Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by Lady on zo 06-07-2014 at 20:39:20,37. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Lady\Desktop\zoek.scr [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 6-7-2014 20:53:59 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\trend micro deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Systweak deleted successfully C:\Users\Lady\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Lady\AppData\Local\Conduit deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritDesktop deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PirritDesktop deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PirritDesktop deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mywebsearchservice deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 3. [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 4. [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}] 6. [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}] 7. [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 8. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 9. "MyWebSearch Email Plugin"=- 10. [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 11. "My Web Search Bar Search Scope Monitor"=- 12. "MyWebSearch Email Plugin"=- 13. "ROC_ROC_JULY_P1"=- 14. "ROC_ROC_NT"=- ==== Deleting Files \ Folders ====================== 2. C:\ProgramData\AVG January 2013 Campaign not found 5. C:\Program Files (x86)\MyWebSearch not found "1. C:\Windows\tasks\ROC_REG_JAN_DELETE.job" not found C:\PROGRA~2\DealPly deleted C:\PROGRA~2\FunWebProducts deleted C:\extensions deleted C:\Users\Lady\AppData\Roaming\Babylon deleted C:\Users\Lady\AppData\Roaming\systweak deleted C:\PROGRA~3\Avg_Update_0414b deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\OberonGameConsole deleted C:\PROGRA~3\AVG January 2013 Campaign deleted C:\PROGRA~3\AVG Secure Search deleted C:\Users\Lady\AppData\Local\Babylon deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Lady\Downloads\avg_free_stb_all_2014_4259_cnet.exe deleted C:\Users\Lady\Searches deleted C:\Users\Lady\AppData\LocalLow\MyWebSearch deleted C:\Users\Lady\AppData\LocalLow\PriceGong deleted C:\Users\Lady\AppData\LocalLow\Conduit deleted C:\Users\Lady\AppData\LocalLow\FunWebProducts deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted C:\user.js deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\ConduitEngine.tmp deleted "C:\Users\Lady\AppData\Local\PirritSuggestor\msvcp100.dll" deleted "C:\Users\Lady\AppData\Local\PirritSuggestor\msvcr100.dll" not deleted "C:\Users\Lady\AppData\Local\PirritSuggestor\PirritService.exe" deleted "C:\Users\Lady\AppData\Local\PirritSuggestor\QtCore4.dll" deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin\M3OUTLCN.DLL" deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin\MWSOEMON.EXE" deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin\MWSOESTB.DLL" deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin\M3OUTLCN.DLL" deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin\MWSOEMON.EXE" deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin\MWSOESTB.DLL" deleted "C:\PROGRA~2\MyWebSearch" not deleted "C:\PROGRA~2\MyWebSearch" not deleted "C:\Users\Lady\AppData\Local\PirritSuggestor" not deleted "C:\PROGRA~2\MyWebSearch\bar" not deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin" not deleted "C:\PROGRA~2\MyWebSearch\bar" not deleted "C:\PROGRA~2\MyWebSearch\bar\1.bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Lady\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-29 19:49:26 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-06-29 19:49:21 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2014-06-29 19:49:21 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-06-29 19:49:21 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2014-06-29 19:49:21 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-29 19:49:26 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-06-29 19:49:21 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-06-29 19:49:21 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2014-06-29 19:49:21 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll 2014-06-29 19:49:21 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-29 19:49:24 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-29 19:49:24 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-06-17 14:21:34 5D115BF49AE159D4D7D1EBC640CB138F 235800 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys 2014-06-17 14:06:58 0971913995F5FAFD711B0B2426A175E9 269080 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys 2014-06-17 14:06:24 B0E4A1F342A3F8B75C4A4ADB044761C9 190744 ----a-w- C:\Windows\Sysnative\drivers\avgidsha.sys 2014-06-17 14:06:22 946C038A7274D689A004785E581FAD5F 153368 ----a-w- C:\Windows\Sysnative\drivers\avgdiska.sys 2014-06-17 14:06:22 50E7E80BB5F3E2BB0B48F3F7E17ED6B1 242968 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2014-06-17 14:06:20 D9CED15E158573DE1BB67330C4206763 123672 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys 2014-06-17 14:06:06 C4F9056928B26BCAF15872E46B29184F 31512 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-06-09 15:14:55 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER ======= C: ===== ====== C:\Users\Lady\AppData\Roaming ====== ====== C:\Users\Lady ====== ====== C: exe-files == 2014-07-04 22:00:10 B1EAC481DE9C02C650E5B2F02653C832 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avguirux.exe 2014-07-04 22:00:10 AB7CF7D136993B6BE86E7825E1913BB1 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgrdtestx.exe 2014-07-04 22:00:10 7FE6B5B624F60CD8DC18F22D8957F28F 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgrdtesta.exe 2014-07-04 22:00:10 709094D39E92084A8D7D5B069F051B06 5980560 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe === C: other files == 2014-06-29 19:49:24 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-06-29 19:49:24 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "MyWebSearch Email Plugin"="C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "AVG-Secure-Search-Update_0913b"="C:\Users\Lady\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid f37e7c9e08e547d1a6d559e75b933da1-249b6ea98bf2b331d24e9e78a63a95c66714c55d --CMPID 0913b" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d" "EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "My Web Search Bar Search Scope Monitor"="C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe /m=2 /w /h" "MyWebSearch Email Plugin"="C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe" "HF_G_Jul"="C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe /DoAction" "ROC_ROC_JULY_P1"="C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1" "ROC_ROC_NT"="C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "MFARestart"="C:\ProgramData\MFAData\pack\avgrunasx.exe /usereg" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "MyWebSearch Email Plugin"="C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "AVG-Secure-Search-Update_0913b"="C:\Users\Lady\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid f37e7c9e08e547d1a6d559e75b933da1-249b6ea98bf2b331d24e9e78a63a95c66714c55d --CMPID 0913b" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "PLFSetI"="C:\Windows\PLFSetI.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-05-2014 12:46] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-07-2011 15:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-07-2011 15:18] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "m3ffxtbr@mywebsearch.com"="C:\Program Files (x86)\MyWebSearch\bar\1.bin" [06-07-2014 21:06] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Lady\AppData\Local\Temp\crx1BFD.tmp[] Google Wallet - Lady\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5742z&r=27360711v105l0444z165v47321352" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5742z&r=27360711v105l0444z165v47321352" "Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5742z&r=27360711v105l0444z165v47321352" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5742z&r=27360711v105l0444z165v47321352" "Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_5742z&r=27360711v105l0444z165v47321352" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL441NL444" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44cf-8957-5838F569A31D} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully HKEY_USERS\S-1-5-21-3701285336-1847614835-1895183992-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lady\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Lady\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lady\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lady\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Lady\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1384 folders=175 72377528 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Lady\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Lady\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Lady\AppData\Local\PirritSuggestor\msvcr100.dll" not found "C:\Users\Lady\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\PROGRA~2\MyWebSearch" not found "C:\PROGRA~2\MyWebSearch" not found "C:\Users\Lady\AppData\Local\PirritSuggestor" not found ==== EOF on zo 06-07-2014 at 21:16:19,25 ======================