C18821E4595599C1F	- C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll -	Java Deployment Toolkit 6.0.300.12
A63C70A7C78BF12B8B504C2062632C14	- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll -	BitTorrent
DFCAB29E8FD38F95650CC1E203E8D318	- C:\Windows\system32\npmproxy.dll -	Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files\TornTV.com\torn10.crx[]
jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-10-2012 13:14]
ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\System32\jmdp\SweetNT.crx[]
pgafcinpmmpklohkojmllohdhomoefph - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.crx[]
pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files\1ClickDownload\oneclickdownloader10.crx[]

Google Docs - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Wolfram|Alpha (Official) - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp
Google Wallet - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://nl.woofi.info"
"Default_Page_URL"="http://www.aldi.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://home.sweetim.com/?crg=3.1010000.10011&barid={147D544A-45C1-4FB0-B199-83AFCEA7791E}"
"Default_Page_URL"="http://www.aldi.com/"
"Search Page"="http://nl.woofi.info"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown  Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC_nl"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_USERS\S-1-5-21-1543618908-3239661144-1903902135-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully

==== Empty IE Cache ======================

C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dave\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQ09F7TB will be deleted at reboot
C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\tqsc1q79.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=60 folders=18 16945071 bytes)

==== Empty Temp Folders ======================

C:\Users\Dave\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dave\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\System32\dmwu.exesearch"  not found
"C:\Windows\system32\ImHttpComm.dllsearch"  not found
"C:\Windows\system32\dmwu.exesearch"  not found
"C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQ09F7TB" not found

==== EOF on wo 30-04-2014 at 12:43:50,63 ======================