Zoek.exe v5.0.0.0 Updated 22-05-2014 Tool run by Felix on ma 26-05-2014 at 19:44:28,37. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Felix\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26-5-2014 19:46:01 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\AGEIA Technologies deleted successfully C:\Program Files\Freemake deleted successfully C:\Program Files\GUMCEE7.tmp deleted successfully C:\Program Files\Malmberg deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Origin Games deleted successfully C:\Program Files\SlimDrivers deleted successfully C:\Program Files\Sony Ericsson deleted successfully C:\Program Files\Ubisoft deleted successfully C:\PROGRA~2\DeviceVM deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\Sony Ericsson deleted successfully C:\PROGRA~2\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} deleted successfully C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Felix\AppData\Roaming\DeviceVm deleted successfully C:\Users\Felix\AppData\Roaming\YourFileDownloader deleted successfully C:\Users\Felix\AppData\Local\PackageAware deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_CLASSES_ROOT\CLSID\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ib updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} not found C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\Program Files\IB Updater deleted C:\Program Files\Mozilla Firefox\user.js deleted C:\Program Files\Conduit deleted C:\Users\Felix\AppData\Roaming\GoforFiles deleted C:\Users\Felix\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\AVG Secure Search deleted C:\PROGRA~2\AVG SafeGuard toolbar deleted C:\PROGRA~2\Package Cache deleted C:\Users\Felix\AppData\Local\CRE deleted C:\Users\Felix\AppData\Local\Conduit deleted C:\Windows\System32\dmwu.exe deleted C:\Users\Felix\Downloads\SoftonicDownloader_for_hamachi (1).exe deleted C:\Users\Felix\Downloads\SoftonicDownloader_for_hamachi.exe deleted C:\Users\Felix\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\Felix\AppData\LocalLow\uTorrentBar_NL deleted C:\Users\Felix\AppData\LocalLow\Incredibar.com deleted C:\Users\Felix\AppData\LocalLow\PriceGong deleted C:\Users\Felix\AppData\LocalLow\Conduit deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\system32\Tasks\GoforFilesUpdate deleted C:\Windows\system32\tasks\YourFile DownloaderUpdate deleted C:\user.js deleted C:\Windows\system32\ImHttpComm.dll deleted C:\Windows\System32\jmdp deleted C:\Windows\System32\ARFC deleted C:\Windows\System32\WNLT deleted "C:\Program Files\AVG SafeGuard toolbar\vprot.exe" deleted "C:\Program Files\AVG SafeGuard toolbar\vprot.exe" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.5\SiteSafety.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\log4cplusU.dll" deleted "C:\Program Files\AVG SafeGuard toolbar" deleted "C:\Program Files\AVG SafeGuard toolbar" deleted "C:\Program Files\Common Files\AVG Secure Search" deleted "C:\Users\Felix\AppData\Local\AVG SafeGuard toolbar" deleted "C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.5" deleted "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5" deleted "C:\Users\Felix\AppData\Local\AVG SafeGuard toolbar\Chrome" deleted "C:\Users\Felix\AppData\Local\AVG SafeGuard toolbar\Chrome\Default" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Felix\AppData\Local\Temp ==== 2014-05-14 09:17:42 59B1B99D7A0F42A4625E8107365E6A8D 17938608 ----a-w- C:\Users\Felix\AppData\Local\Temp\{4D2C2D0E-AE52-458E-B208-54FFD774E68C}\InstallFlashPlayer.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-05-14 10:30:12 FBCF3F01177953EBF1E735643621CCF5 69632 ----a-w- C:\Windows\System32\mshtmled.dll 2014-05-14 10:30:09 EB5347F6149D3FF25F4D609A21A3BD67 17382912 ----a-w- C:\Windows\System32\mshtml.dll 2014-05-14 10:30:08 10D531ADC7B8FB36C7361D44AF6E8AB6 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-05-14 09:29:22 1DA49BFA5B76D128851C9474C1A69B21 369664 ----a-w- C:\Windows\System32\aepdu.dll 2014-05-14 09:29:21 94CDF4D11590ABC56BD6EAD81A1017E9 302592 ----a-w- C:\Windows\System32\aeinv.dll 2014-05-14 09:29:07 9DE19EA21DF99AF15BA5A947E5317F9E 550912 ----a-w- C:\Windows\System32\kerberos.dll 2014-05-14 09:29:07 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2014-05-14 09:29:07 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\System32\ntoskrnl.exe 2014-05-14 09:29:06 ED195AC76E10F17F6DD60C49666F2A83 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2014-05-14 09:29:06 4D50D7654EB38B8385FA9EF3DA14D4BE 1059840 ----a-w- C:\Windows\System32\lsasrv.dll 2014-05-14 09:29:05 FD25B74DC1A18C56BF1A879BF086555A 293376 ----a-w- C:\Windows\System32\KernelBase.dll 2014-05-14 09:29:05 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\System32\adprovider.dll 2014-05-14 09:29:05 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\System32\objsel.dll 2014-05-14 09:29:05 828185688FDAAE6C7959B884ABED1766 247808 ----a-w- C:\Windows\System32\schannel.dll 2014-05-14 09:29:05 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\System32\dimsroam.dll 2014-05-14 09:29:05 541BB9B4C899ADCC5D3DB89208C1F409 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2014-05-14 09:29:05 3A1ABE045A3E30799576E83A2D012B43 172032 ----a-w- C:\Windows\System32\wdigest.dll 2014-05-14 09:29:05 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\System32\cngprovider.dll 2014-05-14 09:29:04 DD17E1573651293D4ED31053795B3471 22528 ----a-w- C:\Windows\System32\lsass.exe 2014-05-14 09:29:04 CAA3039FFA0CDF8C2A9845C1609CDE00 100352 ----a-w- C:\Windows\System32\sspicli.dll 2014-05-14 09:29:04 C94CE65AE7701E9FDBA889045543E27C 22016 ----a-w- C:\Windows\System32\secur32.dll 2014-05-14 09:29:04 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\System32\dpapiprovider.dll 2014-05-14 09:29:04 61BC8ACDEC57469B22EC519B22FB3642 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2014-05-14 09:29:04 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\System32\wincredprovider.dll 2014-05-14 09:29:04 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\System32\capiprovider.dll 2014-05-14 09:29:04 2A86C18CE6869C77FCEB62F3B47D4D5B 17408 ----a-w- C:\Windows\System32\credssp.dll 2014-05-14 09:28:19 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\System32\shell32.dll ====== C:\Windows\system32\drivers ===== 2014-05-14 09:29:05 D3964885F0A11ACF51DA3AAA776973B2 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2014-05-14 09:29:04 4120DA10AA42A9996F4575DB9E3E6E6E 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-05-25 15:40:55 -------- d-----w- C:\Program Files\Eraser 2014-05-25 13:16:17 -------- d-----w- C:\Program Files\trend micro 2014-05-14 10:39:41 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-04-27 12:29:22 -------- d-----w- C:\Program Files\AMD AVT ======= C: ===== ====== C:\Users\Felix\AppData\Roaming ====== 2014-04-29 16:56:34 -------- d-----w- C:\Users\Felix\AppData\Local\Spotify 2014-04-29 16:50:04 -------- d-----w- C:\Users\Felix\AppData\Roaming\Spotify ====== C:\Users\Felix ====== 2014-05-25 15:36:05 3880C0FD3083474CB7FAE16DC62C747F 9110456 ----a-w- C:\Users\Felix\Downloads\Eraser 6.0.10.2620.exe 2014-05-25 13:13:42 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Felix\Downloads\RSIT.exe 2014-04-29 13:22:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-28 12:07:18 -------- d-----w- C:\ProgramData\ATI 2014-04-27 12:28:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center ====== C: exe-files == 2014-05-25 15:36:05 3880C0FD3083474CB7FAE16DC62C747F 9110456 ----a-w- C:\Users\Felix\Downloads\Eraser 6.0.10.2620.exe 2014-05-25 13:16:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Felix.exe 2014-05-25 13:13:42 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Felix\Downloads\RSIT.exe 2014-05-24 09:26:34 3AF5806AAB54D86CDA7AAA034FD2C35E 38382160 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.114\35.0.1916.114_chrome_installer.exe 2014-05-21 17:47:53 27CF243E60B90E64D42EBE8A20CF9B5F 42596008 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\raptr-3.8.1-r82928-release.exe === C: other files == 2014-05-26 15:29:45 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server2.raptr.com 2014-05-26 15:29:42 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server3.raptr.com 2014-05-25 13:05:01 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server5.raptr.com 2014-05-24 09:45:20 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\raptrguestsv6aqlpv\config\certificates\x509\tls_peers\xmpp-server8.raptr.com 2014-05-24 09:45:18 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server8.raptr.com 2014-05-24 09:45:18 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server7.raptr.com 2014-05-24 09:45:18 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server6.raptr.com 2014-05-24 09:45:18 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\xmpp-server4.raptr.com 2014-05-24 09:45:18 620620C91E3FDEE0C182BCE8F9CC36D4 1617 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\flexiono\config\certificates\x509\tls_peers\gmail.com 2014-05-24 09:30:50 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\raptrguestsv6aqlpv\config\certificates\x509\tls_peers\xmpp-server6.raptr.com 2014-05-24 09:30:49 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\raptrguestsv6aqlpv\config\certificates\x509\tls_peers\xmpp-server2.raptr.com 2014-05-22 10:34:22 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\raptrguestsv6aqlpv\config\certificates\x509\tls_peers\xmpp-server7.raptr.com 2014-05-21 13:56:49 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\raptrguestsv6aqlpv\config\certificates\x509\tls_peers\xmpp-server4.raptr.com 2014-05-20 22:47:07 B5BBC86645A135B13E6B41C5B0E7DE2D 1217 ----a-w- C:\Users\Felix\AppData\Roaming\Raptr\data\raptrguestsv6aqlpv\config\certificates\x509\tls_peers\xmpp-server5.raptr.com 2014-05-20 15:32:29 E3A3CA230C7547364BB3D9DA0C301A36 206936 ----a-r- C:\Windows\System32\drivers\NIS\1503000.00C\ironx86.sys 2014-05-20 15:32:29 CCD9B61DD6AB649B69143523C0D6391B 447704 ----a-w- C:\Windows\System32\drivers\NIS\1503000.00C\symnets.sys 2014-05-20 15:32:29 B70A98F20B4180F2751CFD7656116342 936152 ----a-w- C:\Windows\System32\drivers\NIS\1503000.00C\symefa.sys 2014-05-20 15:32:29 91C966DE2058116525748050A22C8170 664280 ----a-w- C:\Windows\System32\drivers\NIS\1503000.00C\srtsp.sys 2014-05-20 15:32:29 56C2811FD0D7B727808A69407B5BFAE0 127064 ----a-r- C:\Windows\System32\drivers\NIS\1503000.00C\ccsetx86.sys 2014-05-20 15:32:29 4C3DEF736D3857570166DE5C858600F5 367704 ----a-r- C:\Windows\System32\drivers\NIS\1503000.00C\symds.sys 2014-05-20 15:32:29 1B6D68043F488F70E889276E1585B7AA 32344 ----a-r- C:\Windows\System32\drivers\NIS\1503000.00C\srtspx.sys 2014-05-20 15:32:29 02F3073C3933190DFD24BC35800172B4 21520 ----a-r- C:\Windows\System32\drivers\NIS\1503000.00C\symelam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Raptr"="C:\PROGRA~1\Raptr\raptrstub.exe --startup" "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" "Spotify"="C:\Users\Felix\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Felix\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_9E0E8FB6AB9E32E413BF1FD50A17F104"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2656376448-397107024-246631922-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun" "LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" "Eraser"="C:\PROGRA~1\Eraser\Eraser.exe --atRestart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Raptr"="C:\PROGRA~1\Raptr\raptrstub.exe --startup" "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" "Spotify"="C:\Users\Felix\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Felix\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_9E0E8FB6AB9E32E413BF1FD50A17F104"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BCSSync" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Clownfish] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Clownfish" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EADM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EADM" "hkey"="HKCU" "command"="\"C:\\Program Files\\Origin\\Origin.exe\" -AutoStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Felix\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HydraVisionDesktopManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HydraVisionDesktopManager" "hkey"="HKCU" "command"="\"C:\\Program Files\\ATI Technologies\\HydraVision\\HydraDM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn GUI] "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn GUI" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui] "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn Hamachi Ui" "hkey"="HKLM" "command"="\"C:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nmapp] "command"="\"C:\\Program Files\\Pure Networks\\Network Magic\\nmapp.exe\" -autorun -nosplash" "hkey"="HKLM" "item"="nmapp" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ProfilerU] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ProfilerU" "hkey"="HKLM" "command"="C:\\Program Files\\SmartTechnology\\Software\\ProfilerU.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDVCPL" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SaiMfd] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SaiMfd" "hkey"="HKLM" "command"="C:\\Program Files\\SmartTechnology\\Software\\SaiMfd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SaitekInstall] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SaitekInstall" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SaiVolume] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SaiVolume" "hkey"="HKLM" "command"="C:\\Program Files\\Saitek\\CyborgKeyboard\\SaiVolume.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony PC Companion] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sony PC Companion" "hkey"="HKCU" "command"="\"C:\\Program Files\\Sony\\Sony PC Companion\\PCCompanion.exe\" /Background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\XFastUsb] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="XFastUsb" "hkey"="HKLM" "command"="C:\\Program Files\\XFastUsb\\XFastUsb.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Felix^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip] "backup"="C:\\Windows\\pss\\CurseClientStartup.ccip.Startup" "backupExtension"=".Startup" "item"="CurseClientStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD FUEL Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HTCMonitorService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IB Updater] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IBUpdaterService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PnkBstrA] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Sony PC Companion] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TuneUp.UtilitiesSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2014-04-02 09:44:33 1266 ----a-w- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2014-04-22 12:33:08 2012 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2656376448-397107024-246631922-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2656376448-397107024-246631922-1000UA.job --a------ [Undetermined Task] C:\Windows\tasks\NUSchedule.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2656376448-397107024-246631922-1000Core" [C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2656376448-397107024-246631922-1000UA" [C:\Users\Felix\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe"] "C:\Windows\system32\tasks\NUSchedule" [C:\Program Files\Norton Utilities 15\nu.exe] "C:\Windows\system32\tasks\Razer_Game_Booster_AutoUpdate" [C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe] "C:\Windows\system32\tasks\zASRockInstantBoot" [C:\Program Files\ASRock Utility\InstantBoot\InstantBoot.exe] "C:\Windows\system32\tasks\{B24D5862-D6C3-41C1-AA38-58E5FD71B59A}" ["c:\program files\google\chrome\application\chrome.exe"] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files\Norton Internet Security\Engine\21.3.0.12\SymErr.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files\Norton Internet Security\Engine\21.3.0.12\SymErr.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF" [23-12-2013 16:11] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Felix\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] fgfdfcbeamjnjdejakdidpniblllnbpg - C:\Windows\System32\jmdp\pnte.crx[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx[28-04-2014 14:52] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Felix\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] Google Docs - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Last updated at time on date - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf New Tab for Chrome - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg AdBlock - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Reddit Enhancement Suite - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb Norton Identity Protection - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Last updated at time on date - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch Gmail - Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage-journal deleted successfully C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT2865317" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {0915CA16-4CAE-4c4f-8143-E2D978834126} Google Url="http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=nl&q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\avg@toolbar deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaitekInstall deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC deleted successfully ==== Empty IE Cache ====================== C:\Users\Felix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Felix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1610 folders=563 210866147 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Felix\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Felix\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 26-05-2014 at 20:02:04,97 ======================