Zoek.exe v5.0.0.0 Updated 06-August-2014 Tool run by c-jay on wo 13/08/2014 at 13:17:17,05. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\c-jay\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13/08/2014 13:29:19 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\Program Files\trend micro deleted successfully C:\Users\c-jay\AppData\Roaming\HpUpdate deleted successfully C:\Users\c-jay\AppData\Roaming\TP deleted successfully C:\Users\c-jay\AppData\Local\cache deleted successfully C:\Users\c-jay\AppData\Local\genienext deleted successfully C:\Users\c-jay\AppData\Local\PokerStars.BE deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C7324042-0245-4D7F-B8C2-84378FB7119D} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MapsGalaxy_39Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MapsGalaxy_39Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.7 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.7 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}] [-KEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b2798ef-c931-4a3b-b51a-baaa1bfe6593}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{320b278d-d966-4908-840c-4d91b5632b67}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e4143a5-b4f4-42dd-b32d-822553c432a1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}] C:\Program Files (x86)\AmiExt [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5aa230b3-88e7-4d81-b4bf-83f1a6babbd7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ed106f8-b076-481d-8e7a-4b81e11592d1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b811c8bc-5799-4377-a71f-dd0067c9b883}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MapsGalaxy Home Page Guard 64 bit"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- "MapsGalaxy Search Scope Monitor"=- "MapsGalaxy_39 Browser Plugin Loader"=- ""=- "mobilegeni daemon"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== "C:\Windows\TEMP\{E657D2B2-4B8B-433B-903B-FB5D1A6CF92E}.exe" not found C:\Users\c-jay\AppData\Local\SwvUpdater deleted C:\Program Files (x86)\Re-markit deleted C:\Program Files (x86)\VideoPlayerV3 deleted C:\Program Files (x86)\MediaViewV1\ deleted C:\Program Files (x86)\MediaBuzzV1 deleted C:\Program Files (x86)\MediaWatchV1 deleted C:\found.001 deleted C:\Users\c-jay\AppData\Roaming\newnext.me deleted C:\Users\c-jay\daemonprocess.txt deleted C:\Users\c-jay\.android deleted C:\PROGRA~2\MediaPlayerV1 deleted C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted C:\PROGRA~2\AmiExt deleted C:\PROGRA~2\RichMediaViewV1 deleted C:\PROGRA~2\COMMON~1\Config deleted C:\extensions.sqlite deleted C:\extensions.ini deleted C:\found.000 deleted C:\Users\c-jay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\AVG Secure Search deleted C:\Users\c-jay\AppData\Local\CRE deleted C:\Users\c-jay\AppData\Local\AVG Secure Search deleted C:\Users\c-jay\AppData\Local\IAC deleted C:\Users\c-jay\AppData\Local\Mobogenie deleted C:\Users\c-jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted C:\Users\c-jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Users\c-jay\Searches deleted C:\Users\c-jay\Downloads\BearShareSetup-r944-n-bc (1).exe deleted C:\Users\c-jay\Downloads\BearShareSetup-r944-n-bc.exe deleted C:\Users\c-jay\AppData\LocalLow\AVG Secure Search deleted C:\Users\c-jay\AppData\LocalLow\searchresultstb deleted C:\Users\c-jay\AppData\LocalLow\DataMngr deleted C:\Users\c-jay\AppData\LocalLow\MapsGalaxy_39 deleted C:\Users\c-jay\AppData\LocalLow\Conduit deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\windows\SysNative\tasks\AmiUpdXp deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\windows\SysNative\Tasks\Re-markit Update deleted C:\windows\SysNative\Tasks\Re-markit_wd deleted C:\Windows\Tasks\Re-markit Update.job deleted C:\Windows\Tasks\Re-markit_wd.job deleted C:\windows\SysNative\drivers\nethfdrv.sys deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\sho233B.tmp deleted C:\Windows\Syswow64\RegistryHelperLM.ocx deleted C:\Windows\SysWOW64\netupdsrv.exe deleted C:\Windows\SysWOW64\nethtsrv.exe deleted C:\Users\c-jay\Documents\Mobogenie deleted "C:\Windows\tasks\AmiUpdXp.job" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegratorStub64.dll" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\Hpg64.dll" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin\39brmon.exe" deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin\39brstub.dll" deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe" deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin\AppIntegratorStub64.dll" deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin\Hpg64.dll" deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin\T8RES.DLL" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.7\SiteSafety.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll" deleted "C:\Program Files (x86)\MapsGalaxy_39" not deleted "C:\PROGRA~2\MapsGalaxy_39" not deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\Users\c-jay\AppData\Local\iLivid" deleted "C:\Program Files (x86)\MapsGalaxy_39\bar" not deleted "C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin" not deleted "C:\PROGRA~2\MapsGalaxy_39\bar" not deleted "C:\PROGRA~2\MapsGalaxy_39\bar\1.bin" not deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.7" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.7" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\c-jay\AppData\Local\Temp ==== 2014-08-09 11:43:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\c-jay\AppData\Local\Temp\jntnpcly.dll 2014-08-03 08:34:08 !HASH: COULD NOT OPEN FILE !!!!! 457705 ----a-w- C:\Users\c-jay\AppData\Local\Temp\drvinst01.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-08-02 09:08:24 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2014-08-02 09:08:24 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\Windows\SysWOW64\wuwebv.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-08-02 09:08:57 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2014-08-02 09:08:57 E76F105AD039B9E4DA9ECE839298C4A2 44512 ----a-w- C:\Windows\Sysnative\wups2.dll 2014-08-02 09:08:57 6335F8B4B89F002A3801473C1A799237 2620928 ----a-w- C:\Windows\Sysnative\wucltux.dll 2014-08-02 09:08:57 61FF576450CCC80564B850BC3FB6713A 2477536 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2014-08-02 09:08:24 45D4BDEA136E72E75CF008D3C38D949A 198600 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2014-08-02 09:08:24 29FE783F75362AD6D2D9C0555BA83BD2 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2014-07-24 19:40:37 146BFE99139144D1FFA7BAADFF6326EC 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForc-jay 2014-07-24 19:40:36 7836EF8824F3143DA62DE5046DC5336D 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForc-jay.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-08-12 12:54:05 -------- d-----w- C:\PROGRA~2\Trend Micro ======= C: ===== ====== C:\Users\c-jay\AppData\Roaming ====== ====== C:\Users\c-jay ====== 2014-08-12 20:31:08 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\c-jay\Desktop\RSITx64.exe ====== C: exe-files == 2014-08-12 20:31:08 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\c-jay\Desktop\RSITx64.exe 2014-08-10 10:10:11 50B1464EC23D89CCEC8D089965246AB9 32056 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe 2014-08-07 20:21:56 8D7A1204CC0086FDE7C3C3A08D1840C9 6014120 ----a-w- C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\Update\OneDriveSetup.exe 2014-08-07 20:21:56 8D7A1204CC0086FDE7C3C3A08D1840C9 6014120 ----a-w- C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\OneDriveSetup.exe 2014-08-07 20:21:50 2DE22C0868B0FC1E10F06767665A9619 87200 ----a-w- C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveConfig.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "SkyDrive"="C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Spotify Web Helper"="C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Google Update"="C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spotify"="C:\Users\c-jay\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "winlogin"="C:\Windows\winlogin.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "winlogin"="C:\windows\winlogin.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "SkyDrive"="C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Spotify Web Helper"="C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Google Update"="C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Spotify"="C:\Users\c-jay\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "winlogin"="C:\Windows\winlogin.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" "fssui"="C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe -autorun" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2013-08-17 21:11:22 1137 ----a-w- C:\Users\c-jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SurveilStar V3 Service Controller.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/07/2014 12:57] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000Core.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000UA.job --a------ C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 10:05] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2012 23:39] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2012 23:39] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000Core.job --a------ C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe [02/06/2014 21:03] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000UA.job --a------ C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe [02/06/2014 21:03] C:\Windows\tasks\HPCeeScheduleForc-jay.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000Core" [C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000UA" [C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000Core" [C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1102478359-379558416-3311134317-1000UA" [C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForc-jay" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1050 J410 series" ["C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{071682E1-96F7-46C1-8E84-764F6CE1E5FE}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5EFA6394-6413-496B-BC67-E55F9112B41D}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "ext@RichMediaViewV1release1727.net"="C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1727\ff" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{13b2a6cd-c8be-4191-a05b-b843a6b780cb}"="C:\Program Files (x86)\Re-markit\155.xpi" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bphkbahpjfahnpkbhbfjjeejkcifecdf - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta374\ch\VideoPlayerV3beta374.crx[] dhlkfgpfnboohednhbmcknlbnmbbnihn - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home5213\ch\MediaWatchV1home5213.crx[] ehmnjgkmbpbohelngpclcdhgochdeoej - C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx[] igpfigpmeopkhnihpaofmmhlijpjccpm - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1727\ch\RichMediaViewV1release1727.crx[] jdncfaldgjmjclljfimfbmhnfnpjgfaj - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1646\ch\MediaViewV1alpha1646.crx[] koildhecfaafjjgccdfoeiefpmlggfpg - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7625\ch\MediaBuzzV1mode7625.crx[] locpfbmhabijpldjapnnmgcaknjdpkcg - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9357\ch\MediaViewV1alpha9357.crx[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\Extensions\Chrome.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx[] Google Docs - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Video Player - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\bphkbahpjfahnpkbhbfjjeejkcifecdf Google Search - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf {page b\u002E\u0068tml}co\u006Ete\u006Et_scripts:[{all_fra\u006Des:falsejs:[c.\u006As]matches:[\u0068ttp\u003a\u002f/\u002A/*h\u0074tp\u0073://\u002a\u002f\u002a]run_at:\u0064ocume\u006et_\u0065\u006ed}]desc\u0072ipt\u0069\u006fn:icons:{16:ic\u006fn\u0031\u0036.png48:i\u0063on48.pn\u0067128:icon128.png}manife\u0073t_\u0076\u0065rs\u0069o\u006e:2name:\u0052\u0065-markitpermissions:[c\u006Fok\u0069esstorageunlimitedStoragehttp://*/*htt\u0070s\u003a//*/*tabsweb\u0052equestwebRequestBlocking]version:1\u002E\u003155.0.0author:} - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel Media Watch - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhlkfgpfnboohednhbmcknlbnmbbnihn flash-Enhancer - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmnjgkmbpbohelngpclcdhgochdeoej Allin1Convert - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl Rich Media View - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\igpfigpmeopkhnihpaofmmhlijpjccpm Media View - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdncfaldgjmjclljfimfbmhnfnpjgfaj Internet Speed Tracker - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgofoebonkgilehjhdbinahbhfmnpofn Media Buzz - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\koildhecfaafjjgccdfoeiefpmlggfpg Media View - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\locpfbmhabijpldjapnnmgcaknjdpkcg OnlineMapFinder - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpnamokkgdjkpdhcobfnnggnpmghhddo AVG Security Toolbar - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Wallet - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.shedeals.be_0.localstorage deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.shedeals.be_0.localstorage-journal deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\bphkbahpjfahnpkbhbfjjeejkcifecdf deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhlkfgpfnboohednhbmcknlbnmbbnihn deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmnjgkmbpbohelngpclcdhgochdeoej deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehmnjgkmbpbohelngpclcdhgochdeoej_0.localstorage deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehmnjgkmbpbohelngpclcdhgochdeoej_0.localstorage-journal deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\igpfigpmeopkhnihpaofmmhlijpjccpm deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdncfaldgjmjclljfimfbmhnfnpjgfaj deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\koildhecfaafjjgccdfoeiefpmlggfpg deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\locpfbmhabijpldjapnnmgcaknjdpkcg deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {C9214C35-6186-4725-92D2-C4D8819B37ED} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7ADFA_nlBE549" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71C1D63A-C944-428A-A5BD-BA513190E5D2} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71C1D63A-C944-428A-A5BD-BA513190E5D2} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2b2798ef-c931-4a3b-b51a-baaa1bfe6593} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2b2798ef-c931-4a3b-b51a-baaa1bfe6593} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5aa230b3-88e7-4d81-b4bf-83f1a6babbd7} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5aa230b3-88e7-4d81-b4bf-83f1a6babbd7} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e4143a5-b4f4-42dd-b32d-822553c432a1} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4e4143a5-b4f4-42dd-b32d-822553c432a1} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{320b278d-d966-4908-840c-4d91b5632b67} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{320b278d-d966-4908-840c-4d91b5632b67} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b811c8bc-5799-4377-a71f-dd0067c9b883} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b811c8bc-5799-4377-a71f-dd0067c9b883} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ed106f8-b076-481d-8e7a-4b81e11592d1} deleted successfully HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8ed106f8-b076-481d-8e7a-4b81e11592d1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2b2798ef-c931-4a3b-b51a-baaa1bfe6593} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b2798ef-c931-4a3b-b51a-baaa1bfe6593} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5aa230b3-88e7-4d81-b4bf-83f1a6babbd7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4e4143a5-b4f4-42dd-b32d-822553c432a1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{320b278d-d966-4908-840c-4d91b5632b67} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{b811c8bc-5799-4377-a71f-dd0067c9b883} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8ed106f8-b076-481d-8e7a-4b81e11592d1} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1102478359-379558416-3311134317-1000\Software\Mozilla\Firefox\Extensions\{13b2a6cd-c8be-4191-a05b-b843a6b780cb} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{364ea597-e728-4ce4-bb4a-ed846ef47970} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@flash-Enhancer.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta374.net deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha111.net deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha9357.net deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha1646.net deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home5213.net deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaBuzzV1mode7625.net deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@RichMediaViewV1release1727.net deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bphkbahpjfahnpkbhbfjjeejkcifecdf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhlkfgpfnboohednhbmcknlbnmbbnihn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ehmnjgkmbpbohelngpclcdhgochdeoej deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\igpfigpmeopkhnihpaofmmhlijpjccpm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jdncfaldgjmjclljfimfbmhnfnpjgfaj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\koildhecfaafjjgccdfoeiefpmlggfpg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\locpfbmhabijpldjapnnmgcaknjdpkcg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RichMediaViewV1release1727 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaBuzzV1mode7625 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\flash-Enhancer deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\d3d35679-b737-410b-b7b7-f11c6d1a8fe8 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall Internet Explorer deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/2 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (file missing) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [winlogin] "C:\windows\winlogin.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\c-jay\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [SkyDrive] "C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\c-jay\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\c-jay\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Spotify] "C:\Users\c-jay\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [winlogin] "C:\Windows\winlogin.exe" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\c-jay\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: SurveilStar V3 Service Controller.lnk = C:\Program Files (x86)\SurveilStar\OControl3.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe (file missing) O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: O23 - Service: Windows Helper Service (.Winhlpsvr) - SurveilStar Inc. - C:\Program Files (x86)\Common Files\System\winrdgv3.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe O23 - Service: OCULAR V3 MAILREPORT (OMAILREPORT) - - C:\Program Files (x86)\SurveilStar\OMailRpt.exe O23 - Service: SurveilStar SERVER (OSERVER3) - - C:\Program Files (x86)\SurveilStar\OServer3.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\c-jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\c-jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\c-jay\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\c-jay\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\c-jay\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4875 folders=970 563535336 bytes) ==== Empty Temp Folders ====================== C:\Users\c-jay\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\c-jay\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\MapsGalaxy_39" not found "C:\PROGRA~2\MapsGalaxy_39" not found ==== EOF on wo 13/08/2014 at 14:17:54,98 ======================